1184 lines
84 KiB
HTML
1184 lines
84 KiB
HTML
|
||
|
||
<!DOCTYPE html>
|
||
<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
|
||
<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
|
||
<head>
|
||
<meta charset="utf-8">
|
||
|
||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||
|
||
<title>Trusty and Security Services in ACRN — Project ACRN™ v 0.7 documentation</title>
|
||
|
||
|
||
|
||
|
||
<link rel="shortcut icon" href="../_static/ACRN-favicon-32x32.png"/>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="../_static/css/theme.css" type="text/css" />
|
||
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
|
||
<link rel="stylesheet" href="../_static/acrn-custom.css" type="text/css" />
|
||
<link rel="index" title="Index" href="../genindex.html" />
|
||
<link rel="search" title="Search" href="../search.html" />
|
||
<link rel="next" title="Using AGL as the User OS" href="using_agl_as_uos.html" />
|
||
<link rel="prev" title="Using a static IP address" href="static-ip.html" />
|
||
|
||
|
||
<script src="../_static/js/modernizr.min.js"></script>
|
||
|
||
</head>
|
||
|
||
<body class="wy-body-for-nav">
|
||
|
||
|
||
<div class="wy-grid-for-nav">
|
||
|
||
|
||
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
|
||
<div class="wy-side-scroll">
|
||
<div class="wy-side-nav-search">
|
||
|
||
|
||
|
||
<a href="../index.html" class="icon icon-home"> Project ACRN™
|
||
|
||
|
||
|
||
|
||
<img src="../_static/ACRN_Logo_200w.png" class="logo" alt="Logo"/>
|
||
|
||
</a>
|
||
|
||
|
||
|
||
|
||
<div class="version">
|
||
0.7
|
||
</div>
|
||
|
||
|
||
|
||
|
||
<div role="search">
|
||
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
|
||
<input type="text" name="q" placeholder="Search docs" />
|
||
<input type="hidden" name="check_keywords" value="yes" />
|
||
<input type="hidden" name="area" value="default" />
|
||
</form>
|
||
</div>
|
||
|
||
|
||
</div>
|
||
|
||
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<ul class="current">
|
||
<li class="toctree-l1"><a class="reference internal" href="../introduction/index.html">Introduction to Project ACRN</a><ul>
|
||
<li class="toctree-l2"><a class="reference internal" href="../introduction/index.html#automotive-use-case-example">Automotive Use Case Example</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../introduction/index.html#licensing">Licensing</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../introduction/index.html#acrn-device-model-service-os-and-user-os">ACRN Device Model, Service OS, and User OS</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../introduction/index.html#boot-sequence">Boot Sequence</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../introduction/index.html#acrn-hypervisor-architecture">ACRN Hypervisor Architecture</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../introduction/index.html#acrn-device-model-architecture">ACRN Device Model Architecture</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../introduction/index.html#device-pass-through">Device pass through</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../introduction/index.html#hardware-support-for-device-passthrough">Hardware support for device passthrough</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../introduction/index.html#hypervisor-support-for-device-passthrough">Hypervisor support for device passthrough</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../introduction/index.html#acrn-i-o-mediator">ACRN I/O mediator</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../introduction/index.html#virtio-framework-architecture">Virtio framework architecture</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l1"><a class="reference internal" href="../getting-started/index.html">Getting Started Guides</a><ul>
|
||
<li class="toctree-l2"><a class="reference internal" href="../getting-started/apl-nuc.html">Getting started guide for Intel NUC</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../getting-started/apl-nuc.html#hardware-setup">Hardware setup</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../getting-started/apl-nuc.html#firmware-update-on-the-nuc">Firmware update on the NUC</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../getting-started/apl-nuc.html#software-setup">Software setup</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../getting-started/apl-nuc.html#set-up-a-clear-linux-operating-system">Set up a Clear Linux Operating System</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../getting-started/apl-nuc.html#add-the-acrn-hypervisor-to-the-efi-partition">Add the ACRN hypervisor to the EFI Partition</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../getting-started/apl-nuc.html#acrn-network-bridge">ACRN Network Bridge</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../getting-started/apl-nuc.html#set-up-reference-uos">Set up Reference UOS</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../getting-started/up2.html">Getting started guide for UP2 board</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../getting-started/up2.html#hardware-setup">Hardware setup</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../getting-started/up2.html#connecting-to-the-serial-port">Connecting to the serial port</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../getting-started/up2.html#software-setup">Software setup</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../getting-started/up2.html#up2-serial-port-setting">UP2 serial port setting</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../getting-started/up2.html#up2-block-device">UP2 block device</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../getting-started/up2.html#running-the-hypervisor">Running the hypervisor</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../getting-started/building-from-source.html">Build ACRN from Source</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../getting-started/building-from-source.html#install-build-tools-and-dependencies">Install build tools and dependencies</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../getting-started/building-from-source.html#build-the-hypervisor-device-model-and-tools">Build the hypervisor, device model and tools</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../getting-started/building-from-source.html#configuring-the-hypervisor">Configuring the hypervisor</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../getting-started/building-from-source.html#modify-the-hypervisor-configurations">Modify the hypervisor configurations</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../getting-started/building-from-source.html#create-a-new-default-configuration">Create a new default configuration</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l1"><a class="reference internal" href="../hardware.html">Supported Hardware</a><ul>
|
||
<li class="toctree-l2"><a class="reference internal" href="../hardware.html#intel-apollo-lake-nuc">Intel Apollo Lake NUC</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../hardware.html#intel-kaby-lake-nuc">Intel Kaby Lake NUC</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../hardware.html#up-squared-board">UP Squared board</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l1"><a class="reference internal" href="../user-guides/index.html">User Guides</a><ul>
|
||
<li class="toctree-l2"><a class="reference internal" href="../user-guides/acrn-dm-parameters.html">Device Model Parameters</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../user-guides/acrn-shell.html">ACRN Shell Commands</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../user-guides/tools.html">Tools</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../tools/README.html">ACRN tools</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../tools/acrn-crashlog/README.html">ACRN-Crashlog</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/README.html#introduction">Introduction</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/README.html#building">Building</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/README.html#installing">Installing</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/README.html#enabling-disabling">Enabling/Disabling</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/README.html#usage">Usage</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/README.html#source-code">Source Code</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/README.html">acrnprobe</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/README.html#description">Description</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/README.html#usage">Usage</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/README.html#architecture">Architecture</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/README.html#source-files">Source files</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/README.html#configuration-files">Configuration files</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/conf.html">acrnprobe Configuration</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/conf.html#description">Description</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/conf.html#layout">Layout</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/conf.html#properties-of-group-members">Properties of group members</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/conf.html#crash-tree-in-acrnprobe">Crash tree in acrnprobe</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/acrnprobe/conf.html#sections">Sections</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../tools/acrn-crashlog/usercrash/README.html">usercrash</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/usercrash/README.html#description">Description</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/usercrash/README.html#design">Design</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/usercrash/README.html#usage">Usage</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-crashlog/usercrash/README.html#souce-code">Souce Code</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../tools/acrn-manager/README.html">acrnctl and acrnd</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-manager/README.html#description">Description</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-manager/README.html#usage">Usage</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-manager/README.html#acrnd">acrnd</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrn-manager/README.html#build-and-install">Build and Install</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../tools/acrnlog/README.html">acrnlog</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrnlog/README.html#description">Description</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrnlog/README.html#usage">Usage</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrnlog/README.html#build-and-install">Build and Install</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../tools/acrntrace/README.html">acrntrace</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrntrace/README.html#description">Description</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrntrace/README.html#usage">Usage</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../tools/acrntrace/README.html#build-and-install">Build and Install</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l1"><a class="reference internal" href="../developer-guides/index.html">Developer Guides</a><ul>
|
||
<li class="toctree-l2"><a class="reference internal" href="../developer-guides/hld/index.html">High-Level Design Guides</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/hld/hld-overview.html">Overview</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-overview.html#acrn-supported-use-cases">ACRN Supported Use Cases</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-overview.html#hardware-requirements">Hardware Requirements</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-overview.html#acrn-architecture">ACRN Architecture</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-overview.html#hypervisor">Hypervisor</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-overview.html#sos">SOS</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-overview.html#uos">UOS</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-overview.html#freedom-from-interference">Freedom From Interference</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-overview.html#boot-flow">Boot Flow</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-overview.html#power-management">Power Management</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/hld/hld-hypervisor.html">Hypervisor</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-startup.html">Hypervisor Startup</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-cpu-virt.html">CPU Virtualization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-memmgt.html">Memory management</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-io-emulation.html">I/O Emulation</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-ioc-virt.html">IOC Virtualization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-interrupt.html">Physical Interrupt</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-timer.html">Timer</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-virt-interrupt.html">Virtual Interrupt</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-vt-d.html">VT-d</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-dev-passthrough.html">Device Passthrough</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-partitionmode.html">Partition mode</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-pm.html">Power Management</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-console.html">Console, Shell, and vUART</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-hypercall.html">Hypercall / VHM upcall</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hv-config.html">Compile-time configuration</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/hld/hld-devicemodel.html">Device Model</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-devicemodel.html#configuration">Configuration</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-devicemodel.html#dm-initialization">DM Initialization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-devicemodel.html#vhm">VHM</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-devicemodel.html#i-o-emulation-in-sos">I/O Emulation in SOS</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-devicemodel.html#device-emulation">Device Emulation</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-devicemodel.html#isa-and-pci-emulation">ISA and PCI Emulation</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-devicemodel.html#acpi-virtualization">ACPI Virtualization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-devicemodel.html#pm-in-device-model">PM in Device Model</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/hld/hld-emulated-devices.html">Emulated Devices</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/usb-virt-hld.html">USB Virtualization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/uart-virt-hld.html">UART virtualization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/watchdog-hld.html">Watchdoc virtualization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/random-virt-hld.html">Random device virtualization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-APL_GVT-g.html">GVT-g GPU Virtualization</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/hld/hld-virtio-devices.html">Virtio Devices</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-virtio-devices.html#virtio-introduction">Virtio introduction</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-virtio-devices.html#key-concepts">Key Concepts</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-virtio-devices.html#virtio-frameworks">Virtio Frameworks</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-virtio-devices.html#virtio-apis">Virtio APIs</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-virtio-devices.html#supported-virtio-devices">Supported Virtio Devices</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/hld/hld-vm-management.html">VM Management</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-vm-management.html#vm-state">VM state</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-vm-management.html#scenarios-of-vm-state-change">Scenarios of VM state change</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-vm-management.html#vm-state-management">VM State management</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/hld/hld-power-management.html">Power Management</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-power-management.html#p-state-c-state-management">P-state/C-state management</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-power-management.html#s3-s5">S3/S5</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/hld/hld-trace-log.html">Tracing and Logging</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-trace-log.html#shared-buffer">Shared Buffer</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-trace-log.html#acrn-trace">ACRN Trace</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-trace-log.html#acrn-log">ACRN Log</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/hld/hld-vsbl.html">Virtual Bootloader</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/hld/hld-security.html">Security</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-security.html#introduction">Introduction</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-security.html#background">Background</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/hld/hld-security.html#acrn-high-level-security-architecture">ACRN High-Level Security Architecture</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../developer-guides/primer.html">Developer Primer</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/primer.html#source-tree-structure">Source Tree Structure</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#acrn-hypervisor-source-tree">ACRN hypervisor source tree</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#acrn-device-model-source-tree">ACRN Device Model source tree</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#acrn-tools-source-tree">ACRN Tools source tree</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#acrn-documentation-source-tree">ACRN documentation source tree</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/primer.html#cpu-virtualization">CPU virtualization</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#host-gdt">Host GDT</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#host-idt">Host IDT</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#guest-smp-booting">Guest SMP Booting</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#vmx-configuration">VMX configuration</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#cpuid-and-guest-tsc-calibration">CPUID and Guest TSC calibration</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#rdtsc-rdtscp">RDTSC/RDTSCP</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#cr-register-virtualization">CR Register virtualization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#msr-bitmap">MSR BITMAP</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#i-o-bitmap">I/O BITMAP</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#exceptions">Exceptions</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/primer.html#memory-virtualization">Memory virtualization</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#physical-memory-layout">Physical Memory Layout</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#pv-mmu-memory-mapping-in-the-hypervisor">PV (MMU) Memory Mapping in the Hypervisor</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#pv-mmu-memory-mapping-in-vms">PV (MMU) Memory Mapping in VMs</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#host-guest-ept-memory-mapping">Host-Guest (EPT) Memory Mapping</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/primer.html#graphic-mediation">Graphic mediation</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/primer.html#i-o-emulation">I/O emulation</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#device-assignment-management">Device Assignment Management</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#pio-mmio-trap-flow">PIO/MMIO trap Flow</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/primer.html#virtual-interrupt">Virtual interrupt</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#virtual-lapic">Virtual LAPIC</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#virtual-ioapic">Virtual IOAPIC</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#virtual-pic">Virtual PIC</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#virtual-interrupt-injection">Virtual Interrupt Injection</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/primer.html#vt-x-and-vt-d">VT-x and VT-d</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/primer.html#hypercall">Hypercall</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/primer.html#device-emulation">Device emulation</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/primer.html#virtio-devices">Virtio Devices</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#virtio-rnd">Virtio-rnd</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#virtio-blk">Virtio-blk</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#virtio-net">Virtio-net</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/primer.html#virtio-console">Virtio-console</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../developer-guides/GVT-g-porting.html">GVT-g Enabling and Porting Guide</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#introduction">Introduction</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#purpose-of-this-document">Purpose of this document</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#overall-components">Overall Components</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#core-scenario-interaction-sequences">Core scenario interaction sequences</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#vgpu-creation-scenario">vGPU creation scenario</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#vgpu-destroy-scenario">vGPU destroy scenario</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#vgpu-pci-configure-space-write-scenario">vGPU pci configure space write scenario</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#pci-configure-space-read-scenario">pci configure space read scenario</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#ggtt-read-write-scenario">GGTT read/write scenario</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#mmio-read-write-scenario">MMIO read/write scenario</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#ppgtt-write-protection-page-set-unset-scenario">PPGTT write protection page set/unset scenario</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#ppgtt-write-protection-page-write">PPGTT write protection page write</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-porting.html#api-details">API details</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../developer-guides/GVT-g-kernel-options.html">GVT-g (AcrnGT) Kernel Options</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-kernel-options.html#i915-enable-gvt">i915.enable_gvt</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-kernel-options.html#i915-enable-pvmmio">i915.enable_pvmmio</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-kernel-options.html#i915-gvt-workload-priority">i915.gvt_workload_priority</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-kernel-options.html#i915-enable-initial-modeset">i915.enable_initial_modeset</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-kernel-options.html#i915-avail-planes-per-pipe-and-i915-domain-plane-owners">i915.avail_planes_per_pipe and i915.domain_plane_owners</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/GVT-g-kernel-options.html#i915-domain-plane-owners">i915.domain_plane_owners</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/GVT-g-kernel-options.html#i915-avail-planes-per-pipe">i915.avail_planes_per_pipe</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-kernel-options.html#i915-domain-scaler-owner">i915.domain_scaler_owner</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/GVT-g-kernel-options.html#i915-enable-hangcheck">i915.enable_hangcheck</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../developer-guides/trusty.html">Trusty TEE</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/trusty.html#introduction">Introduction</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/trusty.html#trusty-architecture">Trusty Architecture</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/trusty.html#trusty-specific-hypercalls">Trusty specific Hypercalls</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/trusty.html#trusty-boot-flow">Trusty Boot flow</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/trusty.html#ept-hierarchy">EPT Hierarchy</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/trusty.html#design">Design</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/trusty.html#benefit">Benefit</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/trusty.html#api">API</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../developer-guides/l1tf.html">L1 Terminal Fault Mitigation</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/l1tf.html#overview">Overview</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/l1tf.html#l1tf-problem-in-acrn">L1TF Problem in ACRN</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/l1tf.html#guest-hypervisor-attack">Guest -> hypervisor Attack</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/l1tf.html#guest-guest-attack">Guest -> guest Attack</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/l1tf.html#normal-world-secure-world-attack">Normal_world -> Secure_world Attack</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/l1tf.html#affected-processors">Affected Processors</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/l1tf.html#l1tf-mitigation-in-acrn">L1TF Mitigation in ACRN</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/l1tf.html#l1d-flush-on-vmentry">L1D flush on VMENTRY</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/l1tf.html#ept-sanitization">EPT Sanitization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/l1tf.html#put-secret-data-into-uncached-memory">Put Secret Data into Uncached Memory</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/l1tf.html#l1d-flush-on-world-switch">L1D flush on World Switch</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/l1tf.html#core-based-scheduling">Core-based scheduling</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/l1tf.html#mitigation-recommendations">Mitigation Recommendations</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/l1tf.html#mitigation-status">Mitigation Status</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../developer-guides/VBSK-analysis.html">VBS-K Framework Virtualization Overhead Analysis</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/VBSK-analysis.html#introduction">Introduction</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/VBSK-analysis.html#architecture-of-virtio-echo">Architecture of VIRTIO-ECHO</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/VBSK-analysis.html#virtualization-overhead-analysis">Virtualization Overhead Analysis</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/VBSK-analysis.html#conclusion">Conclusion</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../developer-guides/modularity.html">ACRN Hypervisor: Modular Design</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/modularity.html#overview">Overview</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/modularity.html#principles">Principles</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/modularity.html#minimizing-cyclic-dependencies">Minimizing Cyclic Dependencies</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/modularity.html#measuring-complexity">Measuring Complexity</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/modularity.html#architecture">Architecture</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/modularity.html#references">References</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../api/index.html">API Documentation</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../api/hypercall_api.html">Hypercall APIs</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../api/devicemodel_api.html">Device Model APIs</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../api/GVT-g_api.html">ACRN GVT-g APIs</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../api/GVT-g_api.html#core-driver-infrastructure">Core Driver Infrastructure</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../api/GVT-g_api.html#vhm-apis-called-from-acrngt">VHM APIs called from AcrnGT</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../api/GVT-g_api.html#acrngt-mediated-pass-through-mpt-interface">AcrnGT mediated pass-through (MPT) interface</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../api/GVT-g_api.html#gvt-g-intel-gvt-ops-interface">GVT-g intel_gvt_ops interface</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../api/GVT-g_api.html#acrngt-sysfs-interface">AcrnGT sysfs interface</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../reference/kconfig/index.html">Configuration Symbol Reference</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../reference/kconfig/index.html#introduction">Introduction</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../reference/kconfig/index.html#supported-options">Supported Options</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../developer-guides/index.html#contributing-to-the-project">Contributing to the project</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/contribute_guidelines.html">Contribution Guidelines</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/contribute_guidelines.html#licensing">Licensing</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/contribute_guidelines.html#developer-certification-of-origin-dco">Developer Certification of Origin (DCO)</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/contribute_guidelines.html#prerequisites">Prerequisites</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/contribute_guidelines.html#repository-layout">Repository layout</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/contribute_guidelines.html#submitting-issues">Submitting Issues</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/contribute_guidelines.html#contribution-tools-and-git-setup">Contribution Tools and Git Setup</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/contribute_guidelines.html#coding-style">Coding Style</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/contribute_guidelines.html#contribution-workflow">Contribution Workflow</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/contribute_guidelines.html#commit-guidelines">Commit Guidelines</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/coding_guidelines.html">Coding Guidelines</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/coding_guidelines.html#preprocessor">Preprocessor</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/coding_guidelines.html#compilation-units">Compilation Units</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/coding_guidelines.html#declarations-and-initialization">Declarations and Initialization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/coding_guidelines.html#functions">Functions</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/coding_guidelines.html#statements">Statements</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/coding_guidelines.html#expressions">Expressions</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/coding_guidelines.html#types">Types</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/coding_guidelines.html#identifiers">Identifiers</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/coding_guidelines.html#coding-style">Coding Style</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/doc_guidelines.html">Documentation Guidelines</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/doc_guidelines.html#headings">Headings</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/doc_guidelines.html#content-highlighting">Content Highlighting</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/doc_guidelines.html#lists">Lists</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/doc_guidelines.html#multi-column-lists">Multi-column lists</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/doc_guidelines.html#file-names-and-commands">File names and Commands</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/doc_guidelines.html#internal-cross-reference-linking">Internal Cross-Reference Linking</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/doc_guidelines.html#non-ascii-characters">Non-ASCII Characters</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/doc_guidelines.html#code-and-command-examples">Code and Command Examples</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/doc_guidelines.html#tabs-spaces-and-indenting">Tabs, spaces, and indenting</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/doc_guidelines.html#drawings">Drawings</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../developer-guides/graphviz.html">Drawings using graphviz</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/graphviz.html#simple-directed-graph">Simple directed graph</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/graphviz.html#adding-edge-labels">Adding edge labels</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/graphviz.html#tables">Tables</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../developer-guides/graphviz.html#finite-state-machine">Finite-State Machine</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Tutorials</a><ul class="current">
|
||
<li class="toctree-l2"><a class="reference internal" href="agl-vms.html">Running AGL as VMs</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="agl-vms.html#hardware-setup">Hardware setup</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="agl-vms.html#connecting-hardware">Connecting hardware</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="agl-vms.html#software-setup">Software Setup</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="agl-vms.html#service-os">Service OS</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="agl-vms.html#building-acrn-kernel-for-agl-uos">Building ACRN kernel for AGL (UOS)</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="agl-vms.html#setting-up-agls">Setting up AGLs</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="building_uos_from_clearlinux.html">Building UOS from Clear Linux OS</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="building_uos_from_clearlinux.html#build-uos-image-in-clear-linux-os">Build UOS image in Clear Linux OS</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="building_uos_from_clearlinux.html#start-the-user-os-uos">Start the User OS (UOS)</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="docbuild.html">ACRN documentation generation</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="docbuild.html#documentation-overview">Documentation overview</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="docbuild.html#set-up-the-documentation-working-folders">Set up the documentation working folders</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="docbuild.html#installing-the-documentation-tools">Installing the documentation tools</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="docbuild.html#documentation-presentation-theme">Documentation presentation theme</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="docbuild.html#running-the-documentation-processors">Running the documentation processors</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="docbuild.html#publishing-content">Publishing content</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="docbuild.html#document-versioning">Document Versioning</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="docbuild.html#filtering-expected-warnings">Filtering expected warnings</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="rt_linux.html">Using PREEMPT_RT-Linux for real-time UOS</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="skl-nuc.html">GPU Passthrough on Skylake NUC</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="skl-nuc.html#hardware-platform">Hardware platform</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="skl-nuc.html#software-configuration">Software Configuration</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="skl-nuc.html#software-setup">Software Setup</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="static-ip.html">Using a static IP address</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="static-ip.html#acrn-network-setup">ACRN Network Setup</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="static-ip.html#setting-up-the-static-ip-address">Setting up the static IP address</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="static-ip.html#activate-the-new-configuration">Activate the new configuration</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2 current"><a class="current reference internal" href="#">Trusty and Security Services in ACRN</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="#trusty-architecture">Trusty Architecture</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="#trusty-services">Trusty Services</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="#keystore">Keystore</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="#secure-storage-ss">Secure Storage (SS)</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="#trusty-in-acrn">Trusty in ACRN</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="#one-vm-two-worlds">One-VM, Two-Worlds</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="#secure-storage-virtualization">Secure Storage Virtualization</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="#references">References:</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="using_agl_as_uos.html">Using AGL as the User OS</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_agl_as_uos.html#introduction-to-agl">Introduction to AGL</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_agl_as_uos.html#steps-for-using-agl-as-the-uos">Steps for using AGL as the UOS</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_agl_as_uos.html#enable-the-agl-display">Enable the AGL display</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_agl_as_uos.html#follow-up">Follow up</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="using_partition_mode_on_up2.html">Using partition mode on UP2</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_partition_mode_on_up2.html#prerequisites">Prerequisites</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_partition_mode_on_up2.html#build-kernel-and-modules-for-partition-mode-uos">Build kernel and modules for partition mode UOS</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_partition_mode_on_up2.html#enable-partition-mode-in-acrn-hypervisor">Enable partition mode in ACRN hypervisor</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_partition_mode_on_up2.html#switch-between-privileged-vms">Switch between privileged VMs</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="using_sbl_on_up2.html">Using SBL on UP2 Board</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_sbl_on_up2.html#prerequisites">Prerequisites</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_sbl_on_up2.html#build-sbl">Build SBL</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_sbl_on_up2.html#flash-sbl-on-the-up2">Flash SBL on the UP2</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_sbl_on_up2.html#build-acrn-for-up2">Build ACRN for UP2</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_sbl_on_up2.html#download-and-install-flash-tool">Download and install flash tool</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_sbl_on_up2.html#sos-and-laag-installation">SOS and LaaG Installation</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_sbl_on_up2.html#boot-to-sos">Boot to SOS</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_sbl_on_up2.html#launch-uos">Launch UOS</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="using_ubuntu_as_sos.html">Using Ubuntu as the Service OS</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_ubuntu_as_sos.html#install-ubuntu-natively">Install Ubuntu (natively)</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_ubuntu_as_sos.html#install-acrn">Install ACRN</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_ubuntu_as_sos.html#install-the-service-os-kernel">Install the Service OS kernel</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_ubuntu_as_sos.html#prepare-the-user-os-uos">Prepare the User OS (UOS)</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_ubuntu_as_sos.html#start-the-user-os-uos">Start the User OS (UOS)</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_ubuntu_as_sos.html#enabling-network-sharing">Enabling network sharing</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="using_ubuntu_as_sos.html#enabling-usb-keyboard-and-mouse">Enabling USB keyboard and mouse</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l1"><a class="reference internal" href="../release_notes.html">Release Notes</a><ul>
|
||
<li class="toctree-l2"><a class="reference internal" href="../release_notes_0.7.html">ACRN v0.7 (Mar 2019)</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.7.html#version-0-7-new-features">Version 0.7 new features</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.7.html#enable-cache-qos-with-cat">Enable cache QOS with CAT</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.7.html#support-acpi-power-key-mediator">Support ACPI power key mediator</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.7.html#document-updates">Document updates</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.7.html#new-features-details">New Features Details</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.7.html#fixed-issues-details">Fixed Issues Details</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.7.html#known-issues">Known Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.7.html#change-log">Change Log</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../release_notes_0.6.html">ACRN v0.6 (Feb 2019)</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.6.html#version-0-6-new-features">Version 0.6 new features</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.6.html#fixed-issues">Fixed Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.6.html#known-issues">Known Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.6.html#change-log">Change Log</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../release_notes_0.5.html">ACRN v0.5 (Jan 2019)</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.5.html#version-0-5-new-features">Version 0.5 new features</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.5.html#fixed-issues">Fixed Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.5.html#known-issues">Known Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.5.html#change-log">Change Log</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../release_notes_0.4.html">ACRN v0.4 (Dec 2018)</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.4.html#version-0-4-new-features">Version 0.4 new features</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.4.html#fixed-issues">Fixed Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.4.html#known-issues">Known Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.4.html#change-log">Change Log</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../release_notes_0.3.html">ACRN v0.3 (Nov 2018)</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.3.html#version-0-3-new-features">Version 0.3 new features</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.3.html#fixed-issues">Fixed Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.3.html#known-issues">Known Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.3.html#change-log">Change Log</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../release_notes_0.2.html">ACRN v0.2 (Sep 2018)</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.2.html#version-0-2-new-features">Version 0.2 new features</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#vt-x-vt-d">VT-x, VT-d</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#pic-ioapic-msi-msi-x-pci-lapic">PIC/IOAPIC/MSI/MSI-X/PCI/LAPIC</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#ethernet">Ethernet</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#storage-emmc">Storage (eMMC)</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#usb-xdci">USB (xDCI)</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#usb-mediator-xhci-and-drd">USB Mediator (xHCI and DRD)</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#csme">CSME</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#wifi">WiFi</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#ipu-mipi-cs2-hdmi-in">IPU (MIPI-CS2, HDMI-in)</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#bluetooth">Bluetooth</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#gpu-preemption">GPU – Preemption</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#gpu-display-surface-sharing-via-hyper-dma">GPU – display surface sharing via Hyper DMA</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.2.html#s3">S3</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.2.html#fixed-issues">Fixed Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.2.html#known-issues">Known Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.2.html#change-log">Change Log</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../release_notes_0.1.html">ACRN v0.1 (July 2018)</a><ul>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.1.html#version-0-1-new-features">Version 0.1 new features</a><ul>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.1.html#hardware-support">Hardware Support</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.1.html#gvt-g-for-acrn">GVT-g for ACRN</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.1.html#virtio-standard-is-supported">Virtio standard is supported</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.1.html#device-pass-through-support">Device pass-through support</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.1.html#hypervisor-configuration">Hypervisor configuration</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="../release_notes_0.1.html#new-acrn-tools">New ACRN tools</a></li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.1.html#known-issues">Known Issues</a></li>
|
||
<li class="toctree-l3"><a class="reference internal" href="../release_notes_0.1.html#change-log">Change Log</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
<li class="toctree-l1"><a class="reference internal" href="../faq.html">FAQ</a><ul>
|
||
<li class="toctree-l2"><a class="reference internal" href="../faq.html#what-hardware-does-acrn-support">What hardware does ACRN support?</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../faq.html#clear-linux-os-fails-to-boot-on-my-nuc">Clear Linux* OS fails to boot on my NUC</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="../faq.html#how-do-i-configure-acrn-s-memory-use">How do I configure ACRN’s memory use?</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
|
||
|
||
|
||
</div>
|
||
</div>
|
||
</nav>
|
||
|
||
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
|
||
|
||
|
||
<nav class="wy-nav-top" aria-label="top navigation">
|
||
|
||
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
|
||
<a href="../index.html">Project ACRN™</a>
|
||
|
||
</nav>
|
||
|
||
|
||
<div class="wy-nav-content">
|
||
|
||
<div class="rst-content">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<div role="navigation" aria-label="breadcrumbs navigation">
|
||
|
||
<ul class="wy-breadcrumbs">
|
||
|
||
<li><a href="../index.html">Docs</a> »</li>
|
||
|
||
<li><a href="index.html">Tutorials</a> »</li>
|
||
|
||
<li>Trusty and Security Services in ACRN</li>
|
||
|
||
|
||
<li class="wy-breadcrumbs-aside">
|
||
|
||
|
||
|
||
</li>
|
||
|
||
</ul>
|
||
|
||
|
||
<hr/>
|
||
</div>
|
||
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
|
||
<div itemprop="articleBody">
|
||
|
||
<div class="section" id="trusty-and-security-services-in-acrn">
|
||
<span id="trusty-security-services"></span><h1>Trusty and Security Services in ACRN<a class="headerlink" href="#trusty-and-security-services-in-acrn" title="Permalink to this headline">¶</a></h1>
|
||
<p>This document provides an overview of the Trusty architecture for
|
||
Linux-based system, what security services Trusty provides, and how
|
||
Trusty works on top of the ACRN Hypervisor.</p>
|
||
<div class="section" id="trusty-architecture">
|
||
<h2>Trusty Architecture<a class="headerlink" href="#trusty-architecture" title="Permalink to this headline">¶</a></h2>
|
||
<p>Trusty is a set of software components supporting a Trusted Execution
|
||
Environment (TEE) on embedded devices. It is a full software stack
|
||
environment including OS, services, and APIs.
|
||
As shown in <a class="reference internal" href="#trusty-arch"><span class="std std-numref">Figure 202</span></a> below, it consists of:</p>
|
||
<ul class="simple">
|
||
<li>An operating system (the Trusty OS) that runs on a processor
|
||
providing a TEE;</li>
|
||
<li>Drivers for the kernel (Linux) to facilitate communication with
|
||
applications running under the Trusty OS;</li>
|
||
<li>A set of libraries for Android systems software to facilitate
|
||
communication with trusted applications executed within the Trusty OS
|
||
using the kernel drivers.</li>
|
||
</ul>
|
||
<div class="figure align-center" id="trusty-arch">
|
||
<a class="reference internal image-reference" href="../_images/trustyacrn-image1.png"><img alt="../_images/trustyacrn-image1.png" src="../_images/trustyacrn-image1.png" style="width: 600px;" /></a>
|
||
<p class="caption"><span class="caption-number">Figure 202 </span><span class="caption-text">Trusty Architecture</span></p>
|
||
</div>
|
||
<p>Google provides an Android Open Source Project (AOSP) implementation of
|
||
Trusty based on ARM TrustZone technology. Intel enables Trusty
|
||
implementation on x86 based platforms with hardware virtualization
|
||
technology (e.g. VT-x and VT-d). In <a class="reference internal" href="#trusty-arch"><span class="std std-numref">Figure 202</span></a> above, the
|
||
Secure Monitor is a VMM hypervisor. It could be any x86 hypervisor, and
|
||
it is the customer’s responsibility to pick the right hypervisor for
|
||
their product. Intel has developed a product-quality open source
|
||
lightweight hypervisor reference implementation for customers to use;
|
||
see <a class="reference external" href="https://github.com/intel/ikgt-core/tree/trusty">https://github.com/intel/ikgt-core/tree/trusty</a>.</p>
|
||
<p>The purpose of this secure monitor (hypervisor) is to isolate the normal
|
||
and secure worlds, and to schedule Trusty OS in and out on demand. In
|
||
the Trusty implementation, all the security services provided by Trusty
|
||
OS in the secure world are event-driven. As long as there is no service
|
||
request from normal world, Trusty OS won’t be scheduled in by the
|
||
hypervisor. The normal world and secure world share the same processor
|
||
resources, so this minimizes the context switching performance penalty.</p>
|
||
<p>In Trusty OS, the kernel is a derivative of the <a class="reference external" href="https://github.com/littlekernel/lk/wiki/Introduction">Little Kernel project</a>,
|
||
an embedded kernel supporting multi-thread, interrupt management, MMU,
|
||
scheduling, and more. Google engineers added user-mode application
|
||
support and a syscall layer to support privilege level isolation, so
|
||
that each Trusted App can run in an isolated virtual address space to
|
||
enhance application security. Intel added many more security
|
||
enhancements such as SMEP (Supervisor Mode Execution Prevention), SMAP
|
||
(Supervisor Mode Access Prevention), NX (Non-eXecution), ASLR (Address
|
||
Space Layout Randomization), and stack overflow protector.</p>
|
||
<p>There are a couple of built-in Trusted Apps running in user mode of
|
||
Trusty OS. However, an OEM can add more Trusted Apps in Trusty OS to
|
||
serve any other customized security services.For security reasons and
|
||
for serving early-boot time security requests (e.g. disk decryption),
|
||
Trusty OS and Apps are typically started before Normal world OS.</p>
|
||
<p>In normal world OS, Trusty Driver is responsible for IPC communication
|
||
with Trusty OS (over hypervisor) to exchange service request commands
|
||
and messages. The IPC manager can support concurrent sessions for
|
||
communications between Trusted App and Untrusted Client App. Typically,
|
||
Trusty provides APIs for developing two classes of applications:</p>
|
||
<ul class="simple">
|
||
<li>Trusted applications or services that run on the TEE/Trusty OS in
|
||
secure world;</li>
|
||
<li>Untrusted applications running in normal world that use services
|
||
provided by Trusted applications.</li>
|
||
</ul>
|
||
<p>Software running in normal world can use Trusty client library APIs to
|
||
connect to trusted applications and exchange arbitrary messages with
|
||
them, just like a network service over IP. It is up to the application
|
||
to determine the data format and semantics of these messages using an
|
||
app-level protocol. Reliable delivery of messages is guaranteed by the
|
||
underlying Trusty infrastructure (Trusty Drivers), and the communication
|
||
is completely asynchronous.</p>
|
||
<p>Although this Trusty infrastructure is built by Google for Android OS,
|
||
it can be applied to any normal world OS (typically a Linux-based OS).
|
||
The Trusty OS infrastructure in secure world is normal world
|
||
OS-agnostic. The differences truly depend on the security services that
|
||
normal world OS would like to have.</p>
|
||
</div>
|
||
<div class="section" id="trusty-services">
|
||
<h2>Trusty Services<a class="headerlink" href="#trusty-services" title="Permalink to this headline">¶</a></h2>
|
||
<p>There are many uses for a Trusted Execution Environment such as mobile
|
||
payments, secure banking, full-disk encryption or file-based encryption,
|
||
multi-factor authentication, device reset protection, replay-protected
|
||
persistent storage (secure storage), wireless display (“cast”) of
|
||
protected content, secure PIN and fingerprint processing, and even
|
||
malware detection.</p>
|
||
<p>In embedded products such as an automotive IVI system, the most important
|
||
security services requested by customers are keystore and secure
|
||
storage. In this article we will focus on these two services.</p>
|
||
<div class="section" id="keystore">
|
||
<h3>Keystore<a class="headerlink" href="#keystore" title="Permalink to this headline">¶</a></h3>
|
||
<p>Keystore (or Keymaster app in Trusty OS) provides the following
|
||
services:</p>
|
||
<ul class="simple">
|
||
<li>Key generation</li>
|
||
<li>Import and export of asymmetric keys (no key wrapping)</li>
|
||
<li>Import of raw symmetric keys (no key wrapping)</li>
|
||
<li>Asymmetric encryption and decryption with appropriate padding modes</li>
|
||
<li>Asymmetric signing and verification with digesting and appropriate
|
||
padding modes</li>
|
||
<li>Symmetric encryption and decryption in appropriate modes, including
|
||
an AEAD mode</li>
|
||
<li>Generation and verification of symmetric message authentication codes</li>
|
||
</ul>
|
||
<p>Protocol elements, such as purpose, mode and padding, as well as access
|
||
control constraints, are specified when keys are generated or imported
|
||
and are permanently bound to the key, ensuring the key cannot be used in
|
||
any other way.</p>
|
||
<p>In addition to the list above, there is one more service that Keymaster
|
||
implementations provide, but which is not exposed as an API: Random
|
||
number generation. This is used internally for generation of keys,
|
||
Initialization Vectors (IVs), random padding, and other elements of
|
||
secure protocols that require randomness.</p>
|
||
<p>Using Android as an example, Keystore functions are explained in greater
|
||
details in this <a class="reference external" href="https://source.android.com/security/keystore/implementer-ref">Android keymaster functions document</a></p>
|
||
<div class="figure align-center" id="keymaster-app">
|
||
<a class="reference internal image-reference" href="../_images/trustyacrn-image3.png"><img alt="../_images/trustyacrn-image3.png" src="../_images/trustyacrn-image3.png" style="width: 600px;" /></a>
|
||
</div>
|
||
<p>As shown in <a class="reference internal" href="#keymaster-app"><span class="std std-numref">Figure 203</span></a> above, the Keymaster HAL is a
|
||
dynamically-loadable library used by the Keystore service to provide
|
||
hardware-backed cryptographic services. To keep things secure, HAL
|
||
implementations don’t perform any security sensitive
|
||
operations/algorithms in user space, or even in kernel space. Sensitive
|
||
operations are delegated to a secure world TEE (Trusty OS) reached
|
||
through a kernel interface. The purpose of the Keymaster HAL is only to
|
||
marshal and unmarshal requests to the secure world.</p>
|
||
</div>
|
||
<div class="section" id="secure-storage-ss">
|
||
<h3>Secure Storage (SS)<a class="headerlink" href="#secure-storage-ss" title="Permalink to this headline">¶</a></h3>
|
||
<p>Trusty implements a secure storage services (in Secure Storage TA) based
|
||
on RPMB (Replay Protected Memory Block) partition in eMMC or UFS flash
|
||
storage. The details of how RPMB works are out of scope in this article.
|
||
You can read the <a class="reference external" href="https://www.jedec.org/standards-documents/focus/flash/universal-flash-storage-ufs">eMMC/UFS JEDEC specification</a>
|
||
to understand that.</p>
|
||
<p>This secure storage can provide data confidentiality, integrity, and
|
||
anti-replay protection.Confidentiality is guaranteed by data encryption
|
||
with a root key derived from the platform chipset’s unique key/secret.</p>
|
||
<p>RPMB partition is a fixed size partition (128KB ~ 16MB) in eMMC (or UFS)
|
||
drive. Users can not change its size after buying an eMMC flash drive
|
||
from vendor.</p>
|
||
<p>This secure storage could be used for anti-rollback in verified boot,
|
||
for saving authentication (e.g. password/pin) retry attempt failure
|
||
record to prevent brute-force attacks, for storing Android attestation
|
||
keybox,
|
||
or for storing customer’s credential/secrets (e.g. OEM image encryption
|
||
key). See <a class="reference external" href="https://source.android.com/security/keystore/attestation">Android Key and ID Attestation</a>
|
||
for details.</p>
|
||
<p>In Trusty, the secure storage architecture is shown in the figure below.
|
||
In the secure world, there is a SS (Secure Storage) TA, which has an
|
||
RPMB authentication key (AuthKey, an HMAC key) and uses this Authkey to
|
||
talk with the RPMB controller in the eMMC device. Since the eMMC device
|
||
is controlled by normal world driver, Trusty needs to send an RPMB data
|
||
frame ( encrypted by hardware-backed unique encryption key and signed by
|
||
AuthKey) over Trusty IPC channel to Trusty SS proxy daemon, which then
|
||
forwards RPMB data frame to physical RPMB partition in eMMC.</p>
|
||
<div class="figure align-center" id="trusty-ss-ta">
|
||
<a class="reference internal image-reference" href="../_images/trustyacrn-image2.png"><img alt="../_images/trustyacrn-image2.png" src="../_images/trustyacrn-image2.png" style="width: 600px;" /></a>
|
||
</div>
|
||
<p>As shown in <a class="reference internal" href="#trusty-ss-ta"><span class="std std-numref">Figure 204</span></a> above, Trusty SS TA provides two different services
|
||
simultaneously:</p>
|
||
<ul class="simple">
|
||
<li><strong>TD (Tamper-Detection)</strong>:
|
||
The Trusty secure file system metadata is stored in RPMB, while the
|
||
user data (after encrypted with hardware-backed encryption key), is
|
||
stored in Linux-backed file system in user data partition of eMMC (as
|
||
shown in Figure above). This type of service supports large amount of
|
||
data storage.
|
||
Because of potential data deletion/modification, Trusty OS SS TA
|
||
provides a mechanism to detect such tampering behaviors
|
||
(deletion/modification, etc.)</li>
|
||
<li><strong>TP (Tamper-Proof)</strong>:
|
||
This is a tamper-resistant secure storage service with much higher
|
||
level of data protection. In this service, the file system metadata
|
||
and user data (encrypted) are both stored in RPMB. And both can
|
||
survive after a factory reset or user data partition wipe.
|
||
As previously mentioned though, the amount of data storage depends on
|
||
the eMMC RPMB partition size.</li>
|
||
</ul>
|
||
<p>We’ve discussed how this secure storage architecture looks, and what
|
||
secure storage services Trusty SS TA can provide. Now let’s briefly take
|
||
a look at how it can be used.</p>
|
||
<p>As <a class="reference internal" href="#trusty-ss-ta-storage"><span class="std std-numref">Figure 205</span></a> below shows, an OEM can develop a
|
||
client App in normal world and a Trusted App (TA) in Trusty OS. The OEM
|
||
TA then can talk with either TD or TP (or both) of SS TA through Trusty
|
||
internal process IPC to request TA-specific secure file
|
||
open/creation/deletion/read/write operations.</p>
|
||
<div class="figure align-center" id="trusty-ss-ta-storage">
|
||
<a class="reference internal image-reference" href="../_images/trustyacrn-image5.png"><img alt="../_images/trustyacrn-image5.png" src="../_images/trustyacrn-image5.png" style="width: 600px;" /></a>
|
||
</div>
|
||
<p>Here is a simple example showing data signing:</p>
|
||
<ol class="arabic simple">
|
||
<li>An OEM Client App sends the message that needs signing to the OEM
|
||
Trusted App in TEE/secure world.</li>
|
||
<li>The OEM Trusted App retrieves the signing key (that was previously
|
||
saved into SS TA) from SS TA, and uses it for signing the message,
|
||
then discard the signing key.</li>
|
||
<li>The OEM Trusted App sends the signed message (with signature) back to
|
||
OEM Client App.</li>
|
||
</ol>
|
||
<p>In this entire process, the secret signing key is never released outside
|
||
of secure world.</p>
|
||
</div>
|
||
</div>
|
||
<div class="section" id="trusty-in-acrn">
|
||
<h2>Trusty in ACRN<a class="headerlink" href="#trusty-in-acrn" title="Permalink to this headline">¶</a></h2>
|
||
<p>ACRN is a flexible, lightweight reference hypervisor, built with
|
||
real-time and safety-criticality in mind, optimized to streamline
|
||
embedded development through an open source platform. In this
|
||
section, we’ll focus on two major components:</p>
|
||
<ul class="simple">
|
||
<li>one is the basic idea of
|
||
secure world and insecure world isolation (so called one-vm,
|
||
two-worlds),</li>
|
||
<li>the other one is the secure storage virtualization in ACRN.</li>
|
||
</ul>
|
||
<p>See <a class="reference internal" href="../developer-guides/trusty.html#trusty-tee"><span class="std std-ref">Trusty TEE</span></a> for additional details of Trusty implementation in
|
||
ACRN.</p>
|
||
<div class="section" id="one-vm-two-worlds">
|
||
<h3>One-VM, Two-Worlds<a class="headerlink" href="#one-vm-two-worlds" title="Permalink to this headline">¶</a></h3>
|
||
<p>As previously mentioned, Trusty Secure Monitor could be any
|
||
hypervisor. In the ACRN project the ACRN hypervisor will behave as the
|
||
secure monitor to schedule in/out Trusty secure world.</p>
|
||
<div class="figure align-center" id="trusty-isolated">
|
||
<a class="reference internal image-reference" href="../_images/trustyacrn-image4.png"><img alt="../_images/trustyacrn-image4.png" src="../_images/trustyacrn-image4.png" style="width: 600px;" /></a>
|
||
</div>
|
||
<p>As shown in <a class="reference internal" href="#trusty-isolated"><span class="std std-numref">Figure 206</span></a> above, the hypervisor creates an
|
||
isolated secure world UOS to support a Trusty OS running in a UOS on
|
||
ACRN.</p>
|
||
<p><a class="reference internal" href="#trusty-lhs-rhs"><span class="std std-numref">Figure 207</span></a> below shows further implementation details. The RHS
|
||
(right-hand system) is such a secure world in which the Trusty OS runs.
|
||
The LHS (left-hand system) is the non-secure world system in which a
|
||
Linux-based system (e.g. Android) runs.</p>
|
||
<div class="figure align-center" id="trusty-lhs-rhs">
|
||
<a class="reference internal image-reference" href="../_images/trustyacrn-image7.png"><img alt="../_images/trustyacrn-image7.png" src="../_images/trustyacrn-image7.png" style="width: 600px;" /></a>
|
||
</div>
|
||
<p>The secure world is configured by the hypervisor so it has read/write
|
||
access to a non-secure world’s memory space. But non-secure worlds do
|
||
not have access to a secure world’s memory. This is guaranteed by
|
||
switching different EPT tables when a world switch (WS) Hypercall is
|
||
invoked. The WS Hypercall has parameters to specify the services cmd ID
|
||
requested from the non-secure world.</p>
|
||
<p>In the ACRN hypervisor design of the “one VM, two worlds”
|
||
architecture, there is a single UOS/VM structure per-UOS in the
|
||
Hypervisor, but two vCPU structures that save the LHS/RHS virtual
|
||
logical processor states respectively.</p>
|
||
<p>Whenever there is a WS (world switch) Hypercall from LHS, the hypervisor
|
||
copies the LHS CPU contexts from Guest VMCS to the LHS-vCPU structure
|
||
for saving contexts, and then copies the RHS CPU contexts from RHS-vCPU
|
||
structure to Guest VMCS. It then does a VMRESUME to RHS, and vice versa!
|
||
In addition, the EPTP pointer will be updated accordingly in the VMCS
|
||
(not shown in the picture above).</p>
|
||
</div>
|
||
<div class="section" id="secure-storage-virtualization">
|
||
<h3>Secure Storage Virtualization<a class="headerlink" href="#secure-storage-virtualization" title="Permalink to this headline">¶</a></h3>
|
||
<p>As previously mentioned, secure storage is one of the security services
|
||
provided by secure world (TEE/Trusty). In the current ACRN
|
||
implementation, secure storage is built in the RPMB partition in eMMC
|
||
(or UFS storage).</p>
|
||
<p>Currently the eMMC in the APL SoC platform only has a single RPMB
|
||
partition for tamper-resistant and anti-replay secure storage. The
|
||
secure storage (RPMB) is virtualized to support multiple guest UOS VMs.
|
||
Although newer generations of flash storage (e.g. UFS 3.0, and NVMe)
|
||
support multiple RPMB partitions, this article only discusses the
|
||
virtualization solution for single-RPMB flash storage device in APL SoC
|
||
platform.</p>
|
||
<p><a class="reference internal" href="#trusty-rpmb"><span class="std std-numref">Figure 208</span></a> shows an overview of the virtualization of secure storage
|
||
high-level architecture.</p>
|
||
<div class="figure align-center" id="trusty-rpmb">
|
||
<a class="reference internal image-reference" href="../_images/trustyacrn-image6.png"><img alt="../_images/trustyacrn-image6.png" src="../_images/trustyacrn-image6.png" style="width: 600px;" /></a>
|
||
</div>
|
||
<p>In <a class="reference internal" href="#trusty-rpmb"><span class="std std-numref">Figure 208</span></a>, the rKey (RPMB AuthKey) is the physical RPMB
|
||
authentication key used for data authenticated read/write access between
|
||
SOS kernel and physical RPMB controller in eMMC device. The VrKey is the
|
||
virtual RPMB authentication key used for authentication between SOS DM
|
||
module and its corresponding UOS secure software. Each UOS (if secure
|
||
storage is supported) has its own VrKey, generated randomly when the DM
|
||
process starts, and is securely distributed to UOS secure world for each
|
||
reboot. The rKey is fixed on a specific platform unless the eMMC is
|
||
replaced with another one.</p>
|
||
<p>In the current ACRN project implementation on an APL platform, the rKey
|
||
is provisioned by the BIOS (SBL) near the end of the platform’s
|
||
manufacturing process. (The details of physical RPMB key (rKey)
|
||
provisioning are out of scope for this document.)</p>
|
||
<p>For each reboot, the BIOS/SBL retrieves the rKey from CSE FW (or
|
||
generated from a special unique secret that is retrieved from CSE FW),
|
||
and SBL hands it off to the ACRN hypervisor, and the hypervisor in turn
|
||
sends the key to the SOS kernel.</p>
|
||
<p>As an example, secure storage virtualization workflow for data write
|
||
access is like this:</p>
|
||
<ol class="arabic simple">
|
||
<li>UOS Secure world (e.g. Trusty) packs the encrypted data and signs it
|
||
with the vRPMB authentication key (VrKey), and sends the data along
|
||
with its signature over the RPMB FE driver in UOS non-secure world.</li>
|
||
<li>After DM process in SOS receives the data and signature, the vRPMB
|
||
module in DM verifies them with the shared secret (vRPMB
|
||
authentication key, VrKey),</li>
|
||
<li>If verification is success, the vRPMB module does data address
|
||
remapping (remembering that the multiple UOS VMs share a single
|
||
physical RPMB partition), and forwards those data to SOS kernel, then
|
||
kernel packs the data and signs it with the physical RPMB
|
||
authentication key (rKey). Eventually, the data and its signature
|
||
will be sent to physical eMMC device.</li>
|
||
<li>If the verification is successful in the eMMC RPMB controller, the
|
||
data will be written into the storage device.</li>
|
||
</ol>
|
||
<p>The work flow of authenticated data read is very similar to this flow
|
||
above in reverse order.</p>
|
||
<p>Note that there are some security considerations in this architecture:</p>
|
||
<ul class="simple">
|
||
<li>The rKey protection is very critical in this system. If the key is
|
||
leaked, an attacker can change/overwrite the data on RPMB, bypassing
|
||
the “tamper-resistant & anti-replay” capability.</li>
|
||
<li>Typically, the vRPMB module in DM process of SOS system can filter
|
||
data access, i.e. it doesn’t allow one UOS to perform read/write
|
||
access to the data from another UOS VM.
|
||
If the vRPMB module in DM process is compromised, a UOS could
|
||
change/overwrite the secure data of other UOSs.</li>
|
||
</ul>
|
||
<p>Keeping SOS system as secure as possible is a very important goal in the
|
||
system security design. In practice, the SOS designer and implementer
|
||
should obey these following rules (and more):</p>
|
||
<ul class="simple">
|
||
<li>Make sure the SOS is a closed system and doesn’t allow users to
|
||
install any unauthorized 3rd party software or components.</li>
|
||
<li>External peripherals are constrained.</li>
|
||
<li>Enable kernel-based hardening techniques, e.g., dm-verity (to make
|
||
sure integrity of DM and vBIOS/vOSloaders), kernel module signing,
|
||
etc.</li>
|
||
<li>Enable system level hardening such as MAC (Mandatory Access Control).</li>
|
||
</ul>
|
||
<p>Detailed configurations and policies are out of scope in this article.
|
||
Good references for OS system security hardening and enhancement
|
||
include: <a class="reference external" href="http://docs.automotivelinux.org/master/docs/architecture/en/dev/reference/security/part-2/0_Abstract.html">AGL security</a>
|
||
and <a class="reference external" href="https://source.android.com/security/">Android security</a></p>
|
||
</div>
|
||
<div class="section" id="references">
|
||
<h3>References:<a class="headerlink" href="#references" title="Permalink to this headline">¶</a></h3>
|
||
<ul class="simple">
|
||
<li><a class="reference external" href="https://source.android.com/security/trusty/">Trusty TEE | Android Open Source Project</a></li>
|
||
<li><a class="reference external" href="https://android.googlesource.com/trusty/app/storage/">Secure Storage (Tamper-resistant and Anti-replay)</a></li>
|
||
<li><a class="reference external" href="https://elinux.org/images/3/3c/ACRN-brief2.pdf">Eddie Dong, ACRN: A Big Little Hypervisor for IoT Development</a></li>
|
||
</ul>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
|
||
|
||
</div>
|
||
|
||
</div>
|
||
<footer>
|
||
|
||
|
||
<hr/>
|
||
|
||
<div role="contentinfo">
|
||
<p>
|
||
© Copyright 2019, Project ACRN.
|
||
Last updated on Mar 14, 2019.
|
||
|
||
</p>
|
||
</div>
|
||
|
||
</footer>
|
||
|
||
</div>
|
||
</div>
|
||
|
||
</section>
|
||
|
||
</div>
|
||
|
||
<div class="rst-versions" data-toggle="rst-versions" role="note" aria-label="versions">
|
||
<span class="rst-current-version" data-toggle="rst-current-version">
|
||
<span class="fa fa-book"> Project ACRN</span>
|
||
v: 0.7
|
||
<span class="fa fa-caret-down"></span>
|
||
</span>
|
||
<div class="rst-other-versions">
|
||
<dl>
|
||
<dt>Versions</dt>
|
||
|
||
<dd><a href="/latest/">latest</a></dd>
|
||
|
||
<dd><a href="/0.6/">0.6</a></dd>
|
||
|
||
<dd><a href="/0.5/">0.5</a></dd>
|
||
|
||
<dd><a href="/0.4/">0.4</a></dd>
|
||
|
||
<dd><a href="/0.3/">0.3</a></dd>
|
||
|
||
<dd><a href="/0.2/">0.2</a></dd>
|
||
|
||
<dd><a href="/0.1/">0.1</a></dd>
|
||
|
||
</dl>
|
||
<dl>
|
||
<dt>On projectacrn.org</dt>
|
||
<dd>
|
||
<a href="https://www.projectacrn.org/">Project Home</a>
|
||
</dd>
|
||
<dd>
|
||
<a href="https://github.com/projectacrn/acrn-hypervisor/wiki">Wiki</a>
|
||
</dd>
|
||
</dl>
|
||
</div>
|
||
</div>
|
||
|
||
|
||
|
||
<script type="text/javascript">
|
||
var DOCUMENTATION_OPTIONS = {
|
||
URL_ROOT:'../',
|
||
VERSION:'v 0.7',
|
||
LANGUAGE:'None',
|
||
COLLAPSE_INDEX:false,
|
||
FILE_SUFFIX:'.html',
|
||
HAS_SOURCE: true,
|
||
SOURCELINK_SUFFIX: '.txt'
|
||
};
|
||
</script>
|
||
<script type="text/javascript" src="../_static/jquery.js"></script>
|
||
<script type="text/javascript" src="../_static/underscore.js"></script>
|
||
<script type="text/javascript" src="../_static/doctools.js"></script>
|
||
<script type="text/javascript" src="../_static/acrn-custom.js"></script>
|
||
|
||
|
||
|
||
<script type="text/javascript" src="../_static/js/theme.js"></script>
|
||
|
||
<script type="text/javascript">
|
||
jQuery(function () {
|
||
SphinxRtdTheme.Navigation.enable(true);
|
||
});
|
||
</script>
|
||
|
||
</body>
|
||
</html> |