Hi Piotr
This is a thorny problem. You are right that the RIM calculation is highly sensitive to the memory used for a realm and the host environment. This potentially results in a combinatorial explosion of reference values. Arm is currently looking at alternative solutions that would avoid the need for the tooling you refer to. We're not quite ready to share details of this yet but we hope to in the coming months. Rest assured that we intend for this to be part of the overall Arm CCA reference solution.
Regards
Dan.
-----Original Message----- From: Peter Sawicki algorytmy.almanach@gmail.com Sent: Monday, October 2, 2023 9:27 AM To: tf-rmm@lists.trustedfirmware.org Subject: [tf-rmm] Realm Initial Measurement calculation
Hi,
I wonder if there is or there is a plan to develop a dedicated tool that allows a realm developer to calculate Realm Initial Measurements (RIMs) for realms(?)
As you know, the remote attestation mechanism requires a verifier to be provisioned with reference values. In this case, a realm verifier should have access to the initial reference measurement (RIM) of a realm that is intended to be run on a remote Arm CCA platform.
The algorithm that measures the initial state of realms (RIM) is higly sensitive to the content of a realm memory and the order of RMI operations. This means that not only the content of populated realm memory matters but also the implementation of the host components (e.g. kvm, kvmtool/qemu). For example, in the reference implementation of https://gitlab.arm.com/linux- arm/kvmtool-cca, the layout of memory and the content of DTB highly depend on the provided options (DTB is generated in run-time). Unfortunatelly, the content of DTB also depends on the linking order of object files (the order of DTB generation is imposed by __attribute__((constructor)) that is used to register devices). This complicates development of a separate tool for caclulating RIM, as the tool would have to emulate all quirks of the kvmtool.
One of the solution of retrieving Realm Initial Measurements seems to be running the whole firmware/software (e.g. kvmtool/Linux host/TF-RMM) stack on the FVP emulator and gathering the RIM directly from the TF-RMM. This would require a realm developer to have access to the whole firmware/software stack and the emulator of the CCA platform. This might not always be an option.
The other solution would require the implementation of a dedicated tool. For instance, a sensible approach could be to extend the functionality of kvmtool, which can be run on an ordinary Linux machine.
Is Arm going to develop a dedicated tool(-s) for calculating RIMs? What is the recommended way of retrieving/calculating RIMs for realms?
Kind regards, Piotr _______________________________________________ tf-rmm mailing list -- tf-rmm@lists.trustedfirmware.org To unsubscribe send an email to tf-rmm-leave@lists.trustedfirmware.org
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.