| #
63912657 |
| 16-Oct-2024 |
Olivier Deprez <olivier.deprez@arm.com> |
Merge "feat(rmmd): el3 token sign during attestation" into integration
|
| #
6a88ec8b |
| 04-Jun-2024 |
Raghu Krishnamurthy <raghupathyk@nvidia.com> |
feat(rmmd): el3 token sign during attestation
Add required SMCs by RMM to push attestation signing requests to EL3
and get responses. EL3 may then choose to push these requests to a HES
as suitable
feat(rmmd): el3 token sign during attestation
Add required SMCs by RMM to push attestation signing requests to EL3
and get responses. EL3 may then choose to push these requests to a HES
as suitable for a platform. This patch also supports the new
RMM_EL3_FEATURES interface, that RMM can use to query for support for
HES based signing. The new interface exposes a feature register with
different bits defining different discoverable features. This new
interface is available starting the 0.4 version of the RMM-EL3
interface, causing the version to bump up. This patch also adds a
platform port for FVP that implements the platform hooks required to
enable the new SMCs, but it does not push to a HES and instead copies a
zeroed buffer in EL3.
Change-Id: I69c110252835122a9533e71bdcce10b5f2a686b2
Signed-off-by: Raghu Krishnamurthy <raghupathyk@nvidia.com>
show more ...
|
| #
051c7ad8 |
| 13-Sep-2024 |
Soby Mathew <soby.mathew@arm.com> |
Merge "refactor(rmmd): plat token requests in pieces" into integration
|
| #
42cf6026 |
| 10-Jul-2024 |
Juan Pablo Conde <juanpablo.conde@arm.com> |
refactor(rmmd): plat token requests in pieces
Until now, the attestation token size was limited by the size of the
shared buffer between RMM and TF-A. With this change, RMM can now
request the token
refactor(rmmd): plat token requests in pieces
Until now, the attestation token size was limited by the size of the
shared buffer between RMM and TF-A. With this change, RMM can now
request the token in pieces, so they fit in the shared buffer. A new
output parameter was added to the SMC call, which will return (along
with the size of bytes copied into the buffer) the number of bytes
of the token that remain to be retrieved.
TF-A will keep an offset variable that will indicate the position in
the token where the next call will retrieve bytes from. This offset
will be increased on every call by adding the number number of bytes
copied. If the received hash size is not 0, TF-A will reset the
offset to 0 and copy from that position on.
The SMC call will now return at most the size of the shared buffer
in bytes on every call. Therefore, from now on, multiple SMC calls
may be needed to be issued if the token size exceeds the shared
buffer size.
Change-Id: I591f7013d06f64e98afaf9535dbea6f815799723
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
show more ...
|
| #
717daadc |
| 05-Jul-2022 |
Soby Mathew <soby.mathew@arm.com> |
Merge changes from topic "jas/rmm-el3-ifc" into integration
* changes:
docs(rmmd): document EL3-RMM Interfaces
feat(rmmd): add support to create a boot manifest
fix(rme): use RMM shared buffer
Merge changes from topic "jas/rmm-el3-ifc" into integration
* changes:
docs(rmmd): document EL3-RMM Interfaces
feat(rmmd): add support to create a boot manifest
fix(rme): use RMM shared buffer for attest SMCs
feat(rmmd): add support for RMM Boot interface
show more ...
|
| #
1d0ca40e |
| 25-Apr-2022 |
Javier Almansa Sobrino <javier.almansasobrino@arm.com> |
feat(rmmd): add support to create a boot manifest
This patch also adds an initial RMM Boot Manifest (v0.1) for fvp
platform.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Ch
feat(rmmd): add support to create a boot manifest
This patch also adds an initial RMM Boot Manifest (v0.1) for fvp
platform.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I1374f8f9cb207028f1820953cd2a5cf6d6c3b948
show more ...
|
| #
dc65ae46 |
| 13-Apr-2022 |
Javier Almansa Sobrino <javier.almansasobrino@arm.com> |
fix(rme): use RMM shared buffer for attest SMCs
Use the RMM shared buffer to attestation token and signing key SMCs.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id:
fix(rme): use RMM shared buffer for attest SMCs
Use the RMM shared buffer to attestation token and signing key SMCs.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I313838b26d3d9334fb0fe8cd4b229a326440d2f4
show more ...
|
| #
8c980a4a |
| 24-Nov-2021 |
Javier Almansa Sobrino <javier.almansasobrino@arm.com> |
feat(rmmd): add support for RMM Boot interface
This patch adds the infrastructure needed to pass boot arguments from
EL3 to RMM and allocates a shared buffer between both worlds that can
be used, am
feat(rmmd): add support for RMM Boot interface
This patch adds the infrastructure needed to pass boot arguments from
EL3 to RMM and allocates a shared buffer between both worlds that can
be used, among others, to pass a boot manifest to RMM. The buffer is
composed a single memory page be used by a later EL3 <-> RMM interface
by all CPUs.
The RMM boot manifest is not implemented by this patch.
In addition to that, this patch also enables support for RMM when
RESET_TO_BL31 is enabled.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I855cd4758ee3843eadd9fb482d70a6d18954d82a
show more ...
|
| #
ad88c370 |
| 28-Mar-2022 |
Soby Mathew <soby.mathew@arm.com> |
Merge changes from topic "rme-attest" into integration
* changes:
feat(rme): add dummy realm attestation key to RMMD
feat(rme): add dummy platform token to RMMD
|
| #
a0435105 |
| 22-Mar-2022 |
Soby Mathew <soby.mathew@arm.com> |
feat(rme): add dummy realm attestation key to RMMD
Add a dummy realm attestation key to RMMD, and return it on request.
The realm attestation key is requested with an SMC with the following
paramete
feat(rme): add dummy realm attestation key to RMMD
Add a dummy realm attestation key to RMMD, and return it on request.
The realm attestation key is requested with an SMC with the following
parameters:
* Fid (0xC400001B2).
* Attestation key buffer PA (the realm attestation key is copied
at this address by the monitor).
* Attestation key buffer length as input and size of realm
attesation key as output.
* Type of elliptic curve.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: Subhasish Ghosh <subhasish.ghosh@arm.com>
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I12d8d98fd221f4638ef225c9383374ddf6e65eac
show more ...
|
| #
0f9159b7 |
| 22-Mar-2022 |
Soby Mathew <soby.mathew@arm.com> |
feat(rme): add dummy platform token to RMMD
Add a dummy platform token to RMMD and return it on request. The
platform token is requested with an SMC with the following parameters:
* Fid (0xC4000
feat(rme): add dummy platform token to RMMD
Add a dummy platform token to RMMD and return it on request. The
platform token is requested with an SMC with the following parameters:
* Fid (0xC40001B3).
* Platform token PA (the platform token is copied at this address by
the monitor). The challenge object needs to be passed by
the caller in this buffer.
* Platform token len.
* Challenge object len.
When calling the SMC, the platform token buffer received by EL3 contains
the challenge object. It is not used on the FVP and is only printed to
the log.
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
Signed-off-by: Subhasish Ghosh <subhasish.ghosh@arm.com>
Change-Id: I8b2f1d54426c04e76d7a3baa6b0fbc40b0116348
show more ...
|