—The Internet of Things paradigm has led to an increasing demand for low-power single-core embedded devices with hardware-enforced trusted execution environments (TEE). The preeminent solution in this space is Arm TrustZone, which provides four CPU execution states, each with its own memory and instruction permissions. In 2019, physical memory protection (PMP) instructions were ratified in the RISC-V ISA, which offers enhancements similar to an Arm MPU, but does not enable the creation of TEE frameworks similar to TrustZone. In this paper, we discuss a limitation in the PMP specification which precludes the design of such a TEE framework on RISC-V without resorting to a non-standard hardware modification. We propose a simple modification to the PMP specification which would resolve this limitation without the addition of additional registers. We discuss our early ongoing work in implementing a prototype of this hardware extension and integrating it with the Zephyr real-time operating system (RTOS).
[1]
Jean-Christophe Le Lann,et al.
LiteX: an open-source SoC builder and library based on Migen Python DSL
,
2020,
ArXiv.
[2]
Dawn Xiaodong Song,et al.
Keystone: A Framework for Architecting TEEs
,
2019,
ArXiv.
[3]
Ahmad-Reza Sadeghi,et al.
TIMBER-V: Tag-Isolated Memory Bringing Fine-grained Enclaves to RISC-V
,
2019,
NDSS.
[4]
Srinivas Devadas,et al.
Secure Processors Part I: Background, Taxonomy for Secure Enclaves and Intel SGX Architecture
,
2017,
Found. Trends Electron. Des. Autom..
[5]
Srinivas Devadas,et al.
Secure Processors Part II: Intel SGX Security Analysis and MIT Sanctum Architecture
,
2017,
Found. Trends Electron. Des. Autom..
[6]
Adam M. Izraelevitz,et al.
The Rocket Chip Generator
,
2016
.
[7]
Srinivas Devadas,et al.
Sanctum: Minimal Hardware Extensions for Strong Software Isolation
,
2016,
USENIX Security Symposium.