| /external/arm-trusted-firmware/docs/design/ |
| D | interrupt-framework-design.rst | 8 #. It should be possible to route interrupts meant to be handled by secure
9 software (Secure interrupts) to EL3, when execution is in non-secure state
11 the interrupt to either software in EL3 or Secure-EL1 depending upon the
13 that secure interrupts are under the control of the secure software with
15 intervention from non-secure software.
18 non-secure software (Non-secure interrupts) to the last executed exception
19 level in the normal world when the execution is in secure world at
21 knowledge of software executing in Secure-EL1/Secure-EL0. The choice of
22 approach should be governed by the secure software. This requirement
23 ensures that non-secure software is able to execute in tandem with the
[all …]
|
| /external/grpc-grpc/tools/run_tests/performance/ |
| D | scenario_config.py | 114 secure=True, argument
141 'security_params': _get_secargs(secure),
152 'security_params': _get_secargs(secure),
252 secure=False,
266 secure=False,
280 secure=False,
285 for secure in [True, False]:
286 secstr = 'secure' if secure else 'insecure'
288 if secure else [INPROC]) + [SCALABLE]
297 secure=secure,
[all …]
|
| /external/rust/crates/grpcio-sys/grpc/tools/run_tests/performance/ |
| D | scenario_config.py | 114 secure=True, argument
143 'security_params': _get_secargs(secure),
155 'security_params': _get_secargs(secure),
256 secure=False,
270 secure=False,
284 secure=False,
289 for secure in [True, False]:
290 secstr = 'secure' if secure else 'insecure'
291 smoketest_categories = ([SMOKETEST] if secure else [])
292 inproc_categories = ([INPROC] if not secure else [])
[all …]
|
| /external/arm-trusted-firmware/docs/components/ |
| D | secure-partition-manager-mm.rst | 1 Secure Partition Manager (MM)
7 Two implementations of a Secure Partition Manager co-exist in the TF-A codebase:
9 - SPM based on the PSA FF-A specification (:ref:`Secure Partition Manager`).
15 This document describes the latter implementation where the Secure Partition Manager
16 resides at EL3 and management services run from isolated Secure Partitions at S-EL0.
24 applications to provide security services like DRM, secure payment and
26 used by Non-secure world applications to access these services. A Trusted OS
38 centres and enterprise servers) the secure software stack typically does not
50 A **Secure Partition** is a software execution environment instantiated in
52 Since S-EL0 is an unprivileged Exception Level, a Secure Partition relies on
[all …]
|
| D | firmware-update.rst | 23 This document describes the secure world FWU design. It is beyond its scope to
33 some parts of FWU to be implemented in other secure and normal world images.
40 - Copying images from non-secure to secure memory
42 - Context switching between the normal and secure world during the FWU
45 - Other secure world FWU images handle platform initialization required by
48 interfaces to non-secure memory.
80 is permitted to request execution of a secure world FWU image (after
81 authentication). Secure world certificates and non-AP images are examples
83 - Secure or non-secure image. This indicates whether the image is
84 authenticated/executed in secure or non-secure memory.
[all …]
|
| D | exception-handling.rst | 28 the purpose of facilitating context switch between Normal and Secure worlds,
62 rest of the handling to a dedicated software stack running at lower Secure
63 ELs. In this scheme, the handling spans various secure ELs.
66 processing of the error to dedicated software stack running at lower secure
70 maximally spans all ELs in both Secure and Normal worlds.
76 .. [#spd] Not to be confused with :ref:`Secure Payload Dispatcher
78 on behalf of Secure OS.
94 The platform is required to `partition`__ the Secure priority space into
95 priority levels as applicable for the Secure software stack. It then assigns the
147 - On GICv3 systems, when executing in S-EL1, pending Non-secure interrupts of
[all …]
|
| D | secure-partition-manager.rst | 1 Secure Partition Manager
36 | SP | Secure Partition |
38 | SPM | Secure Partition Manager |
46 | SWd | Secure World |
58 Two implementations of a Secure Partition Manager co-exist in the TF-A codebase:
68 - describes the PSA FF-A implementation where the Secure Partition Manager
73 used as a reference code base for an S-EL2 secure firmware on
81 - SPMC refers to the S-EL2 component managing Virtual Machines (or Secure
82 Partitions) in the Secure World when Armv8.4-SecEL2 extension is implemented.
83 - Alternatively, SPMC can refer to an S-EL1 component, itself being a Secure
[all …]
|
| /external/arm-trusted-firmware/services/spd/tspd/ |
| D | tspd_main.c | 9 * This is the Secure Payload Dispatcher (SPD). The dispatcher is meant to be a
10 * plug-in component to the Secure Monitor, registered as a runtime service. The
11 * SPD is expected to be a functional extension of the Secure Payload (SP) that
12 * executes in Secure EL1. The Secure Monitor will delegate all SMCs targeting
14 * handle the request locally or delegate it to the Secure Payload. It is also
36 * Address of the entrypoint vector table in the Secure Payload. It is
42 * Array to keep track of per-cpu Secure Payload state
55 * This helper function handles Secure EL1 preemption. The preemption could be
56 * due Non Secure interrupts or EL3 interrupts. In both the cases we context
64 assert(handle == cm_get_context(SECURE)); in tspd_handle_sp_preemption()
[all …]
|
| /external/arm-trusted-firmware/services/spd/tlkd/ |
| D | tlkd_main.c | 9 * This is the Secure Payload Dispatcher (SPD). The dispatcher is meant to be a
10 * plug-in component to the Secure Monitor, registered as a runtime service. The
11 * SPD is expected to be a functional extension of the Secure Payload (SP) that
12 * executes in Secure EL1. The Secure Monitor will delegate all SMCs targeting
14 * handle the request locally or delegate it to the Secure Payload. It is also
37 * Per-cpu Secure Payload state
54 * Secure Payload Dispatcher's timer interrupt handler
69 * Disable the routing of NS interrupts from secure world to in tlkd_interrupt_handler()
72 disable_intr_rm_local(INTR_TYPE_S_EL1, SECURE); in tlkd_interrupt_handler()
78 /* Save non-secure state */ in tlkd_interrupt_handler()
[all …]
|
| D | tlkd_common.c | 27 /* save secure context */ in tlkd_va_translate()
28 cm_el1_sysregs_context_save(SECURE); in tlkd_va_translate()
30 /* restore non-secure context */ in tlkd_va_translate()
33 /* switch NS bit to start using 64-bit, non-secure mappings */ in tlkd_va_translate()
61 /* Restore secure state */ in tlkd_va_translate()
64 /* restore secure context */ in tlkd_va_translate()
65 cm_el1_sysregs_context_restore(SECURE); in tlkd_va_translate()
67 /* switch NS bit to start using 32-bit, secure mappings */ in tlkd_va_translate()
68 write_scr(cm_get_scr_el3(SECURE)); in tlkd_va_translate()
76 * Given a secure payload entrypoint, register width, cpu id & pointer to a
[all …]
|
| /external/arm-trusted-firmware/plat/renesas/common/include/registers/ |
| D | cpg_registers.h | 30 /* Secure Module Stop Control Register 0 */
32 /* Secure Module Stop Control Register 1 */
34 /* Secure Module Stop Control Register 2 */
36 /* Secure Module Stop Control Register 3 */
38 /* Secure Module Stop Control Register 4 */
40 /* Secure Module Stop Control Register 5 */
42 /* Secure Module Stop Control Register 6 */
44 /* Secure Module Stop Control Register 7 */
46 /* Secure Module Stop Control Register 8 */
48 /* Secure Module Stop Control Register 9 */
[all …]
|
| /external/arm-trusted-firmware/docs/about/ |
| D | features.rst | 14 - Initialization of the secure world, for example exception vectors, control
28 - SMC (Secure Monitor Call) handling, conforming to the `SMC Calling
35 for example an AArch32 Secure OS.
37 - A minimal AArch32 Secure Payload (*SP_MIN*) to demonstrate |PSCI| library
40 - Secure Monitor library code such as world switching, EL1 context management
42 When a Secure-EL1 Payload (SP) is present, for example a Secure OS, the
43 AArch64 EL3 Runtime Software must be integrated with a Secure Payload
46 - A Test SP and SPD to demonstrate AArch64 Secure Monitor functionality and SP
49 - SPDs for the `OP-TEE Secure OS`_, `NVIDIA Trusted Little Kernel`_
50 and `Trusty Secure OS`_.
[all …]
|
| /external/arm-trusted-firmware/services/spd/opteed/ |
| D | opteed_main.c | 9 * This is the Secure Payload Dispatcher (SPD). The dispatcher is meant to be a
10 * plug-in component to the Secure Monitor, registered as a runtime service. The
11 * SPD is expected to be a functional extension of the Secure Payload (SP) that
12 * executes in Secure EL1. The Secure Monitor will delegate all SMCs targeting
14 * handle the request locally or delegate it to the Secure Payload. It is also
67 /* Save the non-secure context before entering the OPTEE */ in opteed_sel1_interrupt_handler()
73 assert(&optee_ctx->cpu_ctx == cm_get_context(SECURE)); in opteed_sel1_interrupt_handler()
75 cm_set_elr_el3(SECURE, (uint64_t)&optee_vector_table->fiq_entry); in opteed_sel1_interrupt_handler()
76 cm_el1_sysregs_context_restore(SECURE); in opteed_sel1_interrupt_handler()
77 cm_set_next_eret_context(SECURE); in opteed_sel1_interrupt_handler()
[all …]
|
| /external/arm-trusted-firmware/bl31/ |
| D | ehf.c | 37 * Convert index into secure priority using the platform-defined priority bits
47 /* Returns whether given priority is in secure priority range */
96 * This API is expected to be invoked before restoring context (Secure or
97 * Non-secure) in preparation for the respective dispatch.
163 * This API is expected to be invoked after saving context (Secure or
164 * Non-secure), having concluded the respective dispatch.
221 * After leaving Non-secure world, stash current Non-secure Priority Mask, and
222 * set Priority Mask to the highest Non-secure priority so that Non-secure
223 * interrupts cannot preempt Secure execution.
225 * If the current running priority is in the secure range, or if there are
[all …]
|
| /external/arm-trusted-firmware/docs/getting_started/ |
| D | psci-lib-integration-guide.rst | 9 at the highest secure privileged mode, which is EL3 in AArch64 or Secure SVC/
10 Monitor mode in AArch32, and provides runtime services to the non-secure world.
11 The runtime service request is made via SMC (Secure Monitor Call) and the call
13 include Trusted OS functionality. A minimal AArch32 Secure Payload, SP-MIN, is
36 #. Call ``psci_prepare_next_non_secure_ctx()`` to initialize the non-secure CPU
39 #. Get the non-secure ``cpu_context_t`` for the current CPU by calling
40 ``cm_get_context()`` , then programming the registers in the non-secure
41 context and exiting to non-secure world. If the EL3 Runtime Software needs
42 additional configuration to be set for non-secure context, like routing
43 FIQs to the secure world, the values of the registers can be modified prior
[all …]
|
| /external/apache-http/src/org/apache/http/conn/routing/ |
| D | RouteTracker.java | 81 /** Whether the route is secure. */
82 private boolean secure; field in RouteTracker
119 * @param secure <code>true</code> if the route is secure,
122 public final void connectTarget(boolean secure) { in connectTarget() argument
127 this.secure = secure; in connectTarget()
135 * @param secure <code>true</code> if the route is secure,
138 public final void connectProxy(HttpHost proxy, boolean secure) { in connectProxy() argument
147 this.secure = secure; in connectProxy()
154 * @param secure <code>true</code> if the route is secure,
157 public final void tunnelTarget(boolean secure) { in tunnelTarget() argument
[all …]
|
| D | HttpRoute.java | 76 /** Whether the route is (supposed to be) secure. */
77 private final boolean secure; field in HttpRoute
93 * @param secure <code>true</code> if the route is (to be) secure,
102 boolean secure, in HttpRoute() argument
122 this.secure = secure; in HttpRoute()
136 * @param secure <code>true</code> if the route is (to be) secure,
142 boolean secure, TunnelType tunnelled, LayerType layered) { in HttpRoute() argument
143 this(local, target, toChain(proxies), secure, tunnelled, layered); in HttpRoute()
155 * @param secure <code>true</code> if the route is (to be) secure,
165 boolean secure, TunnelType tunnelled, LayerType layered) { in HttpRoute() argument
[all …]
|
| /external/curl/tests/data/ |
| D | test31 | 19 Set-Cookie: foobar=name; domain=anything.com; path=/ ; secure
23 Set-Cookie: sec1value=secure1 ; domain=127.0.0.1; path=/secure1/ ; secure
24 Set-Cookie: sec2value=secure2 ; domain=127.0.0.1; path=/secure2/ ; secure=
25 Set-Cookie: sec3value=secure3 ; domain=127.0.0.1; path=/secure3/ ; secure=
26 Set-Cookie: sec4value=secure4 ; secure=; domain=127.0.0.1; path=/secure4/ ;
27 Set-Cookie: sec5value=secure5 ; secure; domain=127.0.0.1; path=/secure5/ ;
28 Set-Cookie: sec6value=secure6 ; secure ; domain=127.0.0.1; path=/secure6/ ;
29 Set-Cookie: sec7value=secure7 ; secure ; domain=127.0.0.1; path=/secure7/ ;
30 Set-Cookie: sec8value=secure8 ; secure= ; domain=127.0.0.1; path=/secure8/ ;
31 Set-Cookie: secure=very1 ; secure=; domain=127.0.0.1; path=/secure9/;
[all …]
|
| D | test1561 | 19 Set-Cookie: super=secret; domain=example.com; path=/1561; secure;
20 Set-Cookie: supersuper=secret; domain=example.com; path=/1561/login/; secure;
22 Set-Cookie: __Secure-SID=12346; Secure; Domain=example.com
23 Set-Cookie: supersupersuper=secret; __Secure-SID=12346; Secure; Domain=example.com
25 Set-Cookie: __Host-SID=22346; Secure
28 Set-Cookie: __Host-SID=22349; Secure; Domain=example.com; Path=/
29 Set-Cookie: __Host-SID=12346; Secure; Path=/
44 Set-Cookie: secureoverhttp=yes; domain=example.com; path=/1561; secure;
46 Set-Cookie: __Secure-SID=22346; Secure; Domain=example.com
48 Set-Cookie: __Host-SID=32346; Secure
[all …]
|
| /external/arm-trusted-firmware/plat/brcm/board/stingray/src/ |
| D | tz_sec.c | 72 /* Do raise an exception if a NS device tries to access secure memory */ in bcm_tzc_setup()
78 * To set a Master to non-secure, use *_SET registers
79 * To set a Master to secure, use *_CLR registers (set + 0x4 address)
91 * Initialize the secure environment for sdio.
101 * Initialize the secure environment for usb.
115 * DMA always comes up as secure master (*NS bit is 0).
117 * Because the default reset values of TZPC are 0 (== Secure),
119 * secure.
121 * TZPC and makes all masters non-secure for AB devices.
124 * including PCIe, as non-secure, then set the CLEAR_ALLMASTER_NS bit
[all …]
|
| /external/arm-trusted-firmware/docs/process/ |
| D | security-hardening.rst | 1 Secure Development Guidelines
18 The secure world **must not** leak secrets to the normal world, for example in
24 The secure world **should never** crash or become unusable due to receiving too
28 Preventing Secure-world timing information leakage via PMU counters
31 The Secure world needs to implement some defenses to prevent the Non-secure
39 Timing leakage attacks from the Non-secure world
42 Since the Non-secure world has access to the ``PMCR`` register, it can
44 Secure and Non-secure state. Thus, it attempts to leak timing information from
45 the Secure world.
68 at Secure EL1, Secure EL2 (if implemented) and EL3.
[all …]
|
| /external/arm-trusted-firmware/services/std_svc/spm_mm/ |
| D | spm_mm_main.c | 28 * Secure Partition context information.
33 * Set state of a Secure Partition context.
43 * Wait until the state of a Secure Partition is the specified one and change it
64 * Check if the state of a Secure Partition is the specified one and, if so,
95 cm_set_context(&(ctx->cpu_ctx), SECURE); in spm_sp_synchronous_entry()
98 cm_el1_sysregs_context_restore(SECURE); in spm_sp_synchronous_entry()
99 cm_set_next_eret_context(SECURE); in spm_sp_synchronous_entry()
105 /* Enter Secure Partition */ in spm_sp_synchronous_entry()
108 /* Save secure state */ in spm_sp_synchronous_entry()
109 cm_el1_sysregs_context_save(SECURE); in spm_sp_synchronous_entry()
[all …]
|
| /external/wayland-protocols/chromium.org/unstable/secure-output/ |
| D | secure-output-unstable-v1.xml | 27 <description summary="Protocol for providing secure output">
29 contents from appearing in screenshots or from being visible on non-secure
33 being visible on non-secure outputs, a client must first bind the global
34 interface "wp_secure_output" which, if a compositor supports secure output,
38 to be marked as only visible on secure outputs.
51 <description summary="secure output">
52 The global interface exposing secure output capabilities is used
55 as only visible on secure outputs.
59 <description summary="unbind from the secure output interface">
90 or be visible on non-secure outputs.
[all …]
|
| /external/robolectric-shadows/shadows/framework/src/main/java/org/robolectric/shadows/ |
| D | ShadowSettings.java | 77 @Implements(value = Settings.Secure.class)
133 Settings.Secure.getString(cr, Settings.Secure.LOCATION_PROVIDERS_ALLOWED); in updateEnabledProviders()
145 return Settings.Secure.putString( in updateEnabledProviders()
146 cr, Settings.Secure.LOCATION_PROVIDERS_ALLOWED, newProviders); in updateEnabledProviders()
151 if (Settings.Secure.LOCATION_MODE.equals(name) in putInt()
156 Settings.Secure.class, in putInt()
163 Settings.Secure.class, in putInt()
172 if (Settings.Secure.LOCATION_MODE.equals(name) in getInt()
177 Settings.Secure.class, in getInt()
184 Settings.Secure.class, in getInt()
[all …]
|
| /external/arm-trusted-firmware/lib/extensions/sve/ |
| D | sve.c | 30 * Disable SVE, SIMD and FP access for the Secure world. in disable_sve_hook()
34 * in the Secure world as well as SVE functionality. in disable_sve_hook()
41 * No explicit ISB required here as ERET to switch to Secure in disable_sve_hook()
55 * Enable SVE, SIMD and FP access for the Non-secure world. in enable_sve_hook()
62 * No explicit ISB required here as ERET to switch to Non-secure in enable_sve_hook()
83 * Non-secure world. in sve_enable()
88 * in the Non-secure world. in sve_enable()
108 * for Non-secure world, EL2 and Non-secure EL1 and EL0. in sve_enable()
113 * for EL2 and Non-secure EL1 and EL0. in sve_enable()
126 * Non-secure world covers it. in sve_enable()
|