Thanks Sandrine, this helps to see the expectations from MEM_PROTECT, i.e. protected memory should be cleared by the following boot.
However the question about actual use case of this SMC still remains. It doesn't seem to protect against cold reboot attacks on TZ. It does protect against non-secure. I'll be happy to discuss this in a TF-A tech forum meeting at some point in future -- at the moment the priority seems to be HOB discussion.
Best regards, Okash
On Fri, May 21, 2021 at 12:49 PM Sandrine Bailleux sandrine.bailleux@arm.com wrote:
Hi Okash, Varun,
Sorry I've not had a chance to properly read this email thread yet so apologies if my comment is irrelevant. I just wanted to point out that TF-A Tests provide some tests for MEM_PROTECT [1] and MEM_PROTECT_CHECK [2] SMC interfaces, in case that helps clarifying their intended usage.
Cheers, Sandrine
[1] https://git.trustedfirmware.org/TF-A/tf-a-tests.git/tree/tftf/tests/runtime_...
[2] https://git.trustedfirmware.org/TF-A/tf-a-tests.git/tree/tftf/tests/runtime_...