MAD24-327 Implementing an FF-A Secure Partition Manager in Rust

• Thursday, 16 May 15:45 - 16:10
• Room: Session 2 | Tenerife I

The Arm Firmware Framework for Arm A-profile (FF-A) specification defines the software architecture of firmware components and their standardized communication protocol. The specification offers isolation of mutually mistrusting components using the architectural features of Arm's A-profile CPUs. It defines the Secure Partition Manager (SPM) component, which is responsible for the compartmentalization and the communication of the Secure Partitions. Rust is an ideal choice for security focused software due to its memory safe nature and performance characteristics. The language has started to gain traction due to adoption by major companies and regulators starting to advocate for memory safe languages. In this talk we'd like to present our FF-A Secure Partition Manager prototype implemented in Rust, and discuss the benefits and challenges of using Rust in a firmware project. The current implementation is able to run S-EL0 Secure Partitions (e.g. from the Trusted Services project). The SPM can run in S-EL1 or in S-EL2 if VHE is present. This is an experimental proof-of-concept project, published on TrustedFirmware.org (https://git.trustedfirmware.org/rust-spmc/rust-spmc/).

Add to My Agenda