On Tue, 7 Jun 2022 at 18:13, Ramon Fried rfried.dev@gmail.com wrote:
On Tue, Jun 7, 2022 at 11:55 AM Maxim Uvarov maxim.uvarov@linaro.org wrote:
Sorry I might be missing some discussion. What is the reason to measure tf-a itself? Measuring the fip image has to measure tf-a also. Do you have some memory limits to flash fip?
When you mention tf-a, do you mean only bl1 ?
yes.
how would you know in the end the bl2, bl31, and bl33 were not tampered ?
you flash fip (ml2,bl31, bl33), erase eFuse and if the signature of the fip does not match then it will not be loaded. Measurements can start after optee (ftpm) starts..
Thanks, Ramon
BR, Maxim.
On Tue, 7 Jun 2022 at 11:22, Stuart Yoder via TF-A tf-a@lists.trustedfirmware.org wrote:
On 6/4/22 8:53 AM, Ramon Fried wrote:
Hi Stuart, The problem with implementing a driver for a specific TPM in BL1 is that you're stuck with that specific 3rd party TPM for life (or until the next tapeout). I would like to minimize the 3rd party drivers (outside the SOC) in BL1.
With the interface I described you shouldn't need any vendor specific TPM driver in BL1. The locations of the TPM_HASH_START/DATA/END registers are standard. BL1 simply needs to be able access the TPM via the SPI or I2C bus.
Stuart
TF-A mailing list -- tf-a@lists.trustedfirmware.org To unsubscribe send an email to tf-a-leave@lists.trustedfirmware.org