Home
last modified time | relevance | path

Searched +full:non +full:- +full:secure (Results 1 – 25 of 728) sorted by relevance

12345678910>>...30

/OK3568_Linux_fs/u-boot/doc/
H A DREADME.ti-secure1 README on how boot images are created for secure TI devices
4 Secure TI devices require a boot image that is authenticated by ROM
7 a secure device from TI, the initial public software image must be signed
11 from Texas Instruments. The tools used to generate boot images for secure
12 devices are part of a secure development package (SECDEV) that can be
17 The secure development package is access controlled due to NDA and export
22 Booting of U-Boot SPL
25 When CONFIG_TI_SECURE_DEVICE is set, the U-Boot SPL build process
31 warning is issued during the build to indicate that a final secure
36 ${TI_SECURE_DEV_PKG}/scripts/create-boot-image.sh
[all …]
/OK3568_Linux_fs/u-boot/drivers/misc/
H A Dfsl_sec_mon.c4 * SPDX-License-Identifier: GPL-2.0+
14 return sec_mon_in32(&sec_mon_regs->hp_stat) & HPSR_SSM_ST_MASK; in get_sec_mon_state()
28 * If initial state is check or Non-Secure, then set the Software in set_sec_mon_state_non_sec()
29 * Security Violation Bit and transition to Non-Secure State. in set_sec_mon_state_non_sec()
32 printf("SEC_MON state transitioning to Non Secure.\n"); in set_sec_mon_state_non_sec()
33 sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SW_SV); in set_sec_mon_state_non_sec()
35 /* polling loop till SEC_MON is in Non Secure state */ in set_sec_mon_state_non_sec()
44 timeout--; in set_sec_mon_state_non_sec()
49 return -1; in set_sec_mon_state_non_sec()
54 * If initial state is Trusted, Secure or Soft-Fail, then first set in set_sec_mon_state_non_sec()
[all …]
/OK3568_Linux_fs/u-boot/arch/arm/cpu/armv7/
H A DKconfig13 bool "Enable support for booting in non-secure mode" if EXPERT
16 ---help---
17 Say Y here to enable support for booting in non-secure / SVC mode.
20 bool "Boot in secure mode by default" if EXPERT
23 ---help---
24 Say Y here to boot in secure mode by default even if non-secure mode
26 suppport booting in non-secure mode. Only set this if you need it.
27 This can be overridden at run-time by setting the bootm_boot_mode env.
34 ---help---
35 Say Y here to boot in hypervisor (HYP) mode when booting non-secure.
[all …]
H A Dvirt-v7.c5 * Routines to transition ARMv7 processors from secure into non-secure state
6 * and from non-secure SVC into HYP mode
9 * SPDX-License-Identifier: GPL-2.0+
16 #include <asm/secure.h>
42 return -1; in get_gicd_base_address()
56 size_t sz = __secure_end - __secure_start; in relocate_secure_section()
79 if (gic_dist_addr == -1) in smp_kick_all_cpus()
99 return -1; in armv7_init_nonsec()
103 * according to the spec one should not tinker with it in secure state in armv7_init_nonsec()
104 * in SVC mode. Do not try to read it once in non-secure state, in armv7_init_nonsec()
[all …]
H A Dnonsec_virt.S2 * code for switching cores into non-secure state and into HYP mode
6 * SPDX-License-Identifier: GPL-2.0+
13 #include <asm/proc-armv/ptrace.h>
21 /* the vector table for secure state and HYP mode */
39 * secure monitor handler
40 * U-Boot calls this "software interrupt" in start.S
42 * to non-secure state.
52 @ Obtain a secure stack
78 @ FIQ preserved for secure mode
103 movs pc, lr @ ERET to non-secure
[all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm32/include/
H A Dpta_invoke_tests.h1 /* SPDX-License-Identifier: BSD-2-Clause */
18 * - test on value parameters
19 * - test on SHM memory reference parameters
20 * - test on SDP memory reference parameters
28 * Secure data path: check that PTA can copy data from non-secure shared memory
29 * to SDP secure memory
31 * [in] memref[0] source (non-secure shared memory)
32 * [out] memref[1] destination (SDP secure memory)
37 * Secure data path: check that PTA can read data from SDP secure memory and
41 * [in/out] memref[0] SDP secure buffer to read from and write to
[all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm64/include/
H A Dpta_invoke_tests.h1 /* SPDX-License-Identifier: BSD-2-Clause */
18 * - test on value parameters
19 * - test on SHM memory reference parameters
20 * - test on SDP memory reference parameters
28 * Secure data path: check that PTA can copy data from non-secure shared memory
29 * to SDP secure memory
31 * [in] memref[0] source (non-secure shared memory)
32 * [out] memref[1] destination (SDP secure memory)
37 * Secure data path: check that PTA can read data from SDP secure memory and
41 * [in/out] memref[0] SDP secure buffer to read from and write to
[all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm32/host_include/
H A Dpta_invoke_tests.h1 /* SPDX-License-Identifier: BSD-2-Clause */
18 * - test on value parameters
19 * - test on SHM memory reference parameters
20 * - test on SDP memory reference parameters
28 * Secure data path: check that PTA can copy data from non-secure shared memory
29 * to SDP secure memory
31 * [in] memref[0] source (non-secure shared memory)
32 * [out] memref[1] destination (SDP secure memory)
37 * Secure data path: check that PTA can read data from SDP secure memory and
41 * [in/out] memref[0] SDP secure buffer to read from and write to
[all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm64/host_include/
H A Dpta_invoke_tests.h1 /* SPDX-License-Identifier: BSD-2-Clause */
18 * - test on value parameters
19 * - test on SHM memory reference parameters
20 * - test on SDP memory reference parameters
28 * Secure data path: check that PTA can copy data from non-secure shared memory
29 * to SDP secure memory
31 * [in] memref[0] source (non-secure shared memory)
32 * [out] memref[1] destination (SDP secure memory)
37 * Secure data path: check that PTA can read data from SDP secure memory and
41 * [in/out] memref[0] SDP secure buffer to read from and write to
[all …]
/OK3568_Linux_fs/kernel/Documentation/devicetree/bindings/arm/
H A Dsecure.txt1 * ARM Secure world bindings
4 "Normal" and "Secure". Most devicetree consumers (including the Linux
6 world or the Secure world. However some devicetree consumers are
8 visible only in the Secure address space, only in the Normal address
10 virtual machine which boots Secure firmware and wants to tell the
13 The general principle of the naming scheme for Secure world bindings
14 is that any property that needs a different value in the Secure world
15 can be supported by prefixing the property name with "secure-". So for
16 instance "secure-foo" would override "foo". For property names with
17 a vendor prefix, the Secure variant of "vendor,foo" would be
[all …]
/OK3568_Linux_fs/kernel/Documentation/devicetree/bindings/iommu/
H A Dqcom,iommu.txt3 Qualcomm "B" family devices which are not compatible with arm-smmu have
6 to non-secure vs secure interrupt line.
10 - compatible : Should be one of:
12 "qcom,msm8916-iommu"
14 Followed by "qcom,msm-iommu-v1".
16 - clock-names : Should be a pair of "iface" (required for IOMMUs
20 - clocks : Phandles for respective clocks described by
21 clock-names.
23 - #address-cells : must be 1.
25 - #size-cells : must be 1.
[all …]
/OK3568_Linux_fs/kernel/Documentation/devicetree/bindings/nvmem/
H A Dst,stm32-romem.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
4 $id: http://devicetree.org/schemas/nvmem/st,stm32-romem.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
7 title: STMicroelectronics STM32 Factory-programmed data bindings
10 This represents STM32 Factory-programmed read only non-volatile area: locked
11 flash, OTP, read-only HW regs... This contains various information such as:
16 - Fabrice Gasnier <fabrice.gasnier@st.com>
19 - $ref: "nvmem.yaml#"
24 - st,stm32f4-otp
[all …]
/OK3568_Linux_fs/kernel/arch/arm/common/
H A Dsecure_cntvoff.S1 /* SPDX-License-Identifier: GPL-2.0 */
5 * Initialization of CNTVOFF register from secure mode
13 .arch armv7-a
15 * CNTVOFF has to be initialized either from non-secure Hypervisor
16 * mode or secure Monitor mode with SCR.NS==1. If TrustZone is enabled
17 * then it should be handled by the secure code. The CPU must implement
21 mrc p15, 0, r1, c1, c1, 0 /* Get Secure Config */
23 mcr p15, 0, r0, c1, c1, 0 /* Set Non Secure bit */
28 mcr p15, 0, r1, c1, c1, 0 /* Set Secure bit */
/OK3568_Linux_fs/buildroot/package/optee-client/
H A DConfig.in2 bool "optee-client"
6 Enable the OP-TEE client package that brings non-secure
7 client application resources for OP-TEE support. OP-TEE
8 client is a component delivered by the OP-TEE project.
11 applications hosted in the OP-TEE OS secure world. The
12 supplicant provides services hosted by the non-secure world
13 and invoked by the secure world.
15 https://github.com/OP-TEE/optee_client
20 string "Path for normal world OS secure storage"
23 Path to storage area for secure storage based on the
[all …]
/OK3568_Linux_fs/kernel/drivers/tee/optee/
H A Doptee_smc.h1 /* SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) */
3 * Copyright (c) 2015-2019, Linaro Limited
8 #include <linux/arm-smccc.h>
28 * Normal cached memory (write-back), shareable for SMP systems and not
36 * 32-bit registers.
44 * 65cb6b93-af0c-4617-8ed6-644a8d1140f8
75 * Used by non-secure world to figure out which Trusted OS is installed.
78 * Returns UUID in a0-4 in the same way as OPTEE_SMC_CALLS_UID
88 * Used by non-secure world to figure out which version of the Trusted OS
92 * Returns revision in a0-1 in the same way as OPTEE_SMC_CALLS_REVISION
[all …]
H A Doptee_msg.h1 /* SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) */
3 * Copyright (c) 2015-2019, Linaro Limited
12 * This file defines the OP-TEE message protocol (ABI) used to communicate
13 * with an instance of OP-TEE running in secure world.
18 * 3. Requests from secure world, Remote Procedure Call (RPC), handled by
19 * tee-supplicant.
23 * Part 1 - formatting of messages
40 * Meta parameter to be absorbed by the Secure OS and not passed
48 * Pointer to a list of pages used to register user-defined SHM buffer.
51 * list of page addresses. OP-TEE core can reconstruct contiguous buffer from
[all …]
/OK3568_Linux_fs/kernel/arch/arm/mach-omap2/
H A Domap-secure.c1 // SPDX-License-Identifier: GPL-2.0-only
3 * OMAP Secure API infrastructure.
11 #include <linux/arm-smccc.h>
23 #include "omap-secure.h"
39 * We only check that the OP-TEE node is present and available. The in omap_optee_init_check()
40 * OP-TEE kernel driver is not needed for the type of interaction made in omap_optee_init_check()
41 * with OP-TEE here so the driver's status is not checked. in omap_optee_init_check()
50 * omap_sec_dispatcher: Routine to dispatch low power secure
55 * @arg1, arg2, arg3 args4: Parameters passed to secure API
57 * Return the non-zero error value on failure.
[all …]
H A Domap-headsmp.S1 /* SPDX-License-Identifier: GPL-2.0-only */
5 * Copyright (C) 2009-2014 Texas Instruments, Inc.
58 .arch armv7-a
110 * CortexA9 r1pX and r2pX. The Control Register secure
112 * bit 0 == Secure Enable
113 * bit 1 == Non-Secure Enable
114 * The Non-Secure banked register has not changed
116 * GIC restoration will cause a problem to CPU0 Non-Secure SW.
120 * 2) CPU1 must re-enable the GIC distributor on
/OK3568_Linux_fs/u-boot/arch/arm/include/asm/mach-imx/
H A Dhab.h2 * Copyright (C) 2012-2015 Freescale Semiconductor, Inc. All Rights Reserved.
4 * SPDX-License-Identifier: GPL-2.0+
13 /* -------- start of HAB API updates ------------*/
27 HAB_CFG_OPEN = 0xf0, /* < Non-secure IC */
28 HAB_CFG_CLOSED = 0xcc /* < Secure IC */
34 HAB_STATE_CHECK = 0x55, /* Check state (non-secure) */
35 HAB_STATE_NONSECURE = 0x66, /* Non-secure state */
37 HAB_STATE_SECURE = 0xaa, /* Secure state */
111 #define HAB_ENG_RTIC 0x05 /* Run-time integrity checker */
114 #define HAB_ENG_SRTC 0x0c /* Secure clock */
[all …]
/OK3568_Linux_fs/buildroot/package/optee-examples/
H A DConfig.in2 bool "optee-examples"
4 depends on BR2_TOOLCHAIN_HAS_THREADS # optee-client
5 depends on !BR2_STATIC_LIBS # optee-client
6 depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_3 # optee-client
10 Enable the OP-TEE examples package that brings examples of
11 implementation of OP-TEE non-secure client applications and
12 secure trusted applications. OP-TEE examples is a
13 component delivered by the OP-TEE project.
17 At runtime OP-TEE OS can load trusted applications from this
18 non-secure filesystem/directory into the secure world for
[all …]
/OK3568_Linux_fs/buildroot/board/qemu/arm-vexpress-tz/
H A Dreadme.txt1 Board qemu_arm_vexpress_tz builds a QEMU ARMv7-A target system with
2 OP-TEE running in the TrustZone secure world and a Linux based
3 OS running in the non-secure world. The board configuration enables
9 The BIOS used in the QEMU host is the ARM Trusted Firmware-A (TF-A).
10 In our configuration, U-Boot uses QEMU semihosting file access to load the
14 cd output/images && ../host/bin/qemu-system-arm \
15 -machine virt -machine secure=on -cpu cortex-a15 \
16 -smp 1 -s -m 1024 -d unimp \
17 -serial stdio \
18 -netdev user,id=vmnic -device virtio-net-device,netdev=vmnic \
[all …]
/OK3568_Linux_fs/u-boot/board/freescale/common/
H A Dfsl_chain_of_trust.c4 * SPDX-License-Identifier: GPL-2.0+
42 /* Check the Boot Mode. If Secure, return 1 else return 0 */
49 val = sfp_in32(&sfp_regs->ospr) & ITS_MASK; in fsl_check_boot_mode_secure()
55 val = gur_in32(&gur->rcwsr[RCW_SB_EN_REG_INDEX - 1]) & RCW_SB_EN_MASK; in fsl_check_boot_mode_secure()
61 /* For Non-PBL Platforms, check the Device Status register 2*/ in fsl_check_boot_mode_secure()
62 val = gur_in32(&gur->pordevsr2) & MPC85xx_PORDEVSR2_SBC_MASK; in fsl_check_boot_mode_secure()
74 * If Boot Mode is Non-Secure, no changes are required in fsl_setenv_chain_of_trust()
79 /* If Boot mode is Secure, set the environment variables in fsl_setenv_chain_of_trust()
102 * If Boot Mode is Non-Secure, skip validation in spl_validate_uboot()
107 printf("SPL: Validating U-Boot image\n"); in spl_validate_uboot()
[all …]
/OK3568_Linux_fs/kernel/drivers/staging/wfx/
H A Dhif_rx.c1 // SPDX-License-Identifier: GPL-2.0-only
3 * Implementation of chip-to-host event (aka indications) of WFxxx Split Mac
6 * Copyright (c) 2017-2020, Silicon Laboratories, Inc.
7 * Copyright (c) 2010, ST-Ericsson
25 int cmd = hif->id; in hif_generic_confirm()
26 int len = le16_to_cpu(hif->len) - 4; // drop header in hif_generic_confirm()
28 WARN(!mutex_is_locked(&wdev->hif_cmd.lock), "data locking error"); in hif_generic_confirm()
30 if (!wdev->hif_cmd.buf_send) { in hif_generic_confirm()
31 dev_warn(wdev->dev, "unexpected confirmation: 0x%.2x\n", cmd); in hif_generic_confirm()
32 return -EINVAL; in hif_generic_confirm()
[all …]
/OK3568_Linux_fs/u-boot/include/
H A Dfsl_sec_mon.h5 * SPDX-License-Identifier: GPL-2.0+
40 #define HPCOMR_SSM_ST_DIS 0x2 /* Disable Secure to Trusted State */
41 #define HPCOMR_SSM_SFNS_DIS 0x4 /* Disable Soft Fail to Non-Secure */
43 #define HPSR_SSM_ST_NON_SECURE 0xb00 /* SEC_MON is in non secure state */
46 #define HPSR_SSM_ST_SECURE 0xf00 /* SEC_MON is in secure state */
/OK3568_Linux_fs/kernel/Documentation/devicetree/bindings/mailbox/
H A Darm,mhu.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
10 - Jassi Brar <jaswinder.singh@linaro.org>
13 The ARM's Message-Handling-Unit (MHU) is a mailbox controller that has 3
19 be a 'Secure' resource, hence can't be used by Linux running NS.
22 interrupt signal using a 32-bit register, with all 32-bits logically ORed
28 interrupt. Each of the 32-bits can be used as "doorbell" to alert the remote
37 - arm,mhu
38 - arm,mhu-doorbell
[all …]

12345678910>>...30