https://github.com/tastelessctf/ctf2019
Offered with no further comments, I’ve not yet had a chance to play this CTF yet…
Tag: OP-TEE
libcyres: Interface to Cyres, to be consumed by U-Boot, OP-TEE, and UEFI. Contains routines to manipulate and pass certificate chains between boot stages.
Jordan Rhee of Microsoft has created a new project. All the documentation was used for the Title.
https://github.com/jordanrh1/libcyres
Now I’m wondering what Project Cyres is.
ARM (Linaro) on Spectre/Meltdown impact on firmware
Re: https://firmwaresecurity.com/2018/01/26/arm-linaro-on-meltdown-and-spectre/
the second blog post is out, covering Spectre/Meltdown impact on: UEFI, ARM Trusted Firmware, U-Boot, OP-TEE, and Linux kernel. Good reading!
https://www.linaro.org/blog/meltdown-spectre-2/
Teddy Reed’s intro to ARM-TF, OP-TEE, and ARM UEFI
“This is a walkthrough for flashing custom ARM Trusted Firmware, OP-TEE, and the ARM UEFI Platform code on the Hikey board. Custom means code we’ve built it on our development machine, we’re not making any changes to these reference implementations just yet.[…]”
https://prosauce.org/blog/2016/11/25/hands-on-introduction-to-arm-firmware-using-the-hikey
Security focus of next Linaro Connect
Linaro Connect is happening in 4 days in San Francisco.
“The theme for the week is security.”
The security track:
* Security requirements on ARMv8-A boot architecture
* Linux kernel generic TEE driver
* OP-TEE Content Decryption with Microsoft PlayReady on ARM
* Expanding security choices: DRM & CA interoperability
* Expanding security choices panel
* Secure storage in OP-TEE
* Lessons learned on migrating open source Chromium-OPTEE to 96Boards
* TBD
* TBD
More Information:
https://www.linaro.org/news/keynote-speakers-lined-up-for-linaro-connect-sfo15/
http://connect.linaro.org/sfo15/
Microsoft and ARM collaborate on DRM/secure media solutions
ARM and Microsoft have announced support of integration of technologies that enable DERM on ARM systems, using Microsoft PlayReady and W3C Encrypted Media Extensions (EME):
Press release excerpt:
The major development in this solution is the integration of Microsoft’s PlayReady DRM with W3C EME, OpenCDM, Chromium and Linaro’s Open Portable Trusted Execution Environment (OP-TEE) on ARM TrustZone® technology. The secure media solution has been implemented on an STMicroelectronics STiH410 SoC with an ARM Cortex®-A9 processor at its core. The new solution integrates the following key components: W3C EME, Microsoft PlayReady DRM Porting Kit v3.0, OP-TEE, OpenCDM, and Chromium v43.
“The Linaro Digital Home Group is extremely pleased to deliver this open source secure media solution to the embedded developer community” said Mark Gregotski, Director of the Linaro Digital Home Group. “This collaboration demonstrates how a commercial DRM, such as Microsoft’s PlayReady, can be integrated into a security framework comprised of open-source components, including the Linaro Open Portable TEE running on ARM TrustZone. We hope this will be the catalyst to accelerate the deployment of secure DRM solutions employing open source software.”
“This is a key milestone that showcases how Microsoft PlayReady DRM works cross-platform in a standard way. We are excited about the collaboration with Linaro, ARM, OP-TEE and OpenCDM. This reference implementation simplifies and accelerates the ability of partners to build rich experiences to deliver secure media solutions, while providing market leading content protection using Microsoft PlayReady” said Dave Bossio, Group Program Manager, Windows Devices Group, Security at Microsoft Corporation.
“Trust is key to future media business models, as valuable content must be protected from server to screen,” said Shiv Ramamurthi, Director, Home Segment Marketing, ARM. “The pay TV ecosystem will see immediate content security benefits from the integration of ARM TrustZone and Microsoft PlayReady DRM technology. This latest open source initiative led by the Linaro Home Group is a milestone in the enablement of next-generation secure content and media experiences for consumers.”
“ST has been a strong contributor to the Open Portable Trusted Execution Environment (OP-TEE) in open source, a key enabler for this integration. As a natural step forward, ST is pleased its STiH410 platform is being used as a vehicle for this effort and for an exciting demo at IBC 2015,” said Yingchih Yang, Advanced System and Security Officer of the Consumer Product Division in STMicroelectronics. “Such Linaro contributions will facilitate premium content consumption across various devices including smartphones, tablets, and set-top-boxes, meeting strong market expectations.”
http://www.linaro.org/news/linaro-and-microsoft-collaborate-on-secure-media-solutions-for-arm-based-socs/?sf40842573=1
http://www.microsoft.com/playready/
https://github.com/fraunhoferfokus/open-content-decryption-module
https://github.com/w3c/encrypted-media/
http://www.w3.org/TR/encrypted-media/
https://github.com/OP-TEE
Linaro update on TEE kernel driver
Today Joakim Bech posted a new entry in the Linaro blog, “Evolution of a generic TEE kernel driver“. This is a good introduction to ARM Trusted Execution Environment (TEE) and it’s integration to the Linux kernel.
More Information:
https://www.linaro.org/blog/evolution-of-a-generic-tee-kernel-driver/
https://git.linaro.org/bsp/st-ericsson/linux-2.6.34-ux500.git/tree/HEAD:/drivers/tee
Firmware Security 