firmware-update.rst - OpenGrok cross reference for /external/arm-trusted-firmware/docs/components/firmware-update.rst

Lines Matching full:secure
23 This document describes the secure world FWU design. It is beyond its scope to
33 some parts of FWU to be implemented in other secure and normal world images.
40    -  Copying images from non-secure to secure memory
42    -  Context switching between the normal and secure world during the FWU
45 -  Other secure world FWU images handle platform initialization required by
48    interfaces to non-secure memory.
80    is permitted to request execution of a secure world FWU image (after
81    authentication). Secure world certificates and non-AP images are examples
83 -  Secure or non-secure image. This indicates whether the image is
84    authenticated/executed in secure or non-secure memory.
101 transitions are shown in the diagram below. Note that secure images have a more
102 complex state machine than non-secure images.
109    Authentication failure also leads to this state. A secure
113 -  COPYING: This is the state of a secure image while BL1 is copying it
114    in blocks from non-secure to secure memory.
116 -  COPIED: This is the state of a secure image when BL1 has completed
117    copying it to secure memory.
122 -  EXECUTED: This is the state of a secure, executable image when BL1 has
125 -  INTERRUPTED: This is the state of a secure, executable image after it has
211         if (image_id is non-secure image) return -EPERM
213         if (secure world caller) return -EPERM
216         if (source block is in secure memory) return -ENOMEM
218         if (image_size > free secure memory) return -ENOMEM
221 This SMC copies the secure image indicated by ``image_id`` from non-secure memory
222 to secure memory for later authentication. The image may be copied in a single
260         if (secure world caller)
264             if (image_id is secure image)
266             else // image_id is non-secure image
268                 if (image_addr/image_size is in secure memory) return -ENOMEM
273 ``image_addr`` and ``image_size``. If the image is a secure image in the COPIED
274 state, BL1 authenticates the image from the secure memory that BL1 previously
296         if (secure world caller) return -EPERM
297         if (image_id is non-secure image) return -EPERM
304 secure world image.
306 BL1 saves the normal world caller's context, sets the secure image state to
307 EXECUTED, and returns from exception to the secure image.
323         if (normal world caller and no INTERRUPTED secure image) return -EPERM
325 This SMC resumes execution in the other security world while there is a secure
328 For normal world callers, BL1 sets the previously interrupted secure image state
329 to EXECUTED. For secure world callers, BL1 sets the previously executing secure
351 This SMC indicates completion of a previously executing secure image.
353 BL1 sets the previously executing secure image state to the RESET state,
387         if (secure world caller) return -EPERM