Intel® x86 Architecture Distribution of Trusty* OS
Overview
Trusty* is a set of software components that support a trusted execution environment (TEE) on client devices. It originated from the Android* Open Source Project (AOSP) where a reference implementation is provided based on the Arm TrustZone*.
Intel® x86 Architecture Distribution of Trusty* OS is the hardware virtualization-based Trusty solution for x86 systems from Intel. It has a fully compatible design and maximum reuse of Trusty.
The complete environment includes:
- The Trusty operating system that runs on a processor intended to provide a TEE
- Services and APIs including a little kernel (LK)
- Drivers for the Android kernel (a Linux* kernel)
- Libraries for Android software and trusted applications
- Intel® Kernel Guard Technology (Intel® KGT) hypervisor to create two virtual machines (VM) for Android and the Trusty operating system
Trusty and the LK provide support for virtual address space and privilege isolation. They work in an event-driven model by the request from the Android world.
Solution: Two Virtual Machines
- Trusted applications are isolated with Intel® Virtualization Technology (Intel® VT) for IA-32, Intel® 64 and Intel® Architecture (Intel® VT-x)
- Intel provides a hardware abstraction layer, x86 adaptation layer, and virtual machine monitor (VMM)
Original equipment manufacturers (OEMs) can develop their own Android client applications and corresponding Trusty applications and services.
Architecture
Explore the world of Intel’s open platform projects, contributions, community initiatives, and more at open.intel.com. |