| Olivier Deprez | a3acd60 | 2023-05-22 12:10:42 +0200 | [diff] [blame] | 1 | Hafnium Documentation |
| 2 | ===================== |
| 3 | |
| Olivier Deprez | 7012881 | 2023-05-22 12:12:03 +0200 | [diff] [blame] | 4 | .. toctree:: |
| 5 | :maxdepth: 1 |
| 6 | :numbered: |
| 7 | |
| J-Alves | bec49a1 | 2023-10-18 13:27:41 +0100 | [diff] [blame] | 8 | Home<self> |
| Olivier Deprez | e770999 | 2023-06-16 12:19:03 +0200 | [diff] [blame] | 9 | about/index |
| Olivier Deprez | 3d09d4d | 2023-05-22 14:36:21 +0200 | [diff] [blame] | 10 | getting_started/index |
| Olivier Deprez | cbf7d5b | 2023-05-22 12:12:24 +0200 | [diff] [blame] | 11 | design/index |
| Olivier Deprez | f8e9376 | 2023-05-22 14:08:02 +0200 | [diff] [blame] | 12 | threat_model_spm |
| Olivier Deprez | 28c95f4 | 2023-05-22 14:28:39 +0200 | [diff] [blame] | 13 | change-log |
| Olivier Deprez | 7012881 | 2023-05-22 12:12:03 +0200 | [diff] [blame] | 14 | appendix |
| J-Alves | ad4fdd1 | 2023-10-18 17:42:45 +0100 | [diff] [blame] | 15 | glossary |
| Olivier Deprez | a3acd60 | 2023-05-22 12:10:42 +0200 | [diff] [blame] | 16 | |
| J-Alves | bec49a1 | 2023-10-18 13:27:41 +0100 | [diff] [blame] | 17 | Hafnium is the Secure Partition Manager (SPM) reference implementation, following the |
| 18 | `Arm's Firmware Framework specification`_. |
| 19 | |
| 20 | It leverages Arm's virtualization extensions in the secure world of Arm's A class of |
| 21 | devices (feature introduced with Armv8.4 FEAT_SEL2) to allow multiple Trusted OSes or |
| 22 | Applications to run concurrently, inside the Trusted Execution Environment, each running |
| 23 | as a Secure Partition (SP). |
| 24 | Its main goal is to control the system access given to Trusted OSes, and serve as |
| 25 | a mediator to the rest of the system. |
| 26 | |
| 27 | For example, it limits the memory use, and handles all system calls from Trusted OS. |
| 28 | Thus the SPM can enforce spacial isolation, and enforce some level of access control, |
| 29 | protecting other critical system resources such as: the secure monitor, the normal world |
| 30 | software stack, the SPM itself and other SPs/Trusted Applications. |
| 31 | Other important features are: secure interrupt handling, device assignment, inter-partition |
| 32 | communication and with the Normal World Software stack, also known as Rich Execution |
| 33 | Environment (REE). |
| 34 | |
| 35 | .. image:: ./resources/diagrams/Hafnium_overview.png |
| 36 | |
| 37 | To start using Hafnium, check the :ref:`Getting Started` guide which contains information about |
| 38 | how to setup the environment, build and run the tests, coding guidelines, and how to contribute. |
| 39 | |
| 40 | The section :ref:`Secure Partition Manager` provides important details about the implementation. |
| 41 | |
| 42 | For security information, check the :ref:`Threat Model` section, which documents identified |
| 43 | vulnerabilities and respective mitigations. |
| 44 | |
| 45 | On our releases, the section :ref:`Change Log` will be updated to contain the summary of updates |
| 46 | since previous releases. |
| 47 | |
| 48 | For support queries, get in touch and keep up-to-date: |
| 49 | |
| 50 | - Through our mailing list `hafnium@lists.trustedfirmware.org`_. |
| 51 | - At the community `Discord`_. |
| 52 | |
| 53 | Refer to `github`_ for feature requests and reporting bugs. |
| 54 | |
| 55 | .. _Arm's Firmware Framework specification: https://developer.arm.com/documentation/den0077/latest/ |
| 56 | .. _hafnium@lists.trustedfirmware.org: https://lists.trustedfirmware.org/mailman3/lists/hafnium.lists.trustedfirmware.org/ |
| 57 | .. _github: https://github.com/TF-Hafnium/hafnium/issues |
| 58 | .. _Discord: https://discord.gg/8bxF2rRZBg |
| 59 | |
| Olivier Deprez | a3acd60 | 2023-05-22 12:10:42 +0200 | [diff] [blame] | 60 | -------------- |
| 61 | |
| 62 | *Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.* |