Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / 2af9c393d078e60508cf9c2a8944f86d793bcd6a
commit2af9c393d078e60508cf9c2a8944f86d793bcd6a[log] [tgz]
authorSandrine Bailleux <sandrine.bailleux@arm.com>Mon Jul 04 11:17:43 2022 +0200
committerSandrine Bailleux <sandrine.bailleux@arm.com>Mon Jul 04 11:59:11 2022 +0200
treedad004b8c90dfdb8008c10f1502237f132b6f085
parentd269f815596bafc3e0028167b41ae80b29cddb67 [diff]
feat(arm): forbid running RME-enlightened BL31 from DRAM

According to Arm CCA security model [1],

"Root world firmware, including Monitor, is the most trusted CCA
component on application PE. It enforces CCA security guarantees for
not just Realm world, but also for Secure world and for itself.

It is expected to be small enough to feasibly fit in on-chip memory,
and typically needs to be available early in the boot process when
only on-chip memory is available."

For these reasons, it is expected that "monitor code executes entirely
from on-chip memory."

This precludes usage of ARM_BL31_IN_DRAM for RME-enlightened firmware.

[1] Arm DEN0096 A.a, section 7.3 "Use of external memory by CCA".

Change-Id: I752eb45f1e6ffddc7a6f53aadcc92a3e71c1759f
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
1 file changed
tree: dad004b8c90dfdb8008c10f1502237f132b6f085
  1. .husky/
  2. bl1/
  3. bl2/
  4. bl2u/
  5. bl31/
  6. bl32/
  7. common/
  8. docs/
  9. drivers/
  10. fdts/
  11. include/
  12. lib/
  13. licenses/
  14. make_helpers/
  15. plat/
  16. services/
  17. tools/
  18. .checkpatch.conf
  19. .commitlintrc.js
  20. .cz.json
  21. .editorconfig
  22. .gitignore
  23. .gitreview
  24. .versionrc.js
  25. changelog.yaml
  26. dco.txt
  27. license.rst
  28. Makefile
  29. package-lock.json
  30. package.json
  31. readme.rst