dualroot: add chain of trust for Platform owned SPs

Fork: 0

LuminaSensum / arm-trusted-firmware

Browse code dualroot: add chain of trust for Platform owned SPs For dualroot CoT there are two sets of SP certificates, one owned by Silicon Provider(SiP) and other owned by Platform. Each certificate can have a maximum of 4 SPs. This patch reduces the number of SiP owned SPs from 8 to 4 and adds the remaining 4 to Plat owned SP. Plat owned SP certificate is signed using Platform RoT key and protected against anti-rollback using the Non-trusted Non-volatile counter. Change-Id: Idc3ddd87d6d85a5506a7435f45a6ec17c4c50425 Signed-off-by: Manish Pandey <manish.pandey2@arm.com> v2.4-LS
1 parent 23d5f03 commit 2947412d547307019c919e8131353538511f83d9 Manish Pandey authored on 31 Jul 2020

Browse code

For dualroot CoT there are two sets of SP certificates, one owned by
Silicon Provider(SiP) and other owned by Platform. Each certificate can
have a maximum of 4 SPs.

This patch reduces the number of SiP owned SPs from 8 to 4 and adds
the remaining 4 to Plat owned SP.
Plat owned SP certificate is signed using Platform RoT key and
protected against anti-rollback using the Non-trusted Non-volatile
counter.

Change-Id: Idc3ddd87d6d85a5506a7435f45a6ec17c4c50425
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>

v2.4-LS

1 parent 23d5f03 commit 2947412d547307019c919e8131353538511f83d9

Manish Pandey authored on 31 Jul 2020

Patch

Unified Split

Showing 3 changed files

Ignore Space Show notes View drivers/auth/dualroot/cot.c

Ignore Space Show notes View include/common/tbbr/tbbr_img_def.h

Ignore Space Show notes View include/drivers/auth/auth_mod.h

Show line notes below