ARM TrustZone shields the most critical security components from the normal world legacy OS, which grows larger and more complex over time and has become quite difficult to harden. However, in recent years we have also witnessed memory exploits targeting TrustZone systems as well. Such vulnerabilities can be utilized by the attackers as the bridge to further subvert the secure OS, thus take over the whole device.
As an important mission of the open source project under the MesaTEE platform, we aim to bring memory safety to ARM TrustZone. In particular, we enabled Rust programming for Trustlets, making them immune to memory exploits by nature while preserving native execution speed. Unlike the previous attempts, Rust OP-TEE TrustZone SDK is the first to:
- utilize the Rust programming languages security checks and type checks, so that developers can never misuse;
- enable Rust standard library and millions of Rust crates/libraries for developing Trustlets, so that developers can conveniently leverage the existing rich Rust ecosystem;
- provide automatic Trustlet lifecycle management via the "resource allocation is initialisation" (RAII) design pattern, preventing errors where a resource is not finalised and where a resource is used after finalisation, so that developers no longer bother calling session/context related APIs manually.
We will present our current implementation based on OP-TEE (complying to the GlobalPlatform TEE specifications), and will provide demonstrations for popular TrustZone applications like secure storage, key management, device identification, authentication, DRM, etc. Most importantly, we revolutionarily provide support for trusted and secure machine learning computation in TrustZone. To our best knowledge, we are the first to offer safe, fast, functional, and ergonomic development for Trustlets.
Security Researcher, Baidu X-Lab
Mingshen Sun is a senior security researcher of Baidu X-Lab at Baidu USA. He received his Ph.D. degree in Computer Science and Engineering from The Chinese University of Hong Kong. His interests lie in solving real-world security problems related to system, mobile, IoT devices and cars. He maintains and actively contributes to several open source projects in Rust such as the MesaLock Linux project, MesaPy, and YogCrypt.