tee

ARM TrustZone 技术是系统范围的安全方法，针对高性能计算平台上的大量应用，包括安全 ARM TrustZone technology is a system-wide security approach for a wide range of applications on high performance computing platforms, including security

支付、数字版权管理(DRM)、企业服务和基于Web 的服务。 Payment, digital rights management (DRM), enterprise services, and web-based services.

TrustZone 技术与Cortex™-A 处理器紧密集成，并通过AMBA-AXI 总线和特定的TrustZone 系 TrustZone technology is tightly integrated with the CortexTM-A processor and passes the AMBA-AXI bus and a specific TrustZone system

统IP 块在系统中进行扩展。 The unified IP block is extended in the system. 此系统方法意味着可以保护安全内存、加密块、键盘和屏幕等外设， This system approach means protecting peripherals such as secure memory, encryption blocks, keyboards, and screens.

从而可确保它们免遭软件攻击。 This ensures they are protected from software attacks.

按照TrustZone Ready Program建议开发并利用TrustZone技术的设备提供了能够支持完全可信 Devices developed and utilizing TrustZone technology as recommended by the TrustZone Ready Program provide support for full trust

执行环境(TEE)以及安全感知应用程序和安全服务的平台。 Execution Environment (TEE) and a platform for security-aware applications and security services.

智能手机和平板电脑等最新设备为消费者提供了基于扩展服务集的高价值体验，移动设备已 The latest devices, such as smartphones and tablets, offer consumers a high-value experience based on an extended set of services that mobile devices have

发展为能够从Internet 下载各种大型应用程序的开放软件平台。 Developed as an open software platform that can download a variety of large applications from the Internet. 这些应用程序通常由设备OEM 进 These applications are usually imported by the device OEM

行验证以确保质量，但并非可对所有功能进行测试，并且攻击者正在不断创建越来越多以此类设 Verification to ensure quality, but not all features are tested, and attackers are constantly creating more and more such devices

备为目标的恶意代码。 Targeted malicious code.

同时，移动设备处理重要服务的需求日益增加。 At the same time, the demand for mobile devices to handle critical services is increasing. 从能够支付、下载和观看某一特定时段的最 From being able to pay, download and watch the most

新好莱坞大片，到能够通过手机远程支付帐单和管理银行帐户，这一切都表明，新的商业模式已 New Hollywood blockbusters, the ability to remotely pay bills and manage bank accounts via mobile phones, all of which show that the new business model has

开始出现。 Start to appear.

这些发展趋势已使手机有可能成为恶意软件、木马和rootkit 等病毒的下一软件攻击目标。 These trends have made it possible for mobile phones to become the next software target for viruses such as malware, trojans and rootkits. 但 but

是，通过应用基于ARM TrustZone 技术的高级安全技术并整合SecurCore™防篡改元素，可开发出 Yes, developed by applying advanced security technologies based on ARM TrustZone technology and integrating SecurCoreTM tamper-proof elements

能够提供功能丰富的开放式操作环境和强大安全解决方案的设备。 A device that provides a feature-rich open operating environment and a robust security solution.

可信应用程序采用基TrustZone 技术的SoC（运行可信执行环境），与主OS 分开，可防止软 Trusted applications use SoC (running trusted execution environment) based on TrustZone technology, separate from the main OS, preventing soft

件/恶意软件攻击。 Piece/malware attack. TrustZone 可切换到安全模式，提供硬件支持的隔离。 TrustZone switches to secure mode and provides hardware-backed isolation. 可信应用程序通常是可集 Trusted applications are usually collectable

装箱化的，如允许不同支付公司的可信应用程序共存于一台设备上。 Boxed, such as allowing trusted applications from different payment companies to coexist on a single device. 处理器支持ARM TrustZone Processor supports ARM TrustZone

技术是所有Cortex-A 类处理器的基本功能，是通过ARM 架构安全扩展引入的。 Technology is a fundamental feature of all Cortex-A class processors and is introduced through the ARM architecture security extension. 这些扩展可在供 These extensions are available for

应商、平台和应用程序中提供一致的程序员模型，同时提供真实的硬件支持的安全环境。 Provide a consistent programmer model in the vendor, platform, and application, while providing a secure environment with real hardware support.

**Page 5** **Page 5**

福州瑞芯微电子有限公司 Fuzhou Ruixin Microelectronics Co., Ltd.

内部资料，不得扩散 Internal information, no diffusion

Page 5 of 15 Page 5 of 15

**1.2 TrustZone**软硬件架构 **1.2 TrustZone** software and hardware architecture

**1.2.1**硬件架构 **1.2.1** Hardware Architecture

TrustZone 硬件架构旨在提供安全框架，从而使设备能够抵御将遇到的众多特定威胁。 The TrustZone hardware architecture is designed to provide a security framework that protects devices from the many specific threats they will encounter.

TrustZone 技术可提供允许SoC 设计人员从大量可在安全环境中实现特定功能的组件中进行选择的 TrustZone technology provides the option for SoC designers to choose from a wide range of components that can perform specific functions in a secure environment.

基础结构，而不提供固定且一成不变的安全解决方案。 Infrastructure, without providing a fixed and unchanging security solution.

架构的主要安全目标是支持构建可编程环境，以防止资产的机密性和完整性受到特定攻击。 The primary security goal of the architecture is to support the construction of a programmable environment to protect the confidentiality and integrity of assets from specific attacks.

具备这些特性的平台可用于构建一组范围广泛的安全解决方案，而使用传统方法构建这些解决方 Platforms with these features can be used to build a wide range of security solutions while building these solutions using traditional methods

案将费时费力。 The case will be time-consuming and laborious.

可通过以下方式确保系统安全：隔离所有SoC 硬件和软件资源，使它们分别位于两个区域（用 System security can be ensured by isolating all SoC hardware and software resources so that they are located in two areas (using

于安全子系统的安全区域以及用于存储其他所有内容的普通区域）中。 In the security zone of the security subsystem and in the normal area for storing all other content. 支持TrustZone 的AMBA3 AMBA3 supporting TrustZone

AXI™总线构造中的硬件逻辑可确保普通区域组件无法访问安全区域资源，从而在这两个区域之间 The hardware logic in the AXITM bus architecture ensures that common area components cannot access secure area resources between the two areas.

构建强大边界。 Build powerful boundaries. 将敏感资源放入安全区域的设计，以及在安全的处理器内核中可靠运行软件可确 Designing sensitive resources into secure areas and reliably running software in a secure processor core

保资产能够抵御众多潜在攻击，包括那些通常难以防护的攻击（例如，使用键盘或触摸屏输入密 Assets protect against many potential attacks, including those that are often difficult to protect (for example, using a keyboard or touch screen to enter a secret)

码）。 code). 通过在硬件中隔离安全敏感的外设，设计人员可限制需要通过安全评估的子系统的数目，从 By isolating security-sensitive peripherals in hardware, designers can limit the number of subsystems that need to pass security assessments, from

而在提交安全认证设备时节省成本。 And save costs when submitting a secure authentication device.

TrustZone 硬件架构的第二个方面是在一些ARM 处理器内核中实现的扩展。 The second aspect of the TrustZone hardware architecture is the extensions implemented in some ARM processor cores. 通过这些额外增 By increasing the amount of these foreign

**Page 6** **Page 6**

福州瑞芯微电子有限公司 Fuzhou Ruixin Microelectronics Co., Ltd.

内部资料，不得扩散 Internal information, no diffusion

Page 6 of 15 Page 6 of 15

加的扩展，单个物理处理器内核能够以时间片的方式安全有效地同时从普通区域和安全区域执行 With the addition of a single physical processor core, it can be safely and efficiently executed from both normal and secure areas in a time slice manner.

代码。 Code. 这样，便无需使用专用安全处理器内核，从而节省了芯片面积和能源，并且允许高性能安 This eliminates the need for a dedicated secure processor core, saving chip area and energy, and allowing high performance

全软件与普通区域操作环境一起运行。 The full software runs with the normal regional operating environment.

更改当前运行的虚拟处理器后，这两个虚拟处理器通过新处理器模式（称为监视模式）来进 After changing the currently running virtual processor, the two virtual processors enter through the new processor mode (called monitor mode).

行上下文切换。 Line context switching.

物理处理器用于从普通区域进入监视模式的机制受到密切控制，并且这些机制始终被视为监 The mechanisms used by physical processors to enter monitoring mode from normal areas are closely controlled, and these mechanisms are always considered

视模式软件的异常。 Exceptions to the mode software. 要监视的项可由执行专用指令（安全监视调用(SMC)指令）的软件触发，或 The item to be monitored can be triggered by software executing a dedicated instruction (SMC instruction), or

由硬件异常机制的子集触发。 Triggered by a subset of the hardware exception mechanism. 可对IRQ、FIQ、外部数据中止和外部预取中止异常进行配置，以使 May for IRQ, FIQ, external data and external Prefetch Abort abort exception configured to carry out, so that

处理器切换到监视模式。 The processor switches to monitor mode.

在监视模式中执行的软件是实现定义的，但它通常保存当前区域的状态，并还原将切换到的 The software executing in monitor mode is implementation-defined, but it usually saves the state of the current zone and restores the switch to

区域位置的状态。 The status of the location. 然后，它会执行从异常返回的操作，以在已还原区域中重新启动处理过程。 It then performs the operation returned from the exception to restart the process in the restored region.

TrustZone 硬件架构的最后一个方面是安全感知调试基础结构，它可控制对安全区域调试的访问， The final aspect of the TrustZone hardware architecture is the security-aware debugging infrastructure, which controls access to secure zone debugging.

而不会削弱普通区域的调试可视化。 It does not impair the debugging visualization of common areas.

**1.2.2**软件架构 **1.2.2** Software Architecture

**Page 7** **Page 7**

福州瑞芯微电子有限公司 Fuzhou Ruixin Microelectronics Co., Ltd.

内部资料，不得扩散 Internal information, no diffusion

Page 7 of 15 Page 7 of 15

在SoC 硬件中实现安全区域要求在其中运行某些安全软件，并利用存储在其中的敏感资产。 Implementing a security zone in SoC hardware requires running some security software in it and taking advantage of the sensitive assets stored in it.

可能有许多支持TrustZone 的处理器内核上的安全区域软件堆栈可实现的软件架构。 There may be many software architectures that are implemented by the secure area software stack on the processor core that supports TrustZone. 最高级的 Most advanced

软件架构是专用安全区域操作系统；最简单的是放置在安全区域中的同步代码库。 The software architecture is a dedicated secure area operating system; the simplest is a synchronous code base placed in a secure area. 这两个极端架 These two extreme frames

构之间有许多中间选项。 There are many intermediate options between the structures.

专用安全内核可能是一种复杂但强大的设计。 A dedicated security kernel can be a complex but powerful design. 它可模拟多个独立安全区域应用程序的并发执 It simulates the concurrent execution of multiple independent security zone applications

行、新安全应用程序的运行时下载以及完全与普通区域环境独立的安全区域任务。 Runtime downloads for lines, new security applications, and security zone tasks that are completely independent of the normal regional environment.

这些设计与将在SoC 中看到的软件堆栈非常类似，它们在非对称多处理(AMP)配置中使用两 These designs are very similar to the software stacks that will be seen in SoCs, which use two in an asymmetric multiprocessing (AMP) configuration.

个单独的物理处理器。 A separate physical processor. 在每个虚拟处理器上运行的软件是独立的操作系统，并且每个区域使用硬 The software running on each virtual processor is a separate operating system and each zone uses hard

件中断来抢占当前运行的区域和获得处理器时间。 Interrupts to preempt the currently running area and get processor time.

使用将安全区域任务与请求这些任务的普通区域威胁相关联的通信协议的紧密集成设计可提 A tightly integrated design using communication protocols that associate security zone tasks with common zone threats that request these tasks

供对称多处理(SMP)设计的许多优点。 Many advantages for symmetric multiprocessing (SMP) design. 例如，在这些设计中，安全区域应用程序可继承它支持的普 For example, in these designs, the security zone application can inherit the ones it supports.

通区域任务的优先级。 The priority of the zone task. 这将导致对媒体应用程序做出某些形式的软实时响应。 This will result in some form of soft real-time response to the media application.

安全扩展是ARM 架构的开放式组件，因此任何开发人员都可创建自定义安全区域软件环境， Security extensions are open components of the ARM architecture, so any developer can create a custom security zone software environment.

以满足其要求。 To meet their requirements.

**1.3 TrustZone**与**TEE** **1.3 TrustZone** and **TEE**

支付、网上银行、内容保护和企业身份验证之类的应用可通过利用TrustZone 技术增强型设备 Applications such as payments, online banking, content protection, and corporate authentication can be enhanced with TrustZone technology

所提供的三个关键要素来提高其完整性、功能和用户体验： Three key elements are provided to improve its integrity, functionality, and user experience:

1\. 面向软件的安全执行环境，可防止从富操作系统发起恶意软件攻击 1\. Software-oriented secure execution environment to prevent malware attacks from rich operating systems

2\. 已知良好的硬件信任根，可在富操作领域检查数据和应用程序的完整性，确保安全环境不 2\. Know good hardware trust roots to check data and application integrity in rich operations, ensuring a secure environment

受到损害 got damage

3\. 按需访问安全外设，如内存、键盘/触摸屏，甚至显示器 3\. Access secure peripherals such as memory, keyboard/touch screen, and even display

基于ARM TrustZone 技术的设备与开放API 相结合，提供了可信执行环境(TEE)，开发人员需 ARM TrustZone-based devices are combined with open APIs to provide a Trusted Execution Environment (TEE) that developers need

要通过一种新型软件才能实现其功能和一致性：这种软件就是可信应用程序。 A new type of software is required to achieve its functionality and consistency: this software is a trusted application. 典型可信应用程序 Typical trusted application

可在普通区域和安全区域各包含部分代码，例如，处理关键存储和操控。 Part of the code can be included in both the normal and secure areas, for example, handling critical storage and manipulation. TEE 还提供了与其他可 TEE is also available with other

信应用程序的隔离，使多个可信服务可以共存。 The isolation of the letter application allows multiple trusted services to coexist.

**Page 8** **Page 8**

福州瑞芯微电子有限公司 Fuzhou Ruixin Microelectronics Co., Ltd.

内部资料，不得扩散 Internal information, no diffusion

Page 8 of 15 Page 8 of 15

TEE API 的标准化（由GlobalPlatform 管理）将会使服务提供商、运营商和OEM 的可互操作 Standardization of the TEE API (managed by GlobalPlatform) will enable interoperability between service providers, operators and OEMs

可信应用程序和服务实现市场化。 Marketed applications of trusted applications and services.

ARM TrustZone 技术无需单独的安全硬件来验证设备或用户的完整性。 ARM TrustZone technology eliminates the need for separate security hardware to verify device or user integrity. 它通过在主手机芯片 It passes the chip in the main phone

集中提供真正的硬件信任根来实现这一点。 Centralized to provide a true hardware trust root to achieve this.

为确保应用程序的完整性，TrustZone 还提供了安全执行环境（即可信执行环境(TEE)），在此 To ensure application integrity, TrustZone also provides a secure execution environment (Tencent Enforcement Environment (TEE)), here

环境中只有可信应用程序才能运行，从而防止遭到黑客/病毒/恶意软件形式的攻击。 Only trusted applications can run in the environment to protect against hackers/viruses/malware.

TrustZone硬件提供了TEE与软件攻击媒介的隔离。 TrustZone hardware provides isolation of TEE from software attack vectors. 硬件隔离可扩展为保护一直到物理外设（包 Hardware isolation can be extended to protect all the way to physical peripherals (packages)

括键盘/触摸屏等）的数据输入和输出。 Data input and output including keyboard/touch screen, etc.).

正是具备了这些关键功能，采用TrustZone 技术的芯片集提供了众多机会来重新定义用户可以 With these key features in place, the chipset with TrustZone technology offers many opportunities to redefine users.

访问的服务（更多、更好的服务），如何访问服务（更快、更轻松）以及在何处访问服务（随时随 Access to services (more, better services), how to access services (faster, easier), and where to access services (anytime with

地）。 Ground).

在大多数Android 设备上，Android Boot 加载程序都不会验证设备内核的真实性。 On most Android devices, the Android Boot loader does not verify the authenticity of the device kernel. 希望进一步 Hope further

控制其设备的用户可能会安装破解的Android 内核来对设备进行root。 Users who control their devices may install a cracked Android kernel to root the device. 破解的内核可让超级用户访 The cracked kernel allows superusers to visit

问所有数据文件、应用程序和资源。 Ask all data files, applications, and resources. 一旦破解内核损坏，则会导致服务被拒绝。 Once the kernel is corrupted, it will cause the service to be rejected. 如果内核包含恶 If the kernel contains evil

意软件，则将危害企业数据的安全性。 Italian software will compromise the security of corporate data.

而Secure Boot 可有效防止上述问题，Secure Boot 是一种安全机制，它可防止在启动过程中加 Secure Boot can effectively prevent the above problems. Secure Boot is a security mechanism that prevents you from adding during the boot process.

载未经授权的启动加载程序和内核。 Contains an unauthorized boot loader and kernel. 由值得信任的已知权威机构以加密方式签名的固件映像（如 An encrypted image signed by a trusted authority known to the authority (eg

操作系统和系统组件）会被视为经过授权的固件。 The operating system and system components are considered to be authorized firmware. 安全启动组件可以形成第一道防线，用以防范 The safety starter component can form the first line of defense to prevent

恶意软件对设备进行攻击。 Malware attacks the device.

**2\. TEE**环境 **2\. TEE** environment

**2.1 TEE**固件 **2.1 TEE** firmware

TEE OS 的源码不开源，binary 位于安卓工程目录u-boot/tools/rk_tools/bin 下。 The source code of TEE OS is not open source, and binary is located in the Android project directory u-boot/tools/rk_tools/bin.

1) arm v7 平台（ RK312x ， RK3288 ， RK3228 ）的TEE binary 由工具 1) TEE binary of arm v7 platform (RK312x, RK3288, RK3228) by tool

u-boot/tools/rk_tools/loaderimage 打包成固件trust.img，binary 的命名如下： U-boot/tools/rk_tools/loaderimage is packaged into firmware trust.img, and the binary is named as follows:

_tee_[ta]_.bin _tee_[ta]_.bin

**Page 9** **Page 9**

福州瑞芯微电子有限公司 Fuzhou Ruixin Microelectronics Co., Ltd.

内部资料，不得扩散 Internal information, no diffusion

Page 9 of 15 Page 9 of 15

名称中带ta 的为支持外部TA 运行，不带ta 则不支持运行外部TA。 The name with ta is for external TA operation, and without ta for external TA.

2) arm v8 平台（ RK3368 ， RK3399 ， RK3228H ， RK3328 ）的TEE binary 由工具 2) TEE binary of arm v8 platform (RK3368, RK3399, RK3228H, RK3328) by tool

u-boot/tools/rk_tools/trust_merger 将BL31/BL32 等bin 打包成固件trust.img，TEE binary 的 U-boot/tools/rk_tools/trust_merger Packages bins such as BL31/BL32 into firmware trust.img, TEE binary

命名如下： Name it as follows:

_bl32_.bin _bl32_.bin

**2.2 TEE**库文件 **2.2 TEE** library files

TEE 环境相关组件在安卓工程目录vendor/rockchip/common/security 下： The TEE environment-related components are in the Android project directory vendor/rockchip/common/security:

1）lib：包含32bit 与64bit 平台编译出来的tee-supplicant、libteec.so 以及keymaster/gatekeeper 1) lib: tee-supplicant, libteec.so and keymaster/gatekeeper compiled with 32bit and 64bit platforms

相关库文件。 Related library files.

2）ta：存放编译好的keymaster/gatekeeper 等相关TA 文件。 2) ta: Store the compiled TA file such as keymaster/gatekeeper.

**3\. CA/TA**开发与测试 **3\. CA/TA** development and testing

**3.1**目录介绍 **3.1** directory introduction

TEE CA/TA 开发环境在安卓工程目录system/rk_tee_user 下： The TEE CA/TA development environment is under the Android project directory system/rk_tee_user:

1) Android.mk：其中决定了编译的工具和需要编译的ca 文件。 1) Android.mk: This determines the compiled tools and the ca files that need to be compiled.

2) host：存放ca 的相关源文件。 2) host: Stores the relevant source files of ca.

3) ta：存放ta 的源文件。 3) ta: Store the source file of ta.

4) export-user_ta：存放编译ta 所依赖的环境。 4) export-user_ta: stores the environment on which the compiler ta depends.

**3.2**编译开发说明 **3.2** Compilation and Development Instructions

cd system/rk_tee_user/ Cd system/rk_tee_user/

mm Mm

编译成功后会得到相应的执行程序，执行程序分为CA（Client Application，运行在normal After the compilation is successful, the corresponding execution program will be obtained. The execution program is divided into CA (Client Application, running in normal).

world）和TA（Trust Application，运行在secure world）。 World) and TA (Trust Application, running in secure world).

CA 为普通执行文件，编译后生成于Android 工程out 目录下system/bin 中，rkdemo 与 CA is a normal execution file, compiled and generated in the system/bin under the Android project out directory, rkdemo and

**Page 10** **Page 10**

福州瑞芯微电子有限公司 Fuzhou Ruixin Microelectronics Co., Ltd.

内部资料，不得扩散 Internal information, no diffusion

Page 10 of 15 Page 10 of 15

rkdemo_storage 为RK 编写的demo 程序。 Rkdemo_storage is a demo program written for RK.

TA 是文件名为uuid，后缀为.ta 的文件，编译后生成于rk_tee_user/ta 下对应的文件夹中。 TA is a file whose name is uuid and whose suffix is .ta. It is compiled and generated in the corresponding folder under rk_tee_user/ta.

TA 文件需放置到设备的system/lib/optee_armtz（注：若无optee_armtz 目录，则需要新建）下， The TA file needs to be placed in the system/lib/optee_armtz of the device (note: if there is no optee_armtz directory, you need to create a new one)

再执行CA 程序。 Execute the CA program.

**3.3**运行测试**TEE**环境 **3.3** Running the test **TEE** environment

1\. adb shell 进入设备 1\. adb shell enters the device

2\. libteec.so 放置到/system/lib 或lib64 目录下，tee-supplicant, rkdemo 放置到/system/bin 目录 2\. libteec.so is placed in the /system/lib or lib64 directory, tee-supplicant, rkdemo is placed in the /system/bin directory

下，8cccf200-2450-11e4-abe20002a5d5c52c.ta 放置到/system/lib/optee_armtz 目录下。 Next, 8cccf200-2450-11e4-abe20002a5d5c52c.ta is placed in the /system/lib/optee_armtz directory.

（若开机tee-supplicant 自启动，则tee-supplicant 和libteec.so 不用再push，系统中已有这 (If the boot tee-supplicant is started automatically, tee-supplicant and libteec.so do not need to be pushed again. This is already in the system.

两个文件） Two files)

3\. 若开机未自动运行tee-supplicant，则需手动root 权限后台运行tee-supplicant： 3\. If tee-supplicant is not automatically run when booting, you need to run tee-supplicant in the background with manual root privileges:

# tee-supplicant & # tee-supplicant &

4\. 运行rkdemo，成功提示PASS，失败提示Fail： 4\. Run rkdemo, successfully prompt PASS, failure prompt Fail:

# rkdemo # rkdemo

5\. 若rkdemo 运行通过，则TEE 环境正常，可进行TEE 相关开发。 5\. If rkdemo runs, the TEE environment is normal and TEE-related development is possible.

6\. 同时，可利用rkdemo_storage 测试Secure Storage 环境是否正常。 6\. At the same time, you can use rkdemo_storage to test if the Secure Storage environment is normal.

**3.4**开发**CA/TA** **3.4** Development **CA/TA**

可参考rkdemo。 See rkdemo.

**4\. TA**签名方法 **4\. TA** signature method

**4.1**签名**TA**过程 **4.1** Signature **TA** Process

在编译TA 时，编译脚本将使用rk_tee_user/export-user_ta/keys 目录下的default_ta.pem 密钥对 When compiling the TA, the build script will use the default_ta.pem key pair in the rk_tee_user/export-user_ta/keys directory.

TA 镜像进行签名，该密钥为pem 格式的2048 长度RSA 密钥，以下为编译脚本中签名TA 过程： The TA image is signed. The key is a 2048-length RSA key in pem format. The following is the signature TA procedure in the build script:

SIGN = $(TA_DEV_KIT_DIR)/scripts/sign.py SIGN = $(TA_DEV_KIT_DIR)/scripts/sign.py

**Page 11** **Page 11**

福州瑞芯微电子有限公司 Fuzhou Ruixin Microelectronics Co., Ltd.

内部资料，不得扩散 Internal information, no diffusion

Page 11 of 15 Page 11 of 15

TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem

$(q)$(SIGN) --key $(TA_SIGN_KEY) --in $< --out $@ $(q)$(SIGN) --key $(TA_SIGN_KEY) --in $< --out $@

为防止客户A 的TA 应用运行在客户B 的板子上，建议客户生成一个2048 长度RSA 密钥，替 In order to prevent customer A's TA application from running on customer B's board, it is recommended that customers generate a 2048 length RSA key for

换rk_tee_user/export-user_ta/keys 目录下的default_ta.pem 密钥。 Change the default_ta.pem key in the rk_tee_user/export-user_ta/keys directory.

**4.2**验证**TA**过程 **4.2** Verifying the **TA** Process

在加载运行TA 时，TEE OS 将验证TA 的合法性，验证通过才能正常运行TA 应用。 When loading and running the TA, the TEE OS will verify the legality of the TA and pass the verification to run the TA application. 由于客户 Due to customer

替换了签名TA 的密钥，则TEE OS 中用于验证TA 合法性的公钥也需要随之替换，客户可以使用 Replace the key of the signature TA, the public key used to verify the legality of the TA in the TEE OS also needs to be replaced, the customer can use

工具替换TEE binary（参考第一章第一节）中的公钥。 The tool replaces the public key in the TEE binary (see Chapter 1, Section 1).

1) Linux 下替换 1) Replace under Linux

./change_puk --teebin ./change_puk --teebin

该命令将自动生成一个2048 长度的RSA 密钥oemkey.pem 并保存在当前目录下，并自动使用 This command will automatically generate a 2048-length RSA key oemkey.pem and save it in the current directory and use it automatically.

该密钥中的公钥替换TEE binary 中的原始公钥。 The public key in the key replaces the original public key in the TEE binary.

./change_puk --teebin --key oemkey.pem ./change_puk --teebin --key oemkey.pem

使用客户指定的密钥中的公钥来替换TEE binary 中的原始公钥，密钥长度须2048 长度。 Replace the original public key in the TEE binary with the public key in the customer-specified key, which must be 2048 in length.

2) windows 下替换 2) Replace under windows

打开Windows_change_puk.exe 点击“生成oemkey.pem”按钮生成并保存密钥。 Open Windows_change_puk.exe Click the "Generate oemkey.pem" button to generate and save the key.

选择刚刚生成的密钥和镜像，点击修改公钥。 Select the key and image you just generated and click Modify Public Key.

由于Windows_change_puk.exe 会调用BouncyCastle.Crypto.dll 第三方库，请确保 Since Windows_change_puk.exe will call the BouncyCastle.Crypto.dll third-party library, make sure

BouncyCastle.Crypto.dll 与Windows_change_puk.exe 在同一目录下。 BouncyCastle.Crypto.dll is in the same directory as Windows_change_puk.exe.

**5\. TA**调试方法 **5\. TA** debugging method

当TA 出现异常时会打印如下信息。 The following message is printed when an abnormality occurs in the TA.

**Page 12** **Page 12**

福州瑞芯微电子有限公司 Fuzhou Ruixin Microelectronics Co., Ltd.

内部资料，不得扩散 Internal information, no diffusion

Page 12 of 15 Page 12 of 15

user TA data-abort at address 0x8888 User TA data-abort at address 0x8888

fsr 0x00000805 ttbr0 0x6846c46a ttbr1 0x6846806a cidr 0x2 Fsr 0x00000805 ttbr0 0x6846c46a ttbr1 0x6846806a cidr 0x2

cpu #0 Cpu #0

cpsr 0x00000030 Cpsr 0x00000030

r0 0x60000013 r4 0x001007b8 r8 0x68471754 r12 0x000000ab R0 0x60000013 r4 0x001007b8 r8 0x68471754 r12 0x000000ab

r1 0x0000003a r5 0x00200da9 r9 0x68415491 sp 0x00100720 R1 0x0000003a r5 0x00200da9 r9 0x68415491 sp 0x00100720

r2 0x00000031 r6 0x001005a0 r10 0x00000000 lr 0x0020265f R2 0x00000031 r6 0x001005a0 r10 0x00000000 lr 0x0020265f

r3 0x00008888 r7 0x00100728 r11 0x00000000 pc 0x00200104 R3 0x00008888 r7 0x00100728 r11 0x00000000 pc 0x00200104

Status of TA 8cccf200-2450-11e4-abe20002a5d5c52c (0x68467450) (active) Status of TA 8cccf200-2450-11e4-abe20002a5d5c52c (0x68467450) (active)

- load addr : 0x200000 ctx-idr: 2 - load addr : 0x200000 ctx-idr: 2

- code area : 0x68700000 1048576 - code area : 0x68700000 1048576

- stack: 0x68800000 stack:2048 - stack: 0x68800000 stack:2048

DBG [0x0] TEE-CORE:get_fault_type:455: [abort] abort in User mode (TA will panic) DBG [0x0] TEE-CORE:get_fault_type:455: [abort] abort in User mode (TA will panic)

DBG [0x0] TEE-CORE:user_ta_enter:465: tee_user_ta_enter: TA panicked with code DBG [0x0] TEE-CORE: user_ta_enter: 465: tee_user_ta_enter: TA panicked with code

0xdeadbeef 0xdeadbeef

图中pc 0x00200104 就是异常位置。 In the figure, pc 0x00200104 is the abnormal position. 进入rkdemo 目录下，输入下面命令 Go to the rkdemo directory and enter the following command

arm-eabi-objdump –S 8cccf200-2450-11e4-abe20002a5d5c52c.elf | less 得到反汇编信息，由于TA 的 Arm-eabi-objdump –S 8cccf200-2450-11e4-abe20002a5d5c52c.elf | less Get disassembled information due to TA

运行地址从2M 位置开始，所以在反汇编信息中搜索104（PC – 0x200000），得到如下图反汇编 The running address starts from the 2M position, so search for 104 (PC – 0x200000) in the disassembly information and get the disassembly as shown below.

信息，图中红色就是异常位置。 Information, red in the picture is the abnormal position.

e8: E8:

4b3f 4b3f

ldr r3, [pc, #252] ; (1e8 Ldr r3, [pc, #252] ; (1e8

) )

ea: Ea:

447b 447b

add r3, pc Add r3, pc

ec: Ec:

9300 9300

str r3, [sp, #0] Str r3, [sp, #0]

ee: Ee:

4b3f 4b3f

ldr r3, [pc, #252] ; (1ec Ldr r3, [pc, #252] ; (1ec

) )

f0: F0:

447b 447b

add r3, pc Add r3, pc

f2: F2:

4618 4618

mov r0, r3 Mov r0, r3

f4: F4:

215e 215e

movs r1, #94 ; 0x5e Movs r1, #94 ; 0x5e

f6: F6:

2202 2202

movs r2, #2 Movs r2, #2

f8: F8:

2301 2301

movs r3, #1 Movs r3, #1

fa: Fa:

f004 ff8d bl 5018 F004 ff8d bl 5018

*(char*)0x8888 = '1'; *(char*)0x8888 = '1';

fe: Fe:

f648 0388 F648 0388

movw r3, #34952 ; 0x8888 Movw r3, #34952 ; 0x8888

102: 102:

2231 2231

movs r2, #49 ; 0x31 Movs r2, #49 ; 0x31

104: 104:

701a 701a

strb r2, [r3, #0] Strb r2, [r3, #0]

IMSG("=========2====="); IMSG ("=========2=====");

106: 106:

4b3a 4b3a

ldr r3, [pc, #232] ; (1f0 Ldr r3, [pc, #232] ; (1f0

) )

108: 108:

447b 447b

add r3, pc Add r3, pc

10a: 10a:

9300 9300

str r3, [sp, #0] Str r3, [sp, #0]

10c: 10c:

4b39 4b39

ldr r3, [pc, #228] ; (1f4 Ldr r3, [pc, #228] ; (1f4

) )

10e: 10e:

447b 447b

add r3, pc Add r3, pc

110: 110:

4618 4618

mov r0, r3 Mov r0, r3

112: 112:

2160 2160

movs r1, #96 ; 0x60 Movs r1, #96 ; 0x60

114: 114:

2202 2202

movs r2, #2 Movs r2, #2

116: 116:

2301 2301

movs r3, #1 Movs r3, #1

118: 118:

f004 ff7e bl 5018 F004 ff7e bl 5018

**Page 13** **Page 13**

福州瑞芯微电子有限公司 Fuzhou Ruixin Microelectronics Co., Ltd.

内部资料，不得扩散 Internal information, no diffusion

Page 13 of 15 Page 13 of 15

**6.**内存相关说明 **6.** Memory related instructions

1）ARMv7 架构（RK312x，RK3288，RK3228）内存分配情况如下： 1) The memory allocation of ARMv7 architecture (RK312x, RK3288, RK3228) is as follows:

Trust OS(OP-TEE) Trust OS (OP-TEE)

+PSCI +PSCI

132M 132M

0M 0M

ARMv7 ARMv7

Linux/ Linux/

Windows Windows

Uboot/UEFI Uboot/UEFI

133M 133M

无Trust APP(如:DRM)场景 No Trust APP (eg DRM) scenario

Trust OS(OP-TEE) Trust OS (OP-TEE)

+PSCI +PSCI

2048M 2048M

0M 0M

ARMv7 ARMv7

Linux/ Linux/

Windows Windows

Uboot/UEFI Uboot/UEFI

146M 146M

带Trust APP(如:DRM)场景 With a Trust APP (eg DRM) scene

Size:1M Size: 1M

Size:14M Size: 14M

MAX MAX

DRM DRM

Linux/ Linux/

Windows Windows

1792M 1792M

Size:256M Size: 256M

132M 132M

2）ARMv8 架构（RK3368，RK3399，RK3228H，RK3328）内存分配情况如下： 2) The memory allocation of ARMv8 architecture (RK3368, RK3399, RK3228H, RK3328) is as follows:

V8 架构下的的BL30,BL31,BL32(Trust os)内存分配情况。 BL30, BL31, BL32 (Trust os) memory allocation under V8 architecture.

**Page 14** **Page 14**

福州瑞芯微电子有限公司 Fuzhou Ruixin Microelectronics Co., Ltd.

内部资料，不得扩散 Internal information, no diffusion

Page 14 of 15 Page 14 of 15

132M 132M

0M 0M

ARMv8 ARMv8

Linux/ Linux/

Windows Windows

Uboot/UEFI Uboot/UEFI

无Trust APP场景 No Trust APP scene

Trust OS(OP-TEE)加载运 Trust OS (OP-TEE) loading and shipping

行 Row

Trust OS(OP-TEE) Trust OS (OP-TEE)

132M 132M

0M 0M

ARMv8 ARMv8

Linux/ Linux/

Windows Windows

Uboot/UEFI Uboot/UEFI

148M 148M

带Trust APP场景 With Trust APP scene

Size:16M Size: 16M

Bl31（512k） Bl31 (512k)

0.5M 0.5M

MAX MAX

Size:2M Size: 2M

134M 134M

Trust OS(OP-TEE) Trust OS (OP-TEE)

Bl31（512k） Bl31 (512k)

0.5M 0.5M

Bl30（512k） Bl30 (512k)

1.5M 1.5M

2M 2M

Reserve Reserve

2M 2M

1.5M 1.5M

Bl30（512k） Bl30 (512k)

Reserve Reserve

Linux/ Linux/

Windows Windows

1792M 1792M

2048M 2048M

Size:256M Size: 256M

DRM DRM

2）TEE 内存分配情况如下： 2) TEE memory allocation is as follows:

2M 2M

12M 12M

2M 2M

TEE_RAM TEE_RAM

TA_RAM TA_RAM

SHMEM SHMEM

说明：1\. 以上是v8 的架构下TEE 内存分布，TA 运行在TA_RAM 区域，运行一个TA 占用4M 内 Description: 1\. The above is the TEE memory distribution under the architecture of v8\. The TA runs in the TA_RAM area and runs a TA occupying 4M.

存大小 Storage size

2\. 在v7 的架构下，TEE 内存分布为14M, TEE_RAM 和SHMEM 区域分别是1M。 2\. Under the v7 architecture, the TEE memory distribution is 14M, and the TEE_RAM and SHMEM regions are 1M. TA 运 TA Yun

行在TA_RAM ,运行一个TA 占用2M 内存大小 Row in TA_RAM, running a TA takes up 2M memory size

**7.**相关资料扩展 **7.** Related data expansion

1\. ARM 官方TrustZone 白皮书： 1\. ARM Official TrustZone White Paper:

http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_tr http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_tr

**Page 15** **Page 15**

福州瑞芯微电子有限公司 Fuzhou Ruixin Microelectronics Co., Ltd.

内部资料，不得扩散 Internal information, no diffusion

Page 15 of 15 Page 15 of 15

ustzone_security_whitepaper.pdf Ustzone_security_whitepaper.pdf

2\. GlobalPlatform 官方文档： 2\. GlobalPlatform official documentation:

https://www.globalplatform.org/specificationsdevice.asp Https://www.globalplatform.org/specificationsdevice.asp

该网站可下载CA 开发API 参考文档：TEE Client API Specification v1.0 The website can download the CA Development API reference document: TEE Client API Specification v1.0

TA 开发API 参考文档：TEE Internal Core API Specification v1.1 TA Development API Reference Document: TEE Internal Core API Specification v1.1

以及其他架构方面参考文档。 And other architectural aspects reference documentation.

**8.**注意事项 **8.** Notes

1\. 每次开机后需先在后台执行tee-supplicant，然后CA/TA 才可实现交互。 1\. You need to execute tee-supplicant in the background after each boot, and then CA/TA can interact.

2\. 开发新的TA 时，TA 的UUID 需采用标准的UUID，可用uuidgen 命令生成。 2\. When developing a new TA, the UUID of the TA needs to use the standard UUID, which can be generated by the uuidgen command.

3\. 在每个TA 的include 目录下的头文件user_ta_header_defines.h 中定义了堆栈的大小，堆的 3\. The size of the stack is defined in the header file user_ta_header_defines.h in the include directory of each TA.

大小为32KB（TA_DATA_SIZE），栈的大小为2KB（TA_STACK_SIZE）。 The size is 32KB (TA_DATA_SIZE) and the size of the stack is 2KB (TA_STACK_SIZE). 一般情况下最好 In general, it is best

不要去修改，若实在无法满足需求，可适当改大一些，堆的大小不要超过1MB，栈的大小 Don't modify it. If it can't meet the demand, you can change it to a larger size. The size of the heap should not exceed 1MB. The size of the stack.

不要超过64KB。 Do not exceed 64KB.

#define TA_STACK_SIZE #define TA_STACK_SIZE

(2 * 1024) (2 * 1024)

#define TA_DATA_SIZE #define TA_DATA_SIZE

(32 * 1024) (32 * 1024)