Hi, sorry for my english.
Suppose I want to implement my own firmware for BBB (particularly), specifically - UEFI. (In fact, I am working on it, but by now I am to far from the hardware part yet.) And also I want at least to try to implement my own Secure world software stack (It’s not necessarily should relate to UEFI, but might be realated to it as well, for example for the Secure Boot stuff, UEFI by itself even clearly states it should run in the privileged non-secure state on aarch32). Especially - the Monitor software. AM3358 having cortex-a8 inside it has the Security Extension inside, so the problem lays only in availability of TrustZone hardware components for programming them for third parties. The TI’s TRM on Sitara am3358 states the ROM code starts in the secure state and then switches into non-secure state before transferring control to its payload, thus to my possible FW. The question is, whether third parties like me are able to get into the chain of trust in order to supply their own Secure world firmware/OS and especially - the Monitor code? Does TI give such a possibility? And if so, what should be done from my side? Maybe somebody knows this.
Thanks!
Last I looked into this, there is a HS (high security) version of the
processor that supports the features you mention. Or, at least secure
boot. I have never been able to find the guy that knows the guy to get
the NDA signed to find out more though.
пʼятниця, 15 квітня 2016 р. 17:18:08 UTC+3 користувач Joshua Datko написав:
Last I looked into this, there is a HS (high security) version of the
processor that supports the features you mention. Or, at least secure
boot. I have never been able to find the guy that knows the guy to get
the NDA signed to find out more though.
Thank you for the answer.
I was talking about an ordinary version, not a HS one, I thought since it has Security Extension included it should use it (and possibly - let use it by third parties). But it seems, all Monitor services available, are those ridiculous 3 options to write NACR, auxiliary control register and L2 auxiliary control register. It’s definetely not what I was seeking.
And even if it’s not possible to find a way through NDA signing, it sucks. Will pretend that those unavailable hardware capabilities just don’t exist.