| /linux/Documentation/devicetree/bindings/arm/ |
| H A D | secure.txt | 15 can be supported by prefixing the property name with "secure-". So for
16 instance "secure-foo" would override "foo". For property names with
18 "vendor,secure-foo". If there is no "secure-" property then the Secure
21 validly have "secure-" versions; this list will be enlarged on a
26 still be processed unmodified by existing Non-secure software (and in
32 secure- bindings only need to be used where both the Secure and Normal
38 - secure-status : specifies whether the device is present and usable
39 in the secure world. The combination of this with "status" allows
41 specified. If "secure-status" is not specified it defaults to the
47 secure-status = "okay"; /* visible in both */
[all …]
|
| /linux/Documentation/arch/powerpc/ |
| H A D | ultravisor.rst | 56 process is running in secure mode, MSR(S) bit 41. MSR(S)=1, process
57 is in secure mode, MSR(s)=0 process is in normal mode.
63 the VM it is returning to is secure.
101 * Memory is partitioned into secure and normal memory. Only processes
102 that are running in secure mode can access secure memory.
104 * The hardware does not allow anything that is not running secure to
105 access secure memory. This means that the Hypervisor cannot access
110 * I/O systems are not allowed to directly address secure memory. This
117 * When a process is running in secure mode all hypercalls
120 * When a process is in secure mode all interrupts go to the
[all …]
|
| /linux/Documentation/gpu/nova/core/ |
| H A D | devinit.rst | 19 FWSEC ucode. It is launched by FWSEC, which runs on the GSP in 'heavy-secure' mode, while
20 devinit runs on the PMU in 'light-secure' mode.
44 heavy-secure mode.
48 asserted by the FWSEC running on the GSP in heavy-secure mode.
59 masks. Some registers are only accessible after secure firmware (FWSEC) lowers the
60 privilege level to allow CPU (LS/low-secure) access. This is the case, for example,
|
| H A D | fwsec.rst | 13 The role of FWSEC is to provide a secure boot process. It runs in
14 'Heavy-secure' mode, and performs firmware verification after a GPU reset
40 For Ampere, FWSEC is running on the GSP in Heavy-secure mode and runs FRTS.
177 loaded, the FWSEC image is running on the GSP in heavy-secure mode. After the devinit
|
| /linux/arch/arm/mach-omap2/ |
| H A D | Makefile | 16 secure-common = omap-smc.o omap-secure.o
19 obj-$(CONFIG_ARCH_OMAP3) += $(omap-2-3-common) $(hwmod-common) $(secure-common)
20 obj-$(CONFIG_ARCH_OMAP4) += $(secure-common)
21 obj-$(CONFIG_SOC_AM33XX) += $(secure-common)
22 obj-$(CONFIG_SOC_OMAP5) += $(secure-common)
23 obj-$(CONFIG_SOC_AM43XX) += $(secure-common)
24 obj-$(CONFIG_SOC_DRA7XX) += $(secure-common)
|
| /linux/Documentation/tee/ |
| H A D | op-tee.rst | 23 separate secure co-processor.
56 RPC (Remote Procedure Call) are requests from secure world to kernel driver
74 There are two kinds of notifications that secure world can use to make
79 2. Asynchronous notifications delivered with a combination of a non-secure
80 edge-triggered interrupt and a fast call from the non-secure interrupt
84 this is only usable when secure world is entered with a yielding call via
85 ``OPTEE_SMC_CALL_WITH_ARG``. This excludes such notifications from secure
88 An asynchronous notification is delivered via a non-secure edge-triggered
98 building block for OP-TEE OS in secure world to implement the top half and
|
| H A D | tee.rst | 12 A TEE is a trusted OS running in some secure environment, for example,
13 TrustZone on ARM CPUs, or a separate secure co-processor etc. A TEE driver
|
| /linux/arch/arm64/boot/dts/arm/ |
| H A D | corstone1000.dtsi | 145 secure-status = "okay"; /* secure-world-only */
157 secure-status = "okay"; /* secure-world-only */
|
| /linux/Documentation/ABI/testing/ |
| H A D | sysfs-devices-pci-host-bridge | 24 (RO) When a platform has established a secure connection, PCIe
41 establishing new end-to-end secure links. This attribute
42 decrements upon secure link setup, and increments upon secure
|
| H A D | sysfs-secvar | 5 secureboot, thereby secure variables. It exposes interface
6 for reading/writing the secure variables
11 Description: This directory lists all the secure variables that are supported
36 Description: Each secure variable is represented as a directory named as
43 access (read and write) to the secure boot secvars db, dbx,
71 defined by the secure variable implementation. All data is in
|
| /linux/Documentation/driver-api/firmware/ |
| H A D | other_interfaces.rst | 25 higher than the kernel is granted. Such secure features include
31 drivers to request access to the secure features. The requests are queued
33 of the requests on to a secure monitor (EL3).
|
| /linux/arch/arm64/boot/dts/amlogic/ |
| H A D | amlogic-a4-common.dtsi | 71 sec_ao: ao-secure@10220 {
72 compatible = "amlogic,a4-ao-secure",
73 "amlogic,meson-gx-ao-secure",
|
| H A D | amlogic-s6.dtsi | 45 sm: secure-monitor {
213 ao-secure@10220 {
214 compatible = "amlogic,s6-ao-secure",
215 "amlogic,meson-gx-ao-secure",
|
| H A D | amlogic-s7d.dtsi | 47 sm: secure-monitor {
208 ao-secure@10220 {
209 compatible = "amlogic,s7d-ao-secure",
210 "amlogic,meson-gx-ao-secure",
|
| H A D | amlogic-s7.dtsi | 83 sm: secure-monitor {
235 ao-secure@10220 {
236 compatible = "amlogic,s7-ao-secure",
237 "amlogic,meson-gx-ao-secure",
|
| /linux/Documentation/security/ |
| H A D | siphash.rst | 7 SipHash is a cryptographically secure PRF -- a keyed hash function -- that
15 indistinguishable from random. You may then use that integer as part of secure
16 sequence numbers, secure cookies, or mask it off for use in a hash table.
21 Keys should always be generated from a cryptographically secure source of
137 same as the siphash ones, or that they are secure; the hsiphash functions still
138 use a less secure reduced-round algorithm and truncate their outputs to 32
144 Keys should always be generated from a cryptographically secure source of
|
| /linux/drivers/of/ |
| H A D | kobj.c | 68 bool secure = strncmp(pp->name, "security-", 9) == 0; in __of_add_property_sysfs() local
78 pp->attr.attr.mode = secure ? 0400 : 0444; in __of_add_property_sysfs()
79 pp->attr.size = secure ? 0 : pp->length; in __of_add_property_sysfs()
|
| /linux/drivers/firmware/ |
| H A D | Kconfig | 149 and manages secure monitor call to communicate with secure monitor
150 software at secure monitor exception level.
241 bool "Trusted Foundations secure monitor support"
245 the market) are booted with the Trusted Foundations secure monitor
246 active, requiring some core operations to be performed by the secure
249 This option allows the kernel to invoke the secure monitor whenever
257 tristate "Turris Mox rWTM secure firmware driver"
264 This driver communicates with the firmware on the Cortex-M3 secure
281 key (each Turris Mox has an ECDSA private key generated in the secure
|
| /linux/drivers/vfio/ |
| H A D | Kconfig | 11 VFIO provides a framework for secure userspace device drivers.
25 to set up secure DMA context for device access. This interface does
69 considered secure. VFIO No-IOMMU mode enables IOMMU groups for
71 infrastructure in a non-secure mode. Use of this mode will result
|
| /linux/drivers/gpu/drm/nouveau/nvkm/falcon/ |
| H A D | v1.c | 30 u32 size, u16 tag, u8 port, bool secure) in nvkm_falcon_v1_load_imem() argument
38 reg = start | BIT(24) | (secure ? BIT(28) : 0); in nvkm_falcon_v1_load_imem()
|
| /linux/Documentation/userspace-api/ |
| H A D | check_exec.rst | 54 In a secure environment, libraries and any executable dependencies should also
57 For such secure execution environment to make sense, only trusted code should
71 This secure bit may be set by user session managers, service managers,
98 This secure bit may be set by user session managers, service managers,
114 migration to a secure mode.
129 This use case may be useful for secure services (i.e. without interactive
|
| /linux/Documentation/arch/arm/samsung/ |
| H A D | bootloader-interface.rst | 65 3. Other (regardless of secure/non-secure mode)
|
| /linux/drivers/gpu/drm/amd/display/ |
| H A D | Kconfig | 50 bool "Enable secure display support"
54 Choose this option if you want to support secure display
|
| /linux/Documentation/arch/arm/ |
| H A D | firmware.rst | 7 Some boards are running with secure firmware running in TrustZone secure
|
| /linux/drivers/pmdomain/amlogic/ |
| H A D | Makefile | 3 obj-$(CONFIG_MESON_SECURE_PM_DOMAINS) += meson-secure-pwrc.o
|