sree-revoori1
commented
10 months ago After speaking with @jhand2 , we decided to force normal contexts to only be able to derive normal contexts and simulation contexts to only be able to derive simulation contexts. Then we allow one tree of normal contexts and unlimited trees of simulation contexts and check that they are all valid and well-formed.
We do not consider simulation contexts in DPE validation. DPE allows initialize context to be called on simulation contexts, even after the DPE has been initialized, meaning we could get multiple connected components in the context tree structure. However, DPE validation fails if the context tree has multiple connected components.
My proposal: disable simulation contexts in Caliptra and then in validation, allow multiple connected components. This way, Caliptra's DPE context structure will always be a tree. We can still check that all the connected components represent valid trees, and make permitting multiple connected components dependent on a flag passed to the validator.