Runtime FW SHALL refuse any commands coming from PAUSER 0xFFFFFFFF

chipsalliance / caliptra-sw

Caliptra software (ROM, FMC, runtime firmware), and libraries/tools needed to build and test

Apache License 2.0

55 stars 40 forks source link

Runtime FW SHALL refuse any commands coming from PAUSER 0xFFFFFFFF #1678

Open fdamato opened 3 weeks ago

fdamato commented 3 weeks ago

Currently Runtime FW is accepting stash measurement from PAUSER 0xFFFFFFFF, which is reserved by Caliptra as its own locality for DPE (e.g. RTJM uses it) to indicate the evidence has been measured by Caliptra itself.

jhand2 commented 2 days ago

I think the final decision here is that we will reject any STASH_MEASUREMENT commands in Runtime that don't come from the PL0 PAUSER.