Tegra186: add SE support to generate SHA256 of TZRAM

Fork: 0

LuminaSensum / arm-trusted-firmware

Browse code Tegra186: add SE support to generate SHA256 of TZRAM The BL3-1 firmware code is stored in TZSRAM on Tegra186 platforms. This memory loses power when we enter System Suspend and so its contents are stored to TZDRAM, before entry. This opens up an attack vector where the TZDRAM contents might be tampered with when we are in the System Suspend mode. To mitigate this attack the SE engine calculates the hash of entire TZSRAM and stores it in PMC scratch, before we copy data to TZDRAM. The WB0 code will validate the TZDRAM and match the hash with the one in PMC scratch. This patch adds driver for the SE engine, with APIs to calculate the hash and store SE SHA256 hash-result to PMC scratch registers. Change-Id: Ib487d5629225d3d99bd35d44f0402d6d3cf27ddf Signed-off-by: Jeetesh Burman <jburman@nvidia.com> WIP_v2.3-LS master v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3
1 parent 3827aa8 commit 4eed9c8480c67bd4558c6763204c04fe9b812fae Jeetesh Burman authored on 19 Jul 2018 Varun Wadekar committed on 9 Mar 2020

Browse code

The BL3-1 firmware code is stored in TZSRAM on Tegra186 platforms. This
memory loses power when we enter System Suspend and so its contents are
stored to TZDRAM, before entry. This opens up an attack vector where the
TZDRAM contents might be tampered with when we are in the System Suspend
mode. To mitigate this attack the SE engine calculates the hash of entire
TZSRAM and stores it in PMC scratch, before we copy data to TZDRAM. The
WB0 code will validate the TZDRAM and match the hash with the one in PMC
scratch.

This patch adds driver for the SE engine, with APIs to calculate the hash
and store SE SHA256 hash-result to PMC scratch registers.

Change-Id: Ib487d5629225d3d99bd35d44f0402d6d3cf27ddf
Signed-off-by: Jeetesh Burman <jburman@nvidia.com>

WIP_v2.3-LS master v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3

1 parent 3827aa8 commit 4eed9c8480c67bd4558c6763204c04fe9b812fae

Jeetesh Burman authored on 19 Jul 2018

Varun Wadekar committed on 9 Mar 2020

Patch

Unified Split

Showing 6 changed files

Ignore Space Show notes View plat/nvidia/tegra/include/drivers/security_engine.h

Ignore Space Show notes View plat/nvidia/tegra/include/t186/tegra_def.h

Ignore Space Show notes View plat/nvidia/tegra/soc/t186/drivers/se/se.c 0 → 100644

Ignore Space Show notes View plat/nvidia/tegra/soc/t186/drivers/se/se_private.h 0 → 100644

Ignore Space Show notes View plat/nvidia/tegra/soc/t186/plat_psci_handlers.c

Ignore Space Show notes View plat/nvidia/tegra/soc/t186/platform_t186.mk

Show line notes below