TF-A, short for Trusted Firmware-A, is an open-source project initiated by ARM to provide a reference implementation of secure world firmware for ARMv7-A and ARMv8-A architectures. Specifically, TF-A is designed to execute at the highest Exception Level (EL-3) on ARM processors, serving as the Trusted Execution Environment (TEE) firmware in systems that utilize ARM TrustZone technology.
Key features and characteristics of TF-A include:
ARMv7-A and ARMv8-A Support: TF-A is designed to support both the ARMv7-A and ARMv8-A architectures, which are prevalent in a wide range of embedded systems, mobile devices, and servers.
Trusted Execution Environment (TEE): TF-A provides a secure execution environment, known as the Trusted Execution Environment (TEE), running at EL-3. This environment ensures the isolation and protection of trusted code and data from the Rich Execution Environment (REE) running at lower privilege levels.
Boot and Initialization: TF-A is responsible for the secure boot process, initializing the hardware, and setting up the system for the subsequent boot stages. It often works in conjunction with other boot loaders, such as U-Boot, to load and execute the operating system kernel.
Security Services: TF-A offers security services and APIs that can be leveraged by other firmware components, such as Trusted Applications (TAs) and operating systems running in the TEE. These services include cryptographic functions, secure storage, and other security-related features.
GlobalPlatform TEE Standard: TF-A adheres to the GlobalPlatform TEE standard, promoting interoperability and consistency in the implementation of TEE firmware across different platforms and devices.
Open Source: TF-A is released as open-source software under the BSD 3-Clause license. This open nature encourages collaboration, transparency, and allows developers to modify and customize the firmware for specific use cases.
Community Collaboration: TF-A benefits from contributions and collaboration from the ARM community, including developers from various companies and organizations. This collective effort ensures ongoing improvements, bug fixes, and support for a broad range of hardware platforms.
Compatibility and Portability: TF-A is designed to be portable across different ARM platforms. It provides a common codebase that can be adapted and configured to work with various ARM-based systems and hardware configurations.
TF-A plays a crucial role in establishing a secure foundation for ARM-based systems, particularly those leveraging TrustZone technology. It contributes to the overall security posture of devices by ensuring the integrity and confidentiality of trusted code and data during the boot process and execution of secure applications.
TF-A (ARM Trusted Firmware-A), developed by ARM, operates at the highest privilege level (EL-3) under ARMv8-A, providing APIs for switching between the secure world and non-secure world. After TF-A completes initialization, it jumps to execute U-Boot (already loaded into DRAM by x-boot).
A secure monitor which runs at EL3.
Responsible for running OP-TEE (BL32).
Responsible for running U-Boot (BL33).
Core 0 brings up OP-TEE.
Core 0 jumps to run U-Boot and then run Linux.
Linux wake up core 1, 2 and 3.
