[Replicant] [Patch V3] freedom-privacy-security-issues: Add information about TrustZone
Paul Kocialkowski
contact at paulk.fr
Sat Dec 16 14:58:27 UTC 2017
Le samedi 16 décembre 2017 à 15:23 +0100, Paul Kocialkowski a écrit :
> Le samedi 16 décembre 2017 à 11:44 +0100, Denis 'GNUtoo' Carikli a
> écrit :
> > Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo at no-log.org>
> > Signed-off-by: Paul Kocialkowski <contact at paulk.fr>
>
> Acked-by: Paul Kocialkowski <contact at paulk.fr>
Actually, on second thought, I think we should clearly call the "code
that is separate from the operating system" the "privileged execution
environment", which is not specific to a particular platform.
I can make that change if you agree.
> > ---
> > freedom-privacy-security-issues.php | 9 ++++++---
> > 1 file changed, 6 insertions(+), 3 deletions(-)
> >
> > diff --git a/freedom-privacy-security-issues.php b/freedom-privacy-
> > security-issues.php
> > index f3923d7..cf380d2 100644
> > --- a/freedom-privacy-security-issues.php
> > +++ b/freedom-privacy-security-issues.php
> > @@ -20,11 +20,14 @@
> > <p>
> > Regarding the software side of
> > things
> > on mobile devices, the main CPU (inside the SoC) starts by executing
> > hard-wired boot instructions (that cannot be changed), known as the
> > bootrom.
> > It will look up various places such
> > as NAND, eMMC or MMC (sd/micro sd card) storage, depending on the
> > hardware configuration, to load a bootloader.
> > - The bootloader, which is in fact
> > often split in different stages, is in charge of bringing up and
> > configuring various aspects of the hardware and eventually starting
> > the operating system by loading and running its kernel.<br />
> > + The bootloader, which is in fact
> > often split in different stages, is in charge of bringing up and
> > configuring various aspects of the hardware and eventually starting
> > the main operating system by loading and running its kernel.
> > + On some hardware, it is also in
> > charge of loading code that is separate from the operating system.
> > That code runs on the same processor with the highest level of
> > hardware privileges, can interrupt the operating system and forbid
> > it
> > from accessing hardware resources. On ARM processors, this privilege
> > mode is called TrustZone. The code running in TrustZone often keeps
> > running in the background, aside of the main operating system.<br />
> > <br />
> > +
> > <a href="images/freedom-privacy-
> > security-issues/software.png" data-lightbox="overview" data-
> > title="Software-side overview"><img src="images/freedom-privacy-
> > security-issues/software.png" alt="Software-side overview"
> > style="width: 250px; float: right;"/></a>
> > The kernel itself, among other
> > things, deals with the hardware directly and provides ways for other
> > programs (running in user-space) to access it.
> > In user-space, hardware abstraction
> > layers are programs specific to each device that know how to
> > properly
> > drive the hardware.
> > They use the kernel to communicate
> > back and forth with the hardware and implement the proper protocols
> > for it.<br /><br />
> > +
> > The actual knowledge of how to
> > drive
> > the hardware is split between the kernel and the hardware
> > abstraction
> > layer libraries: both are needed to make it work properly.
> > Hardware abstraction layers provide
> > a
> > generic interface for the framework to use.
> > The framework itself provides an
> > interface for applications that is independent of the device and the
> > hardware.
> > @@ -89,7 +92,7 @@
> > </p>
> > <p>
> > <a href="images/freedom-privacy-
> > security-issues/operating-system.png" data-lightbox="current-
> > situation" data-title="Mobile operating system"><img
> > src="images/freedom-privacy-security-issues/operating-system.png"
> > alt="Mobile operating system" style="width: 250px; float:
> > left;"/></a>
> > - The biggest part of the software
> > running on a mobile device is the operating system, that runs on the
> > main CPU.
> > + The biggest part of the software
> > running on a mobile device is the main operating system, that runs
> > on
> > the main CPU.
> > It has access to most integrated
> > circuits (I/O, camera, microphone, GPS, etc) as well as the user's
> > data and communications.
> > It is the most critical part for
> > privacy/security and is also very important for free software as it
> > interacts with the user directly and holds knowledge about
> > communication with the hardware.
> > Many mobile operating systems are
> > mostly free software (e.g.
> > @@ -99,7 +102,7 @@
> > None of these mostly-free systems
> > have a clear policy to reject proprietary software and not advocate
> > its use, except for Replicant.
> > </p>
> > <p>
> > - While the operating system is a
> > very
> > important piece of software, it doesn't ship with applications that
> > cover the wide spectrum of activities that a mobile device is
> > expected
> > to provide.
> > + While the main operating system is
> > a
> > very important piece of software, it doesn't ship with applications
> > that cover the wide spectrum of activities that a mobile device is
> > expected to provide.
> > Thankfully, plenty of free software
> > applications exist for each kind of (mostly-)free operating system,
> > sometimes gathered in free software application stores (such as <a
> > href="//www.f-droid.org/">F-Droid</a>;; for Android systems).
> > </p>
> > <h3>Mobile telephony operators and
> > privacy</h3>
>
> _______________________________________________
> Replicant mailing list
> Replicant at osuosl.org
> https://lists.osuosl.org/mailman/listinfo/replicant
--
Paul Kocialkowski,
developer of free digital technology and hardware support.
Website: https://www.paulk.fr/
Coding blog: https://code.paulk.fr/
Git repositories: https://git.paulk.fr/ https://git.code.paulk.fr/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20171216/df7adce6/attachment.asc>
More information about the Replicant
mailing list