tech-unixplatformspec@lists.riscv.org | [PATCH 2/6] Specify M-mode protection content for platforms with M-mode

Home Messages Hashtags Subgroups

Date Date 1 - 1 of 1

[PATCH 2/6] Specify M-mode protection content for platforms with M-mode

atishp@... #1528 This version of the platform specification doesn't mandate M-mode requirements. However, it should specify M-mode access protection from lower privilege modes for platforms that do implement M-mode. Otherwise, it is not very clear that such protection is required to avoid lower privilege modes overwriting the memory where resident firmware continues to run. Signed-off-by: Atish Patra <atishp@...> --- riscv-platform-spec.adoc \| 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/riscv-platform-spec.adoc b/riscv-platform-spec.adoc index e20703299937..049d81c88c26 100644 --- a/riscv-platform-spec.adoc +++ b/riscv-platform-spec.adoc @@ -538,6 +538,18 @@ software components: Rationale: The platform specification intends to avoid fragmentation and promotes interoperability. +=== Security + If M-mode is supported in the platform, all machine mode assets, such as +code and data, shall be protected from all non-machine mode accesses from the +harts in the system. Additionally, I/O agent access protection must be +required within the system to protect machine mode assets. Therefore, the +following requirements are mandatory for platforms with M-mode: + +* Platform must provide a protection mechanism from non-machine mode hart +transactions that precisely traps if violated. +* Platform must provide a protection mechanism from I/O agents manipulating +or accessing machine mode assets. + // Server extension for OS-A Platform === Server Extension The server extension specifies additional requirements for server class @@ -927,6 +939,16 @@ configuration. It is clearly understood what aspects of the platform boot process are protected by secure boot. + If M-mode is supported in the platform, all machine mode assets, such as +code and data, shall be protected from all non-machine mode accesses from the +harts in the system. Additionally, I/O agent access protection must be +required within the system to protect machine mode assets. Therefore, the +following requirements are mandatory for platforms with M-mode: + +* Platform must provide a protection mechanism from non-machine mode hart +transactions that precisely traps if violated. +*** Platform must provide a protection mechanism from I/O agents manipulating +or accessing machine mode assets. ==== RAS All the below mentioned RAS features are required for the OS-A platform server -- 2.33.1
More All Messages By This Member

1 - 1 of 1

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms