Home
last modified time | relevance | path

Searched +full:inside +full:- +full:secure (Results 1 – 25 of 83) sorted by relevance

1234

/linux/Documentation/devicetree/bindings/crypto/
H A Dinside-secure,safexcel.yaml1 # SPDX-License-Identifier: GPL-2.0-only OR BSD-2-Clause
3 ---
4 $id: http://devicetree.org/schemas/crypto/inside-secure,safexcel.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
7 title: Inside Secure SafeXcel cryptographic engine
10 - Antoine Tenart <atenart@kernel.org>
15 - const: inside-secure,safexcel-eip197b
16 - const: inside-secure,safexcel-eip197d
17 - const: inside-secure,safexcel-eip97ies
18 - const: inside-secure,safexcel-eip197
[all …]
/linux/drivers/nfc/microread/
H A DKconfig1 # SPDX-License-Identifier: GPL-2.0-only
6 This module contains the main code for Inside Secure microread
11 tristate "Inside Secure Microread device support (I2C)"
16 Inside microread chipsets. Select this if your platform is using
23 tristate "Inside Secure Microread device support (MEI)"
28 Inside microread chipsets. Select this if your microread chipset
H A Dmei.c1 // SPDX-License-Identifier: GPL-2.0
5 * HCI based Driver for Inside Secure microread NFC Chip
28 return -ENOMEM; in microread_mei_probe()
32 &phy->hdev); in microread_mei_probe()
46 microread_remove(phy->hdev); in microread_mei_remove()
H A Di2c.c1 // SPDX-License-Identifier: GPL-2.0-only
3 * HCI based Driver for Inside Secure microread NFC Chip - i2c layer
52 16, 1, (skb)->data, (skb)->len, 0); \
61 len = skb->len; in microread_i2c_add_len_crc()
64 for (i = 0; i < skb->len; i++) in microread_i2c_add_len_crc()
65 crc = crc ^ skb->data[i]; in microread_i2c_add_len_crc()
81 for (i = 0; i < skb->len - 1; i++) in check_crc()
82 crc = crc ^ skb->data[i]; in check_crc()
84 if (crc != skb->data[skb->len-1]) { in check_crc()
85 pr_err("CRC error 0x%x != 0x%x\n", crc, skb->data[skb->len-1]); in check_crc()
[all …]
/linux/drivers/s390/crypto/
H A Dzcrypt_ccamisc.h1 /* SPDX-License-Identifier: GPL-2.0+ */
18 #define TOKTYPE_NON_CCA 0x00 /* Non-CCA key token */
42 /* inside view of a CCA secure key token (only type 0x01 version 0x04) */
58 /* inside view of a variable length symmetric cipher AES key token */
82 /* AES-128 512 640 */
83 /* AES-192 576 640 */
84 /* AES-256 640 640 */
98 /* inside view of an CCA secure ECC private key */
108 u8 htype; /* hash method, 0x02 for SHA-256 */
134 * Simple check if the token is a valid CCA secure AES data key
[all …]
H A Dzcrypt_ep11misc.h1 /* SPDX-License-Identifier: GPL-2.0+ */
29 /* inside view of an EP11 secure key blob */
50 return (kb->version == EP11_STRUCT_MAGIC); in is_ep11_keyblob()
115 * Generate (random) EP11 AES secure key.
121 * Generate EP11 AES secure key with given clear key value.
129 * - apqn is online and is in fact an EP11 apqn
130 * - if cardnr is not FFFF only apqns with this cardnr
131 * - if domain is not FFFF only apqns with this domainnr
132 * - if minhwtype > 0 only apqns with hwtype >= minhwtype
133 * - if minapi > 0 only apqns with API_ord_nr >= minapi
[all …]
H A Dzcrypt_ccamisc.c1 // SPDX-License-Identifier: GPL-2.0+
44 * Simple check if the token is a valid CCA secure AES data key
55 if (t->type != TOKTYPE_CCA_INTERNAL) { in cca_check_secaeskeytoken()
58 __func__, (int)t->type, TOKTYPE_CCA_INTERNAL); in cca_check_secaeskeytoken()
59 return -EINVAL; in cca_check_secaeskeytoken()
61 if (t->version != TOKVER_CCA_AES) { in cca_check_secaeskeytoken()
64 __func__, (int)t->version, TOKVER_CCA_AES); in cca_check_secaeskeytoken()
65 return -EINVAL; in cca_check_secaeskeytoken()
67 if (keybitsize > 0 && t->bitsize != keybitsize) { in cca_check_secaeskeytoken()
70 __func__, (int)t->bitsize, keybitsize); in cca_check_secaeskeytoken()
[all …]
/linux/Documentation/devicetree/bindings/arm/tegra/
H A Dnvidia,tegra194-cbb.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
4 $id: http://devicetree.org/schemas/arm/tegra/nvidia,tegra194-cbb.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
10 - Sumit Gupta <sumitg@nvidia.com>
15 multiple hierarchical sub-NOCs (Network-on-Chip) and connects various
19 by the NOCs inside the CBB. NOCs reporting errors are cluster NOCs
20 "AON-NOC, SCE-NOC, RCE-NOC, BPMP-NOC, CV-NOC" and "CBB Central NOC"
28 - For CCPLEX (CPU Complex) initiator, the driver sets ERD bit. So, the
31 - For other initiators, the ERD is disabled. So, the access issuing
[all …]
/linux/drivers/crypto/inside-secure/
H A Dsafexcel.c1 // SPDX-License-Identifier: GPL-2.0
5 * Antoine Tenart <antoine.tenart@free-electrons.com>
10 #include <linux/dma-mapping.h>
45 writel(0, priv->base + EIP197_FLUE_IFC_LUT(i)); in eip197_trc_cache_setupvirt()
51 for (i = 0; i < priv->config.rings; i++) { in eip197_trc_cache_setupvirt()
52 writel(0, priv->base + EIP197_FLUE_CACHEBASE_LO(i)); in eip197_trc_cache_setupvirt()
53 writel(0, priv->base + EIP197_FLUE_CACHEBASE_HI(i)); in eip197_trc_cache_setupvirt()
55 priv->base + EIP197_FLUE_CONFIG(i)); in eip197_trc_cache_setupvirt()
57 writel(0, priv->base + EIP197_FLUE_OFFSETS); in eip197_trc_cache_setupvirt()
58 writel(0, priv->base + EIP197_FLUE_ARC4_OFFSET); in eip197_trc_cache_setupvirt()
[all …]
/linux/Documentation/arch/arm/
H A Dtcm.rst2 ARM TCM (Tightly-Coupled Memory) handling in Linux
7 Some ARM SoCs have a so-called TCM (Tightly-Coupled Memory).
8 This is usually just a few (4-64) KiB of RAM inside the ARM
11 Due to being embedded inside the CPU, the TCM has a
12 Harvard-architecture, so there is an ITCM (instruction TCM)
24 determine if ITCM (bits 1-0) and/or DTCM (bit 17-16) is present
47 be able to lock and hide one of the banks for use by the secure
52 - FIQ and other interrupt handlers that need deterministic
55 - Idle loops where all external RAM is set to self-refresh
56 retention mode, so only on-chip RAM is accessible by
[all …]
/linux/arch/s390/include/uapi/asm/
H A Dpkey.h1 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
23 #define SECKEYBLOBSIZE 64 /* secure key blob size is always 64 bytes */
89 /* Struct to hold a CCA AES secure key blob */
91 __u8 seckey[SECKEYBLOBSIZE]; /* the secure key blob */
121 * Generate CCA AES secure key.
127 struct pkey_seckey seckey; /* out: the secure key blob */
133 * Construct CCA AES secure key from clear key value
140 struct pkey_seckey seckey; /* out: the secure key blob */
146 * Fabricate AES protected key from a CCA AES secure key
151 struct pkey_seckey seckey; /* in: the secure key blob */
[all …]
/linux/Documentation/devicetree/bindings/mfd/
H A Dnxp,bbnsm.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
7 title: NXP Battery-Backed Non-Secure Module
10 - Jacky Bai <ping.bai@nxp.com>
13 NXP BBNSM serves as non-volatile logic and storage for the system.
17 significant 32 bits of the real-time counter match the value in the
19 The ON/OFF logic inside the BBNSM allows for connecting directly to
26 - enum:
27 - nxp,imx93-bbnsm
[all …]
/linux/arch/nios2/include/asm/
H A Dthread_info.h2 * NiosII low-level thread information
31 * - this struct should fit entirely inside of one cache line
32 * - this struct shares the supervisor stack pages
33 * - if the contents of this structure are changed, the assembly constants
62 return (struct thread_info *)(sp & ~(THREAD_SIZE - 1)); in current_thread_info()
68 * - these are process state flags that various assembly files may need to
70 * - pending work-to-be-done flags are in LSW
71 * - other flags in MSW
78 #define TIF_SECCOMP 5 /* secure computing */
/linux/security/integrity/ima/
H A DKconfig1 # SPDX-License-Identifier: GPL-2.0-only
26 an aggregate integrity value over this list inside the
71 limited to 255 characters. The 'ima-ng' measurement list
77 bool "ima-ng (default)"
79 bool "ima-sig"
84 default "ima-ng" if IMA_NG_TEMPLATE
85 default "ima-sig" if IMA_SIG_TEMPLATE
155 <http://linux-ima.sourceforge.net>
165 based on run time secure boot flags.
213 Kernel module signatures can only be verified by IMA-appraisal,
[all …]
/linux/arch/microblaze/include/asm/
H A Dthread_info.h1 /* SPDX-License-Identifier: GPL-2.0 */
22 * - this struct should fit entirely inside of one cache line
23 * - this struct shares the supervisor stack pages
24 * - if the contents of this structure are changed, the assembly constants
38 /* non-volatile registers */
62 unsigned long status; /* thread-synchronous flags */
85 return (struct thread_info *)(sp & ~(THREAD_SIZE-1)); in current_thread_info()
93 * - these are process state flags that various assembly files may
95 * - pending work-to-be-done flags are in LSW
96 * - other flags in MSW
[all …]
/linux/arch/xtensa/include/asm/
H A Dthread_info.h2 * include/asm-xtensa/thread_info.h
8 * Copyright (C) 2001 - 2005 Tensilica Inc.
25 * - this struct should fit entirely inside of one cache line
26 * - this struct shares the supervisor stack pages
27 * - if the contents of this structure are changed, the assembly constants
51 unsigned long status; /* thread-synchronous flags */
65 * If i-th bit is set then coprocessor state is loaded into the
113 * - these are process state flags that various assembly files may need to access
125 #define TIF_SECCOMP 10 /* secure computing */
143 #define THREAD_SIZE_ORDER (KERNEL_STACK_SHIFT - PAGE_SHIFT)
/linux/arch/powerpc/
H A DKconfig1 # SPDX-License-Identifier: GPL-2.0
5 def_bool PPC64 && $(cc-option, -mabi=elfv2)
8 def_bool PPC64 && $(cc-option, -mcpu=power10 -mprefixed)
11 # Clang has a bug (https://github.com/llvm/llvm-project/issues/62372)
12 # where pcrel code is not generated if -msoft-float, -mno-altivec, or
13 # -mno-vsx options are also given. Without these options, fp/vec
16 def_bool PPC64 && CC_IS_GCC && $(cc-option, -mcpu=power10 -mpcrel)
35 # On Book3S 64, the default virtual address space for 64-bit processes
38 # between bottom-up and top-down allocations for applications that
41 default 29 if PPC_BOOK3S_64 && PPC_64K_PAGES # 29 = 45 (32T) - 16 (64K)
[all …]
/linux/arch/arm/mach-omap2/
H A Dpm34xx.c1 // SPDX-License-Identifier: GPL-2.0-only
5 * Copyright (C) 2006-2008 Nokia Corporation
13 * Richard Woodruff <r-woodruff2@ti.com>
42 #include "cm-regbits-34xx.h"
43 #include "prm-regbits-34xx.h"
47 #include "omap-secure.h"
97 * FIXME: This function should be called before entering off-mode after
98 * OMAP3 secure services have been accessed. Currently it is only called
99 * once during boot sequence, but this works as we are not using secure
110 * otherwise the WFI executed inside the ROM code in omap3_save_secure_ram_context()
[all …]
/linux/arch/mips/include/asm/
H A Dthread_info.h1 /* SPDX-License-Identifier: GPL-2.0 */
2 /* thread_info.h: MIPS low-level thread information
5 * - Incorporating suggestions made by Linus Torvalds and Dave Miller
20 * - this struct should fit entirely inside of one cache line
21 * - this struct shares the supervisor stack pages
22 * - if the contents of this structure are changed, the assembly constants
99 #define THREAD_MASK (THREAD_SIZE - 1UL)
105 * - these are process state flags that various assembly files may need to
107 * - pending work-to-be-done flags are in LSW
108 * - other flags in MSW
[all …]
/linux/Documentation/security/
H A Dipe.rst1 .. SPDX-License-Identifier: GPL-2.0
3 Integrity Policy Enforcement (IPE) - Kernel Documentation
10 :doc:`IPE admin guide </admin-guide/LSM/ipe>`.
13 ---------------------
16 of a locked-down system. This system would be born-secure, and have
27 2. DM-Verity
29 Both options were carefully considered, however the choice to use DM-Verity
46 modify filesystem offline, the attacker could wipe all the xattrs -
50 With DM-Verity, as the xattrs are saved as part of the Merkel tree, if
51 offline mount occurs against the filesystem protected by dm-verity, the
[all …]
H A Dsnp-tdx-threat-model.rst17 the kernel through various networking or limited HW-specific exposed
28 solutions provide a Trusted Execution Environment (TEE), where secure data
33 Machines (VM) inside TEE. From now on in this document will be referring
39 inside a CoCo VM. Namely, confidential computing allows its users to
48 additional mechanisms to control guest-host page mapping. More details on
49 the x86-specific solutions can be found in
51 …https://www.amd.com/system/files/techdocs/sev-snp-strengthening-vm-isolation-with-integrity-protec…
56 that acts as a security manager. The host-side virtual machine monitor
63 In the following diagram, the "<--->" lines represent bi-directional
67 +-------------------+ +-----------------------+
[all …]
/linux/Documentation/virt/kvm/x86/
H A Damd-memory-encryption.rst1 .. SPDX-License-Identifier: GPL-2.0
4 Secure Encrypted Virtualization (SEV)
10 Secure Encrypted Virtualization (SEV) is a feature found on AMD processors.
12 SEV is an extension to the AMD-V architecture which supports running
46 Hence, the ASID for the SEV-enabled guests must be from 1 to a maximum value
57 of zero if SEV is enabled). If non-NULL, the argument to
74 are defined in ``<linux/psp-dev.h>``.
80 ----------------
91 Returns: 0 on success, -negative on error
127 ``debug_swap`` parameter of ``kvm-amd.ko``.
[all …]
H A Drunning-nested-guests.rst1 .. SPDX-License-Identifier: GPL-2.0
7 A nested guest is the ability to run a guest inside another guest (it
8 can be KVM-based or a different hypervisor). The straightforward
12 .----------------. .----------------.
17 |----------------'--'----------------|
22 .------------------------------------------------------.
25 |------------------------------------------------------|
27 '------------------------------------------------------'
31 - L0 – level-0; the bare metal host, running KVM
33 - L1 – level-1 guest; a VM running on L0; also called the "guest
[all …]
/linux/drivers/net/ethernet/freescale/dpaa2/
H A Ddpsw.h1 /* SPDX-License-Identifier: GPL-2.0 */
3 * Copyright 2014-2016 Freescale Semiconductor Inc.
4 * Copyright 2017-2021 NXP
11 /* Data Path L2-Switch API
30 * DPSW_OPT_FLOODING_DIS - Flooding was disabled at device create
34 * DPSW_OPT_MULTICAST_DIS - Multicast was disabled at device create
38 * DPSW_OPT_CTRL_IF_DIS - Control interface support is disabled
43 * enum dpsw_component_type - component type of a bridge
44 * @DPSW_COMPONENT_TYPE_C_VLAN: A C-VLAN component of an
46 * to process C-tagged frames
[all …]
/linux/Documentation/security/tpm/
H A Dtpm-security.rst1 .. SPDX-License-Identifier: GPL-2.0-only
12 ------------
16 PTT, which is a software TPM running inside a software environment
22 -----------------------------------------------
42 ---------------------------
68 ----------------
77 ---------------------------------------
104 name, which is what is exported via sysfs so user-space can run the
107 TPM transactions since start of day were secure and if it doesn't, you
112 --------------
[all …]

1234