Home
last modified time | relevance | path

Searched +full:secure +full:- +full:only (Results 1 – 25 of 872) sorted by relevance

12345678910>>...35

/kernel/linux/linux-5.10/Documentation/devicetree/bindings/arm/
Dsecure.txt1 * ARM Secure world bindings
4 "Normal" and "Secure". Most devicetree consumers (including the Linux
6 world or the Secure world. However some devicetree consumers are
8 visible only in the Secure address space, only in the Normal address
10 virtual machine which boots Secure firmware and wants to tell the
13 The general principle of the naming scheme for Secure world bindings
14 is that any property that needs a different value in the Secure world
15 can be supported by prefixing the property name with "secure-". So for
16 instance "secure-foo" would override "foo". For property names with
17 a vendor prefix, the Secure variant of "vendor,foo" would be
[all …]
/kernel/linux/linux-4.19/Documentation/devicetree/bindings/arm/
Dsecure.txt1 * ARM Secure world bindings
4 "Normal" and "Secure". Most devicetree consumers (including the Linux
6 world or the Secure world. However some devicetree consumers are
8 visible only in the Secure address space, only in the Normal address
10 virtual machine which boots Secure firmware and wants to tell the
13 The general principle of the naming scheme for Secure world bindings
14 is that any property that needs a different value in the Secure world
15 can be supported by prefixing the property name with "secure-". So for
16 instance "secure-foo" would override "foo". For property names with
17 a vendor prefix, the Secure variant of "vendor,foo" would be
[all …]
/kernel/linux/linux-5.10/Documentation/powerpc/
Dultravisor.rst1 .. SPDX-License-Identifier: GPL-2.0
15 POWER 9 that enables Secure Virtual Machines (SVMs). DD2.3 chips
16 (PVR=0x004e1203) or greater will be PEF-capable. A new ISA release
25 +------------------+
29 +------------------+
31 +------------------+
33 +------------------+
35 +------------------+
38 VMs in the system. SVMs are protected while at rest and can only be
56 process is running in secure mode, MSR(S) bit 41. MSR(S)=1, process
[all …]
/kernel/linux/linux-4.19/drivers/gpu/drm/nouveau/nvkm/subdev/secboot/
Dbase.c24 * Secure boot is the process by which NVIDIA-signed firmware is loaded into
25 * some of the falcons of a GPU. For production devices this is the only way
31 * - Non-secure (NS). In this mode, functionality is similar to Falcon
32 * architectures before security modes were introduced (pre-Maxwell), but
35 * disabled (on certain Falcon instances). This is the only possible mode that
38 * - Heavy Secure (HS). In this mode, the microprocessor is a black box - it's
40 * from outside the Falcon (for example, from the host system). The only way
42 * (The loading process involves tagging the IMEM block as secure, writing the
46 * - Light Secure (LS). In this mode, the microprocessor has more privileges
48 * host software to ease debugging. The only way to enable this mode is by HS
[all …]
/kernel/linux/linux-5.10/arch/s390/include/uapi/asm/
Dpkey.h1 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
23 #define SECKEYBLOBSIZE 64 /* secure key blob size is always 64 bytes */
78 /* Struct to hold a CCA AES secure key blob */
80 __u8 seckey[SECKEYBLOBSIZE]; /* the secure key blob */
110 * Generate CCA AES secure key.
116 struct pkey_seckey seckey; /* out: the secure key blob */
121 * Construct CCA AES secure key from clear key value
128 struct pkey_seckey seckey; /* out: the secure key blob */
133 * Fabricate AES protected key from a CCA AES secure key
138 struct pkey_seckey seckey; /* in: the secure key blob */
[all …]
/kernel/linux/linux-5.10/Documentation/devicetree/bindings/nvmem/
Dst,stm32-romem.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
4 $id: http://devicetree.org/schemas/nvmem/st,stm32-romem.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
7 title: STMicroelectronics STM32 Factory-programmed data bindings
10 This represents STM32 Factory-programmed read only non-volatile area: locked
11 flash, OTP, read-only HW regs... This contains various information such as:
16 - Fabrice Gasnier <fabrice.gasnier@st.com>
19 - $ref: "nvmem.yaml#"
24 - st,stm32f4-otp
[all …]
/kernel/linux/linux-5.10/drivers/s390/crypto/
Dzcrypt_ccamisc.h1 /* SPDX-License-Identifier: GPL-2.0+ */
17 #define TOKTYPE_NON_CCA 0x00 /* Non-CCA key token */
41 /* inside view of a CCA secure key token (only type 0x01 version 0x04) */
81 /* AES-128 512 640 */
82 /* AES-192 576 640 */
83 /* AES-256 640 640 */
97 /* inside view of an CCA secure ECC private key */
107 u8 htype; /* hash method, 0x02 for SHA-256 */
133 * Simple check if the token is a valid CCA secure AES data key
141 * Simple check if the token is a valid CCA secure AES cipher key
[all …]
/kernel/linux/linux-5.10/arch/arm/mach-omap2/
Domap-secure.c1 // SPDX-License-Identifier: GPL-2.0-only
3 * OMAP Secure API infrastructure.
11 #include <linux/arm-smccc.h>
23 #include "omap-secure.h"
39 * We only check that the OP-TEE node is present and available. The in omap_optee_init_check()
40 * OP-TEE kernel driver is not needed for the type of interaction made in omap_optee_init_check()
41 * with OP-TEE here so the driver's status is not checked. in omap_optee_init_check()
50 * omap_sec_dispatcher: Routine to dispatch low power secure
55 * @arg1, arg2, arg3 args4: Parameters passed to secure API
57 * Return the non-zero error value on failure.
[all …]
Domap-secure.h1 /* SPDX-License-Identifier: GPL-2.0-only */
3 * omap-secure.h: OMAP Secure infrastructure header.
23 /* Secure HAL API flags */
30 /* Maximum Secure memory storage size */
35 /* Secure low power HAL API index */
41 /* Secure Monitor mode APIs */
52 /* Secure PPA(Primary Protected Application) APIs */
60 /* Secure RX-51 PPA (Primary Protected Application) APIs */
Domap-smc.S1 /* SPDX-License-Identifier: GPL-2.0-only */
3 * OMAP34xx and OMAP44xx secure APIs file.
15 * This is common routine to manage secure monitor API
16 * used to modify the PL310 secure registers.
23 .arch armv7-a
26 stmfd sp!, {r2-r12, lr}
31 ldmfd sp!, {r2-r12, pc}
36 * Low level common routine for secure HAL and PPA APIs.
43 stmfd sp!, {r4-r12, lr}
48 mov r12, #0x00 @ Secure Service ID
[all …]
/kernel/linux/linux-5.10/include/uapi/linux/
Dnfc.h33 * enum nfc_commands - supported nfc commands
62 * a device. LTO must be set before the link is up otherwise -EINPROGRESS
65 * If one of the passed parameters is wrong none is set and -EINVAL is
67 * @NFC_CMD_ENABLE_SE: Enable the physical link to a specific secure element.
68 * Once enabled a secure element will handle card emulation mode, i.e.
69 * starting a poll from a device which has a secure element enabled means
71 * @NFC_CMD_DISABLE_SE: Disable the physical link to a specific secure element.
74 * @NFC_EVENT_SE_ADDED: Event emitted when a new secure element is discovered.
77 * @NFC_EVENT_SE_REMOVED: Event emitted when a secure element is removed from
79 * @NFC_EVENT_SE_CONNECTIVITY: This event is emitted whenever a secure element
[all …]
/kernel/linux/linux-4.19/include/uapi/linux/
Dnfc.h33 * enum nfc_commands - supported nfc commands
62 * a device. LTO must be set before the link is up otherwise -EINPROGRESS
65 * If one of the passed parameters is wrong none is set and -EINVAL is
67 * @NFC_CMD_ENABLE_SE: Enable the physical link to a specific secure element.
68 * Once enabled a secure element will handle card emulation mode, i.e.
69 * starting a poll from a device which has a secure element enabled means
71 * @NFC_CMD_DISABLE_SE: Disable the physical link to a specific secure element.
74 * @NFC_EVENT_SE_ADDED: Event emitted when a new secure element is discovered.
77 * @NFC_EVENT_SE_REMOVED: Event emitted when a secure element is removed from
79 * @NFC_EVENT_SE_CONNECTIVITY: This event is emitted whenever a secure element
[all …]
/kernel/linux/linux-5.10/drivers/tee/optee/
Doptee_smc.h1 /* SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) */
3 * Copyright (c) 2015-2019, Linaro Limited
8 #include <linux/arm-smccc.h>
28 * Normal cached memory (write-back), shareable for SMP systems and not
36 * 32-bit registers.
44 * 65cb6b93-af0c-4617-8ed6-644a8d1140f8
75 * Used by non-secure world to figure out which Trusted OS is installed.
78 * Returns UUID in a0-4 in the same way as OPTEE_SMC_CALLS_UID
88 * Used by non-secure world to figure out which version of the Trusted OS
92 * Returns revision in a0-1 in the same way as OPTEE_SMC_CALLS_REVISION
[all …]
/kernel/linux/linux-4.19/Documentation/devicetree/bindings/iommu/
Dqcom,iommu.txt3 Qualcomm "B" family devices which are not compatible with arm-smmu have
6 to non-secure vs secure interrupt line.
10 - compatible : Should be one of:
12 "qcom,msm8916-iommu"
14 Followed by "qcom,msm-iommu-v1".
16 - clock-names : Should be a pair of "iface" (required for IOMMUs
20 - clocks : Phandles for respective clocks described by
21 clock-names.
23 - #address-cells : must be 1.
25 - #size-cells : must be 1.
[all …]
/kernel/linux/linux-5.10/Documentation/devicetree/bindings/iommu/
Dqcom,iommu.txt3 Qualcomm "B" family devices which are not compatible with arm-smmu have
6 to non-secure vs secure interrupt line.
10 - compatible : Should be one of:
12 "qcom,msm8916-iommu"
14 Followed by "qcom,msm-iommu-v1".
16 - clock-names : Should be a pair of "iface" (required for IOMMUs
20 - clocks : Phandles for respective clocks described by
21 clock-names.
23 - #address-cells : must be 1.
25 - #size-cells : must be 1.
[all …]
/kernel/linux/linux-4.19/arch/s390/include/uapi/asm/
Dpkey.h1 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
23 #define SECKEYBLOBSIZE 64 /* secure key blob size is always 64 bytes */
32 /* Struct to hold a secure key blob */
34 __u8 seckey[SECKEYBLOBSIZE]; /* the secure key blob */
50 * Generate secure key
56 struct pkey_seckey seckey; /* out: the secure key blob */
61 * Construct secure key from clear key value
68 struct pkey_seckey seckey; /* out: the secure key blob */
73 * Fabricate protected key from a secure key
78 struct pkey_seckey seckey; /* in: the secure key blob */
[all …]
/kernel/linux/linux-4.19/drivers/tee/optee/
Doptee_smc.h2 * Copyright (c) 2015-2016, Linaro Limited
30 #include <linux/arm-smccc.h>
50 * Normal cached memory (write-back), shareable for SMP systems and not
58 * 32-bit registers.
66 * 65cb6b93-af0c-4617-8ed6-644a8d1140f8
97 * Used by non-secure world to figure out which Trusted OS is installed.
100 * Returns UUID in a0-4 in the same way as OPTEE_SMC_CALLS_UID
110 * Used by non-secure world to figure out which version of the Trusted OS
114 * Returns revision in a0-1 in the same way as OPTEE_SMC_CALLS_REVISION
115 * described above. May optionally return a 32-bit build identifier in a2,
[all …]
/kernel/linux/linux-4.19/arch/s390/include/asm/
Dpkey.h1 /* SPDX-License-Identifier: GPL-2.0 */
19 * Generate (AES) random secure key.
20 * @param cardnr may be -1 (use default card)
21 * @param domain may be -1 (use default domain)
23 * @param seckey pointer to buffer receiving the secure key
30 * Generate (AES) secure key with given key value.
31 * @param cardnr may be -1 (use default card)
32 * @param domain may be -1 (use default domain)
35 * @param seckey pointer to buffer receiving the secure key
43 * Derive (AES) proteced key from the (AES) secure key blob.
[all …]
/kernel/linux/linux-4.19/arch/arm/mach-bcm/
Dbcm_kona_smc.c37 {.compatible = "brcm,kona-smc"},
38 {.compatible = "bcm,kona-smc"}, /* deprecated name */
54 return -ENODEV; in bcm_kona_smc_init()
58 return -EINVAL; in bcm_kona_smc_init()
60 /* We assume space for four 32-bit arguments */ in bcm_kona_smc_init()
62 return -EINVAL; in bcm_kona_smc_init()
67 return -EINVAL; in bcm_kona_smc_init()
71 return -ENOMEM; in bcm_kona_smc_init()
74 pr_info("Kona Secure API initialized\n"); in bcm_kona_smc_init()
82 * Only core 0 can run the secure monitor code. If an "smc" request
[all …]
/kernel/linux/linux-5.10/arch/arm/mach-bcm/
Dbcm_kona_smc.c37 {.compatible = "brcm,kona-smc"},
38 {.compatible = "bcm,kona-smc"}, /* deprecated name */
54 return -ENODEV; in bcm_kona_smc_init()
58 return -EINVAL; in bcm_kona_smc_init()
60 /* We assume space for four 32-bit arguments */ in bcm_kona_smc_init()
62 return -EINVAL; in bcm_kona_smc_init()
67 return -EINVAL; in bcm_kona_smc_init()
71 return -ENOMEM; in bcm_kona_smc_init()
74 pr_info("Kona Secure API initialized\n"); in bcm_kona_smc_init()
82 * Only core 0 can run the secure monitor code. If an "smc" request
[all …]
/kernel/linux/linux-4.19/Documentation/devicetree/bindings/arm/sunxi/
Dsmp-sram.txt2 ------------------------------------------------
4 Allwinner's A80 SoC uses part of the secure sram for hotplugging of the
9 Therefore a reserved section sub-node has to be added to the mmio-sram
13 ../../sram/sunxi-sram.txt. This SRAM is secure only and not mappable to
16 Also there are no "secure-only" properties. The implementation should
19 Required sub-node properties:
20 - compatible : depending on the SoC this should be one of:
21 "allwinner,sun9i-a80-smp-sram"
23 The rest of the properties should follow the generic mmio-sram discription
29 /* 256 KiB secure SRAM at 0x20000 */
[all …]
/kernel/linux/linux-5.10/Documentation/virt/kvm/
Ds390-pv.rst1 .. SPDX-License-Identifier: GPL-2.0
8 -------
15 Each guest starts in non-protected mode and then may make a request to
20 The Ultravisor will secure and decrypt the guest's boot memory
33 -------------------
46 safeguarding; they can only be injected for instructions that have
54 -------------------------------
64 ---------------------
70 The control structures associated with SIE provide the Secure
72 Secure Interception General Register Save Area. Guest GRs and most of
[all …]
/kernel/linux/linux-5.10/Documentation/devicetree/bindings/rng/
Domap_rng.txt1 OMAP SoC and Inside-Secure HWRNG Module
5 - compatible : Should contain entries for this and backward compatible
7 - "ti,omap2-rng" for OMAP2.
8 - "ti,omap4-rng" for OMAP4, OMAP5 and AM33XX.
9 - "inside-secure,safexcel-eip76" for SoCs with EIP76 IP block
11 - ti,hwmods: Name of the hwmod associated with the RNG module
12 - reg : Offset and length of the register set for the module
13 - interrupts : the interrupt number for the RNG module.
14 Used for "ti,omap4-rng" and "inside-secure,safexcel-eip76"
15 - clocks: the trng clock source. Only mandatory for the
[all …]
/kernel/linux/linux-4.19/Documentation/devicetree/bindings/rng/
Domap_rng.txt1 OMAP SoC and Inside-Secure HWRNG Module
5 - compatible : Should contain entries for this and backward compatible
7 - "ti,omap2-rng" for OMAP2.
8 - "ti,omap4-rng" for OMAP4, OMAP5 and AM33XX.
9 - "inside-secure,safexcel-eip76" for SoCs with EIP76 IP block
11 - ti,hwmods: Name of the hwmod associated with the RNG module
12 - reg : Offset and length of the register set for the module
13 - interrupts : the interrupt number for the RNG module.
14 Used for "ti,omap4-rng" and "inside-secure,safexcel-eip76"
15 - clocks: the trng clock source. Only mandatory for the
[all …]
/kernel/linux/linux-5.10/net/sunrpc/
DKconfig1 # SPDX-License-Identifier: GPL-2.0-only
20 tristate "Secure RPC: Kerberos V mechanism"
27 Choose Y here to enable Secure RPC using the Kerberos version 5
28 GSS-API mechanism (RFC 1964).
30 Secure RPC calls with Kerberos require an auxiliary user-space
31 daemon which may be found in the Linux nfs-utils package
32 available from http://linux-nfs.org/. In addition, user-space
38 bool "Secure RPC: Disable insecure Kerberos encryption types"
43 with the Kerberos version 5 GSS-API mechanism (RFC 1964). The
44 deprecated encryption types include DES-CBC-MD5, DES-CBC-CRC,
[all …]

12345678910>>...35