Research On Security Architecture Of Trusted Domain Based On Asymmetric Multiprocessor

ARM introduced the hardware isolation technology called TrustZone to protect sensitive data from being stolen.TrustZone provides a trusted execution environment for kernel at the hardware level,called secure world.Secure world can access hardware resources in secure state.A traditional operational domain is called normal world and can only access hardware resources in non-secure state.TrustZone provides an optional protection strategy for kernel.For example,Linux can trarnsfer cryptographic operations to secure world to avoid leaking keys due to kernel vulnerabilities.However,research[1]disclosed that methods of cache-based side channel attack can be used to attack TrustZone and obtain sensitive data such as keys.Cache in TrustZone can be constructed as a side channel because it allows secure world to share the same cache with normal world.Although normal world cannot access the contents of secure cache line,but it can evict the secure cache line from the cache by mapping the physical address to the same index,thus causes occurrence of cache contention.Because secure world lacks an effective defense mechanism,the cache side channel attack is easily exploited by malicious programs in normal world,such as the AES key used to steal OpenSSL in secure world.Therefore,research in this paper includes three aspects:Firstly,improve the defense capability of secure world to the cache side channel attack;Secondly,system performance degradates due to the improvement of security,and the optimization measures are taken to mitigate the performance degradation;Thirdly,the solution requires the participation of kernel in normal world to ensure that the component executes correctly in kernel.This paper proposes a security framework called EX-OPTEE of trusted domain based on asymmetric multiprocessor.EX-OPTEE changes the traditional time-sharing shared processor design architecture between secure world and normal world,using architecture design based on asymmetric multi-processor.In a symmetric architecture,normal world can execute all processor cores,and the processor core switches from the non-secure state to the secure state with event-driven through the Secure Monitor Call(SMC)instruction and the core executes in the secure world.EX-OPTEE deprives normal world of the ability to execute and interfere with a particular processor core.The processor core only execute in secure world,as a binding core of secure world.By modifying the process of secure boot,EX-OPTEE prevents a core from calling SMC instruction to return to the normal world and masking the interrupt from normal world after the initialization of secure world is completed.When an application in normal world invokes a service in secure world,operations related to sensitive data in secure world are performed on the processor core from normal world,and the content is filled in the local cache of processor core from normal world.In order to make sensitive data in the security service only populated in the cache of the binding core of secure world,split security services in secure world into sensitive operational tasks and non-sensitive operational tasks,and achieve inter-core migration of sensitive operational tasks.Because the binding core of secure world carries multiple sensitive service tasks on the core,they are managed by the designed scheduling algorithm.To optimize performance,release the processor core waiting for the end of sensitive task execution in secure world.The processor core is directly returned to the front-end component in normal world by setting the return path.The front-end component manages the returned processor core and make them participate in kernel schedule.In order to ensure the correct execution of front-end component in normal world,the front-end component is loaded into the specified read-only virtual memory space,and the modification ability in normal world to the kernel page table and the control capability of MMU are deprived.Secure world is driven by events to monitor illegal operation in normal worldThe EX-OPTEE framework is based on OPTEE[2]and runs under the 64-bit ARMv8 architecture.This paper proves the feasibility and effectiveness of the framework through experiments.