Home
last modified time | relevance | path

Searched refs:secure (Results 1 – 25 of 140) sorted by relevance

123456

/rk3399_ARM-atf/tools/marvell/doimage/secure/
H A Dsec_img_8K.cfg3 kak_key_file = "tools/doimage/secure/kak_priv_pem.key";
8 csk_key_file = ["tools/doimage/secure/csk_priv_pem0.key",
9 "tools/doimage/secure/csk_priv_pem1.key",
10 "tools/doimage/secure/csk_priv_pem2.key",
11 "tools/doimage/secure/csk_priv_pem3.key",
18 aes_key_file = "tools/doimage/secure/aes_key.txt";
H A Dsec_img_7K.cfg3 kak_key_file = "tools/doimage/secure/kak_priv_pem.key";
8 csk_key_file = ["tools/doimage/secure/csk_priv_pem0.key",
9 "tools/doimage/secure/csk_priv_pem1.key",
10 "tools/doimage/secure/csk_priv_pem2.key",
11 "tools/doimage/secure/csk_priv_pem3.key",
18 aes_key_file = "tools/doimage/secure/aes_key.txt";
/rk3399_ARM-atf/docs/design/
H A Dinterrupt-framework-design.rst8 #. It should be possible to route interrupts meant to be handled by secure
9 software (Secure interrupts) to EL3, when execution is in non-secure state
13 that secure interrupts are under the control of the secure software with
15 intervention from non-secure software.
18 non-secure software (Non-secure interrupts) to the last executed exception
19 level in the normal world when the execution is in secure world at
22 approach should be governed by the secure software. This requirement
23 ensures that non-secure software is able to execute in tandem with the
24 secure software without overriding it.
39 #. Non-secure interrupt. This type of interrupt can be routed to EL3,
[all …]
/rk3399_ARM-atf/drivers/nxp/tzc/
H A Dplat_tzc380.c85 tzc380_reg_list[list_idx].secure = TZC_ATTR_SP_NS_RW; in populate_tzc380_reg_list()
98 tzc380_reg_list[list_idx].secure = TZC_ATTR_SP_S_RW; in populate_tzc380_reg_list()
109 tzc380_reg_list[list_idx].secure = TZC_ATTR_SP_S_RW; in populate_tzc380_reg_list()
120 tzc380_reg_list[list_idx].secure = TZC_ATTR_SP_S_RW; in populate_tzc380_reg_list()
159 attr_value = tzc380_reg_list[indx].secure | in mem_access_setup()
/rk3399_ARM-atf/docs/components/
H A Dfirmware-update.rst119 This document describes the secure world FWU design. It is beyond its scope to
129 some parts of FWU to be implemented in other secure and normal world images.
136 - Copying images from non-secure to secure memory
138 - Context switching between the normal and secure world during the FWU
141 - Other secure world FWU images handle platform initialization required by
144 interfaces to non-secure memory.
176 is permitted to request execution of a secure world FWU image (after
179 - Secure or non-secure image. This indicates whether the image is
180 authenticated/executed in secure or non-secure memory.
197 transitions are shown in the diagram below. Note that secure images have a more
[all …]
H A Dindex.rst21 secure-partition-manager
23 secure-partition-manager-mm
H A Del3-spmc.rst23 and SPMC at EL3, one S-EL1 secure partition, with an optional
41 ``SPMC_AT_EL3`` is enabled, the secure partitions are loaded
100 Other platforms need to allocate a similar secure memory region
132 BL2 loads the BL31 image as a part of (secure) boot process.
233 FF-A features supported by the SPMC may be discovered by secure partitions at
236 The SPMC calling FFA_FEATURES at secure physical FF-A instance always get
249 When invoked from a secure partition FFA_RXTX_MAP maps the provided send and
251 as secure buffers in the MMU descriptors.
258 caller, either it being the Hypervisor or OS kernel, as well as a secure
280 The FF-A ID space is split into a non-secure space and secure space:
[all …]
H A Dsecure-partition-manager.rst39 the secure world, managing multiple S-EL1 or S-EL0 partitions `[5]`_.
41 without virtualization in the secure world `[6]`_.
92 secure partitions are to be loaded by BL2 on behalf of the SPMC.
118 the Hafnium binary path (built for the secure world) or the path to a TEE
156 implemented, the SPMC is located at S-EL2, and enabling secure boot:
245 [3] https://hafnium.readthedocs.io/en/latest/secure-partition-manager/secure-partition-manager.html…
253 [5] https://hafnium.readthedocs.io/en/latest/secure-partition-manager/index.html
/rk3399_ARM-atf/docs/security_advisories/
H A Dsecurity-advisory-tfv-2.rst5 | Title | Enabled secure self-hosted invasive debug interface can |
6 | | allow normal world to panic secure world |
18 | Impact | Denial of Service (secure world panic) |
25 The ``MDCR_EL3.SDD`` bit controls AArch64 secure self-hosted invasive debug
28 entrypoint code, which enables debug exceptions from the secure world. This can
32 normal world attacker to induce a panic in the secure world.
35 from the secure world.
42 secure self-hosted invasive debug enablement. TF assigns these bits to ``00``
45 secure privileged invasive debug is enabled by the authentication interface, at
H A Dsecurity-advisory-tfv-5.rst6 | | secure world timing information |
18 | Impact | Leakage of sensitive secure world timing information |
32 bit is set to zero, the cycle counter (when enabled) counts during secure world
36 normal and secure worlds, normal world code can set ``PMCR_EL0.DP`` to zero to
37 cause leakage of secure world timing information. This register should be added
45 sensible default values in the secure context.
H A Dsecurity-advisory-tfv-1.rst6 | | unexpectedly large data into secure memory |
18 | Impact | Copy of unexpectedly large data into the free secure memory |
52 implementation is designed to copy an image into secure memory for subsequent
54 unexpectedly large data into secure memory. Note that a separate vulnerability
56 system to change its behaviour based on the unexpected secure memory contents.
98 result in an unexpectedly large copy of data into secure memory.
131 large copy of data into secure memory.
/rk3399_ARM-atf/services/spd/trusty/
H A Dgeneric-arm64-smcall.c40 static void trusty_dputc(char ch, int secure) in trusty_dputc() argument
43 struct dputc_state *s = &dputc_state[!secure]; in trusty_dputc()
50 if (secure) in trusty_dputc()
/rk3399_ARM-atf/docs/plat/nxp/
H A Dnxp-ls-tbbr.rst64 verified as part of CoT by Boot ROM during secure boot.
105 - There are 2 paths in secure boot flow :
109 --- However SNVS is transitioned to non-secure state
166 … | ( = 1, BootROM Booted) | ( = 010 means Intent to Secure, | (=1111 means secure boot) |
167 … | | ( = 000 Unsecure) | (=1011 means Non-secure Boot) |
175 -- For secure-boot status, read SNVS Register $SNVS_HPSR_REG from u-boot prompt:
190 …-- Refer the SoC specific table to read the register to interpret whether the secure boot is achie…
193 --- For secure-boot status, read SNVS Register $SNVS_HPSR_REG
209 -- 0xA indicates BootROM booted, with intent to secure.
210 -- 0xF = secure boot, as SSM_STATE.
/rk3399_ARM-atf/plat/rockchip/rk3288/
H A Dplatform.mk24 -I${RK_PLAT_SOC}/drivers/secure/ \
56 ${RK_PLAT_SOC}/drivers/secure/secure.c \
/rk3399_ARM-atf/plat/rockchip/px30/
H A Dplatform.mk24 -I${RK_PLAT_SOC}/drivers/secure/ \
58 ${RK_PLAT_SOC}/drivers/secure/secure.c \
/rk3399_ARM-atf/plat/rockchip/rk3576/
H A Dplatform.mk41 -I${RK_PLAT_SOC}/drivers/secure/ \
92 ${RK_PLAT_SOC}/drivers/secure/firewall.c \
93 ${RK_PLAT_SOC}/drivers/secure/secure.c \
/rk3399_ARM-atf/docs/process/
H A Dsecurity.rst18 Although we try to keep TF-A secure, we can only do so with the help of the
47 | | large data into secure memory |
49 | |TFV-2| | Enabled secure self-hosted invasive debug interface can allow |
50 | | normal world to panic secure world |
55 | | authentication of unexpected data in secure memory in AArch32 |
58 | |TFV-5| | Not initializing or saving/restoring PMCR_EL0 can leak secure |
H A Dsecurity-hardening.rst18 The secure world **must not** leak secrets to the normal world, for example in
24 The secure world **should never** crash or become unusable due to receiving too
31 The Secure world needs to implement some defenses to prevent the Non-secure
39 Timing leakage attacks from the Non-secure world
42 Since the Non-secure world has access to the ``PMCR`` register, it can
44 Secure and Non-secure state. Thus, it attempts to leak timing information from
70 Since the Non-secure world has fine-grained control over where (at which
/rk3399_ARM-atf/plat/st/stm32mp1/
H A Dstm32mp1_shared_resources.c358 unsigned int secure = 0U; in stm32mp_gpio_bank_is_secure() local
369 secure++; in stm32mp_gpio_bank_is_secure()
373 return secure == get_gpioz_nbpin(); in stm32mp_gpio_bank_is_secure()
535 bool secure = stm32mp1_rcc_is_secure(); in check_rcc_secure_configuration() local
542 if (!secure || (mckprot_protects_periph(n) && (!mckprot))) { in check_rcc_secure_configuration()
544 secure ? "secure" : "non-secure", in check_rcc_secure_configuration()
/rk3399_ARM-atf/plat/rockchip/rk3588/
H A Dplatform.mk34 -I${RK_PLAT_SOC}/drivers/secure/ \
76 ${RK_PLAT_SOC}/drivers/secure/secure.c \
/rk3399_ARM-atf/plat/rockchip/rk3399/
H A Dplatform.mk20 -I${RK_PLAT_SOC}/drivers/secure/ \
67 ${RK_PLAT_SOC}/drivers/secure/secure.c \
/rk3399_ARM-atf/docs/plat/arm/automotive_rd/
H A Drdaspen.rst36 operation of TF-M Measured Boot secure partition.
45 Measured Boot secure partition
48 extend operation of TF-M Measured Boot secure partition.
51 operation of TF-M Measured Boot secure partition
56 Measured Boot secure partition
69 * During runtime, it facilitates secure communication between the
/rk3399_ARM-atf/docs/plat/
H A Drpi4.rst8 This port is a minimal port to support loading non-secure EL2 payloads such
12 **IMPORTANT NOTE**: This port isn't secure. All of the memory used is DRAM,
13 which is available from both the Non-secure and Secure worlds. The SoC does
14 not seem to feature a secure memory controller of any kind, so portions of
15 DRAM can't be protected properly from the Non-secure world.
44 non-secure payload to not touch the resident TF-A code.
/rk3399_ARM-atf/docs/plat/qti/
H A Dmsm8916.rst35 therefore expects the non-secure world (e.g. Linux) to manage more hardware,
41 This port is **not secure**. There is no special secure memory and the
42 used DRAM is available from both the non-secure and secure worlds.
47 separate secure world) where this limitation is not a big problem. Booting
120 a minimal PSCI implementation without a separate secure world.
124 The ELF image must be "signed" before flashing it, even if the board has secure
128 The `DragonBoard 410c`_ does not have secure boot enabled by default. In this
142 Do not flash incorrectly signed firmware on devices that have secure
/rk3399_ARM-atf/docs/components/measured_boot/
H A Devent_log.rst24 - Event Log base address in secure memory.
31 - Event Log base address in non-secure memory.

123456