Home
last modified time | relevance | path

Searched full:secure (Results 1 – 25 of 1942) sorted by relevance

12345678910>>...78

/OK3568_Linux_fs/kernel/Documentation/devicetree/bindings/arm/
H A Dsecure.txt1 * ARM Secure world bindings
4 "Normal" and "Secure". Most devicetree consumers (including the Linux
6 world or the Secure world. However some devicetree consumers are
8 visible only in the Secure address space, only in the Normal address
10 virtual machine which boots Secure firmware and wants to tell the
13 The general principle of the naming scheme for Secure world bindings
14 is that any property that needs a different value in the Secure world
15 can be supported by prefixing the property name with "secure-". So for
16 instance "secure-foo" would override "foo". For property names with
17 a vendor prefix, the Secure variant of "vendor,foo" would be
[all …]
/OK3568_Linux_fs/u-boot/doc/
H A DREADME.ti-secure1 README on how boot images are created for secure TI devices
4 Secure TI devices require a boot image that is authenticated by ROM
7 a secure device from TI, the initial public software image must be signed
11 from Texas Instruments. The tools used to generate boot images for secure
12 devices are part of a secure development package (SECDEV) that can be
17 The secure development package is access controlled due to NDA and export
31 warning is issued during the build to indicate that a final secure
38 This is called as part of the SPL/u-boot build process. As the secure
39 boot image formats and requirements differ between secure SOC from TI,
44 package for creating a bootable SPL image for secure TI devices.
[all …]
/OK3568_Linux_fs/kernel/Documentation/powerpc/
H A Dultravisor.rst15 POWER 9 that enables Secure Virtual Machines (SVMs). DD2.3 chips
56 process is running in secure mode, MSR(S) bit 41. MSR(S)=1, process
57 is in secure mode, MSR(s)=0 process is in normal mode.
63 the VM it is returning to is secure.
73 **Secure Mode MSR Settings**
101 * Memory is partitioned into secure and normal memory. Only processes
102 that are running in secure mode can access secure memory.
104 * The hardware does not allow anything that is not running secure to
105 access secure memory. This means that the Hypervisor cannot access
110 * I/O systems are not allowed to directly address secure memory. This
[all …]
/OK3568_Linux_fs/external/recovery/
H A Dencryptedfs_provisioning.c55 LOGE("Secure FS: error accessing key file."); in get_binary_file_contents()
64 LOGE("Secure FS: error reading conmplete key."); in get_binary_file_contents()
81 LOGE("Secure FS: error setting up key file."); in set_binary_file_contents()
89 LOGE("Secure FS: error reading conmplete key."); in set_binary_file_contents()
104 LOGE("Secure FS: error accessing properties."); in get_text_file_contents()
112 LOGE("Secure FS: error accessing properties."); in get_text_file_contents()
127 LOGE("Secure FS: error setting up properties."); in set_text_file_contents()
135 LOGE("Secure FS: error setting up properties."); in set_text_file_contents()
162 LOGE("Secure FS: error accessing properties."); in read_encrypted_fs_boolean_property()
199 LOGE("Secure FS: error mounting userdata partition."); in read_encrypted_fs_info()
[all …]
/OK3568_Linux_fs/kernel/arch/powerpc/kvm/
H A Dbook3s_hv_uvmem.c3 * Secure pages management: Migration of pages between normal and secure
10 * A pseries guest can be run as secure guest on Ultravisor-enabled
13 * hypervisor (HV) and secure memory managed by Ultravisor (UV).
18 * Private ZONE_DEVICE memory equal to the amount of secure memory
19 * available in the platform for running secure guests is hotplugged.
20 * Whenever a page belonging to the guest becomes secure, a page from this
21 * private device memory is used to represent and track that secure page
36 * UV(secure) and vice versa. So the serialization points are around
40 * fault path as page-out can occur when HV faults on accessing secure
44 * by HV touching secure pages is very very low. If an when UV supports
[all …]
/OK3568_Linux_fs/u-boot/arch/arm/include/asm/
H A Domap_sec_common.h15 * Invoke secure ROM API on high-security (HS) device variants. It formats
22 * Invoke a secure ROM API on high-secure (HS) device variants that can be used
23 * to verify a secure blob by authenticating and optionally decrypting it. The
25 * into the blob during the signing/encryption step when the secure blob was
31 * Return the start of secure reserved RAM, if a default start address has
37 * Invoke a secure HAL API that allows configuration of the external memory
45 * Invoke a secure HAL API on high-secure (HS) device variants that reserves a
46 * region of external memory for secure world use, and protects it using memory
48 * memory that will be used for a secure world OS/TEE.
53 * Invoke a secure HAL API to lock the external memory firewall configurations.
[all …]
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm32/include/
H A Dpta_invoke_tests.h28 * Secure data path: check that PTA can copy data from non-secure shared memory
29 * to SDP secure memory
31 * [in] memref[0] source (non-secure shared memory)
32 * [out] memref[1] destination (SDP secure memory)
37 * Secure data path: check that PTA can read data from SDP secure memory and
41 * [in/out] memref[0] SDP secure buffer to read from and write to
46 * Secure data path: check that PTA can copy data from SDP secure memory to
47 * non-secure shared memory
49 * [in] memref[0] source (SDP secure memory)
50 * [out] memref[1] destination (non-secure shared memory)
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm64/include/
H A Dpta_invoke_tests.h28 * Secure data path: check that PTA can copy data from non-secure shared memory
29 * to SDP secure memory
31 * [in] memref[0] source (non-secure shared memory)
32 * [out] memref[1] destination (SDP secure memory)
37 * Secure data path: check that PTA can read data from SDP secure memory and
41 * [in/out] memref[0] SDP secure buffer to read from and write to
46 * Secure data path: check that PTA can copy data from SDP secure memory to
47 * non-secure shared memory
49 * [in] memref[0] source (SDP secure memory)
50 * [out] memref[1] destination (non-secure shared memory)
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm32/host_include/
H A Dpta_invoke_tests.h28 * Secure data path: check that PTA can copy data from non-secure shared memory
29 * to SDP secure memory
31 * [in] memref[0] source (non-secure shared memory)
32 * [out] memref[1] destination (SDP secure memory)
37 * Secure data path: check that PTA can read data from SDP secure memory and
41 * [in/out] memref[0] SDP secure buffer to read from and write to
46 * Secure data path: check that PTA can copy data from SDP secure memory to
47 * non-secure shared memory
49 * [in] memref[0] source (SDP secure memory)
50 * [out] memref[1] destination (non-secure shared memory)
/OK3568_Linux_fs/external/security/rk_tee_user/v2/export-ta_arm64/host_include/
H A Dpta_invoke_tests.h28 * Secure data path: check that PTA can copy data from non-secure shared memory
29 * to SDP secure memory
31 * [in] memref[0] source (non-secure shared memory)
32 * [out] memref[1] destination (SDP secure memory)
37 * Secure data path: check that PTA can read data from SDP secure memory and
41 * [in/out] memref[0] SDP secure buffer to read from and write to
46 * Secure data path: check that PTA can copy data from SDP secure memory to
47 * non-secure shared memory
49 * [in] memref[0] source (SDP secure memory)
50 * [out] memref[1] destination (non-secure shared memory)
/OK3568_Linux_fs/u-boot/arch/arm/cpu/armv8/
H A DKconfig44 menu "ARMv8 secure monitor firmware"
46 bool "Enable ARMv8 secure monitor firmware framework support"
50 This framework is aimed at making secure monitor firmware load
54 - Address of secure firmware.
55 - Address to hold the return address from secure firmware.
56 - Secure firmware FIT image related information.
58 - The target exception level that secure monitor firmware will
62 bool "Enable ARMv8 secure monitor firmware framework support for SPL"
69 bool "PSCI implementation in secure monitor firmware"
72 This config enables the ARMv8 PSCI implementation in secure monitor
[all …]
/OK3568_Linux_fs/u-boot/spl/drivers/misc/
H A D.rk3568-secure-otp.o.cmd
/OK3568_Linux_fs/external/security/rk_tee_user/v2/ta/sdp_basic/
H A Dta_sdp_basic.c18 * Basic Secure Data Path access test commands:
19 * - command INJECT: copy from non secure input into secure output.
20 * - command TRANSFROM: read, transform and write from/to secure in/out.
21 * - command DUMP: copy from secure input into non secure output.
28 const int sec_idx = 1; /* highlight secure buffer index */ in cmd_inject()
44 * to reference a buffer with a unique and consistent secure attribute in cmd_inject()
46 * secure attribute of a single byte of it. Yet, since the current in cmd_inject()
47 * test does not deal with performance, let check the secure attribute in cmd_inject()
66 EMSG("TEE_CheckMemoryAccessRights(secure) failed %x", rc); in cmd_inject()
122 * to reference a buffer with a unique and consistent secure attribute in cmd_transform()
[all …]
/OK3568_Linux_fs/kernel/Documentation/devicetree/bindings/crypto/
H A Dinside-secure-safexcel.txt1 Inside Secure SafeXcel cryptographic engine
4 - compatible: Should be "inside-secure,safexcel-eip197b",
5 "inside-secure,safexcel-eip197d" or
6 "inside-secure,safexcel-eip97ies".
21 - "inside-secure,safexcel-eip197" is equivalent to
22 "inside-secure,safexcel-eip197b".
23 - "inside-secure,safexcel-eip97" is equivalent to
24 "inside-secure,safexcel-eip97ies".
29 compatible = "inside-secure,safexcel-eip197b";
/OK3568_Linux_fs/u-boot/drivers/crypto/fsl/
H A DKconfig13 Enable Freescale Secure Boot and Trusted Architecture
18 Secure boot and trust architecture compatible version 2
23 Secure boot and trust architecture compatible version 4
28 Secure boot and trust architecture compatible version 5
33 Secure boot and trust architecture compatible version 6
36 bool "Big-endian access to Freescale Secure Boot"
39 int "Freescale Secure Boot compatibility"
47 bool "Little-endian access to Freescale Secure Boot"
/OK3568_Linux_fs/kernel/Documentation/devicetree/bindings/iommu/
H A Dqcom,iommu.txt6 to non-secure vs secure interrupt line.
31 - qcom,iommu-secure-id : secure-id.
37 - "qcom,msm-iommu-v1-ns" : non-secure context bank
38 - "qcom,msm-iommu-v1-sec" : secure context bank
46 for routing of context bank irq's to secure vs non-
47 secure lines. (Ie. if the iommu contains secure
63 qcom,iommu-secure-id = <17>;
89 qcom,iommu-secure-id = <18>;
/OK3568_Linux_fs/u-boot/arch/arm/cpu/armv7/
H A Dvirt-v7.c5 * Routines to transition ARMv7 processors from secure into non-secure state
6 * and from non-secure SVC into HYP mode
16 #include <asm/secure.h>
103 * according to the spec one should not tinker with it in secure state in armv7_init_nonsec()
104 * in SVC mode. Do not try to read it once in non-secure state, in armv7_init_nonsec()
120 * from non-secure state. The first 32 interrupts are private per in armv7_init_nonsec()
129 * Relocate secure section before any cpu runs in secure ram. in armv7_init_nonsec()
130 * smp_kick_all_cpus may enable other cores and runs into secure in armv7_init_nonsec()
131 * ram, so need to relocate secure section before enabling other in armv7_init_nonsec()
H A Dnonsec_virt.S2 * code for switching cores into non-secure state and into HYP mode
21 /* the vector table for secure state and HYP mode */
39 * secure monitor handler
42 * to non-secure state.
52 @ Obtain a secure stack
78 @ FIQ preserved for secure mode
103 movs pc, lr @ ERET to non-secure
138 * of the non-secure and HYP mode transition. The GIC distributor specific
154 * Switch a core to non-secure state.
157 * 2. allow coprocessor access in non-secure modes
[all …]
H A DKconfig13 bool "Enable support for booting in non-secure mode" if EXPERT
17 Say Y here to enable support for booting in non-secure / SVC mode.
20 bool "Boot in secure mode by default" if EXPERT
24 Say Y here to boot in secure mode by default even if non-secure mode
26 suppport booting in non-secure mode. Only set this if you need it.
35 Say Y here to boot in hypervisor (HYP) mode when booting non-secure.
/OK3568_Linux_fs/kernel/include/net/
H A Dmacsec.h103 * struct macsec_rx_sa - receive secure association
108 * @ssci: short secure channel identifier
137 * struct macsec_rx_sc - receive secure channel
138 * @sci: secure channel identifier for this SC
140 * @sa: array of secure associations
154 * struct macsec_tx_sa - transmit secure association
159 * @ssci: short secure channel identifier
177 * struct macsec_tx_sc - transmit secure channel
184 * @sa: array of secure associations
201 * @n_rx_sc: number of receive secure channels configured on this SecY
[all …]
/OK3568_Linux_fs/u-boot/drivers/misc/
H A Dfsl_sec_mon.c28 * If initial state is check or Non-Secure, then set the Software in set_sec_mon_state_non_sec()
29 * Security Violation Bit and transition to Non-Secure State. in set_sec_mon_state_non_sec()
32 printf("SEC_MON state transitioning to Non Secure.\n"); in set_sec_mon_state_non_sec()
35 /* polling loop till SEC_MON is in Non Secure state */ in set_sec_mon_state_non_sec()
54 * If initial state is Trusted, Secure or Soft-Fail, then first set in set_sec_mon_state_non_sec()
84 * If SSM Soft Fail to Non-Secure State Transition in set_sec_mon_state_non_sec()
86 * transition to Non-Secure State. in set_sec_mon_state_non_sec()
90 printf("SEC_MON state transitioning to Non Secure.\n"); in set_sec_mon_state_non_sec()
93 /* polling loop till SEC_MON is in Non Secure*/ in set_sec_mon_state_non_sec()
112 printf("SEC_MON already in Non Secure state.\n"); in set_sec_mon_state_non_sec()
/OK3568_Linux_fs/kernel/drivers/tee/optee/
H A Doptee_smc.h75 * Used by non-secure world to figure out which Trusted OS is installed.
88 * Used by non-secure world to figure out which version of the Trusted OS
155 * Returns the Secure/Non-secure shared memory config.
187 * Exchanges capabilities between normal world and secure world
197 * a1 bitfield of secure world capabilities OPTEE_SMC_SEC_CAP_*
202 * a1 bitfield of secure world capabilities OPTEE_SMC_SEC_CAP_*
207 /* Secure world has reserved shared memory for normal world to use */
209 /* Secure world can communicate via previously unregistered shared memory */
213 * Secure world supports commands "register/unregister shared memory",
214 * secure world accepts command buffers located in any parts of non-secure RAM
[all …]
/OK3568_Linux_fs/kernel/arch/s390/include/uapi/asm/
H A Dpkey.h23 #define SECKEYBLOBSIZE 64 /* secure key blob size is always 64 bytes */
78 /* Struct to hold a CCA AES secure key blob */
80 __u8 seckey[SECKEYBLOBSIZE]; /* the secure key blob */
110 * Generate CCA AES secure key.
116 struct pkey_seckey seckey; /* out: the secure key blob */
121 * Construct CCA AES secure key from clear key value
128 struct pkey_seckey seckey; /* out: the secure key blob */
133 * Fabricate AES protected key from a CCA AES secure key
138 struct pkey_seckey seckey; /* in: the secure key blob */
155 * Verification Pattern provided inside a CCA AES secure key.
[all …]
/OK3568_Linux_fs/kernel/arch/arm/common/
H A Dsecure_cntvoff.S5 * Initialization of CNTVOFF register from secure mode
15 * CNTVOFF has to be initialized either from non-secure Hypervisor
16 * mode or secure Monitor mode with SCR.NS==1. If TrustZone is enabled
17 * then it should be handled by the secure code. The CPU must implement
21 mrc p15, 0, r1, c1, c1, 0 /* Get Secure Config */
23 mcr p15, 0, r0, c1, c1, 0 /* Set Non Secure bit */
28 mcr p15, 0, r1, c1, c1, 0 /* Set Secure bit */
/OK3568_Linux_fs/buildroot/board/qemu/arm-vexpress-tz/
H A Dreadme.txt2 OP-TEE running in the TrustZone secure world and a Linux based
3 OS running in the non-secure world. The board configuration enables
15 -machine virt -machine secure=on -cpu cortex-a15 \
35 this image loads the OP-TEE secure world (ARMv7-A BL32 stage) and the U-boot as
36 non-secure bootloader (BL33 stage).
47 Secure boot stages and/or secure runtime services may use a serial link for
60 -machine virt -machine secure=on -cpu cortex-a15 \
73 and again for the secure console
80 One can debug the OP-TEE secure world using GDB through the QEMU host.
90 -machine virt -machine secure=on -cpu cortex-a15 \

12345678910>>...78