Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

core: rpmb: __weak access implementation selectable at build time #5323

Closed
wants to merge 1 commit into from
Closed

core: rpmb: __weak access implementation selectable at build time #5323

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion core/tee/tee_rpmb_fs.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3081,5 +3081,5 @@ TEE_Result tee_rpmb_fs_raw_open(const char *fname, bool create,

bool __weak plat_rpmb_key_is_ready(void)
{
return true;
return false;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If plat_rpmb_key_is_ready() is changed to always return false, then must all platforms that wishes to use RPMB override that function. If so then we could just as well remove it and require the platform to provide it if CFG_RPMB_WRITE_KEY=y. That will for sure trigger a lot of questions.

Overriding plat_rpmb_key_is_ready() is in my opinion only useful if there's some hardware state that can be checked to tell if it seems that the generated key will be the final key.

Copy link
Contributor Author

@ldts ldts May 17, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes if the default is set to false, it will impact current users. But for some it might be for the best, protecting their RPMB hardware. For others is an inconvenience with no monetary cost...which could be worked around with an additional configuration.

When you work enabling hardware on different platforms, the current situation is nasty: securing a board is not a trivial activity and the current default (true) just adds pain to injury.

Copy link
Contributor

@jenswi-linaro jenswi-linaro May 18, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a good point, but if we're to impact all users of RPMB we should try to make the best of it.
Is this the best thing we can do?
Do you have any comments to #5338?

Edit: I see your comment in #5338 now.

}