mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-19 19:14:28 +00:00
4eed9c8480
The BL3-1 firmware code is stored in TZSRAM on Tegra186 platforms. This memory loses power when we enter System Suspend and so its contents are stored to TZDRAM, before entry. This opens up an attack vector where the TZDRAM contents might be tampered with when we are in the System Suspend mode. To mitigate this attack the SE engine calculates the hash of entire TZSRAM and stores it in PMC scratch, before we copy data to TZDRAM. The WB0 code will validate the TZDRAM and match the hash with the one in PMC scratch. This patch adds driver for the SE engine, with APIs to calculate the hash and store SE SHA256 hash-result to PMC scratch registers. Change-Id: Ib487d5629225d3d99bd35d44f0402d6d3cf27ddf Signed-off-by: Jeetesh Burman <jburman@nvidia.com>
60 lines
1.7 KiB
C
60 lines
1.7 KiB
C
/*
|
|
* Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
|
|
* Copyright (c) 2017-2020, NVIDIA CORPORATION. All rights reserved.
|
|
*
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
*/
|
|
|
|
#ifndef SECURITY_ENGINE_H
|
|
#define SECURITY_ENGINE_H
|
|
|
|
/*******************************************************************************
|
|
* Structure definition
|
|
******************************************************************************/
|
|
|
|
/* Security Engine Linked List */
|
|
struct tegra_se_ll {
|
|
/* DMA buffer address */
|
|
uint32_t addr;
|
|
/* Data length in DMA buffer */
|
|
uint32_t data_len;
|
|
};
|
|
|
|
#define SE_LL_MAX_BUFFER_NUM 4
|
|
typedef struct tegra_se_io_lst {
|
|
volatile uint32_t last_buff_num;
|
|
volatile struct tegra_se_ll buffer[SE_LL_MAX_BUFFER_NUM];
|
|
} tegra_se_io_lst_t __attribute__((aligned(4)));
|
|
|
|
/* SE device structure */
|
|
typedef struct tegra_se_dev {
|
|
/* Security Engine ID */
|
|
const int se_num;
|
|
/* SE base address */
|
|
const uint64_t se_base;
|
|
/* SE context size in AES blocks */
|
|
const uint32_t ctx_size_blks;
|
|
/* pointer to source linked list buffer */
|
|
tegra_se_io_lst_t *src_ll_buf;
|
|
/* pointer to destination linked list buffer */
|
|
tegra_se_io_lst_t *dst_ll_buf;
|
|
/* LP context buffer pointer */
|
|
uint32_t *ctx_save_buf;
|
|
} tegra_se_dev_t;
|
|
|
|
/* PKA1 device structure */
|
|
typedef struct tegra_pka_dev {
|
|
/* PKA1 base address */
|
|
uint64_t pka_base;
|
|
} tegra_pka_dev_t;
|
|
|
|
/*******************************************************************************
|
|
* Public interface
|
|
******************************************************************************/
|
|
void tegra_se_init(void);
|
|
int tegra_se_suspend(void);
|
|
void tegra_se_resume(void);
|
|
int tegra_se_save_tzram(void);
|
|
int32_t tegra_se_save_sha256_hash(uint64_t bl31_base, uint32_t src_len_inbyte);
|
|
|
|
#endif /* SECURITY_ENGINE_H */
|