Changes

3,879 bytes added ,  20:26, 30 August 2019
no edit summary
Line 7: Line 7:  
The TSEC's MMIO space is divided as follows:
 
The TSEC's MMIO space is divided as follows:
 
* 0x54500000 to 0x54501000: THI (Tegra Host Interface)
 
* 0x54500000 to 0x54501000: THI (Tegra Host Interface)
* 0x54501000 to 0x54501400: FALCON (Falcon microcontroller)
+
* 0x54501000 to 0x54501400: [[#Falcon|FALCON (Falcon microcontroller)]]
* 0x54501400 to 0x54501500: SCP (Secure Co-processor)
+
* 0x54501400 to 0x54501500: [[#SCP|SCP (Secure Co-processor)]]
 
* 0x54501500 to 0x54501600: RND (Random Number Generator)
 
* 0x54501500 to 0x54501600: RND (Random Number Generator)
 
* 0x54501600 to 0x54501680: TFBIF (Tegra Framebuffer Interface)
 
* 0x54501600 to 0x54501680: TFBIF (Tegra Framebuffer Interface)
Line 656: Line 656:  
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_CFG
+
| [[#TSEC_SCP_CFG|TSEC_SCP_CFG]]
 
| 0x54501410
 
| 0x54501410
 
| 0x04
 
| 0x04
Line 688: Line 688:  
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_STAT0
+
| [[#TSEC_SCP_STAT0|TSEC_SCP_STAT0]]
 
| 0x54501450
 
| 0x54501450
 
| 0x04
 
| 0x04
Line 700: Line 700:  
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_RND_STAT0
+
| [[#TSEC_SCP_RND_STAT0|TSEC_SCP_RND_STAT0]]
 
| 0x54501470
 
| 0x54501470
 
| 0x04
 
| 0x04
Line 728: Line 728:  
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_RND_CTL0
+
| [[#TSEC_RND_CTL0|TSEC_RND_CTL0]]
 
| 0x54501500
 
| 0x54501500
 
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_RND_CTL1
+
| [[#TSEC_RND_CTL1|TSEC_RND_CTL1]]
 
| 0x54501504
 
| 0x54501504
 
| 0x04
 
| 0x04
Line 2,469: Line 2,469:  
|-
 
|-
 
| 20
 
| 20
| Enable the CMD interface
+
| Enable the [[#TSEC_SCP_CMD|TSEC_SCP_CMD]] register
 +
|-
 +
| 16
 +
| Enable the SEQ interface
 
|}
 
|}
   Line 2,476: Line 2,479:  
!  Bits
 
!  Bits
 
!  Description
 
!  Description
 +
|-
 +
| 0
 +
| Flush SEQ interface
 
|-
 
|-
 
| 11
 
| 11
Line 2,482: Line 2,488:  
| 12
 
| 12
 
| Enable the RND interface
 
| Enable the RND interface
 +
|}
 +
 +
=== TSEC_SCP_CFG ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 16-31
 +
| Timeout value
 
|}
 
|}
   Line 2,500: Line 2,515:  
| 0
 
| 0
 
| Enable lockdown mode
 
| Enable lockdown mode
|-
  −
| 1
  −
|
  −
|-
  −
| 2
  −
|
  −
|-
  −
| 3
  −
|
   
|-
 
|-
 
| 4
 
| 4
 
| Lock the SCP and RND
 
| Lock the SCP and RND
|-
  −
| 5
  −
|
  −
|-
  −
| 6
  −
|
  −
|-
  −
| 7
  −
|
   
|}
 
|}
   Line 2,543: Line 2,540:  
|-
 
|-
 
| 0-3
 
| 0-3
| Sequence's instruction index
+
| Index
 
|-
 
|-
| 4-7
+
| 4
| Target and control flags
+
| Automatic increment
 +
|-
 +
| 5-6
 +
| Target
 +
0: None
 +
1: Unknown
 +
2: Unknown
 +
3: SEQ
 
|-
 
|-
| 8-11
+
| 8-12
| Sequence's size
+
| SEQ size
 
|}
 
|}
   −
Controls the last crypto sequence (cs0 or cs1) created.
+
Used for debugging crypto interfaces such as the SEQ (crypto sequence).
    
=== TSEC_SCP_DBG1 ===
 
=== TSEC_SCP_DBG1 ===
Line 2,560: Line 2,564:  
|-
 
|-
 
| 0-3
 
| 0-3
| Sequence instruction's first operand
+
| SEQ instruction's first operand
 
|-
 
|-
 
| 4-9
 
| 4-9
| Sequence instruction's second operand
+
| SEQ instruction's second operand
 
|-
 
|-
 
| 10-14
 
| 10-14
| Sequence instruction's opcode
+
| SEQ instruction's opcode
 
|}
 
|}
   −
Contains information on the last crypto sequence (cs0 or cs1) created.
+
Used for retrieving debug data. Contains information on the last crypto sequence created when debugging the SEQ interface.
    
=== TSEC_SCP_DBG2 ===
 
=== TSEC_SCP_DBG2 ===
Line 2,576: Line 2,580:  
!  Description
 
!  Description
 
|-
 
|-
| 0
+
| 0-1
| Set if crypto sequence recording (cs0begin/cs1begin) is active
+
| SEQ state
 +
0: Idle
 +
1: Recording is active (cs0begin/cs1begin)
 
|-
 
|-
 
| 4-7
 
| 4-7
| Number of instructions left for the crypto sequence
+
| Number of SEQ instructions left
 
|-
 
|-
 
| 12-15
 
| 12-15
Line 2,586: Line 2,592:  
|}
 
|}
   −
Contains information on the last crypto sequence (cs0 or cs1) executed.
+
Used for retrieving additional debug data associated with the SEQ interface.
    
=== TSEC_SCP_CMD ===
 
=== TSEC_SCP_CMD ===
Line 2,594: Line 2,600:  
|-
 
|-
 
| 0-3
 
| 0-3
| Destination register or immediate value
+
| Destination register
 
|-
 
|-
 
| 8-13
 
| 8-13
Line 2,600: Line 2,606:  
|-
 
|-
 
| 20-24
 
| 20-24
| Operation
+
| Command opcode
 
  0x0:  nop (fuc5 opcode 0x00)  
 
  0x0:  nop (fuc5 opcode 0x00)  
 
  0x1:  cmov (fuc5 opcode 0x84)
 
  0x1:  cmov (fuc5 opcode 0x84)
Line 2,636: Line 2,642:  
Contains information on the last crypto command executed.
 
Contains information on the last crypto command executed.
   −
=== TSEC_SCP_STAT1 ===
+
=== TSEC_SCP_STAT0 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 2
 +
| CMD interface is active
 +
|-
 +
| 6
 +
| SEQ interface is active
 +
|-
 +
| 16
 +
| RND interface is active
 +
|}
 +
 
 +
Contains the status of the crypto interfaces.
 +
 
 +
=== TSEC_SCP_STAT1 ===
 
{| class="wikitable" border="1"
 
{| class="wikitable" border="1"
 
!  Bits
 
!  Bits
Line 2,642: Line 2,665:  
|-
 
|-
 
| 0-1
 
| 0-1
| Signature comparison result (3=succeeded, 2=failed)
+
| Signature comparison result
 +
0: None
 +
1: Running
 +
2: Failed
 +
3: Succeeded
 
|}
 
|}
   −
Contains information on the last authentication attempt.
+
Contains the status of the last authentication attempt.
    
=== TSEC_SCP_STAT2 ===
 
=== TSEC_SCP_STAT2 ===
Line 2,653: Line 2,680:  
|-
 
|-
 
| 0-4
 
| 0-4
| First opcode
+
| Current SEQ opcode
 
|-
 
|-
 
| 5-9
 
| 5-9
| Second opcode
+
| Unknown opcode
 +
|-
 +
| 10-14
 +
| Pending CMD opcode
 
|-
 
|-
 
| 15-16
 
| 15-16
Line 2,664: Line 2,694:  
  2: Key expansion
 
  2: Key expansion
 
  3: Key reverse expansion
 
  3: Key reverse expansion
 +
|-
 +
| 27
 +
| RND operation is stalled
 +
|-
 +
| 29
 +
| AES operation is stalled
 +
|}
 +
 +
Contains the status of crypto operations.
 +
 +
=== TSEC_SCP_RND_STAT0 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0
 +
| RND is ready
 
|}
 
|}
   −
Contains information on the last AES sequence executed.
+
Contains the status of the RND interface.
    
=== TSEC_SCP_IRQSTAT ===
 
=== TSEC_SCP_IRQSTAT ===
Line 2,689: Line 2,736:  
|-
 
|-
 
| 24
 
| 24
|  
+
| RND unknown
 
|-
 
|-
 
| 28
 
| 28
|  
+
| Timeout
 
|}
 
|}
   Line 2,718: Line 2,765:  
|-
 
|-
 
| 24
 
| 24
|  
+
| RND unknown
 
|-
 
|-
 
| 28
 
| 28
|  
+
| Timeout
 
|}
 
|}
   Line 2,732: Line 2,779:  
|-
 
|-
 
| 0
 
| 0
| Set when writing to a crypto register without the correct ACL
+
| Writing to a crypto register without the correct ACL
 
|-
 
|-
 
| 4
 
| 4
| Set when reading from a crypto register without the correct ACL
+
| Reading from a crypto register without the correct ACL
 
|-
 
|-
 
| 8
 
| 8
| Set on an invalid ACL change (cchmod)
+
| Invalid ACL change (cchmod)
 
|-
 
|-
 
| 31
 
| 31
| An ACL error occurred
+
| ACL error occurred
 
|}
 
|}
   −
Contains information on the status generated by the [[#TSEC_SCP_IRQSTAT|ACL error]] IRQ.
+
Contains information on errors generated by the [[#TSEC_SCP_IRQSTAT|ACL error]] IRQ.
    
=== TSEC_SCP_CMD_ERR ===
 
=== TSEC_SCP_CMD_ERR ===
Line 2,773: Line 2,820:  
|}
 
|}
   −
Contains information on crypto errors generated by the [[#TSEC_SCP_IRQSTAT|CMD error]] IRQ.
+
Contains information on errors generated by the [[#TSEC_SCP_IRQSTAT|CMD error]] IRQ.
   −
=== TSEC_TFBIF_CTL ===
+
=== TSEC_RND_CTL0 ===
 
{| class="wikitable" border="1"
 
{| class="wikitable" border="1"
 
!  Bits
 
!  Bits
 
!  Description
 
!  Description
 
|-
 
|-
| 0
+
| 0-31
| TSEC_TFBIF_CTL_CLR_BWCOUNT
+
| RND clock trigger lower limit
|-
+
|}
 +
 
 +
=== TSEC_RND_CTL1 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-15
 +
| RND clock trigger upper limit
 +
|-
 +
| 16-31
 +
| RND clock trigger mask
 +
|}
 +
 
 +
=== TSEC_TFBIF_CTL ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0
 +
| TSEC_TFBIF_CTL_CLR_BWCOUNT
 +
|-
 
| 1
 
| 1
 
| TSEC_TFBIF_CTL_ENABLE
 
| TSEC_TFBIF_CTL_ENABLE
Line 3,134: Line 3,202:  
|}
 
|}
   −
== SCP ==
+
== Falcon ==
Part of the information here (which hasn't made it into envytools documentation yet) was shared by [https://wiki.0x04.net/wiki/Marcin_Ko%C5%9Bcielnicki mwk] from reverse engineering falcon processors over the years.
+
"Falcon" (FAst Logic CONtroller) is a proprietary general purpose CPU which can be found inside various hardware blocks that require some sort of logic processing such as TSEC (TSECA and TSECB), NVDEC, NVENC, NVJPG, VIC, GPU PMU and XUSB.
 +
 
 +
=== Processor Registers ===
 +
A total of 32 processor registers are available in the Falcon CPU.
 +
 
 +
==== REG0-REG15 ====
 +
These are 16 32-bit GPRs (general purpose registers).
 +
 
 +
==== IV0 ====
 +
This is a SPR (special purpose register) that holds the address for interrupt vector 0.
 +
 
 +
==== IV1 ====
 +
This is a SPR (special purpose register) that holds the address for interrupt vector 1.
 +
 
 +
==== IV2 ====
 +
This is a SPR (special purpose register) that holds the address for interrupt vector 2. This register is considered "UNDEFINED" and appears to be unused.
 +
 
 +
==== EV ====
 +
This is a SPR (special purpose register) that holds the address for the exception vector.
 +
 
 +
Alternative name (envytools): "tv".
 +
 
 +
==== SP ====
 +
This is a SPR (special purpose register) that holds the current stack pointer.
 +
 
 +
==== PC ====
 +
This is a SPR (special purpose register) that holds the current program counter.
 +
 
 +
==== IMB ====
 +
This is a SPR (special purpose register) that holds the external base address for IMEM transfers.
   −
=== Authenticated Mode ===
+
Alternative name (envytools): "xcbase".
==== Entry ====
  −
From non-secure mode, upon jumping to a page marked as secret, a secret fault occurs. This causes the CPU to verify the region specified in $cauth against the MAC loaded in $c6. If the comparison is successful, the valid bit (bit0) is set on all pages in the $cauth region, and $pc is set to the base of the $cauth region. If the comparsion fails, the CPU is halted.
     −
==== Exit ====
+
==== DMB ====
The CPU automatically goes back to non-secure mode when returning back into non-secret pages. When this happens, the valid bit (bit0) in the TLB flags is cleared for all secret pages.
+
This is a SPR (special purpose register) that holds the external base address for DMEM transfers.
   −
==== Implementation ====
+
Alternative name (envytools): "xdbase".
Under certain circumstances, it is possible to observe [[#csigauth|csigauth]] being briefly written to [[#TSEC_SCP_CMD|TSEC_SCP_CMD]] as "csigauth $c4 $c6" while the opcodes in [[#TSEC_SCP_STAT2|TSEC_SCP_STAT2]] are set to "cxsin" and "csigauth", respectively.
     −
Via [[#TSEC_SCP_DBG0|TSEC_SCP_DBG0]] it can be observed that a 3-sized macro sequence is loaded into cs0 during a secure mode transition.
+
==== CSW ====
 +
This is a SPR (special purpose register) that holds various flag bits.
   −
=== Operations ===
   
{| class="wikitable" border="1"
 
{| class="wikitable" border="1"
!  Opcode
+
!  Bits
!  Name
+
!  Description
!  Operand0
+
|-
!  Operand1
+
| 0-7 || General purpose predicates
!  Operation
+
|-
!  Condition
+
| 8 || ALU carry flag
 +
|-
 +
| 9 || ALU signed overflow flag
 +
|-
 +
| 10 || ALU sign flag
 +
|-
 +
| 11 || ALU zero flag
 +
|-
 +
| 12-15 || Unused
 +
|-
 +
| 16 || Interrupt 0 enable
 +
|-
 +
| 17 || Interrupt 1 enable
 +
|-
 +
| 18 || Interrupt 2 enable (undefined)
 +
|-
 +
| 19 || Unused
 +
|-
 +
| 20 || Interrupt 0 saved enable
 +
|-
 +
| 21 || Interrupt 1 saved enable
 +
|-
 +
| 22 || Interrupt 2 saved enable (undefined)
 +
|-
 +
| 23 || Unused
 +
|-
 +
| 24 || Exception active
 +
|-
 +
| 25 || Unused
 +
|-
 +
| 26 || Unknown
 +
|-
 +
| 27-28 || Unused
 +
|-
 +
| 29 || Unknown
 +
|-
 +
| 30-31 || Unused
 +
|}
 +
 
 +
Alternative name (envytools): "flags".
 +
 
 +
==== CCR ====
 +
This is a SPR (special purpose register) that holds configuration bits for the SCP DMA override functionality. The value of this register is set using the "cxset" instruction which provides a way to change the behavior of a variable amount of successively executed DMA-related instructions ("xdwait", "xdst" and "xdld").
 +
 
 +
{| class=wikitable
 +
! Bits || Description
 +
|-
 +
| 0-4 || Number of instructions the override is valid for (0x1F means infinite)
 +
|-
 +
| 5 || Crypto destination/source select
 +
0: Crypto register
 +
1: Crypto stream
 +
|-
 +
| 6 || External memory override
 +
0: Disabled
 +
1: Enabled
 +
|-
 +
| 7 || Internal memory select
 +
0: DMEM
 +
1: IMEM
 +
|-
 +
| 8-31 || Unused
 +
|}
 +
 
 +
Alternative name (envytools): "cx".
 +
 
 +
==== SEC ====
 +
This is a SPR (special purpose register) that holds configuration bits for the SCP authentication process.
 +
 
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-7 || Start of region to authenticate (in 0x100 pages)
 +
|-
 +
| 8-15 || Unused
 +
|-
 +
| 16 || Mark all subsequent code transfers as secret
 +
|-
 +
| 17 || Region is encrypted
 +
|-
 +
| 18 || Unknown (set in HS mode)
 +
|-
 +
| 19 || Block traps and interrupts (set in HS mode)
 +
|-
 +
| 20-23 || Unused
 +
|-
 +
| 24-31 || Size of region to authenticate (in 0x100 pages)
 +
|}
 +
 
 +
Alternative name (envytools): "cauth".
 +
 
 +
==== CTX ====
 +
This is a SPR (special purpose register) that holds configuration bits for the CTXDMA ports.
 +
 
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-2 || CTXDMA port for code loads (xcld)
 +
|-
 +
| 3 || Unused
 +
|-
 +
| 4-6 || CTXDMA port for code stores (invalid)
 +
|-
 +
| 7 || Unused
 +
|-
 +
| 8-10 || CTXDMA port for data loads (xdld)
 +
|-
 +
| 11 || Unused
 +
|-
 +
| 12-14 || CTXDMA port for data stores (xdst)
 +
|-
 +
| 15-31 || Unused
 +
|}
 +
 
 +
Alternative name (envytools): "xtargets".
 +
 
 +
==== EXCI ====
 +
This is a SPR (special purpose register) that holds information on raised exceptions.
 +
 
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-19 || Exception PC
 +
|-
 +
| 20-23 || Exception cause
 +
|-
 +
| 24-31 || Unused
 +
|}
 +
 
 +
Alternative name (envytools): "tstatus".
 +
 
 +
==== SEC1 ====
 +
Unknown. Marked as "RESERVED".
 +
 
 +
==== IMB1 ====
 +
Unknown. Marked as "RESERVED".
 +
 
 +
==== DMB1 ====
 +
Unknown. Marked as "RESERVED".
 +
 
 +
== SCP ==
 +
Part of the information here (which hasn't made it into envytools documentation yet) was shared by [https://wiki.0x04.net/wiki/Marcin_Ko%C5%9Bcielnicki mwk] from reverse engineering falcon processors over the years.
 +
 
 +
=== Heavy Secure Mode ===
 +
==== Entry ====
 +
From non-secure mode, upon jumping to a page marked as secret, a secret fault occurs. This causes the CPU to verify the region specified in $cauth against the MAC loaded in $c6. If the comparison is successful, the valid bit (bit0) is set on all pages in the $cauth region, and $pc is set to the base of the $cauth region. If the comparsion fails, the CPU is halted.
 +
 
 +
==== Exit ====
 +
The CPU automatically goes back to non-secure mode when returning back into non-secret pages. When this happens, the valid bit (bit0) in the TLB flags is cleared for all secret pages.
 +
 
 +
==== Implementation ====
 +
Under certain circumstances, it is possible to observe [[#sigauth|sigauth]] being briefly written to [[#TSEC_SCP_CMD|TSEC_SCP_CMD]] as "csigauth $c4 $c6" while the opcodes in [[#TSEC_SCP_STAT2|TSEC_SCP_STAT2]] are set to "cxsin" and "csigauth", respectively.
 +
 
 +
Via [[#TSEC_SCP_DBG0|TSEC_SCP_DBG0]] it can be observed that a 3-sized macro sequence is loaded into cs0 during a secure mode transition.
 +
 
 +
=== Operations ===
 +
{| class="wikitable" border="1"
 +
!  Opcode
 +
!  Name
 +
!  Operand0
 +
!  Operand1
 +
!  Operation
 +
!  Condition
 
|-
 
|-
 
| 0 || nop || N/A || N/A || ||
 
| 0 || nop || N/A || N/A || ||
Line 3,166: Line 3,425:  
| 3 || sout || $cX || N/A || <code>write_stream($cX);</code> || ?
 
| 3 || sout || $cX || N/A || <code>write_stream($cX);</code> || ?
 
|-
 
|-
| 4 || rnd || $cX || N/A || <code>$cX = read_trng(); ACL(X) = ???;</code> ||
+
| 4 || [[#rnd|rnd]] || $cX || N/A || <code>$cX = read_rnd(); ACL(X) = ???;</code> ||
 
|-
 
|-
 
| 5 || s0begin || immX || N/A || <code>record_macro_for_N_instructions(0, immX);</code> ||
 
| 5 || s0begin || immX || N/A || <code>record_macro_for_N_instructions(0, immX);</code> ||
Line 3,178: Line 3,437:  
| 9 || <invalid> || || || ||
 
| 9 || <invalid> || || || ||
 
|-
 
|-
| 0xA || chmod || $cX || immY || Complicated, see [[#ACL|ACL]]. ||
+
| 0xA || [[#chmod|chmod]] || $cX || immY || Complicated, see [[#ACL|ACL]]. ||
 
|-
 
|-
 
| 0xB || xor || $cX || $cY || <code>$cX ^= $cY;</code> || <code>(ACL(X) & 2) && (ACL(Y) & 2)</code>
 
| 0xB || xor || $cX || $cY || <code>$cX ^= $cY;</code> || <code>(ACL(X) & 2) && (ACL(Y) & 2)</code>
Line 3,202: Line 3,461:  
| 0x15 || dec || $cX || $cY || <code>$cX = aes_dec(active_key_idx, $cY); ACL(X) = ACL(active_key_idx) & ACL(Y);</code> ||
 
| 0x15 || dec || $cX || $cY || <code>$cX = aes_dec(active_key_idx, $cY); ACL(X) = ACL(active_key_idx) & ACL(Y);</code> ||
 
|-
 
|-
| 0x16 || csigauth || $cX || $cY || <code>if (hash_verify($cX, $cY)) { has_sig = true; current_sig = $cX; }</code> || ?
+
| 0x16 || [[#sigauth|sigauth]] || $cX || $cY || <code>if (hash_verify($cX, $cY)) { has_sig = true; current_sig = $cX; }</code> || ?
 
|-
 
|-
| 0x17 || csigclr || N/A || N/A || <code>has_sig = false;</code> ||
+
| 0x17 || [[#sigclr|sigclr]] || N/A || N/A || <code>has_sig = false;</code> ||
 
|-
 
|-
| 0x18 || csigenc || $cX || $cY || <code>if (has_sig) { $cX = aes_enc($cY, current_sig); ACL(X) = 0x13; }</code> ||
+
| 0x18 || sigenc || $cX || $cY || <code>if (has_sig) { $cX = aes_enc($cY, current_sig); ACL(X) = 0x13; }</code> ||
 
|}
 
|}
   −
==== csigauth ====
+
==== sigauth ====
 
<code>00000000: f5 3c XY d8    csigauth $cY $cX</code>
 
<code>00000000: f5 3c XY d8    csigauth $cY $cX</code>
    
Takes 2 crypto registers as operands and is automatically executed when jumping to a code region previously uploaded as secret. This instruction does not work in secure mode.
 
Takes 2 crypto registers as operands and is automatically executed when jumping to a code region previously uploaded as secret. This instruction does not work in secure mode.
   −
==== csigclr ====
+
==== sigclr ====
 
<code>00000000: f5 3c 00 e0    csigclr</code>
 
<code>00000000: f5 3c 00 e0    csigclr</code>
   −
This instruction takes no operands and appears to clear the saved cauth signature used by the csigenc instruction.
+
This instruction takes no operands and clears the saved cauth signature used by the csigenc instruction.
   −
==== cchmod ====
+
==== chmod ====
 
<code>00000000: f5 3c XY a8    cchmod $cY 0X</code> or <code>00000000: f5 3c XY a9    cchmod $cY 1X</code>
 
<code>00000000: f5 3c XY a8    cchmod $cY 0X</code> or <code>00000000: f5 3c XY a9    cchmod $cY 1X</code>
    
This instruction takes a crypto register and a 5 bit immediate value which represents the [[#ACL|ACL]] mask to set.
 
This instruction takes a crypto register and a 5 bit immediate value which represents the [[#ACL|ACL]] mask to set.
   −
==== crnd ====
+
==== rnd ====
 
<code>00000000: f5 3c 0X 90    crnd $cX</code>
 
<code>00000000: f5 3c 0X 90    crnd $cX</code>
    
This instruction initializes a crypto register with random data.
 
This instruction initializes a crypto register with random data.
   −
Executing this instruction only succeeds if the TRNG is enabled for the SCP, which requires taking the following steps:
+
Executing this instruction only succeeds if the RND interface is enabled for the SCP, which requires taking the following steps:
* Write 0x7FFF to TSEC_RND_CTL0.
+
* Write 0x7FFF to [[#TSEC_RND_CTL0|TSEC_RND_CTL0]].
* Write 0x3FF0000 to TSEC_RND_CTL1.
+
* Write 0x3FF0000 to [[#TSEC_RND_CTL1|TSEC_RND_CTL1]].
 
* Write 0xFF00 to TSEC_RND_CTL11.
 
* Write 0xFF00 to TSEC_RND_CTL11.
 
* Write 0x1000 to [[#TSEC_SCP_CTL1|TSEC_SCP_CTL1]].
 
* Write 0x1000 to [[#TSEC_SCP_CTL1|TSEC_SCP_CTL1]].
Line 3,261: Line 3,520:     
Loading a secret into $cX sets a per-secret ACL, unconditionally.
 
Loading a secret into $cX sets a per-secret ACL, unconditionally.
  −
=== cauth ===
  −
$cauth is a special purpose register in the CPU.
  −
  −
{| class="wikitable" border="1"
  −
!  Bits
  −
!  Description
  −
|-
  −
| 0-7 || Start of region to authenticate (in 0x100 pages)
  −
|-
  −
| 8-15 || Unknown
  −
|-
  −
| 16 || Use secret xfers
  −
|-
  −
| 17 || Region is encrypted
  −
|-
  −
| 18 || Unknown (set in HS mode)
  −
|-
  −
| 19 || Block traps and interrupts (set in HS mode)
  −
|-
  −
| 20-23 || Unknown
  −
|-
  −
| 24-31 || Size of region to authenticate (in 0x100 pages)
  −
|}
  −
  −
=== cxset ===
  −
cxset instruction provides a way to change behavior of a variable amount of successively executed DMA-related instructions.
  −
  −
for example: <code>000000de: f4 3c 02              cxset 0x2</code>
  −
  −
can be read as: <code>dma_override(type=crypto_reg, count=2)</code>
  −
  −
The argument to cxset specifies the type of behavior change in the top 3 bits, and the number of DMA-related instructions the effect lasts for in the lower 5 bits.
  −
  −
{| class=wikitable
  −
! Bits || Description
  −
|-
  −
| 0-4 || Number of instructions it is valid for (0x1f is a special value meaning infinitely many instructions -- until overriden by another cxset)
  −
|-
  −
| 5 || Crypto destination/source select (0=crypto register, 1=crypto stream)
  −
|-
  −
| 6 || External memory override (0=Disabled, 1=Enabled)
  −
|-
  −
| 7 || Internal memory select (0=DMEM, 1=IMEM)
  −
|}
  −
  −
==== DMA-Related Instructions ====
  −
At least the following instructions may have changed behavior, and count against the cxset "count" argument: <code>xdwait</code>, <code>xdst</code>, <code>xdld</code>.
  −
  −
For example, if override type=0b000, then the "length" argument to <code>xdst</code> is instead treated as the index of the target $cX register.
      
=== Secrets ===
 
=== Secrets ===
Falcon's Authenticated Mode has access to 64 128-bit keys which are burned at factory. These keys can be loaded by using the $csecret instruction which takes the target crypto register and the key index as arguments.
+
Falcon's Heavy Secure Mode has access to 64 128-bit keys which are burned at factory. These keys can be loaded using the $csecret instruction which takes the target crypto register and the key index as arguments.
    
Secrets are specific to each Falcon unit with the exception of secret 0x3F. This secret is effectively empty (all zeros), but is configured to be overwritten with the KFUSE private key once the KFUSE clock is enabled. The KFUSE private key is console-unique.
 
Secrets are specific to each Falcon unit with the exception of secret 0x3F. This secret is effectively empty (all zeros), but is configured to be overwritten with the KFUSE private key once the KFUSE clock is enabled. The KFUSE private key is console-unique.