Post

[arm] RME(spec)

Posted
By
4 min read

B2.3.4 RME Device Assignment

The term Assignable Device Interface refers to a portion of a device that can be independently assigned to software executing in one of the Security states. An assignable device interface can act as an independent requester and have its own private memory-mapped resources.

RME Device Assignment (RME-DA) is an RME system feature that enables the secure assignment of assignable device interfaces to the Realm Security state.

There is the following related terminology:

PCIe refers to devices that comply with the TEE Device Interface Security Protocol (TDISP [4]) as TEE-I/O capable devices. This specification refers to them as TDISP-compliant devices.

PCIe uses TEE Device Interface (TDI) to refer to an assignable device interface of TDISP-compliant devices.

“可分配设备接口”(Assignable Device Interface)指的是设备中可以独立分配给在某 个安全状态下运行的软件的一部分。可分配设备接口可以作为独立的请求方,并拥有其自 己的私有内存映射资源。RME 设备分配(RME-DA)是 RME 系统的一项功能,它能够将可 分配设备接口安全地分配给 Realm 安全状态。

相关术语如下:

PCIe 将符合 TEE 设备接口安全协议(TDISP [4])的设备称为 TEE-I/O capable devices。本规范将其称为 TDISP-compliant devices。

PCIe 使用 TEE 设备接口(TDI)来指代 TDISP 兼容设备的可分配设备接口。

TDISP defines both:

  • A TEE Security Manager (TSM) which is a logical entity at the host that enforces security policies.
  • A Device Security Manager (DSM) which is a logical entity in the device that enforces security policies on the device.

TSM functionality in RME-DA is implemented within RMSD.

SMMU for RME-DA [3] defines SMMU requirements for supporting the assignment of TDIs to software executing in the Realm Security state.

The RME system architecture defines memory system and PCIe Root Port requirements for supporting the assignment of PCIe TDIs to the Realm Security state.

TDISP 定义了以下两个实体:

  • TEE 安全管理器(TSM),它是主机上的一个逻辑实体,用于强制执行安全策略。
  • 设备安全管理器(DSM),它是设备中的一个逻辑实体,用于在设备上强制执行安全策 略。

在 RME-DA 中,TSM 的功能由 RMSD 实现。

SMMU for RME-DA [3] 定义了 SMMU 支持将 TDI 分配给在 Realm 安全状态下运行的软件 的相关要求。

RME 系统架构定义了内存系统和 PCIe Root Port将 PCIe TDI 分配给 Realm 安全状态 的相关要求。

B3.2.6 PCIe Root Port support for TDISP

This section defines requirements for an RME-DA Root Port (RP), in order to securely associate TDIs of TDISP-compliant devices with EL1 Realms, in compliance with PCIe TDISP [4].

This specification uses the term outgoing for traffic that enters the RP from its host interface and targets its PCIe hierarchy domain.

This specification uses the term incoming for traffic that enters the RP from its PCIe hierarchy domain.

An RME-DA RP sets the TEE-IO Supported bit in the Device Capabilities Register.

B3.2.6.1 Integrity and Data Encryption (IDE) support

This section defines requirements for PCIe IDE [4] support in an RME-DA RP.

An RME-DA RP supports all the following IDE features:

  • At least one Selective IDE Stream.
    • NUM_SEL_STR denotes the number of Selective IDE Streams supported.
  • At least three Address Association registers per supported Selective IDE Stream.
  • The TEE-Limited Stream IDE capability.

RME-DA requires Selective IDE Stream support for setting up IDE with TDISP-compliant devices, that can be located behind a PCIe switch or directly attached to the RME-DA RP. This enables Requester ID (RID) checks to be performed at the RP for all TDISP-compliant devices. Having three Address Association registers per Selective IDE Stream allows TDISP-compliant devices to implement the maximal number of BARs supported by PCIe for a TDI.

An IDE stream is identified by an IDE Stream ID, and can be in IDE Insecure state or IDE Secure state.

coco, RME
RME
This post is licensed under CC BY 4.0 by the author.