aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMadhukar Pappireddy <madhukar.pappireddy@arm.com>2020-09-15 14:33:27 +0000
committerTrustedFirmware Code Review <review@review.trustedfirmware.org>2020-09-15 14:33:27 +0000
commit47bda02c8e95797b93d81407dc9c6d99aec1e3ff (patch)
treeab00e2fd705914165ef9fb2978f58009ce8a941e
parent7c9499623b42f1f48dd7aa0d1fa8427ca07a76b7 (diff)
parent0901d3398d59d8aa9b7c3d0cdc2d0c833f4317cb (diff)
downloadtrusted-firmware-a-47bda02c8e95797b93d81407dc9c6d99aec1e3ff.tar.gz
Merge "doc: add description of "owner" field in SP layout file." into integration
-rw-r--r--docs/components/secure-partition-manager.rst14
1 files changed, 11 insertions, 3 deletions
diff --git a/docs/components/secure-partition-manager.rst b/docs/components/secure-partition-manager.rst
index c58cd0801a..9a65e6400b 100644
--- a/docs/components/secure-partition-manager.rst
+++ b/docs/components/secure-partition-manager.rst
@@ -283,18 +283,25 @@ A description file (json format) is passed to the build flow specifying
paths to the SP binary image and associated DTS partition manifest file.
The latter is going through the dtc compiler to generate the dtb fed into
the SP package.
+This file also specifies the owner of the SP, which is an optional field and
+identifies the signing domain in case of dualroot CoT.
+The possible owner of an SP could either be Silicon Provider or Platform, and
+the corresponding "owner" field value could either be "SiP" or "Plat".
+In absence of "owner" field, it defaults to "SiP".
.. code:: shell
{
"tee1" : {
"image": "tee1.bin",
- "pm": "tee1.dts"
+ "pm": "tee1.dts",
+ "owner": "SiP"
},
"tee2" : {
"image": "tee2.bin",
- "pm": "tee2.dts"
+ "pm": "tee2.dts",
+ "owner": "Plat"
}
}
@@ -376,8 +383,9 @@ Refer to TBBR specification `[3]`_.
The multiple-signing domain feature (in current state dual signing domain) allows
the use of two root keys namely S-ROTPK and NS-ROTPK (see `[8]`_):
-- SPMC(BL32), SPMC manifest, SPs may be signed by the SiP using the S-ROTPK.
+- SPMC (BL32) and SPMC manifest are signed by the SiP using the S-ROTPK.
- BL33 may be signed by the OEM using NS-ROTPK.
+- An SP may be signed either by SiP (using S-ROTPK) or by OEM (using NS-ROTPK).
Longer term multiple signing domain will allow additional signing keys, e.g.
if SPs originate from different parties.