mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-24 13:55:56 +00:00
56b741d3e4
This chain of trust is targeted at Arm CCA solutions and defines 3 independent signing domains: 1) CCA signing domain. The Arm CCA Security Model (Arm DEN-0096.A.a) [1] refers to the CCA signing domain as the provider of CCA components running on the CCA platform. The CCA signing domain might be independent from other signing domains providing other firmware blobs. The CCA platform is a collective term used to identify all hardware and firmware components involved in delivering the CCA security guarantee. Hence, all hardware and firmware components on a CCA enabled system that a Realm is required to trust. In the context of TF-A, this corresponds to BL1, BL2, BL31, RMM and associated configuration files. The CCA signing domain is rooted in the Silicon ROTPK, just as in the TBBR CoT. 2) Non-CCA Secure World signing domain. This includes SPMC (and associated configuration file) as the expected BL32 image as well as SiP-owned secure partitions. It is rooted in a new SiP-owned key called Secure World ROTPK, or SWD_ROTPK for short. 3) Platform owner signing domain. This includes BL33 (and associated configuration file) and the platform owner's secure partitions. It is rooted in the Platform ROTPK, or PROTPK. [1] https://developer.arm.com/documentation/DEN0096/A_a Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com> Change-Id: I6ffef3f53d710e6a2072fb4374401249122a2805 |
||
|---|---|---|
| .. | ||
| tbbr | ||
| asm_macros_common.S | ||
| bl_common.h | ||
| bl_common.ld.h | ||
| debug.h | ||
| desc_image_load.h | ||
| ep_info.h | ||
| fdt_fixup.h | ||
| fdt_wrappers.h | ||
| feat_detect.h | ||
| image_decompress.h | ||
| interrupt_props.h | ||
| nv_cntr_ids.h | ||
| param_header.h | ||
| romlib.h | ||
| runtime_svc.h | ||
| tf_crc32.h | ||
| uuid.h | ||