github/arm-trusted-firmware - arm-trusted-firmware - Gitea: Git with home nas server

Author	SHA1	Message	Date
Manish Pandey	2947412d54	dualroot: add chain of trust for Platform owned SPs For dualroot CoT there are two sets of SP certificates, one owned by Silicon Provider(SiP) and other owned by Platform. Each certificate can have a maximum of 4 SPs. This patch reduces the number of SiP owned SPs from 8 to 4 and adds the remaining 4 to Plat owned SP. Plat owned SP certificate is signed using Platform RoT key and protected against anti-rollback using the Non-trusted Non-volatile counter. Change-Id: Idc3ddd87d6d85a5506a7435f45a6ec17c4c50425 Signed-off-by: Manish Pandey <manish.pandey2@arm.com>	4 years ago
Manish Pandey	03a5225c6a	tbbr/dualroot: rename SP package certificate file Currently only single signing domain is supported for SP packages but there is plan to support dual signing domains if CoT is dualroot. SP_CONTENT_CERT_ID is the certificate file which is currently generated and signed with trusted world key which in-turn is derived from Silicon provider RoT key. To allow dual signing domain for SP packages, other certificate file will be derived from Platform owned RoT key. This patch renames "SP_CONTENT_CERT_ID" to "SIP_SP_CONTENT_CERT_ID" and does other related changes. Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: I0bc445a3ab257e2dac03faa64f46e36a9fed5e93	4 years ago
Louis Mayencourt	243875eaf9	tbbr/dualroot: Add fw_config image in chain of trust fw_config image is authenticated using secure boot framework by adding it into the single root and dual root chain of trust. The COT for fw_config image looks as below: +------------------+ +-------------------+ \| ROTPK/ROTPK Hash \|------>\| Trusted Boot fw \| +------------------+ \| Certificate \| \| (Auth Image) \| /+-------------------+ / \| / \| / \| / \| L v +------------------+ +-------------------+ \| fw_config hash \|------>\| fw_config \| \| \| \| (Data Image) \| +------------------+ +-------------------+ Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com> Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I08fc8ee95c29a95bb140c807dd06e772474c7367	4 years ago
Manish Pandey	44f1aa8efe	dualroot: add chain of trust for secure partitions A new certificate "sip-sp-cert" has been added for Silicon Provider(SiP) owned Secure Partitions(SP). A similar support for Platform owned SP can be added in future. The certificate is also protected against anti- rollback using the trusted Non-Volatile counter. To avoid deviating from TBBR spec, support for SP CoT is only provided in dualroot. Secure Partition content certificate is assigned image ID 31 and SP images follows after it. The CoT for secure partition look like below. +------------------+ +-------------------+ \| ROTPK/ROTPK Hash \|------>\| Trusted Key \| +------------------+ \| Certificate \| \| (Auth Image) \| /+-------------------+ / \| / \| / \| / \| L v +------------------+ +-------------------+ \| Trusted World \|------>\| SiP owned SPs \| \| Public Key \| \| Content Cert \| +------------------+ \| (Auth Image) \| / +-------------------+ / \| / v\| +------------------+ L +-------------------+ \| SP_PKG1 Hash \|------>\| SP_PKG1 \| \| \| \| (Data Image) \| +------------------+ +-------------------+ . . . . . . +------------------+ +-------------------+ \| SP_PKG8 Hash \|------>\| SP_PKG8 \| \| \| \| (Data Image) \| +------------------+ +-------------------+ Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: Ia31546bac1327a3e0b5d37e8b99c808442d5e53f	5 years ago
Manish V Badarkhe	ad43c49ee3	Cleanup the code for TBBR CoT descriptors CoT used for BL1 and BL2 are moved to tbbr_cot_bl1.c and tbbr_cot_bl2.c respectively. Common CoT used across BL1 and BL2 are moved to tbbr_cot_common.c. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I2252ac8a6960b3431bcaafdb3ea4fb2d01b79cf5	5 years ago
Sandrine Bailleux	5ab8b7170e	Introduce a new "dualroot" chain of trust This new chain of trust defines 2 independent signing domains: 1) One for the silicon firmware (BL1, BL2, BL31) and optionally the Trusted OS. It is rooted in the Silicon ROTPK, just as in the TBBR CoT. 2) One for the Normal World Bootloader (BL33). It is rooted in a new key called Platform ROTPK, or PROTPK for short. In terms of certificates chain, - Signing domain 1) is similar to what TBBR advocates (see page 21 of the TBBR specification), except that the Non-Trusted World Public Key has been removed from the Trusted Key Certificate. - Signing domain 2) only contains the Non-Trusted World Content certificate, which provides the hash of the Non-Trusted World Bootloader. Compared to the TBBR CoT, there's no Non-Trusted World Key certificate for simplicity. Change-Id: I62f1e952522d84470acc360cf5ee63e4c4b0b4d9 Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>	5 years ago