/Linux-v6.1/Documentation/devicetree/bindings/arm/ |
D | secure.txt | 1 * ARM Secure world bindings 4 "Normal" and "Secure". Most devicetree consumers (including the Linux 6 world or the Secure world. However some devicetree consumers are 8 visible only in the Secure address space, only in the Normal address 10 virtual machine which boots Secure firmware and wants to tell the 13 The general principle of the naming scheme for Secure world bindings 14 is that any property that needs a different value in the Secure world 15 can be supported by prefixing the property name with "secure-". So for 16 instance "secure-foo" would override "foo". For property names with 17 a vendor prefix, the Secure variant of "vendor,foo" would be [all …]
|
/Linux-v6.1/Documentation/powerpc/ |
D | ultravisor.rst | 15 POWER 9 that enables Secure Virtual Machines (SVMs). DD2.3 chips 56 process is running in secure mode, MSR(S) bit 41. MSR(S)=1, process 57 is in secure mode, MSR(s)=0 process is in normal mode. 63 the VM it is returning to is secure. 73 **Secure Mode MSR Settings** 101 * Memory is partitioned into secure and normal memory. Only processes 102 that are running in secure mode can access secure memory. 104 * The hardware does not allow anything that is not running secure to 105 access secure memory. This means that the Hypervisor cannot access 110 * I/O systems are not allowed to directly address secure memory. This [all …]
|
/Linux-v6.1/arch/powerpc/kvm/ |
D | book3s_hv_uvmem.c | 3 * Secure pages management: Migration of pages between normal and secure 10 * A pseries guest can be run as secure guest on Ultravisor-enabled 13 * hypervisor (HV) and secure memory managed by Ultravisor (UV). 18 * Private ZONE_DEVICE memory equal to the amount of secure memory 19 * available in the platform for running secure guests is hotplugged. 20 * Whenever a page belonging to the guest becomes secure, a page from this 21 * private device memory is used to represent and track that secure page 36 * UV(secure) and vice versa. So the serialization points are around 40 * fault path as page-out can occur when HV faults on accessing secure 44 * by HV touching secure pages is very very low. If an when UV supports [all …]
|
/Linux-v6.1/Documentation/devicetree/bindings/crypto/ |
D | inside-secure-safexcel.txt | 1 Inside Secure SafeXcel cryptographic engine 4 - compatible: Should be "inside-secure,safexcel-eip197b", 5 "inside-secure,safexcel-eip197d" or 6 "inside-secure,safexcel-eip97ies". 21 - "inside-secure,safexcel-eip197" is equivalent to 22 "inside-secure,safexcel-eip197b". 23 - "inside-secure,safexcel-eip97" is equivalent to 24 "inside-secure,safexcel-eip97ies". 29 compatible = "inside-secure,safexcel-eip197b";
|
/Linux-v6.1/Documentation/devicetree/bindings/iommu/ |
D | qcom,iommu.txt | 6 to non-secure vs secure interrupt line. 31 - qcom,iommu-secure-id : secure-id. 37 - "qcom,msm-iommu-v1-ns" : non-secure context bank 38 - "qcom,msm-iommu-v1-sec" : secure context bank 46 for routing of context bank irq's to secure vs non- 47 secure lines. (Ie. if the iommu contains secure 63 qcom,iommu-secure-id = <17>; 89 qcom,iommu-secure-id = <18>;
|
/Linux-v6.1/arch/arm/common/ |
D | secure_cntvoff.S | 5 * Initialization of CNTVOFF register from secure mode 15 * CNTVOFF has to be initialized either from non-secure Hypervisor 16 * mode or secure Monitor mode with SCR.NS==1. If TrustZone is enabled 17 * then it should be handled by the secure code. The CPU must implement 21 mrc p15, 0, r1, c1, c1, 0 /* Get Secure Config */ 23 mcr p15, 0, r0, c1, c1, 0 /* Set Non Secure bit */ 28 mcr p15, 0, r1, c1, c1, 0 /* Set Secure bit */
|
/Linux-v6.1/Documentation/devicetree/bindings/mailbox/ |
D | ti,secure-proxy.yaml | 4 $id: http://devicetree.org/schemas/mailbox/ti,secure-proxy.yaml# 7 title: Texas Instruments' Secure Proxy 13 The Texas Instruments' secure proxy is a mailbox controller that has 25 const: ti,am654-secure-proxy 30 Contains the secure proxy thread ID used for the specific transfer path. 48 secure proxy thread in the form 'rx_<PID>'. 54 Contains the interrupt information for the Rx interrupt path for secure 71 compatible = "ti,am654-secure-proxy";
|
/Linux-v6.1/drivers/tee/optee/ |
D | optee_smc.h | 75 * Used by non-secure world to figure out which Trusted OS is installed. 88 * Used by non-secure world to figure out which version of the Trusted OS 118 * 2. Non-secure interrupts should not be masked 182 * Returns the Secure/Non-secure shared memory config. 214 * Exchanges capabilities between normal world and secure world 224 * a1 bitfield of secure world capabilities OPTEE_SMC_SEC_CAP_* 225 * a2 The maximum secure world notification number 234 * a1 bitfield of secure world capabilities OPTEE_SMC_SEC_CAP_* 239 /* Secure world has reserved shared memory for normal world to use */ 241 /* Secure world can communicate via previously unregistered shared memory */ [all …]
|
D | optee_rpc_cmd.h | 31 * Notification from/to secure world. 33 * If secure world needs to wait for something, for instance a mutex, it 34 * does a notification wait request instead of spinning in secure world. 35 * Conversely can a synchronous notification can be sent when a secure 39 * which instead is sent via a non-secure interrupt. 70 /* Memory that can be shared with a non-secure user space application */ 72 /* Memory only shared with non-secure kernel */
|
/Linux-v6.1/include/net/ |
D | macsec.h | 118 * struct macsec_rx_sa - receive secure association 123 * @ssci: short secure channel identifier 152 * struct macsec_rx_sc - receive secure channel 153 * @sci: secure channel identifier for this SC 155 * @sa: array of secure associations 169 * struct macsec_tx_sa - transmit secure association 174 * @ssci: short secure channel identifier 192 * struct macsec_tx_sc - transmit secure channel 199 * @sa: array of secure associations 218 * @n_rx_sc: number of receive secure channels configured on this SecY [all …]
|
/Linux-v6.1/arch/arm/mach-omap2/ |
D | omap-secure.h | 3 * omap-secure.h: OMAP Secure infrastructure header. 23 /* Secure HAL API flags */ 30 /* Maximum Secure memory storage size */ 35 /* Secure low power HAL API index */ 41 /* Secure Monitor mode APIs */ 52 /* Secure PPA(Primary Protected Application) APIs */ 60 /* Secure RX-51 PPA (Primary Protected Application) APIs */
|
D | omap-smc.S | 3 * OMAP34xx and OMAP44xx secure APIs file. 15 * This is common routine to manage secure monitor API 16 * used to modify the PL310 secure registers. 36 * Low level common routine for secure HAL and PPA APIs. 48 mov r12, #0x00 @ Secure Service ID 59 * Low level common routine for secure HAL and PPA APIs via smc #1 60 * r0 - @service_id: Secure Service ID 67 mov r12, r0 @ Copy the secure service ID
|
D | omap-secure.c | 3 * OMAP Secure API infrastructure. 23 #include "omap-secure.h" 50 * omap_sec_dispatcher: Routine to dispatch low power secure 55 * @arg1, arg2, arg3 args4: Parameters passed to secure API 77 * Secure API needs physical address in omap_secure_dispatcher() 95 WARN(res.a0, "Secure function call 0x%08x failed\n", fn); in omap_smccc_smc() 110 /* Allocate the memory to save secure ram */ 148 * rx51_secure_dispatcher: Routine to dispatch secure PPA API calls 153 * @arg1, arg2, arg3 args4: Parameters passed to secure API 173 * Secure API needs physical address in rx51_secure_dispatcher() [all …]
|
/Linux-v6.1/arch/s390/include/uapi/asm/ |
D | pkey.h | 23 #define SECKEYBLOBSIZE 64 /* secure key blob size is always 64 bytes */ 78 /* Struct to hold a CCA AES secure key blob */ 80 __u8 seckey[SECKEYBLOBSIZE]; /* the secure key blob */ 110 * Generate CCA AES secure key. 116 struct pkey_seckey seckey; /* out: the secure key blob */ 121 * Construct CCA AES secure key from clear key value 128 struct pkey_seckey seckey; /* out: the secure key blob */ 133 * Fabricate AES protected key from a CCA AES secure key 138 struct pkey_seckey seckey; /* in: the secure key blob */ 155 * Verification Pattern provided inside a CCA AES secure key. [all …]
|
/Linux-v6.1/Documentation/staging/ |
D | tee.rst | 8 secure environment, for example, TrustZone on ARM CPUs, or a separate 9 secure co-processor etc. A TEE driver handles the details needed to 139 separate secure co-processor. 152 User space Kernel Secure world 172 RPC (Remote Procedure Call) are requests from secure world to kernel driver 190 There are two kinds of notifications that secure world can use to make 195 2. Asynchronous notifications delivered with a combination of a non-secure 196 edge-triggered interrupt and a fast call from the non-secure interrupt 200 this is only usable when secure world is entered with a yielding call via 201 ``OPTEE_SMC_CALL_WITH_ARG``. This excludes such notifications from secure [all …]
|
/Linux-v6.1/include/uapi/linux/ |
D | nfc.h | 67 * @NFC_CMD_ENABLE_SE: Enable the physical link to a specific secure element. 68 * Once enabled a secure element will handle card emulation mode, i.e. 69 * starting a poll from a device which has a secure element enabled means 71 * @NFC_CMD_DISABLE_SE: Disable the physical link to a specific secure element. 74 * @NFC_EVENT_SE_ADDED: Event emitted when a new secure element is discovered. 77 * @NFC_EVENT_SE_REMOVED: Event emitted when a secure element is removed from 79 * @NFC_EVENT_SE_CONNECTIVITY: This event is emitted whenever a secure element 87 * @NFC_CMD_GET_SE: Dump all discovered secure elements from an NFC controller. 88 * @NFC_CMD_SE_IO: Send/Receive APDUs to/from the selected secure element. 154 * @NFC_ATTR_SE: Available Secure Elements [all …]
|
/Linux-v6.1/Documentation/devicetree/bindings/arm/amlogic/ |
D | amlogic,meson-gx-ao-secure.yaml | 5 $id: "http://devicetree.org/schemas/arm/amlogic/amlogic,meson-gx-ao-secure.yaml#" 15 secure firmware. 22 const: amlogic,meson-gx-ao-secure 29 - const: amlogic,meson-gx-ao-secure 50 ao-secure@140 { 51 compatible = "amlogic,meson-gx-ao-secure", "syscon";
|
/Linux-v6.1/Documentation/devicetree/bindings/arm/samsung/ |
D | samsung-secure-firmware.yaml | 4 $id: http://devicetree.org/schemas/arm/samsung/samsung-secure-firmware.yaml# 7 title: Samsung Exynos Secure Firmware 15 - const: samsung,secure-firmware 19 Address of non-secure SYSRAM used for communication with firmware. 31 compatible = "samsung,secure-firmware";
|
/Linux-v6.1/include/linux/firmware/intel/ |
D | stratix10-smc.h | 13 * This file defines the Secure Monitor Call (SMC) message protocol used for 14 * service layer driver in normal world (EL1) to communicate with secure 15 * monitor software in Secure Monitor Exception Level 3 (EL3). 17 * This file is shared with secure firmware (FW) which is out of kernel tree. 21 * value. The operation of the secure monitor is determined by the parameter 31 * STD call starts a operation which can be preempted by a non-secure 54 * Secure monitor software doesn't recognize the request. 57 * Secure monitor software accepts the service client's request. 60 * Secure monitor software is still processing service client's request. 63 * Secure monitor software reject the service client's request. [all …]
|
/Linux-v6.1/arch/arm/mach-bcm/ |
D | bcm_kona_smc.c | 63 pr_info("Kona Secure API initialized\n"); in bcm_kona_smc_init() 71 * Only core 0 can run the secure monitor code. If an "smc" request 78 * cache and interrupt handling while the secure monitor executes. 87 * First, the secure monitor call itself (regardless of the specific 143 /* Flush caches for input data passed to Secure Monitor */ in __bcm_kona_smc() 146 /* Trap into Secure Monitor and record the request result */ in __bcm_kona_smc() 163 * Due to a limitation of the secure monitor, we must use the SMP in bcm_kona_smc() 164 * infrastructure to forward all secure monitor calls to Core 0. in bcm_kona_smc()
|
/Linux-v6.1/drivers/s390/crypto/ |
D | zcrypt_ccamisc.h | 41 /* inside view of a CCA secure key token (only type 0x01 version 0x04) */ 97 /* inside view of an CCA secure ECC private key */ 133 * Simple check if the token is a valid CCA secure AES data key 141 * Simple check if the token is a valid CCA secure AES cipher key 152 * Simple check if the token is a valid CCA secure ECC private 160 * Generate (random) CCA AES DATA secure key. 165 * Generate CCA AES DATA secure key with given clear key value. 171 * Derive proteced key from an CCA AES DATA secure key. 178 * Generate (random) CCA AES CIPHER secure key. 184 * Derive proteced key from CCA AES cipher secure key. [all …]
|
/Linux-v6.1/Documentation/devicetree/bindings/firmware/meson/ |
D | meson_sm.txt | 1 * Amlogic Secure Monitor 3 In the Amlogic SoCs the Secure Monitor code is used to provide access to the 6 Required properties for the secure monitor node: 12 sm: secure-monitor {
|
/Linux-v6.1/drivers/firmware/efi/libstub/ |
D | secureboot.c | 3 * Secure boot handling. 26 * Determine whether we're in secure boot mode. 38 efi_err("Could not determine UEFI Secure Boot status.\n"); in efi_get_secureboot() 53 /* If it fails, we don't care why. Default to secure */ in efi_get_secureboot() 60 efi_info("UEFI Secure Boot is enabled.\n"); in efi_get_secureboot()
|
/Linux-v6.1/Documentation/devicetree/bindings/nvmem/ |
D | st,stm32-romem.yaml | 35 st,non-secure-otp: 37 This property explicits a factory programmed area that both secure 38 and non-secure worlds can access. It is needed when, by default, the 39 related area can only be reached by the secure world. 64 st,non-secure-otp;
|
/Linux-v6.1/drivers/firmware/meson/ |
D | meson_sm.c | 3 * Amlogic Secure Monitor driver 91 * meson_sm_call - generic SMC32 call to the secure-monitor 93 * @fw: Pointer to secure-monitor firmware 126 * meson_sm_call_read - retrieve data from secure-monitor 128 * @fw: Pointer to secure-monitor firmware 177 * meson_sm_call_write - send data to secure-monitor 179 * @fw: Pointer to secure-monitor firmware 221 * @sm_node: Pointer to the secure-monitor Device Tree node. 223 * Return: NULL is the secure-monitor device is not ready. 314 pr_info("secure-monitor enabled\n"); in meson_sm_probe()
|