arm-trusted-firmware

mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-20 19:44:23 +00:00

History

laurenw-arm 56b741d3e4 feat(cca): introduce new "cca" chain of trust This chain of trust is targeted at Arm CCA solutions and defines 3 independent signing domains: 1) CCA signing domain. The Arm CCA Security Model (Arm DEN-0096.A.a) [1] refers to the CCA signing domain as the provider of CCA components running on the CCA platform. The CCA signing domain might be independent from other signing domains providing other firmware blobs. The CCA platform is a collective term used to identify all hardware and firmware components involved in delivering the CCA security guarantee. Hence, all hardware and firmware components on a CCA enabled system that a Realm is required to trust. In the context of TF-A, this corresponds to BL1, BL2, BL31, RMM and associated configuration files. The CCA signing domain is rooted in the Silicon ROTPK, just as in the TBBR CoT. 2) Non-CCA Secure World signing domain. This includes SPMC (and associated configuration file) as the expected BL32 image as well as SiP-owned secure partitions. It is rooted in a new SiP-owned key called Secure World ROTPK, or SWD_ROTPK for short. 3) Platform owner signing domain. This includes BL33 (and associated configuration file) and the platform owner's secure partitions. It is rooted in the Platform ROTPK, or PROTPK. [1] https://developer.arm.com/documentation/DEN0096/A_a Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com> Change-Id: I6ffef3f53d710e6a2072fb4374401249122a2805	2022-06-14 09:47:37 -05:00
..
tbbr_img_def_exp.h	feat(cca): introduce new "cca" chain of trust	2022-06-14 09:47:37 -05:00

laurenw-arm 56b741d3e4 feat(cca): introduce new "cca" chain of trust

This chain of trust is targeted at Arm CCA solutions and defines 3
independent signing domains:

1) CCA signing domain. The Arm CCA Security Model (Arm DEN-0096.A.a) [1]
refers to the CCA signing domain as the provider of CCA components
running on the CCA platform. The CCA signing domain might be independent
from other signing domains providing other firmware blobs.

The CCA platform is a collective term used to identify all hardware and
firmware components involved in delivering the CCA security guarantee.
Hence, all hardware and firmware components on a CCA enabled system that
a Realm is required to trust.

In the context of TF-A, this corresponds to BL1, BL2, BL31, RMM and
associated configuration files.

The CCA signing domain is rooted in the Silicon ROTPK, just as in the
TBBR CoT.

2) Non-CCA Secure World signing domain. This includes SPMC (and
associated configuration file) as the expected BL32 image as well as
SiP-owned secure partitions. It is rooted in a new SiP-owned key called
Secure World ROTPK, or SWD_ROTPK for short.

3) Platform owner signing domain. This includes BL33 (and associated
configuration file) and the platform owner's secure partitions. It is
rooted in the Platform ROTPK, or PROTPK.

[1] https://developer.arm.com/documentation/DEN0096/A_a

Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I6ffef3f53d710e6a2072fb4374401249122a2805

2022-06-14 09:47:37 -05:00

tbbr_img_def_exp.h

feat(cca): introduce new "cca" chain of trust

2022-06-14 09:47:37 -05:00