Security Configuration
General Security Configuration
Secure boot configuration is mainly used to configure BL1 and BL2 secure boot related information:
secureboot_en
- optional, indicating whether to enable secure boot, default is not enabled.
flash_aes_en
- optional, indicating whether to enable FLASH AES encryption, it is not enabled by default.
flash_aes_key
- optional, indicating the FLASH AES encryption key, must be configured whenflash_aes_en
is enabled.
root_key_type
- optional. By default ec256 is used. Configure the public key type of BL1/BL2 signature, the optional values are ec256, rsa2048.
root_pubkey
- optional, must be configured in mass production version. BL1/BL2 public key file.
root_privkey
- optional, must be configured in mass production version. BL1/BL2 private key file. The build tools sign the BL2 with the private key.
debug_key_type
- Optional. By default ec256 is used. Configure the public key type of secure debugging signature, the optional values are ec256, rsa2048.
debug_pubkey
- optional, must be configured for mass production version. Secure debugging public key file.
debug_privkey
- optional, must be configured for mass production version. Secure debug private key file.
Note
To simplify configuration, BL1/BL2 are signed with the same public key.
Security Peripheral Configuration
Security peripherals are configured through ppc.csv, the configuration example is as follows:
Device |
Secure |
Privilege |
---|---|---|
uart0 |
N |
N |
uart1 |
Y |
Y |
gpio0 |
Y |
Y |
gpio1 |
Y |
N |
The configuration table has three fixed columns:
Device
- Required. Indicates the device name, and the supported device names refer to Device name.
Secure
- Optional, indicates whether the device is a secure peripheral, which can only be accessed in the secure world. When not configured, it indicates a non-secure peripheral.
Privilege
- optional, indicating whether the device is a privileged peripheral, and the privileged peripheral can only be accessed in the processor privileged state. When not configured, indicates an unprivileged peripheral.
Note
If the configurable device is not in ppc.csv, it means non-secure device, non-privileged device.
Configurable Device
TBC
Code Generation
For a row in ppc.csv, two macros are generated in security.h to identify device security attributes.
Device |
Secure |
Privilege |
---|---|---|
uart0 |
FALSE |
FALSE |
Take the uart0 configuration in the above table as an example, the following code will be generated:
#define GEN_SECURITY_DEV_UART0_IS_SECURE 0
#define GEN_SECURITY_DEV_UART0_IS_PRIVILEGE 0
In addition, four external interfaces will be generated:
#define DEV_IS_PRIVILEGE(dev) GEN_SECURITY_DEV_##dev##_IS_PRIVILEGE
#define DEV_ID_IS_PRIVILEGE(dev, id) GEN_SECURITY_DEV_##dev##id##_IS_PRIVILEGE
#define DEV_IS_SECURE(dev) GEN_SECURITY_DEV_##dev##_IS_SECURE
#define DEV_ID_IS_SECURE(dev, id) GEN_SECURITY_DEV_##dev##id##_IS_SECURE
In Armino, peripheral security attributes can be accessed by calling the above four external interfaces.
Security Block Peripheral Configuration
Block peripherals are configured through mpc.csv, the configuration example is as follows:
Device |
Offset |
Size |
Secure |
---|---|---|---|
mem0 |
16k |
TRUE |
|
mem0 |
32k |
FALSE |
|
mem0 |
16k |
TRUE |
|
mem1 |
0x10000 |
64k |
TRUE |
The configuration table has four fixed columns:
Device
- Required. device name.
Offset
- optional. Device internal offset.
Not configured, if it is the first configuration block of the device, please set Offset to 0, otherwise it indicates the end address of the previous block.
Offset + Size cannot exceed the total storage size of the device.
Offset A block of addresses on the same device cannot overlap.
Size
- Required. Configure block size. Must be aligned to the device block size.
Secure
- optional. Configure the block security attribute, the value is False when not configured.
About configurable devices, device storage space size, device block size, please refer to Block memory security access.
Note
When the device block is not configured, it defaults to non-secure.
FLASH Data Bus Access Security Configuration
TODO
DMA Security Configuration
TODO