Linux May Get A New Subsystem For RPMB: Replay Protected Memory Block
Written by Michael Larabel in Linux Kernel on 3 April 2016 at 09:43 AM EDT. 10 Comments
Patches surfaced this morning on the Linux Kernel Mailing List for implementing a new kernel subsystem.

The new subsystem proposal with patches by Tomas Winkler of Intel is for RPMB, the Replay Protected Memory Block specification for eMMC, NVMe, etc. Replay Protected Memory Block (RPMB) is a several year old specification for having a portion of memory be more secure and accessed via a hidden security key. The RPMB block in eMMC can be used for matters like storing DRM protection keys, OEM security keys, and other information that can't -- for whatever legal or security reasons -- can't be stored via normal storage.

Winkler explained, "The RPMB partition cannot be accessed via standard block layer, but by a set of specific commands: WRITE, READ, GET_WRITE_COUNTER, and PROGRAM_KEY. Such a partition provides authenticated and replay protected access, hence suitable as a secure storage...The RPMB layer aims to provide in-kernel API for Trusted Execution Environment (TEE) devices that are capable to securely compute block frame signature."

If you are interested in learning more about the proposed Linux kernel implementation for securely supporting Replay Protected Memory Block, you can see this patch series that introduces the new subsystem, provides a simulation device, and also a small user-space utility for demonstration purposes.
About The Author
Author picture

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter or contacted via

Related Linux Kernel News
Popular News This Week