TrustZone Architecture: Hardware-Level Privacy Protection for Smartphones

With the development of the mobile internet era, smartphones have become integral to daily life, storing sensitive personal data including chat records, photos, videos, and fingerprints. To meet user privacy protection needs, the Qianjing Security Laboratory introduced a security architecture that protects user privacy across four layers: application, framework, kernel, and chip. TrustZone, belonging to the chip-level protection, provides hardware security capabilities such as key storage and hardware encryption/decryption.

TrustZone is a trusted computing architecture implemented on ARM instruction set chips (Qualcomm, MediaTek, and Kirin chips). It constructs two worlds by dividing all hardware and software resources: the Secure World (Trusted Execution Environment, TEE) and the Normal World (Rich Execution Environment, REE). ARMv8 defines exception levels EL0-3 for permission control: EL0 for user mode (applications), EL1 for kernel mode (operating system), EL2 for hypervisor mode (OS management), and EL3 for secure monitor mode (running ARM Trusted Firmware, ATF, responsible for world switching).

Six key modules require software support or hardware extension to support TrustZone:

Physical CPU Virtualization: Achieved by configuring the NS (Non-Secure) bit in the Security Configuration Register (SCR). When NS=0, it indicates secure state; when NS=1, it indicates non-secure state.

Bus Expansion: Adds signal control bits (AWPROT[1] and ARPROT[1]) to each read/write channel of the system bus, associated with the NS bit in SCR.

Peripheral Expansion: Introduces TrustZone Protection Controller (TZPC) to control peripheral security properties, working with AXI-to-APB bridge to enable TrustZone support for peripherals.

Memory Expansion: Uses TrustZone Address Space Controller (TZASC) to divide memory into secure and non-secure regions. The Secure World can access both, while the Normal World can only access non-secure memory. TrustZone Memory Adapter (TZMA) handles on-chip static RAM partitioning (max 2MB).

Interrupt Expansion: In Generic Interrupt Controller (GIC), interrupt sources are divided into three groups: group0 (EL3 secure interrupts), secure group1 (S.EL1/S.EL2 secure interrupts), and non-secure group1 (NS.EL1/NS.EL2 non-secure interrupts). IRQ is used for current world interrupts, while FIQ is used for world switching via EL3.

Memory Mapping: Uses MMU (Memory Management Unit) with TLB for virtual-to-physical address translation. Non-secure virtual addresses can only translate to non-secure physical addresses, while secure virtual addresses can translate to both. SMMU (System Memory Management Unit) ensures DMA devices maintain consistent address mapping with MMU.

TrustZone extends outward from the CPU's SCR NS bit, encompassing bus signal control, memory (TZASC and MMU), peripherals (TZPC), and interrupts (GIC), ultimately providing a secure trusted execution environment to protect user privacy data at the chip level.