• State Accepted Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 349 subscribers
  • Views 8851 views
  • Users 0 members are here
Options
Related
How was your experience today?
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using ARM TrustZone OS in the UEFI

qwertytmp1

I think community is familiar with a BIOS's replacement which is UEFI.

I found that UEFI contains the module with name SMM (System Management Mode), which is running at the highest priority exception level of a processor.

That is why I am asking if it possible to run secure monitor with secure operating system with UEFI, at the same time not breaking the model of the latest one?

If it is possible, than how to do it and what is the boot flow then?

Thank you!

Parents
  • +1

    SMM is the concept of x86 CPU architecture, which is absent in Arm architecture. For Arm, EL3 can be used to do similar job as SMM.
    Secure Monitor can run in EL3 as the arbiter. Secure OS can run in secure EL1 while secure app services can run in secure EL0.

Reply
  • +1

    SMM is the concept of x86 CPU architecture, which is absent in Arm architecture. For Arm, EL3 can be used to do similar job as SMM.
    Secure Monitor can run in EL3 as the arbiter. Secure OS can run in secure EL1 while secure app services can run in secure EL0.

Children