[ATF]-ATF文档和代码的深度解读

组件(components)

1. SecureOS的调度器

术语:
(路径:services/spd)
SPD:Secure Payload Dispatcher
opteed:OP-TEE Dispatcher
tlkd:Trusted Little Kernel Dispatcher
trusty:Trusty Dispatcher
mtee: mtk tee Dispatcher
tbase: trustonic Dispatcher
teeid: beanpod Dispatcher
tspd: ?

TLK的介绍
TLK(trust little kernel)是NVIDIA基于LK开发的一个TEE OS，是一个免费的开源软件(FOSS：Free Open Source Software)，LK的开源地址, TLK的主页

TLK features include:
Small, pre-emptive kernel
Supports multi-threading, IPCs, and thread scheduling
Added TrustZone features
Added Secure Storage
Under MIT/FreeBSD license

NVIDIA extensions to Little Kernel (LK) include:
User mode
Address-space separation for TAs
TLK Client Application (CA) library
TLK TA library
Crypto library (encrypt/decrypt, key handling) via OpenSSL
Linux kernel driver
Cortex A9/A15 support
Power Management
TrustZone memory carve-out (reconfigurable)
Page table management
Debugging support over UART (USB planned)

Trusty的介绍
术语:AOSP(Android Open Source Project)
Trusty是google开发的TEE软件，详细信息见AOSP官网的trusty主页

Android Open Source Project (AOSP) webpage for Trusty

2. SiP Services

术语:
SIP:Silicon Provider
SiP services是由芯片商或平台商提供的非标准的、平台相关的服务。设计标准需参考SMC Calling Convention
sip service的SMC id的范围：0xc2000000 - 0xc200ffff for 64-bit,0x82000000 - 0x8200ffff for 32-bit

ARM SIP service有：

• Performance Measurement Framework (PMF)
• Execution State Switching service
• DebugFS interface

2.1. Performance Measurement Framework (PMF)

2.2. Execution State Switching service

2.3. DebugFS interface

3. Debug FS

3.1. Overview

3.2. Virtual filesystem

3.3. SMC interface

3.4. Security considerations

3.5. Limitations

3.6. Applications

4. Exception Handling Framework

4.1. Introduction

4.2. The role of Exception Handling Framework

4.3. Interrupt handling

4.4. Registering handler

4.5. Interrupt handling example

4.6. Activating and Deactivating priorities

4.7. Transition of priority levels

4.8. Effect on SMC calls

4.9. Build-time flow

4.10. Run-time flow

4.11. Interrupt Prioritisation Considerations

4.12. Limitations

5. Firmware Configuration Framework

5.1. Introduction

5.2. Accessing properties

5.3. Defining properties

5.4. Loading the property device tree

5.5. Populating the properties

5.6. Namespace guidance

5.7. Properties binding information

6. Firmware Update (FWU)

6.1. Introduction

6.2. FWU Overview

6.3. Image Identification

6.4. FWU State Machine

6.5. BL1 SMC Interface

7. Measured Boot Driver (MBD)

7.1. Properties binding information

8. Platform Interrupt Controller API

8.1. Function: unsigned int plat_ic_get_running_priority(void); [optional]

8.2. Function: int plat_ic_is_spi(unsigned int id); [optional]

8.3. Function: int plat_ic_is_ppi(unsigned int id); [optional]

8.4. Function: int plat_ic_is_sgi(unsigned int id); [optional]

8.5. Function: unsigned int plat_ic_get_interrupt_active(unsigned int id); [optional]

8.6. Function: void plat_ic_enable_interrupt(unsigned int id); [optional]

8.7. Function: void plat_ic_disable_interrupt(unsigned int id); [optional]

8.8. Function: void plat_ic_set_interrupt_priority(unsigned int id, unsigned int priority); [optional]

8.9. Function: int plat_ic_has_interrupt_type(unsigned int type); [optional]

8.10. Function: void plat_ic_set_interrupt_type(unsigned int id, unsigned int type); [optional]

8.11. Function: void plat_ic_raise_el3_sgi(int sgi_num, u_register_t target); [optional]

8.12. Function: void plat_ic_set_spi_routing(unsigned int id, unsigned int routing_mode, u_register_t mpidr); [optional]

8.13. Function: void plat_ic_set_interrupt_pending(unsigned int id); [optional]

8.14. Function: void plat_ic_clear_interrupt_pending(unsigned int id); [optional]

8.15. Function: unsigned int plat_ic_set_priority_mask(unsigned int id); [optional]

8.16. Function: unsigned int plat_ic_get_interrupt_id(unsigned int raw); [optional]

9. Reliability, Availability, and Serviceability (RAS) Extensions

9.1. Overview

9.2. Platform APIs

9.3. Registering RAS error records

9.4. Registering RAS interrupts

9.5. Double-fault handling

9.6. Engaging the RAS framework

9.7. Interaction with Exception Handling Framework

10. Library at ROM

10.1. Introduction

10.2. Index file

10.3. Wrapper functions

10.4. Script

10.5. Patching of functions in library at ROM

10.6. Memory impact

10.7. Build library at ROM

11. SDEI: Software Delegated Exception Interface

11.1. Introduction

11.2. Defining events

11.3. Event definition example

11.4. Configuration within Exception Handling Framework

11.5. Determining client EL

11.6. Explicit dispatch of events

11.7. Porting requirements

11.8. Note on writing SDEI event handlers

12. Secure Partition Manager

12.1. Acronyms

12.2. Foreword

12.3. Sample reference stack

12.4. TF-A build options

12.5. Boot process

12.6. Hafnium in the secure world

12.7. References

13. Secure Partition Manager (MM)

13.1. Foreword

13.2. Background

13.3. Introduction

13.4. Description

13.5. Runtime model of the Secure Partition

14. PSA FF-A manifest binding to device tree

14.1. Version 1.0

14.2. Memory Regions

14.3. Device Regions

15. Translation (XLAT) Tables Library

15.1. About version 1 and version 2

15.2. Design concepts and interfaces

15.3. Library APIs

15.4. Library limitations

15.5. Implementation details

16. Chain of trust bindings

16.1. cot

16.2. Manifests and Certificate node bindings definition

16.3. Images and Image node bindings definition

16.4. non-volatile counter node binding definition

16.5. Future update to chain of trust binding

System Design

Platform Ports

Performance & Testing

Security Advisories

Design Documents

Change Log & Release Notes

Change Log for Upcoming Release

Glossary

License

Docs » Processes & PoliciesView page source

Processes & Policies

Contents