Home
last modified time | relevance | path

Searched +full:secure +full:- +full:firmware (Results 1 – 25 of 514) sorted by relevance

12345678910>>...21

/openbmc/u-boot/arch/arm/cpu/armv8/
H A DKconfig15 bool "Enable multiple CPUs to enter into U-Boot"
20 Say Y here if there is not any trust firmware to set
21 CPUECTLR_EL1.SMPEN bit before U-Boot.
28 register may be controlled by EL3/EL2 firmware. To be more
29 precise, by default (if there is EL2/EL3 firmware running)
36 bool "Support spin-table enable method"
39 Say Y here to support "spin-table" enable method for booting Linux.
42 - Specify enable-method = "spin-table" in each CPU node in the
44 - Bring secondary CPUs into U-Boot proper in a board specific
49 U-Boot automatically does:
[all …]
H A Dsec_firmware.c1 // SPDX-License-Identifier: GPL-2.0+
22 * Secure firmware load addr
23 * Flags used: 0x1 secure firmware has been loaded to secure memory
24 * 0x2 secure firmware is running
29 #define SEC_FIRMWARE_FIT_IMAGE "firmware"
32 #define SEC_FIRMEWARE_FIT_CNF_NAME "config-1"
50 printf("SEC Firmware: %s: no such config\n", conf_node_name); in sec_firmware_get_data()
51 return -ENOENT; in sec_firmware_get_data()
57 printf("SEC Firmware: No '%s' in config\n", in sec_firmware_get_data()
59 return -ENOLINK; in sec_firmware_get_data()
[all …]
/openbmc/openbmc/meta-arm/meta-arm-bsp/documentation/corstone1000/
H A Dsoftware-architecture.rst2 # Copyright (c) 2022-2024, Arm Limited.
4 # SPDX-License-Identifier: MIT
12 Arm Corstone-1000
15 Arm Corstone-1000 is a reference solution for IoT devices. It is part of
19 Corstone-1000 software plus hardware reference solution is PSA Level-2 ready
21 More information on the Corstone-1000 subsystem product and design can be
23 `Arm Corstone-1000 Software`_ and `Arm Corstone-1000 Technical Overview`_.
28 present in the user-guide document.
34 The software architecture of Corstone-1000 platform is a reference
36 framework to build secure IoT devices.
[all …]
H A Duser-guide.rst2 # Copyright (c) 2022-2024, Arm Limited.
4 # SPDX-License-Identifier: MIT
11 ------
12 The Corstone-1000 software stack uses the `Yocto Project <https://www.yoctoproject.org/>`__ to build
13 a tiny Linux distribution suitable for the Corstone-1000 platform (kernel and initramfs filesystem …
14 The Yocto Project relies on the `BitBake <https://docs.yoctoproject.org/bitbake.html#bitbake-docume…
19 -------------
26 - Git 1.8.3.1 or greater.
27 - Python 3.8.0 or greater.
28 - GNU Tar 1.28 or greater.
[all …]
/openbmc/linux/Documentation/devicetree/bindings/arm/samsung/
H A Dsamsung-secure-firmware.yaml1 # SPDX-License-Identifier: GPL-2.0
3 ---
4 $id: http://devicetree.org/schemas/arm/samsung/samsung-secure-firmware.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
7 title: Samsung Exynos Secure Firmware
10 - Krzysztof Kozlowski <krzk@kernel.org>
15 - const: samsung,secure-firmware
19 Address of non-secure SYSRAM used for communication with firmware.
23 - compatible
24 - reg
[all …]
/openbmc/linux/drivers/firmware/
H A DKconfig1 # SPDX-License-Identifier: GPL-2.0-only
4 # see Documentation/kbuild/kconfig-language.rst.
7 menu "Firmware Drivers"
9 source "drivers/firmware/arm_scmi/Kconfig"
19 provides a mechanism for inter-processor communication between SCP
38 enabled or disabled via the SCP firmware
46 standard for registering callbacks from the platform firmware
71 bool "Add firmware-provided memory map to sysfs" if EXPERT
74 Add the firmware-provided (unmodified) memory map to /sys/firmware/memmap.
78 See also Documentation/ABI/testing/sysfs-firmware-memmap.
[all …]
/openbmc/linux/Documentation/devicetree/bindings/arm/
H A Dsecure.txt1 * ARM Secure world bindings
4 "Normal" and "Secure". Most devicetree consumers (including the Linux
6 world or the Secure world. However some devicetree consumers are
8 visible only in the Secure address space, only in the Normal address
10 virtual machine which boots Secure firmware and wants to tell the
11 firmware about the layout of the machine via devicetree.)
13 The general principle of the naming scheme for Secure world bindings
14 is that any property that needs a different value in the Secure world
15 can be supported by prefixing the property name with "secure-". So for
16 instance "secure-foo" would override "foo". For property names with
[all …]
/openbmc/qemu/docs/interop/
H A Dfirmware.json1 # -*- Mode: Python -*-
11 # later. See the COPYING file in the top-level directory.
14 # = Firmware
18 'member-name-exceptions': [
25 # Lists the firmware-OS interface types provided by various firmware
28 # @bios: Traditional x86 BIOS interface. For example, firmware built
32 # 1275-1994 standard. Examples for firmware projects that
35 # @uboot: Firmware interface defined by the U-Boot project.
37 # @uefi: Firmware interface defined by the UEFI specification. For
38 # example, firmware built from the edk2 (EFI Development Kit II)
[all …]
/openbmc/linux/Documentation/ABI/testing/
H A Dsysfs-secvar1 What: /sys/firmware/secvar
4 Description: This directory is created if the POWER firmware supports OS
5 secureboot, thereby secure variables. It exposes interface
6 for reading/writing the secure variables
8 What: /sys/firmware/secvar/vars
11 Description: This directory lists all the secure variables that are supported
12 by the firmware.
14 What: /sys/firmware/secvar/format
17 Description: A string indicating which backend is in use by the firmware.
21 On powernv/OPAL, this value is provided by the OPAL firmware
[all …]
/openbmc/openbmc/meta-arm/documentation/
H A Dtrusted-services.md1 # The Trusted Services: framework for developing root-of-trust services
3 meta-arm layer includes recipes for [Trusted Services][^1] Secure Partitions and Normal World appli…
4 in `meta-arm/recipes-security/trusted-services`
6 ## Secure Partitions recipes
8 We define dedicated recipes for all supported Trusted Services (TS) Secure Partitions.
10 These files are automatically included into optee-os image accordingly to defined MACHINE_FEATURES.
14 To include TS SPs into optee-os image you need to add into MACHINE_FEATURES
15 features for each [Secure Partition][^2] you would like to include:
17 | Secure Partition | MACHINE_FEATURE |
18 | ----------------- | --------------- |
[all …]
/openbmc/linux/Documentation/devicetree/bindings/arm/amlogic/
H A Damlogic,meson-gx-ao-secure.yaml1 # SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause)
4 ---
5 $id: http://devicetree.org/schemas/arm/amlogic/amlogic,meson-gx-ao-secure.yaml#
6 $schema: http://devicetree.org/meta-schemas/core.yaml#
8 title: Amlogic Meson Firmware registers Interface
11 - Neil Armstrong <neil.armstrong@linaro.org>
15 secure firmware.
22 const: amlogic,meson-gx-ao-secure
24 - compatible
29 - const: amlogic,meson-gx-ao-secure
[all …]
/openbmc/linux/include/linux/firmware/intel/
H A Dstratix10-smc.h1 /* SPDX-License-Identifier: GPL-2.0 */
3 * Copyright (C) 2017-2018, Intel Corporation
9 #include <linux/arm-smccc.h>
13 * This file defines the Secure Monitor Call (SMC) message protocol used for
14 * service layer driver in normal world (EL1) to communicate with secure
15 * monitor software in Secure Monitor Exception Level 3 (EL3).
17 * This file is shared with secure firmware (FW) which is out of kernel tree.
19 * An ARM SMC instruction takes a function identifier and up to 6 64-bit
20 * register values as arguments, and can return up to 4 64-bit register
21 * value. The operation of the secure monitor is determined by the parameter
[all …]
H A Dstratix10-svc-client.h1 /* SPDX-License-Identifier: GPL-2.0 */
3 * Copyright (C) 2017-2018, Intel Corporation
23 * Secure firmware accepts the request issued by one of service clients.
26 * Service client successfully submits data buffer to secure firmware.
29 * Secure firmware completes data process, ready to accept the
33 * Secure firmware completes service request successfully. In case of
43 * Secure firmware doesn't support requested features such as RSU retry
77 * enum stratix10_svc_command_code - supported service commands
79 * @COMMAND_NOOP: do 'dummy' request for integration/debug/trouble-shooting
84 * @COMMAND_RECONFIG_DATA_SUBMIT: submit buffer(s) of bit-stream data for the
[all …]
/openbmc/linux/Documentation/driver-api/firmware/
H A Dother_interfaces.rst1 Other Firmware Interfaces
5 --------------
7 .. kernel-doc:: drivers/firmware/dmi_scan.c
11 --------------
13 .. kernel-doc:: drivers/firmware/edd.c
17 -------------------------------------
19 .. kernel-doc:: drivers/firmware/sysfb.c
23 ---------------------------------
25 higher than the kernel is granted. Such secure features include
31 drivers to request access to the secure features. The requests are queued
[all …]
/openbmc/linux/arch/arm/mach-exynos/
H A Dfirmware.c1 // SPDX-License-Identifier: GPL-2.0
15 #include <asm/firmware.h>
16 #include <asm/hardware/cache-l2x0.h>
62 * because Exynos3250 removes WFE in secure mode. in exynos_cpu_boot()
64 * On Exynos5 devices the call is ignored by trustzone firmware. in exynos_cpu_boot()
73 * isn't used for informing secure firmware about CPU id. in exynos_cpu_boot()
87 return -ENODEV; in exynos_set_cpu_boot_addr()
92 * Almost all Exynos-series of SoCs that run in secure mode don't need in exynos_set_cpu_boot_addr()
108 return -ENODEV; in exynos_get_cpu_boot_addr()
167 * Before the cache can be enabled, due to firmware in exynos_l2_write_sec()
[all …]
/openbmc/openbmc/meta-arm/meta-arm/recipes-bsp/trusted-firmware-a/
H A Dtrusted-firmware-a_%.bbappend1 COMPATIBLE_MACHINE:qemuarm64-secureboot = "qemuarm64-secureboot"
2 COMPATIBLE_MACHINE:qemuarm-secureboot = "qemuarm-secureboot"
4 #FIXME - clang fails to build tfa for qemuarm-secureboot, and possibly other
5 # arm/aarch32. This is a known testing hole in TF-A.
6 TOOLCHAIN:qemuarm-secureboot = "gcc"
9 FILESEXTRAPATHS:prepend:qemuarm64-secureboot := "${THISDIR}/files:"
10 SRC_URI:append:qemuarm64-secureboot = " \
11 file://0001-Add-spmc_manifest-for-qemu.patch \
14 TFA_PLATFORM:qemuarm64-secureboot = "qemu"
15 TFA_PLATFORM:qemuarm-secureboot = "qemu"
[all …]
/openbmc/openbmc/meta-arm/meta-arm/lib/oeqa/runtime/cases/
H A Duefi_secureboot.py2 # SPDX-License-Identifier: MIT
11 Validate Secure Boot is Enabled
16 # Validate Secure Boot is enabled by checking
17 # 8be4df61-93ca-11d2-aa0d-00e098032b8c-SecureBoot.
18 # The GUID '8be4df61-93ca-11d2-aa0d-00e098032b8c' is a well-known
19 # identifier for the Secure Boot UEFI variable. By checking the value of
21 # '8be4df61-93ca-11d2-aa0d-00e098032b8c-SecureBoot', we can determine
22 # whether Secure Boot is enabled or not. This variable is set by the
23 # UEFI firmware to indicate the current Secure Boot state. If the
24 # variable is set to a value of '0x1' (or '1'), it indicates that Secure
[all …]
/openbmc/openbmc/meta-arm/meta-arm-bsp/recipes-bsp/u-boot/u-boot/corstone1000/
H A D0004-FF-A-v15-arm_ffa-introduce-Arm-FF-A-support.patch4 Subject: [PATCH] FF-A v15: arm_ffa: introduce Arm FF-A support
6 Add Arm FF-A support implementing Arm Firmware Framework for Armv8-A v1.0
8 The Firmware Framework for Arm A-profile processors (FF-A v1.0) [1]
10 between the Secure World and Normal World leveraging TrustZone
13 This driver uses 64-bit registers as per SMCCCv1.2 spec and comes
14 on top of the SMCCC layer. The driver provides the FF-A ABIs needed for
15 querying the FF-A framework from the secure world.
18 32-bit data of the Xn registers.
20 All supported ABIs come with their 32-bit version except FFA_RXTX_MAP
21 which has 64-bit version supported.
[all …]
/openbmc/linux/include/uapi/linux/
H A Dnfc.h33 * enum nfc_commands - supported nfc commands
62 * a device. LTO must be set before the link is up otherwise -EINPROGRESS
65 * If one of the passed parameters is wrong none is set and -EINVAL is
67 * @NFC_CMD_ENABLE_SE: Enable the physical link to a specific secure element.
68 * Once enabled a secure element will handle card emulation mode, i.e.
69 * starting a poll from a device which has a secure element enabled means
71 * @NFC_CMD_DISABLE_SE: Disable the physical link to a specific secure element.
72 * @NFC_CMD_FW_DOWNLOAD: Request to Load/flash firmware, or event to inform
73 * that some firmware was loaded
74 * @NFC_EVENT_SE_ADDED: Event emitted when a new secure element is discovered.
[all …]
/openbmc/linux/drivers/firmware/meson/
H A Dmeson_sm.c1 // SPDX-License-Identifier: GPL-2.0-only
3 * Amlogic Secure Monitor driver
9 #define pr_fmt(fmt) "meson-sm: " fmt
11 #include <linux/arm-smccc.h>
23 #include <linux/firmware/meson/meson_sm.h>
62 const struct meson_sm_cmd *cmd = chip->cmd; in meson_sm_get_cmd()
64 while (cmd->smc_id && cmd->index != cmd_index) in meson_sm_get_cmd()
67 return cmd->smc_id; in meson_sm_get_cmd()
91 * meson_sm_call - generic SMC32 call to the secure-monitor
93 * @fw: Pointer to secure-monitor firmware
[all …]
/openbmc/linux/Documentation/admin-guide/
H A Dthunderbolt.rst1 .. SPDX-License-Identifier: GPL-2.0
10 connection manager can be implemented either in firmware or software.
11 Typically PCs come with a firmware connection manager for Thunderbolt 3
25 -----------------------------------
27 should be a userspace tool that handles all the low-level details, keeps
31 found in ``Documentation/ABI/testing/sysfs-bus-thunderbolt``.
35 ``/etc/udev/rules.d/99-local.rules``::
56 All devices are automatically connected by the firmware. No user
66 secure
68 addition to UUID the device (if it supports secure connect) is sent
[all …]
/openbmc/linux/Documentation/devicetree/bindings/firmware/
H A Dintel,stratix10-svc.txt3 Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
4 processor system (HPS) and Secure Device Manager (SDM). When the FPGA is
10 communication with SDM, only the secure world of software (EL3, Exception
18 driver also manages secure monitor call (SMC) to communicate with secure monitor
22 -------------------
24 the firmware node.
26 - compatible: "intel,stratix10-svc" or "intel,agilex-svc"
27 - method: smc or hvc
28 smc - Secure Monitor Call
29 hvc - Hypervisor Call
[all …]
H A Damlogic,meson-gxbb-sm.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
4 $id: http://devicetree.org/schemas/firmware/amlogic,meson-gxbb-sm.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
7 title: Amlogic Secure Monitor (SM)
10 In the Amlogic SoCs the Secure Monitor code is used to provide access to the
14 - Neil Armstrong <neil.armstrong@linaro.org>
19 - const: amlogic,meson-gxbb-sm
20 - items:
21 - const: amlogic,meson-gx-sm
[all …]
/openbmc/linux/Documentation/staging/
H A Dtee.rst8 secure environment, for example, TrustZone on ARM CPUs, or a separate
9 secure co-processor etc. A TEE driver handles the details needed to
14 - Registration of TEE drivers
16 - Managing shared memory between Linux and the TEE
18 - Providing a generic API to the TEE
25 User space (the client) connects to the driver by opening /dev/tee[0-9]* or
26 /dev/teepriv[0-9]*.
28 - TEE_IOC_SHM_ALLOC allocates shared memory and returns a file descriptor
34 - TEE_IOC_VERSION lets user space know which TEE this driver handles and
37 - TEE_IOC_OPEN_SESSION opens a new session to a Trusted Application.
[all …]
/openbmc/qemu/docs/system/i386/
H A Damd-memory-encryption.rst1 AMD Secure Encrypted Virtualization (SEV)
4 Secure Encrypted Virtualization (SEV) is a feature found on AMD processors.
6 SEV is an extension to the AMD-V architecture which supports running encrypted
15 AMD secure processor (AMD-SP), which is present in AMD SOCs. Firmware running
16 inside the AMD-SP provides commands to support a common VM lifecycle. This
21 Secure Encrypted Virtualization - Encrypted State (SEV-ES) builds on the SEV
28 Launching (SEV and SEV-ES)
29 --------------------------
38 For a SEV-ES guest, the ``LAUNCH_UPDATE_VMSA`` command is also used to encrypt the
42 the firmware. To create this context, guest owner must provide a guest policy,
[all …]

12345678910>>...21