1 <html devsite> 2 <head> 3 <title>Trusty TEE</title> 4 <meta name="project_path" value="/_project.yaml" /> 5 <meta name="book_path" value="/_book.yaml" /> 6 </head> 7 <body> 8 <!-- 9 Copyright 2017 The Android Open Source Project 10 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 --> 23 24 25 26 <p>Trusty is a set of software components supporting a Trusted Execution 27 Environment (TEE) on mobile devices.</p> 28 29 <p>Trusty consists of:</p> 30 31 <ul> 32 <li>An operating system (the Trusty OS) that runs on a processor intended to 33 provide a TEE 34 <li>Drivers for the Android kernel (Linux) to facilitate communication with 35 applications running under the Trusty OS 36 <li>A set of libraries for Android systems software to facilitate communication 37 with trusted applications executed within the Trusty OS using the kernel 38 drivers 39 </ul> 40 41 <p><strong>Important</strong>: Trusty and the Trusty API are subject 42 to change.</p> 43 44 <p>For information about the Trusty API, see the <a 45 href="trusty-ref.html">API Reference</a>.</p> 46 47 <h2 id=uses_examples>Uses and examples</h2> 48 49 <p>Any TEE OS (not just Trusty) can be used for TEE implementations.</p> 50 51 <p>A TEE processor is typically a separate microprocessor in the system or a 52 virtualized instance of the main processor. The TEE processor is isolated from 53 the rest of the system using memory and I/O protection mechanisms supported by 54 the hardware.</p> 55 56 <p>TEE processors have become a mainstay in today's mobile devices. The main 57 processor on these devices is considered "untrusted" and cannot access certain 58 areas of RAM, hardware registers and fuses where secret data (such as 59 device-specific cryptographic keys) is stored by the manufacturer. Software 60 running on the main processor delegates any operations that require use of 61 secret data to the TEE processor.</p> 62 63 <p>The most widely known example of this in the Android ecosystem 64 is the <a href="/devices/drm.html">DRM framework</a> for 65 protected content. Software running on the TEE processor can access 66 device-specific keys required to decrypt protected content. The main processor 67 sees only the encrypted content, providing a high level of security and 68 protection against software-based attacks.</p> 69 70 <p>There are many other uses for a TEE such as mobile payments, secure banking, 71 full-disk encryption, multi-factor authentication, device reset protection, 72 replay-protected persistent storage, wireless display ("cast") of protected 73 content, secure PIN and fingerprint processing, and even malware detection.</p> 74 75 <p>Trusty provides APIs for developing two classes of applications:</p> 76 77 <ul> 78 <li>Trusted applications or services that run on the TEE processor 79 <li>Normal/untrusted applications that run on the main processor and use services 80 provided by Trusted applications 81 </ul> 82 83 <p>Software running on the main processor can use Trusty APIs to connect to 84 trusted applications and exchange arbitrary messages with them, just like a 85 network service over IP. It is up to the application to determine the data 86 format and semantics of these messages using an app-level protocol. Reliable 87 delivery of messages is guaranteed by the underlying Trusty infrastructure (in 88 the form of drivers running on the main processor), and the communication is 89 completely asynchronous.</p> 90 91 <h2 id=trusted_applications_and_services>Trusted applications and services</h2> 92 93 <p>Trusted applications run as isolated processes under the Trusty OS kernel. Each 94 process runs in its own virtual memory sandbox utilizing the MMU capabilities 95 of the TEE processor. The kernel schedules these processes using a 96 priority-based, round-robin scheduler driven by a secure timer tick. In the 97 current version of Trusty, all Trusty applications share the same priority.</p> 98 99 <p>Applications for the Trusty OS can be written in C/C++ (C++ support is 100 limited), and they have access to a small C library. The <code>main()</code> 101 function currently does not take any arguments. System call stubs are provided 102 in native assembly code as part of this library, so system calls can be 103 accessed by name.</p> 104 105 <h3 id=language_threading>Language and threading support</h3> 106 107 <p>All Trusty applications are single-threaded; multithreading in Trusty userspace 108 currently is unsupported.</p> 109 110 <h3 id=application_structure>Application structure</h3> 111 112 <p>Trusty applications initialize once during load and reside in memory until the 113 TEE processor is reset. Trusty currently does not support dynamic loading and 114 unloading of applications.</p> 115 116 <p>Trusted applications are written as <strong>event-driven servers</strong> 117 waiting for commands from other applications or from applications running on 118 the main processor. Trusted applications can also be clients of other trusted 119 server applications. Events described in the following API sections will be 120 delivered to trusted applications by the Trusty kernel.</p> 121 122 <h2 id=third-party_trusty_applications>Third-party Trusty applications</h2> 123 124 <p>Currently all Trusty applications are developed by a single party and packaged 125 with the Trusty kernel image. The entire image is signed and verified by the 126 bootloader during boot. Third-party application development is not supported in 127 this version of Trusty.</p> 128 129 <p>Although the Trusty OS enables the development of new applications, doing so 130 must be exercised with extreme care; each new application increases the area of 131 the trusted computing base (TCB) of the system. Trusted applications can access 132 device secrets and can perform computations or data transformations using them.</p> 133 134 <p>The ability to develop new applications that run in the TEE opens up many 135 possibilities for innovation. However, due to the very definition of TEE, these 136 applications cannot be distributed without some form of <strong>trust</strong> attached. 137 Typically this comes in the form of a digital signature by an entity 138 trusted by the user of the product on which the application runs.</p> 139 140 <h2 id=downloading_building>Downloading and building Trusty</h2> 141 142 <p>You can find the Trusty implementation in the Android Open Source Project (AOSP) here:<br/> 143 <a href="https://android-review.googlesource.com/#/admin/projects/?filter=trusty">https://android-review.googlesource.com/#/admin/projects/?filter=trusty</a></p> 144 145 <p>The Trusty kernel branches on AOSP are here:<br/> 146 <a href="https://android.googlesource.com/kernel/common/+/android-trusty-3.10">https://android.googlesource.com/kernel/common/+/android-trusty-3.10</a><br/> 147 <a href="https://android.googlesource.com/kernel/common/+/android-trusty-3.18">https://android.googlesource.com/kernel/common/+/android-trusty-3.18</a></p> 148 149 <p>To make Trusty, run the following commands (assuming the Android toolchain is already in the path):</p> 150 <pre class="devsite-click-to-copy"> 151 <code class="devsite-terminal">repo init -u https://android.googlesource.com/trusty/manifest</code> 152 <code class="devsite-terminal">repo sync</code> 153 <code class="devsite-terminal">make -j24 generic-arm64</code> 154 </pre> 155 156 <p>You may select another supported build target from: <code>device/*/*/project/*</code></p> 157 158 </body> 159 </html> 160
