Page MenuHomePhabricator

TF-A to permit bundling more than 8 secure partitions
Open, Needs TriagePublic

Description

TF-A flow permits integrating up to 8 secure partitions to be:
-packaged by TF-A build flow
-loaded and authenticated by BL2
-consumed by an SPMC component.

Those 8 secure partitions are statically split into max. 4 signed by the platform owner, and max. 4 signed by the silicon provider.

This affects different parts of the TF-A build flow, secure partitions packaging tools, TBBR certificates:

https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/tools/sptool/sp_mk_generator.py#n64
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/14506/comment/7f969bd3_2f18b7db/

https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/include/common/tbbr/tbbr_img_def.h#n23

https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/plat/arm/board/fvp/fdts/fvp_spmc_manifest.dts#n32

This task is about improving flexibility with integrating more than 8 partitions. Possibly per platform.

Event Timeline

odeprez created this task.Apr 20 2022, 6:55 AM
odeprez updated the task description. (Show Details)Apr 20 2022, 6:57 AM
odeprez updated the task description. (Show Details)