On 2/13/25 4:11 PM, Jarkko Sakkinen wrote:
On Wed, Feb 12, 2025 at 04:05:48PM -0600, Stuart Yoder wrote:
Add documentation providing details of how the CRB driver interacts
with FF-A.
Signed-off-by: Stuart Yoder <stuart.yoder@xxxxxxx>
---
Documentation/security/tpm/tpm_ffa_crb.rst | 65 ++++++++++++++++++++++
1 file changed, 65 insertions(+)
create mode 100644 Documentation/security/tpm/tpm_ffa_crb.rst
diff --git a/Documentation/security/tpm/tpm_ffa_crb.rst b/Documentation/security/tpm/tpm_ffa_crb.rst
new file mode 100644
index 000000000000..c70f8904a93d
--- /dev/null
+++ b/Documentation/security/tpm/tpm_ffa_crb.rst
@@ -0,0 +1,65 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+========================
+TPM CRB over FF-A Driver
+========================
+
+The TPM Command Response Buffer (CRB) interface is a standard TPM interface
+defined in the TCG PC Client Platform TPM Profile (PTP) Specification [1]_.
+The CRB provides a structured set of control registers a client uses when
+interacting with a TPM as well as a data buffer for storing TPM commands and
+responses. A CRB interface can be implemented in:
+
+- hardware registers in a discrete TPM chip
+
+- in memory for a TPM running in isolated environment where shared memory
+ allows a client to interact with the TPM
+
+The Firmware Framework for Arm A-profile (FF-A) [2]_ is a specification
+that defines interfaces and protocols for the following purposes:
+
+- Compartmentalize firmware into software partitions that run in the Arm
+ Secure world environment (also know as TrustZone)
Does that also cover ARM CCA? Just a question (not a review question).
No, CCA is for confidential VMs which is a separate trusted execution
environment and FF-A is not used there.
Thanks,
Stuart
