24
© 2018 Arm Limited © 2018 Arm Limited TZMP-1 Software Reference Implementation • Ken Liu • 2018-Mar-12
© 2018 Arm Limited © 2018 Arm Limited
TZMP-1 Software
Reference Implementation
• Ken Liu
• 2018-Mar-12
2 © 2018 Arm Limited 2 © 2018 Arm Limited
Content
•DRM Applications and Secure Video Path
• Regular Secure Video Path Design with Trustzone• TZMP1 Design Concepts• Reference Implementation Details
3 © 2018 Arm Limited 3 © 2018 Arm Limited
DRM Protocols
Video Path
General Process of DRM
Key Exchange
Authorizing
Networking
-+Decrypt/DecodeEncode/Encrypt
Casting
Encoded ContentEncrypted Content
4 © 2018 Arm Limited 4 © 2018 Arm Limited
Ideal Model of Secure Video Path
- Decrypt
Decode
Composite
+Secured Environment
Encrypted Content
Encoded Content Decoded Frame
5 © 2018 Arm Limited 5 © 2018 Arm Limited
Content
• DRM Applications and Secure Video Path
•Regular Secure Video Path Design with Trustzone
• TZMP1 Design Concepts• Reference Implementation Details
6 © 2018 Arm Limited 6 © 2018 Arm Limited
Arm Trustzone
Secure World
Non-Secure World
Non-Trusted Apps
Tursted OS
Trused OS
Trusted Application
Hardware isolatedExecution Environment
7 © 2018 Arm Limited 7 © 2018 Arm Limited
Regular Design with TrustZone
- Decrypt Decode
Composite+
Secure World
Non-Secure World
Receive
8 © 2018 Arm Limited 8 © 2018 Arm Limited
Secure World
Issues of Regular Design
Non-Secure OS
Media
Framework
Video Driver
Graphics Component
GPUDriver
CompositorDisplayDriver
Video Component
Secure OS
Video Driver
Graphics Component
GraphicsDriver
CompositorDisplayDriver
Video Component Video Driver
Video Component
GraphicsDriver
Graphics Component
DisplayDriver
Compositor
Porting ?
Non-Secure World
Mature multimediaframeworks inNon-Secure OS
Lack of APIRuntime
more attack interfaces
9 © 2018 Arm Limited 9 © 2018 Arm Limited
SecureMemory
Protected
Memory
Non-Secure Memory
Protected
Memory
Protect Content in Non-Secure World
- Decrypt
Decode
Composite+
Could we protect content innon-secure world to avoid
much changes?
Restrict accessing intosingle direction
10 © 2018 Arm Limited 10 © 2018 Arm Limited
Content
• DRM Applications and Secure Video Path• Regular Secure Video Path Design with Trustzone
•TZMP1 Design Concepts
• Reference Implementation Details
11 © 2018 Arm Limited 11 © 2018 Arm Limited
Protected Memory and Secured Playback
ProtectedVPU
Non-SecureVPU
ProtectedGPU
Non-SecureGPU
Non-Secure CPU
Non-Secured Bitstream
Secure Bitstream
DisplayController
RWRW
Decryptor
RO
WORW RW
RO
RO
Protected Memory
Non-Secure Memory
• Secure Bitstream could only be accessed by ‘Protected’ hardware components• Non-Secure Bitstream could only be accessed by Non-Secure hardware components
• Display controller could read both types of bitstreams• Mention the word ‘Protected’ – leads to Protected Memory and Protected Mode of HW
12 © 2018 Arm Limited 12 © 2018 Arm Limited
Hardware Architecture of TZMP1
CortexA
CortexA
CortexA
CortexA
CCI – 5xx Interconnect
GPU
NIC-400 Interconnect
VPU Display
TZC-400
Memory
NSAID_CPU
NSAID_GPU_PROTECTEDNSAID_REE
NSAID_VIDEO_PRIVATENSAID_VIDEO_PROTECTEDNSAID_VIDEO_OUTBUFNSAID_REE
NSAID_DP_PROTECTED
NSAID
NSAID
NSAID
13 © 2018 Arm Limited 13 © 2018 Arm Limited
Firewall of Accessing - Arm Trustzone Controller 400
• Each non-secure memory accessing hardware is assigned with a Non-Secure Access ID (NSAID)
• TZC-400 checks NSAID and region permissions to decide access availability
• Total 8 regions and 16 NSAIDs are supported in TZC-400
• Secure accessing is also checked by TZC-400
Region Ranges NSAID 1 NSAID 2 … NSAID 16 Secure Access
0 All Memory RW Configurable RW Configurable RW Configurable RW Configurable
1 Configurable RW Configurable RW Configurable RW Configurable RW Configurable
2 Configurable RW Configurable RW Configurable RW Configurable RW Configurable
3 Configurable RW Configurable RW Configurable RW Configurable RW Configurable
4 Configurable RW Configurable RW Configurable RW Configurable RW Configurable
5 Configurable RW Configurable RW Configurable RW Configurable RW Configurable
6 Configurable RW Configurable RW Configurable RW Configurable RW Configurable
7 Configurable RW Configurable RW Configurable RW Configurable RW Configurable
TZC-400
Memory
NSAID
Comp
14 © 2018 Arm Limited 14 © 2018 Arm Limited
Content
• DRM Applications and Secure Video Path• Regular Secure Video Path Design with Trustzone• TZMP1 Design Concepts
•Reference Implementation Details
15 © 2018 Arm Limited 15 © 2018 Arm Limited
Platform and Software Components
Component Description
Board Juno-r2 + 2 x Logictile
Non-SecureOS
Androidlsk-4.4-armlt Kernel
Secure OS OPTEE OS
Boot Arm-tf
Media IP Arm Mali V550 G71 DP650
DRM Clearkey / Widevine
16 © 2018 Arm Limited 16 © 2018 Arm Limited
Overall Reference Implementation
Hardware
Media Framework SurfaceFlinger
DRM Plugin OMX.decoder.secure
OMX.decoder
OP-TEE OS (TEE)
Crypto TA
TZC-400NSAID PROT NSAID_PUB
VPUNSAID_PR
OTNSAID_PU
B
GPU
ProtectedSurface
Surface
EncryptedBitstream
Protected Memory DecryptedDecode
dDecode
dDecoded
ClearBitstream
ClearBitstream
Decoded
Decoded
Decoded
ExoPlayer
Drivers
Non-Secure Memory
Crypto CA
DPUNSAI
D
17 © 2018 Arm Limited 17 © 2018 Arm Limited
Required Software Modifications
Hardware
Media Framework SurfaceFlinger
OMX.decoderOMX.decoder.secu
re
OP-TEE OS (TEE)
Crypto TA
TZC-400
NSAID PROT NSAID_PUB
VPUNSAID_PR
OTNSAID_PU
B
GPU
SurfaceProtected
Surface
ExoPlayer
Drivers
SGL TA
SGL CA Gralloc
DRM Plugin
Crypto CA
ION
TZC400 Setup
DPUNSAI
D
18 © 2018 Arm Limited 18 © 2018 Arm Limited
Memory Regions
Android (Linux)
Kernel Managed ION::UNMAPPED HEAP ION::CARVEOUTTEEPARAM
X
Memory Regions
Non-SecureMemory
SECUREFIRMWARE
SECUREBITSTREAM
SECUREFRAME
TEEPARAM
SecureMemory
OPTEE OS X Secure Data PathX TEE
PARAMRuntime
19 © 2018 Arm Limited 19 © 2018 Arm Limited
Secure VPU Firmware Loading
Secure Gadget Library (SGL CA)
OP-TEE OS
SGL TA
Secure Firmware
Firmware
• Mandatory for firmware based decoder
• Unnecessary for non-firmware based decoder
• SDP Usage
Non-SecureMemory
SECUREFIRMWARE
SECUREBITSTREAM
Hardware
NSAID_PRIV NSAID_PUB
VPU
20 © 2018 Arm Limited 20 © 2018 Arm Limited
Adopt DRM Crypto
DRM Plugin
OP-TEE OS
Crypto TA
EncryptedBitstream
Decrypted
• Decrypt in OPTEE OS
• Put result into protected memory
• Take advantage SDP of OPTEE OS SDP
Non-SecureMemory
SECUREFIRMWARE
SECUREBITSTREAM
21 © 2018 Arm Limited 21 © 2018 Arm Limited
Adopt Secure Decoder
Hardware
Android
Media Framework
OMX.decoder.secure
OMX.decoder
NSAID_PROT NSAID_PUB
VPU
DecryptedDecode
d
ExoPlayer
Drivers
SECUREFIRMWARE
SECUREBITSTREAM
SECUREFRAME
‘Secure Video Path’ in Android
Is DRM required ‘Secure Codec’ ?
Is ‘Secure Codec’ available ?
Setup Secure Video Path
Choose ‘Secure Codec’ component
Apply Protected Surface for output
22 © 2018 Arm Limited 22 © 2018 Arm Limited
Graphics and Display
Hardware
SurfaceFlinger
NSAID_PROT
NSAID_PUB
GPU
ProtectedSurface
Surface
Decoded
Decoded
• GPU and Display calls gralloc for surface buffers
• Gralloc allocates memory from specified buffer due to flags
• Call ION APIs for protected buffer
Drivers
SECUREFRAME
DPUNSAI
D
23 © 2018 Arm Limited 23 © 2018 Arm Limited
ReferencesComponents Repository
1 Workspace To be upstreamed in April
2 Arm-tf https://github.com/ARM-software/arm-trusted-firmware (Upstreaming)
3 OPTEE OS https://github.com/OP-TEE/optee_os (Done)
4 Android manifest To be upstreamed in April
5 Secure Gadget Library Upstreaming in linaro private repository
6 Gralloc https://developer.arm.com/products/software/mali-drivers/android-gralloc-module
7 Multimedia IP Contact Arm support
8 Linux and DTS https://git.linaro.org/landing-teams/working/arm/kernel-release.git(Upstreaming)
9 Arm Connected Community Page
Planed to be done by ~April
2424
Thank YouDankeMerci谢谢ありがとうGraciasKiitos감사합니다ध यवादתודה
© 2018 Arm Limited 2424
Thank YouDankeMerci谢谢ありがとうGraciasKiitos감사합니다ध यवादתודה
© 2018 Arm Limited
