Home
last modified time | relevance | path

Searched +full:non +full:- +full:secure (Results 1 – 25 of 672) sorted by relevance

12345678910>>...27

/openbmc/u-boot/doc/
H A DREADME.ti-secure1 README on how boot images are created for secure TI devices
4 Secure TI devices require a boot image that is authenticated by ROM
7 a secure device from TI, the initial public software image must be signed
11 from Texas Instruments. The tools used to generate boot images for secure
12 devices are part of a secure development package (SECDEV) that can be
17 The secure development package is access controlled due to NDA and export
22 Booting of U-Boot SPL
25 When CONFIG_TI_SECURE_DEVICE is set, the U-Boot SPL build process
31 warning is issued during the build to indicate that a final secure
36 ${TI_SECURE_DEV_PKG}/scripts/create-boot-image.sh
[all …]
/openbmc/u-boot/arch/arm/cpu/armv7/
H A Dexception_level.c1 // SPDX-License-Identifier: GPL-2.0+
3 * Switch to non-secure mode
8 * secure mode before booting an operating system.
14 #include <asm/secure.h>
18 * entry_non_secure() - entry point when switching to non-secure mode
20 * When switching to non-secure mode switch_to_non_secure_mode() calls this
29 debug("Reached non-secure mode\n"); in entry_non_secure()
36 * switch_to_non_secure_mode() - switch to non-secure mode
38 * Operating systems may expect to run in non-secure mode. Here we check if
39 * we are running in secure mode and switch to non-secure mode if necessary.
H A DKconfig13 bool "Enable support for booting in non-secure mode" if EXPERT
16 ---help---
17 Say Y here to enable support for booting in non-secure / SVC mode.
20 bool "Boot in secure mode by default" if EXPERT
23 ---help---
24 Say Y here to boot in secure mode by default even if non-secure mode
26 suppport booting in non-secure mode. Only set this if you need it.
27 This can be overridden at run-time by setting the bootm_boot_mode env.
34 ---help---
35 Say Y here to boot in hypervisor (HYP) mode when booting non-secure.
[all …]
H A Dvirt-v7.c1 // SPDX-License-Identifier: GPL-2.0+
6 * Routines to transition ARMv7 processors from secure into non-secure state
7 * and from non-secure SVC into HYP mode
15 #include <asm/secure.h>
41 return -1; in get_gicd_base_address()
55 size_t sz = __secure_end - __secure_start; in relocate_secure_section()
78 if (gic_dist_addr == -1) in smp_kick_all_cpus()
98 return -1; in armv7_init_nonsec()
102 * according to the spec one should not tinker with it in secure state in armv7_init_nonsec()
103 * in SVC mode. Do not try to read it once in non-secure state, in armv7_init_nonsec()
[all …]
H A Dnonsec_virt.S1 /* SPDX-License-Identifier: GPL-2.0+ */
3 * code for switching cores into non-secure state and into HYP mode
12 #include <asm/proc-armv/ptrace.h>
20 /* the vector table for secure state and HYP mode */
38 * secure monitor handler
39 * U-Boot calls this "software interrupt" in start.S
41 * to non-secure state.
51 @ Obtain a secure stack
77 @ FIQ preserved for secure mode
104 movs pc, lr @ ERET to non-secure
[all …]
/openbmc/u-boot/drivers/misc/
H A Dfsl_sec_mon.c1 // SPDX-License-Identifier: GPL-2.0+
13 return sec_mon_in32(&sec_mon_regs->hp_stat) & HPSR_SSM_ST_MASK; in get_sec_mon_state()
27 * If initial state is check or Non-Secure, then set the Software in set_sec_mon_state_non_sec()
28 * Security Violation Bit and transition to Non-Secure State. in set_sec_mon_state_non_sec()
31 printf("SEC_MON state transitioning to Non Secure.\n"); in set_sec_mon_state_non_sec()
32 sec_mon_setbits32(&sec_mon_regs->hp_com, HPCOMR_SW_SV); in set_sec_mon_state_non_sec()
34 /* polling loop till SEC_MON is in Non Secure state */ in set_sec_mon_state_non_sec()
43 timeout--; in set_sec_mon_state_non_sec()
48 return -1; in set_sec_mon_state_non_sec()
53 * If initial state is Trusted, Secure or Soft-Fail, then first set in set_sec_mon_state_non_sec()
[all …]
/openbmc/u-boot/arch/arm/include/asm/arch-imx8/sci/svc/rm/
H A Dapi.h1 /* SPDX-License-Identifier: GPL-2.0+ */
26 #define SC_RM_SPA_ASSERT 2U /* Assert (force to be secure/privileged) */
27 #define SC_RM_SPA_NEGATE 3U /* Negate (force to be non-secure/user) */
31 #define SC_RM_PERM_SEC_R 1U /* Secure RO */
32 #define SC_RM_PERM_SECPRIV_RW 2U /* Secure privilege R/W */
33 #define SC_RM_PERM_SEC_RW 3U /* Secure R/W */
34 #define SC_RM_PERM_NSPRIV_R 4U /* Secure R/W, non-secure privilege RO */
35 #define SC_RM_PERM_NS_R 5U /* Secure R/W, non-secure RO */
36 #define SC_RM_PERM_NSPRIV_RW 6U /* Secure R/W, non-secure privilege R/W */
/openbmc/qemu/include/hw/intc/
H A Darmv7m_nvic.h13 #include "target/arm/cpu-qom.h"
27 /* Exception priorities can range from -3 to 255; only the unmodifiable
47 * a Secure and a NonSecure version of the exception and its state):
50 * they may be configurable to target either Secure or NonSecure state.
51 * We store the secure exception state in sec_vectors[] for the banked
53 * like SecureFault that unconditionally target Secure state).
54 * Entries in sec_vectors[] for non-banked exception numbers are unused.
66 * - vectpending
67 * - vectpending_is_secure
68 * - exception_prio
[all …]
/openbmc/u-boot/arch/arm/cpu/armv8/
H A Dexception_level.c1 // SPDX-License-Identifier: GPL-2.0+
3 * Switch to non-secure mode
16 * entry_non_secure() - entry point when switching to non-secure mode
18 * When switching to non-secure mode switch_to_non_secure_mode() calls this
27 debug("Reached non-secure mode\n"); in entry_non_secure()
34 * switch_to_non_secure_mode() - switch to non-secure mode
36 * Exception level EL3 is meant to be used by the secure monitor only (ARM
/openbmc/linux/Documentation/devicetree/bindings/arm/
H A Dsecure.txt1 * ARM Secure world bindings
4 "Normal" and "Secure". Most devicetree consumers (including the Linux
6 world or the Secure world. However some devicetree consumers are
8 visible only in the Secure address space, only in the Normal address
10 virtual machine which boots Secure firmware and wants to tell the
13 The general principle of the naming scheme for Secure world bindings
14 is that any property that needs a different value in the Secure world
15 can be supported by prefixing the property name with "secure-". So for
16 instance "secure-foo" would override "foo". For property names with
17 a vendor prefix, the Secure variant of "vendor,foo" would be
[all …]
/openbmc/linux/Documentation/devicetree/bindings/nvmem/
H A Dst,stm32-romem.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
4 $id: http://devicetree.org/schemas/nvmem/st,stm32-romem.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
7 title: STMicroelectronics STM32 Factory-programmed data
10 This represents STM32 Factory-programmed read only non-volatile area: locked
11 flash, OTP, read-only HW regs... This contains various information such as:
16 - Fabrice Gasnier <fabrice.gasnier@foss.st.com>
19 - $ref: nvmem.yaml#
24 - st,stm32f4-otp
[all …]
/openbmc/openbmc/meta-arm/meta-arm-bsp/documentation/corstone1000/
H A Dsoftware-architecture.rst2 # Copyright (c) 2022-2024, Arm Limited.
4 # SPDX-License-Identifier: MIT
12 Arm Corstone-1000
15 Arm Corstone-1000 is a reference solution for IoT devices. It is part of
19 Corstone-1000 software plus hardware reference solution is PSA Level-2 ready
21 More information on the Corstone-1000 subsystem product and design can be
23 `Arm Corstone-1000 Software`_ and `Arm Corstone-1000 Technical Overview`_.
28 present in the user-guide document.
34 The software architecture of Corstone-1000 platform is a reference
36 framework to build secure IoT devices.
[all …]
/openbmc/linux/arch/arm/common/
H A Dsecure_cntvoff.S1 /* SPDX-License-Identifier: GPL-2.0 */
5 * Initialization of CNTVOFF register from secure mode
13 .arch armv7-a
15 * CNTVOFF has to be initialized either from non-secure Hypervisor
16 * mode or secure Monitor mode with SCR.NS==1. If TrustZone is enabled
17 * then it should be handled by the secure code. The CPU must implement
21 mrc p15, 0, r1, c1, c1, 0 /* Get Secure Config */
23 mcr p15, 0, r0, c1, c1, 0 /* Set Non Secure bit */
28 mcr p15, 0, r1, c1, c1, 0 /* Set Secure bit */
/openbmc/linux/tools/perf/pmu-events/arch/arm64/arm/cortex-a75/
H A Dmmu.json9 …lk handled by the MMU. This event is not counted when it is accessible from Non-secure EL0 or EL1",
12 …alk handled by the MMU. This event is not counted when it is accessible from Non-secure EL0 or EL1"
15 …lk handled by the MMU. This event is not counted when it is accessible from Non-secure EL0 or EL1",
18 …alk handled by the MMU. This event is not counted when it is accessible from Non-secure EL0 or EL1"
/openbmc/linux/drivers/tee/optee/
H A Doptee_rpc_cmd.h1 /* SPDX-License-Identifier: BSD-2-Clause */
3 * Copyright (c) 2016-2021, Linaro Limited
14 * RPC communication with tee-supplicant is reversed compared to normal
23 * 1970-01-01 00:00:00 +0000 (UTC).
31 * Notification from/to secure world.
33 * If secure world needs to wait for something, for instance a mutex, it
34 * does a notification wait request instead of spinning in secure world.
35 * Conversely can a synchronous notification can be sent when a secure
39 * which instead is sent via a non-secure interrupt.
70 /* Memory that can be shared with a non-secure user space application */
[all …]
H A Doptee_smc.h1 /* SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) */
3 * Copyright (c) 2015-2021, Linaro Limited
8 #include <linux/arm-smccc.h>
28 * Normal cached memory (write-back), shareable for SMP systems and not
36 * 32-bit registers.
44 * 384fb3e0-e7f8-11e3-af63-0002a5d5c51b.
75 * Used by non-secure world to figure out which Trusted OS is installed.
78 * Returns UUID in a0-4 in the same way as OPTEE_SMC_CALLS_UID
88 * Used by non-secure world to figure out which version of the Trusted OS
92 * Returns revision in a0-1 in the same way as OPTEE_SMC_CALLS_REVISION
[all …]
/openbmc/u-boot/arch/arm/mach-omap2/
H A DKconfig82 The AM335x high performance SOC features a Cortex-A8
92 The AM335x high performance SOC features a Cortex-A8
112 The AM43xx high performance SOC features a Cortex-A9
113 ARM core, a quad core PRU-ICSS for industrial Ethernet
115 and an optional customer programmable secure boot.
130 The AM335x high performance SOC features a Cortex-A8
131 ARM core, a dual core PRU-ICSS for industrial Ethernet
133 programmable secure boot.
149 Reserved EMIF region start address. Set to "0" to auto-select
158 region on secure devices.
[all …]
/openbmc/linux/arch/arm/mach-omap2/
H A Domap-secure.c1 // SPDX-License-Identifier: GPL-2.0-only
3 * OMAP Secure API infrastructure.
11 #include <linux/arm-smccc.h>
23 #include "omap-secure.h"
39 * We only check that the OP-TEE node is present and available. The in omap_optee_init_check()
40 * OP-TEE kernel driver is not needed for the type of interaction made in omap_optee_init_check()
41 * with OP-TEE here so the driver's status is not checked. in omap_optee_init_check()
50 * omap_sec_dispatcher: Routine to dispatch low power secure
55 * @arg1, arg2, arg3 args4: Parameters passed to secure API
57 * Return the non-zero error value on failure.
[all …]
/openbmc/qemu/target/arm/
H A Dcpu-qom.h18 * <http://www.gnu.org/licenses/gpl-2.0.html>
25 #define TYPE_ARM_CPU "arm-cpu"
29 #define TYPE_ARM_MAX_CPU "max-" TYPE_ARM_CPU
31 #define TYPE_AARCH64_CPU "aarch64-cpu"
36 #define ARM_CPU_TYPE_SUFFIX "-" TYPE_ARM_CPU
48 /* For M profile, some registers are banked secure vs non-secure;
49 * these are represented as a 2-element array where the first element
50 * is the non-secure copy and the second is the secure copy.
54 * accessed via env->registerfield[env->v7m.secure] (whether the security
/openbmc/qemu/hw/intc/
H A Darm_gic.c4 * Copyright (c) 2006-2007 CodeSourcery.
11 * controller, MPCore distributed interrupt controller and ARMv7-M
61 if (!qtest_enabled() && s->num_cpu > 1) { in gic_get_current_cpu()
62 return current_cpu->cpu_index; in gic_get_current_cpu()
77 return s->revision == 2 || s->security_extn; in gic_has_groups()
82 return !gic_is_vcpu(cpu) && s->security_extn && !attrs.secure; in gic_cpu_ns_access()
94 for (irq = 0; irq < s->num_irq; irq++) { in gic_get_best_irq()
118 for (lr_idx = 0; lr_idx < s->num_lrs; lr_idx++) { in gic_get_best_virq()
119 uint32_t lr_entry = s->h_lr[lr_idx][cpu]; in gic_get_best_virq()
136 * - in the non-virt case, the distributor must be enabled for one of the
[all …]
H A Darmv7m_nvic.c4 * Copyright (c) 2006-2007 CodeSourcery.
20 #include "hw/qdev-properties.h"
24 #include "target/arm/cpu-features.h"
25 #include "exec/exec-all.h"
33 * the num-irq property counts the number of external IRQ lines
44 * for (i = 1; i < s->num_irq; i++) to avoid the unused slot 0.
56 #define NVIC_MAX_IRQ (NVIC_MAX_VECTORS - NVIC_FIRST_IRQ)
62 /* Maximum priority of non-secure exceptions when AIRCR.PRIS is set */
71 if (qemu_irq_is_connected(s->sysresetreq)) { in signal_sysresetreq()
72 qemu_irq_pulse(s->sysresetreq); in signal_sysresetreq()
[all …]
/openbmc/u-boot/drivers/tee/optee/
H A Doptee_smc.h1 /* SPDX-License-Identifier: BSD-2-Clause */
3 * Copyright (c) 2015-2018, Linaro Limited
9 #include <linux/arm-smccc.h>
14 * https://github.com/OP-TEE/optee_os/blob/master/core/arch/arm/include/sm/optee_smc.h
35 * Normal cached memory (write-back), shareable for SMP systems and not
43 * 32-bit registers.
51 * 65cb6b93-af0c-4617-8ed6-644a8d1140f8
82 * Used by non-secure world to figure out which Trusted OS is installed.
85 * Returns UUID in a0-4 in the same way as OPTEE_SMC_CALLS_UID
95 * Used by non-secure world to figure out which version of the Trusted OS
[all …]
H A Doptee_msg.h1 /* SPDX-License-Identifier: BSD-2-Clause */
3 * Copyright (c) 2015-2018, Linaro Limited
13 * This file defines the OP-TEE message protocol used to communicate with
14 * an instance of OP-TEE running in secure world. This file is based on
15 * https://github.com/OP-TEE/optee_os/blob/master/core/include/optee_msg.h
21 * 3. Requests from secure world, Remote Procedure Call (RPC), handled by
22 * tee-supplicant.
26 * Part 1 - formatting of messages
43 * Meta parameter to be absorbed by the Secure OS and not passed
51 * Pointer to a list of pages used to register user-defined SHM buffer.
[all …]
/openbmc/u-boot/arch/arm/mach-socfpga/
H A Dspl_s10.c1 // SPDX-License-Identifier: GPL-2.0
3 * Copyright (C) 2016-2018 Intel Corporation <www.intel.com>
8 #include <asm/u-boot.h>
50 &firwall_l4_per_base->nand, in spl_disable_firewall_l4_per()
51 &firwall_l4_per_base->nand_data, in spl_disable_firewall_l4_per()
52 &firwall_l4_per_base->usb0, in spl_disable_firewall_l4_per()
53 &firwall_l4_per_base->usb1, in spl_disable_firewall_l4_per()
54 &firwall_l4_per_base->spim0, in spl_disable_firewall_l4_per()
55 &firwall_l4_per_base->spim1, in spl_disable_firewall_l4_per()
56 &firwall_l4_per_base->emac0, in spl_disable_firewall_l4_per()
[all …]
H A Dmisc_arria10.c1 // SPDX-License-Identifier: GPL-2.0
3 * Copyright (C) 2016-2017 Intel Corporation
44 -1,
69 /* Put OCRAM in non-secure */ in socfpga_init_security_policies()
70 writel(0x003f0000, &noc_fw_ocram_base->region0); in socfpga_init_security_policies()
71 writel(0x1, &noc_fw_ocram_base->enable); in socfpga_init_security_policies()
73 /* Put DDR in non-secure */ in socfpga_init_security_policies()
77 /* Enable priviledged and non-priviledged access to L4 peripherals */ in socfpga_init_security_policies()
80 /* Enable secure and non-secure transactions to bridges */ in socfpga_init_security_policies()
84 writel(0x0007FFFF, &sysmgr_regs->ecc_intmask_set); in socfpga_init_security_policies()
[all …]

12345678910>>...27