fc9ec5d88f
CSE FW uses an AEK (Attestation keybox Encryption Key) to encrypt the keybox with AES-256-GCM algorithm before sending it to Android/Trusty. This key is derived from the latest platform Seed by CSE FW with KDF (key derivation function) HMAC-SHA256. After Trusty retrieves this encrypted keybox over HECI/MEI driver, Trusty needs the same AEKkey to decrypt it. Hence, before Trusty launches, Hypervisor derives the same AEK key from Platform Seed with the same algorithm and the same derivation parameters, then sends this AEK along with Trusty vSeed to Trusty world memory. Since Platform Seed is only visible to Hypervisor and it must not be sent to any guest VM, only Hypervisor can derive this AEK from this Platform Seed, just like previous per-Trusty virtual Seed derivation. Please note that Android Attestation Keybox is shared in a single hardware platform, so all the Trusty instance/world can get the same AEK for decryption even if there are multiple Android User OS/VMs running on top of Hypervisor. v1 --> v2: Add detailed description why we need the patch to derive an extra key v2 --> v3: Convert API descriptions to Doxygen Tracked-On: #1812 Reviewed-by: Bing Zhu <bing.zhu@intel.com> Reviewed-by: Kai Wang <kai.z.wang@intel.com> Signed-off-by: Chen Gang G <gang.g.chen@intel.com> Acked-by: Bing Zhu <bing.zhu@intel.com> |
||
|---|---|---|
| .. | ||
| arch/x86 | ||
| boot | ||
| bsp | ||
| common | ||
| debug | ||
| dm | ||
| include | ||
| lib | ||
| partition | ||
| scripts | ||
| Kconfig | ||
| MAINTAINERS | ||
| Makefile | ||
| README.rst | ||
README.rst
Embedded-Hypervisor ################### This open source embedded hypervisor defines a software architecture for running multiple software subsystems managed securely on a consolidated system (by means of a virtual machine manager), and defines a reference framework Device Model implementation for devices emulation This embedded hypervisor is type-1 reference hypervisor, running directly on the system hardware. It can be used for building software defined cockpit (SDC) or In-Vehicle Experience (IVE) solutions running on Intel Architecture Apollo Lake platforms. As a reference implementation, it provides the basis for embedded hypervisor vendors to build solutions with an open source reference I/O mediation solution, and provides auto makers a reference software stack for SDC usage. This embedded hypervisor is able to support both Linux* and Android* as a Guest OS, managed by the hypervisor, where applications can run. This embedded hypervisor is a partitioning hypervisor reference stack, also suitable for non-automotive IoT & embedded device solutions. It will be addressing the gap that currently exists between datacenter hypervisors, hard partitioning hypervisors, and select industrial applications. Extending the scope of this open source embedded hypervisor relies on the involvement of community developers like you!