• dp-arm's avatar
    tbbr: Fix updating of Non-Trusted NV counter · d35dee23
    dp-arm authored
    
    
    The previous code required that a certificate be signed with the ROT
    key before the platform's NV counter could be updated with the value
    in the certificate.  This implies that the Non-Trusted NV counter was
    not being updated for Non-Trusted content certificates, as they cannot
    be signed with the ROT key in the TBBR CoT scheme.
    
    The code is reworked to only allow updating the platform's Trusted NV
    counter when a certificate protected by the Trusted NV counter is
    signed with the ROT key.
    
    Content certificates protected by the Non-Trusted NV counter are
    allowed to update the platform's Non-Trusted NV counter, assuming
    that the certificate value is higher than the platform's value.
    
    A new optional platform API has been introduced, named
    plat_set_nv_ctr2().  Platforms may choose to implement it and perform
    additional checks based on the authentication image descriptor before
    modifying the NV counters.  A default weak implementation is available
    that just calls into plat_set_nv_ctr().
    
    Fixes ARM-software/tf-issues#426
    
    Change-Id: I4fc978fd28a3007bc0cef972ff1f69ad0413b79c
    Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
    d35dee23
arm_common.mk 6.38 KB