Hi Phillipe,
There has been some interest expressed in adding support for RPMB flash partitions for the benefit of secure firmwares like OPTEE. I'm just trying to scope out what sort of work would need to be done for it. RPMB (Replay Protect Memory Block) is a special eMMC partition which requires a key and write counter to unlock and write sectors to it. It's not clear if the partition itself is only accessible to the secure world or if that's just the only part of the world that has a copy of the key to do the unlock sequence. So a few quick questions: Do we have a common emmc emulation in QEMU? It seems there are numerous hw specific bits (omap_mmc, pxa2xx_mmci) and what looks like a common sd.c. Would this be the place to support RPMB? I assume the easiest way would be to add some qdev properties that can enable RPMB behaviour for segments of the flash which can be set when the machine initializes. Where do the pflash device types sit in this scheme? They are the default goto device for bios flash devices on a range of machines but AIUI they follow a different flash programming spec (Intel or AMD). Would we want to be able to instantiate a "virt" machine with a sdhci backed flash instead of the default pflash? Should we have a new machine type that defaults to secure components? -- Alex Bennée
