On Tue, Oct 31, 2017 at 11:48:35AM +0100, Martin Steigerwald wrote:
> Arnt Gulbrandsen - 30.10.17, 12:25:
> > Martin Steigerwald writes:
> > > I wonder about ARM64 as an alternative? But they have some
> > > Trustzone crap if I remember correctly.
> >
> > ARM64 is fine from a performance viewpoint. The mobile phone vendors have
> > spent a decade optimising ARM SOCs for performance on small batteries. I
> > haven't found laptops with ≥8GB RAM so far though.
> >
> > Personally I consider the Trustzone well-justified and good. It makes it
> > easy to provide security regimes that rely on an unchangeable past and
> > already-closed windows of opportunity.
>
> I don´t know much about Trustzone. Do you have any links to a good
> explaination of it (preferable from a non-vendor source)?

There's nothing inherently evil in TrustZone, although it can (and often is)
used for evil. Think of it as a hypervisor: unlike IME, it's a privilege
level of the main processor and executes regular ARM code. There are two
"worlds": secure and normal.

The "secure" world marks certain resources (memory regions, interrupts,
peripherals, etc). Upon an attempt to access a marked resource, there's a
"world switch" that most of us would call an "interrupt" (except that they
decided to invent a new word, to disambiguate from regular interrupts).
The secure world handler then checks what you tried to do and reacts
appropriately.

Some SoCs have a small amount of memory that can ever be accessed only from
the secure world. On some, secure world code can't even execute code from
regular memory (although it can obviously copy some in).

The ROM code executes (at least partially) in the secure world, and may or
may not let the bootloader replace it with your own code (typically you
compile ATF, with or without modifications, instead of writing everything
from scratch). On free machines like Pine64 or Pinebook, you can do this.
On most others, you can't, with obvious freedom consequences. Insert the
usual lecture about hardware you don't truly own.


One article you can read is for example
https://genode.org/documentation/articles/trustzone


Meow!
--
⢀⣴⠾⠻⢶⣦⠀ Laws we want back: Poland, Dz.U. 1921 nr.30 poz.177 (also Dz.U.
⣾⠁⢰⠒⠀⣿⡁ 1920 nr.11 poz.61): Art.2: An official, guilty of accepting a gift
⢿⡄⠘⠷⠚⠋⠀ or another material benefit, or a promise thereof, [in matters
⠈⠳⣄⠀⠀⠀⠀ relevant to duties], shall be punished by death by shooting.