Hi,
On Tue, Jan 12, 2016 at 8:03 AM, Joakim Bech joakim.bech@linaro.org wrote:
Hi Amit,
On Tue, Jan 12, 2016 at 12:32:45AM +0530, Amit Kucheria wrote:
(Adding Joakim)
On Tue, Jan 12, 2016 at 12:08 AM, git git gitfineon@online.de wrote:
Hi,
has anybody tried to activate/implement the Trusted Board Boot (TBB)
feature
of ARM Trusted Firmware (ATF) on Hikey or any other 96Board, yet?
It would be interesting to get this working but I don't think we've worked on it. Joakim, has anybody in the security WG tried this?
I'm afraid not, however we have it on the todo-list, then plan is to deal with it in SWG-112 (Epic, and Stories, 113 to 116).
Minimal requirement to run TBB is GENERATE_COT, but it should be
possible to
only generate these Certificates of Trust (CoT) and add them to the
your
Firmware Image Package (FIP). I've already tested TBB (incl. CoT) with
Juno
DevBoard and it worked fine. The 96Boards repository does not mention
TBB
anywhere.
I think ARM introduced the authenticated framework somewhere after they released v1.1, could it be that simple that 96Boards ARM-TF fork lags behind? The authenticated framework was introduced somewhere here:
https://github.com/ARM-software/arm-trusted-firmware/commits/d337aaaf53ef278...
Above is dated 2015/6/16 Hikey branch forked here: https://github.com/96boards/arm-trusted-firmware/commits/hikey?page=5 https://github.com/96boards/arm-trusted-firmware/commit/68fc81743e8671312a98... dated 2015/2/15, so seems like it is behind. I believe work is ongoing to rebase on something newer, but don't have any more info about it.
hth
But also in Hikey branch it is possible to set the GENERATE_COT flag and the *.crt files get generated.
-- Regards, Joakim B _______________________________________________ Dev mailing list Dev@lists.96boards.org https://lists.96boards.org/mailman/listinfo/dev