TSEC: Difference between revisions
m Rename cprecmac occurence to cgfmul |
No edit summary |
||
Line 723: | Line 723: | ||
| 0x04 | | 0x04 | ||
|- | |- | ||
| TSEC_SCP_RND_CTL2 | | [[#TSEC_SCP_RND_CTL2|TSEC_SCP_RND_CTL2]] | ||
| 0x54501508 | | 0x54501508 | ||
| 0x04 | | 0x04 | ||
|- | |- | ||
| TSEC_SCP_RND_CTL3 | | [[#TSEC_SCP_RND_CTL3|TSEC_SCP_RND_CTL3]] | ||
| 0x5450150C | | 0x5450150C | ||
| 0x04 | | 0x04 | ||
|- | |- | ||
| TSEC_SCP_RND_CTL4 | | [[#TSEC_SCP_RND_CTL4|TSEC_SCP_RND_CTL4]] | ||
| 0x54501510 | | 0x54501510 | ||
| 0x04 | | 0x04 | ||
|- | |- | ||
| TSEC_SCP_RND_CTL5 | | [[#TSEC_SCP_RND_CTL5|TSEC_SCP_RND_CTL5]] | ||
| 0x54501514 | | 0x54501514 | ||
| 0x04 | | 0x04 | ||
|- | |- | ||
| TSEC_SCP_RND_CTL6 | | [[#TSEC_SCP_RND_CTL6|TSEC_SCP_RND_CTL6]] | ||
| 0x54501518 | | 0x54501518 | ||
| 0x04 | | 0x04 | ||
|- | |- | ||
| TSEC_SCP_RND_CTL7 | | [[#TSEC_SCP_RND_CTL7|TSEC_SCP_RND_CTL7]] | ||
| 0x5450151C | | 0x5450151C | ||
| 0x04 | | 0x04 | ||
|- | |- | ||
| TSEC_SCP_RND_CTL8 | | [[#TSEC_SCP_RND_CTL8|TSEC_SCP_RND_CTL8]] | ||
| 0x54501520 | | 0x54501520 | ||
| 0x04 | | 0x04 | ||
|- | |- | ||
| TSEC_SCP_RND_CTL9 | | [[#TSEC_SCP_RND_CTL9|TSEC_SCP_RND_CTL9]] | ||
| 0x54501524 | | 0x54501524 | ||
| 0x04 | | 0x04 | ||
|- | |- | ||
| TSEC_SCP_RND_CTL10 | | [[#TSEC_SCP_RND_CTL10|TSEC_SCP_RND_CTL10]] | ||
| 0x54501528 | | 0x54501528 | ||
| 0x04 | | 0x04 | ||
|- | |- | ||
| TSEC_SCP_RND_CTL11 | | [[#TSEC_SCP_RND_CTL11|TSEC_SCP_RND_CTL11]] | ||
| 0x5450152C | | 0x5450152C | ||
| 0x04 | | 0x04 | ||
Line 3,577: | Line 3,577: | ||
|- | |- | ||
| 10 | | 10 | ||
| Enable | | Enable [[#LOAD|Falcon<->LOAD]] interface | ||
|- | |- | ||
| 12 | | 12 | ||
| Enable | | Enable [[#STORE|Falcon<->STORE]] interface | ||
|- | |- | ||
| 14 | | 14 | ||
| Enable | | Enable [[#CMD|Falcon<->CMD]] interface | ||
|- | |- | ||
| 16 | | 16 | ||
| Enable | | Enable [[#SEQ|SEQ]] | ||
|- | |- | ||
| 20 | | 20 | ||
| Enable | | Enable [[#CTL|CTL]] | ||
|} | |} | ||
Line 3,598: | Line 3,598: | ||
|- | |- | ||
| 0 | | 0 | ||
| Clear [[#SEQ|SEQ]] | | Clear [[#SEQ|SEQ]] | ||
|- | |- | ||
| 8 | | 8 | ||
| Clear | | Clear [[#SCP|SCP]]'s internal pipeline | ||
|- | |- | ||
| 11 | | 11 | ||
| Enable [[#RNG|RNG]] | | Enable [[#RNG|RNG]]'s test mode | ||
|- | |- | ||
| 12 | | 12 | ||
| Enable | | Enable [[#RNG|RNG]] | ||
|- | |- | ||
| 16 | | 16 | ||
| Enable [[#LOAD|LOAD]] | | Enable [[#LOAD|Falcon<->LOAD]] interface's dummy mode (all reads return 0) | ||
|- | |- | ||
| 20 | | 20 | ||
| Enable [[#LOAD|LOAD]] | | Enable [[#LOAD|Falcon<->LOAD]] interface bypassing (all reads are dropped) | ||
|- | |- | ||
| 24 | | 24 | ||
| Enable [[#STORE|STORE]] | | Enable [[#STORE|Falcon<->STORE]] interface bypassing (all writes are dropped) | ||
|} | |} | ||
Line 3,635: | Line 3,635: | ||
| 0 | | 0 | ||
| Enable lockdown mode (locks IMEM and DMEM) | | Enable lockdown mode (locks IMEM and DMEM) | ||
|- | |- | ||
| 4 | | 4 | ||
| Lock | | Lock [[#SCP|SCP]]'s MMIO register space | ||
|} | |} | ||
Line 3,666: | Line 3,648: | ||
|- | |- | ||
| 0 | | 0 | ||
| | | Endianness for ADD | ||
0: Little | |||
1: Big | |||
|- | |- | ||
| 1 | | 1 | ||
| | | Endianness for GFMUL | ||
0: Little | |||
1: Big | |||
|- | |- | ||
| 2 | | 2 | ||
| | | Endianness for [[#LOAD|LOAD]] | ||
0: Little | |||
1: Big | |||
|- | |- | ||
| 3 | | 3 | ||
| | | Endianness for [[#STORE|STORE]] | ||
0: Little | |||
1: Big | |||
|- | |- | ||
| 4 | | 4 | ||
| [[#AES|AES]] | | Endianness for [[#AES|AES]] | ||
0: Little | 0: Little | ||
1: Big | 1: Big | ||
|- | |- | ||
| 8 | | 8 | ||
| Flush [[#CMD|CMD]] | | Flush [[#CMD|CMD]] | ||
|- | |- | ||
| 12-13 | | 12-13 | ||
| Carry chain size | | Carry chain's size | ||
0: 32 bits | 0: 32 bits | ||
1: 64 bits | 1: 64 bits | ||
Line 3,693: | Line 3,683: | ||
|- | |- | ||
| 16-31 | | 16-31 | ||
| | | [[#SCP|SCP]]'s internal pipeline stall timeout value | ||
|} | |} | ||
Line 3,702: | Line 3,692: | ||
|- | |- | ||
| 0 | | 0 | ||
| Swap [[#SCP|SCP]] master | | Swap [[#SCP|SCP]]'s master | ||
|- | |- | ||
| 1 | | 1 | ||
| Current [[#SCP|SCP]] master | | Current [[#SCP|SCP]]'s master | ||
0: Falcon | 0: Falcon | ||
1: External | 1: External | ||
Line 3,759: | Line 3,749: | ||
|- | |- | ||
| 8-12 | | 8-12 | ||
| [[#SEQ|SEQ]] | | [[#SEQ|SEQ]]'s current sequence's size | ||
|- | |- | ||
| 13-16 | | 13-16 | ||
| [[#SEQ|SEQ]] | | [[#SEQ|SEQ]]'s current instruction's address | ||
|- | |- | ||
| 17 | | 17 | ||
| [[#SEQ|SEQ]] | | [[#SEQ|SEQ]]'s current instruction is valid | ||
|- | |- | ||
| 18 | | 18 | ||
| [[#SEQ|SEQ]] | | [[#SEQ|SEQ]] is running in HS mode | ||
|- | |- | ||
| 19-22 | | 19-22 | ||
| [[#LOAD|LOAD]] | | [[#LOAD|LOAD]]'s queue's size | ||
|- | |- | ||
| 23 | | 23 | ||
| [[#LOAD|LOAD]] | | [[#LOAD|LOAD]]'s current operation is valid | ||
|- | |- | ||
| 24 | | 24 | ||
| [[#LOAD|LOAD]] | | [[#LOAD|LOAD]] is running in HS mode | ||
|- | |- | ||
| 25-26 | | 25-26 | ||
| [[#STORE|STORE]] | | [[#STORE|STORE]]'s queue's size | ||
|- | |- | ||
| 30 | | 30 | ||
| [[#STORE|STORE]] | | [[#STORE|STORE]]'s current operation is valid | ||
|- | |- | ||
| 31 | | 31 | ||
| [[#STORE|STORE]] | | [[#STORE|STORE]] is running in HS mode | ||
|} | |} | ||
Line 3,796: | Line 3,786: | ||
! Description | ! Description | ||
|- | |- | ||
| 0- | | 0-31 | ||
| | | Data | ||
If target is SEQ: | |||
Bits 0-3: current instruction's first operand | |||
Bits 4-9: current instruction's second operand | |||
Bits 10-14: current instruction's opcode | |||
|} | |} | ||
Used for retrieving debug data. Contains information on the last crypto sequence created when debugging the SEQ | Used for retrieving debug data. Contains information on the last crypto sequence created when debugging the [[#SEQ|SEQ]] block. | ||
=== TSEC_SCP_DBG2 === | === TSEC_SCP_DBG2 === | ||
Line 3,814: | Line 3,802: | ||
|- | |- | ||
| 0-1 | | 0-1 | ||
| [[#SEQ|SEQ]] | | [[#SEQ|SEQ]]'s state | ||
0: Idle | 0: Idle | ||
1: Recording is active (cs0begin/cs1begin) | 1: Recording is active (cs0begin/cs1begin) | ||
|- | |- | ||
| 4-7 | | 4-7 | ||
| Number of [[#SEQ|SEQ]] | | Number of instructions left in [[#SEQ|SEQ]] | ||
|- | |- | ||
| 12-15 | | 12-15 | ||
| Active crypto key register | | Active crypto key register (ckeyreg) | ||
|} | |} | ||
Line 3,867: | Line 3,855: | ||
|- | |- | ||
| 28 | | 28 | ||
| [[#CMD|CMD]] | | [[#CMD|CMD]]'s current instruction is valid | ||
|- | |- | ||
| 31 | | 31 | ||
| [[#CMD|CMD]] | | [[#CMD|CMD]] is running in HS mode | ||
|} | |} | ||
Line 3,884: | Line 3,872: | ||
|- | |- | ||
| 2 | | 2 | ||
| [[#CMD|CMD]] | | [[#CMD|CMD]] is active | ||
|- | |- | ||
| 4 | | 4 | ||
| [[#STORE|STORE]] | | [[#STORE|STORE]] is active | ||
|- | |- | ||
| 6 | | 6 | ||
| [[#SEQ|SEQ]] | | [[#SEQ|SEQ]] is active | ||
|- | |- | ||
| 8 | | 8 | ||
| [[#CTL|CTL]] | | [[#CTL|CTL]] is active | ||
|- | |- | ||
| 10 | | 10 | ||
| [[#LOAD|LOAD]] | | [[#LOAD|LOAD]] is active | ||
|- | |- | ||
| 14 | | 14 | ||
| [[#AES|AES]] | | [[#AES|AES]] is active | ||
|- | |- | ||
| 16 | | 16 | ||
| [[#RNG|RNG]] | | [[#RNG|RNG]] is active | ||
|} | |} | ||
Contains the | Contains the statuses of hardware blocks. | ||
=== TSEC_SCP_STAT1 === | === TSEC_SCP_STAT1 === | ||
Line 3,920: | Line 3,908: | ||
|- | |- | ||
| 4 | | 4 | ||
| [[#LOAD|LOAD]] | | [[#LOAD|Falcon<->LOAD]] interface is running in HS mode | ||
|- | |- | ||
| 6 | | 6 | ||
| [[#LOAD|LOAD]] | | [[#LOAD|Falcon<->LOAD]] interface is ready | ||
|- | |- | ||
| 8 | | 8 | ||
| [[#STORE|STORE]] | | [[#STORE|Falcon<->STORE]] interface is running in HS mode | ||
|- | |- | ||
| 10 | | 10 | ||
| [[#STORE|STORE]] | | [[#STORE|Falcon<->STORE]] interface received a valid operation | ||
|- | |- | ||
| 12 | | 12 | ||
| [[#CMD|CMD]] | | [[#CMD|Falcon<->CMD]] interface is running in HS mode | ||
|- | |- | ||
| 14 | | 14 | ||
| [[#CMD|CMD]] | | [[#CMD|Falcon<->CMD]] interface received a valid instruction | ||
|} | |} | ||
Contains the | Contains the statuses of hardware interfaces and the result of the last authentication attempt. | ||
=== TSEC_SCP_STAT2 === | === TSEC_SCP_STAT2 === | ||
Line 3,946: | Line 3,934: | ||
|- | |- | ||
| 0-4 | | 0-4 | ||
| Current [[#SEQ|SEQ]] | | Current opcode in [[#SEQ|SEQ]] | ||
|- | |- | ||
| 5-9 | | 5-9 | ||
| Current [[#CMD|CMD]] | | Current opcode in [[#CMD|Falcon<->CMD]] interface | ||
|- | |- | ||
| 10-14 | | 10-14 | ||
| Pending [[#CMD|CMD]] | | Pending opcode in [[#CMD|CMD]] | ||
|- | |- | ||
| 15-16 | | 15-16 | ||
| Current [[#AES|AES]] | | Current opcode in [[#AES|AES]] | ||
0: Encryption | 0: Encryption | ||
1: Decryption | 1: Decryption | ||
Line 3,962: | Line 3,950: | ||
|- | |- | ||
| 24 | | 24 | ||
| | | [[#SCP|SCP]]'s internal pipeline is stalled on hazard | ||
|- | |- | ||
| 25 | | 25 | ||
| [[#STORE|STORE]] | | [[#STORE|STORE]] is stalled | ||
|- | |- | ||
| 26 | | 26 | ||
| [[#LOAD|LOAD]] | | [[#LOAD|LOAD]] is stalled | ||
|- | |- | ||
| 27 | | 27 | ||
| [[#RNG|RNG]] | | [[#RNG|RNG]] is stalled | ||
|- | |- | ||
| 28 | | 28 | ||
| | | [[#SCP|SCP]]'s internal pipeline is stalled on writeback | ||
|- | |- | ||
| 29 | | 29 | ||
| [[#AES|AES]] | | [[#AES|AES]] is stalled | ||
|} | |} | ||
Line 3,988: | Line 3,976: | ||
|- | |- | ||
| 0 | | 0 | ||
| [[#RND|RND]] | | [[#RND|RND]] is ready | ||
|- | |- | ||
| 4-7 | | 4-7 | ||
Line 4,036: | Line 4,024: | ||
|- | |- | ||
| 24 | | 24 | ||
| [[#RND|RND]] | | [[#RND|RND]] clock trigger | ||
|- | |- | ||
| 28 | | 28 | ||
| | | Stall timeout | ||
|} | |} | ||
=== TSEC_SCP_IRQMASK === | === TSEC_SCP_IRQMASK === | ||
Line 4,065: | Line 4,051: | ||
|- | |- | ||
| 24 | | 24 | ||
| [[#RND|RND]] | | [[#RND|RND]] clock trigger | ||
|- | |- | ||
| 28 | | 28 | ||
| | | Stall timeout | ||
|} | |} | ||
=== TSEC_SCP_ACL_ERR === | === TSEC_SCP_ACL_ERR === | ||
Line 4,131: | Line 4,115: | ||
| SEC error occurred | | SEC error occurred | ||
|} | |} | ||
Contains information on errors generated by the [[#TSEC_SCP_IRQSTAT|SEC error]] IRQ. | |||
=== TSEC_SCP_CMD_ERR === | === TSEC_SCP_CMD_ERR === | ||
Line 4,138: | Line 4,124: | ||
|- | |- | ||
| 0 | | 0 | ||
| | | [[#CMD|CMD]]'s instruction is invalid | ||
|- | |- | ||
| 4 | | 4 | ||
| | | [[#SEQ|SEQ]]'s sequence is empty | ||
|- | |- | ||
| 8 | | 8 | ||
| [[#SEQ|SEQ]] sequence is too long | | [[#SEQ|SEQ]]'s sequence is too long | ||
|- | |- | ||
| 12 | | 12 | ||
| [[#SEQ|SEQ]] sequence was not finished | | [[#SEQ|SEQ]]'s sequence was not finished | ||
|- | |- | ||
| 16 | | 16 | ||
Line 4,167: | Line 4,153: | ||
|- | |- | ||
| 0-31 | | 0-31 | ||
| [[#RND|RND]] clock trigger lower limit | | [[#RND|RND]] clock trigger's lower limit | ||
|} | |} | ||
Line 4,176: | Line 4,162: | ||
|- | |- | ||
| 0-15 | | 0-15 | ||
| [[#RND|RND]] clock trigger upper limit | | [[#RND|RND]] clock trigger's upper limit | ||
|- | |- | ||
| 16-31 | | 16-31 | ||
| [[#RND|RND]] clock trigger mask | | [[#RND|RND]] clock trigger's mask | ||
|} | |||
=== TSEC_SCP_RND_CTL2 === | |||
{| class="wikitable" border="1" | |||
! Bits | |||
! Description | |||
|- | |||
| 0-15 | |||
| Unknown | |||
|} | |||
=== TSEC_SCP_RND_CTL3 === | |||
{| class="wikitable" border="1" | |||
! Bits | |||
! Description | |||
|- | |||
| 12 | |||
| Trigger first LFSR | |||
|- | |||
| 16 | |||
| Trigger second LFSR | |||
|} | |||
=== TSEC_SCP_RND_CTL4 === | |||
{| class="wikitable" border="1" | |||
! Bits | |||
! Description | |||
|- | |||
| 0-31 | |||
| First LFSR's polynomial for [[#RNG|RNG]]'s test mode | |||
|} | |||
=== TSEC_SCP_RND_CTL5 === | |||
{| class="wikitable" border="1" | |||
! Bits | |||
! Description | |||
|- | |||
| 0-31 | |||
| First LFSR's initial state for [[#RNG|RNG]]'s test mode | |||
|} | |||
=== TSEC_SCP_RND_CTL6 === | |||
{| class="wikitable" border="1" | |||
! Bits | |||
! Description | |||
|- | |||
| 0-31 | |||
| Second LFSR's polynomial for [[#RNG|RNG]]'s test mode | |||
|} | |||
=== TSEC_SCP_RND_CTL7 === | |||
{| class="wikitable" border="1" | |||
! Bits | |||
! Description | |||
|- | |||
| 0-31 | |||
| Second LFSR's initial state for [[#RNG|RNG]]'s test mode | |||
|} | |||
=== TSEC_SCP_RND_CTL8 === | |||
{| class="wikitable" border="1" | |||
! Bits | |||
! Description | |||
|- | |||
| 0-15 | |||
| Unknown | |||
|- | |||
| 16-31 | |||
| Unknown | |||
|} | |||
=== TSEC_SCP_RND_CTL9 === | |||
{| class="wikitable" border="1" | |||
! Bits | |||
! Description | |||
|- | |||
| 0-15 | |||
| Unknown | |||
|- | |||
| 16-31 | |||
| Unknown | |||
|} | |||
=== TSEC_SCP_RND_CTL10 === | |||
{| class="wikitable" border="1" | |||
! Bits | |||
! Description | |||
|- | |||
| 0-15 | |||
| Unknown | |||
|- | |||
| 16-31 | |||
| Unknown | |||
|} | |||
=== TSEC_SCP_RND_CTL11 === | |||
{| class="wikitable" border="1" | |||
! Bits | |||
! Description | |||
|- | |||
| 0 | |||
| Unknown | |||
|- | |||
| 1 | |||
| Unknown | |||
|- | |||
| 2 | |||
| Unknown | |||
|- | |||
| 3 | |||
| Unknown | |||
|- | |||
| 4-5 | |||
| First sampler's source | |||
0: Oscillator | |||
1: Unknown | |||
2: LFSR | |||
3: Dummy | |||
|- | |||
| 6-7 | |||
| Second sampler's source | |||
0: Oscillator | |||
1: Unknown | |||
2: LFSR | |||
3: Dummy | |||
|- | |||
| 8-11 | |||
| First sampler's tap value | |||
|- | |||
| 12-15 | |||
| Second sampler's tap value | |||
|- | |||
| 16-19 | |||
| Unknown | |||
|- | |||
| 20-23 | |||
| Unknown | |||
|- | |||
| 24-30 | |||
| Unknown | |||
|- | |||
| 31 | |||
| Unknown | |||
|} | |} | ||
Line 5,136: | Line 5,265: | ||
* Write 0x7FFF to [[#TSEC_SCP_RND_CTL0|TSEC_SCP_RND_CTL0]]. | * Write 0x7FFF to [[#TSEC_SCP_RND_CTL0|TSEC_SCP_RND_CTL0]]. | ||
* Write 0x3FF0000 to [[#TSEC_SCP_RND_CTL1|TSEC_SCP_RND_CTL1]]. | * Write 0x3FF0000 to [[#TSEC_SCP_RND_CTL1|TSEC_SCP_RND_CTL1]]. | ||
* Write 0xFF00 to TSEC_SCP_RND_CTL11. | * Write 0xFF00 to [[#TSEC_SCP_RND_CTL11|TSEC_SCP_RND_CTL11]]. | ||
* Write 0x1000 to [[#TSEC_SCP_CTL1|TSEC_SCP_CTL1]]. | * Write 0x1000 to [[#TSEC_SCP_CTL1|TSEC_SCP_CTL1]]. | ||
Line 5,148: | Line 5,277: | ||
! Description | ! Description | ||
|- | |- | ||
| 0 || Secure | | 0 || Secure Keyable (forced set if bit1 is set; once cleared, cannot be set again) | ||
|- | |- | ||
| 1 || Secure | | 1 || Secure Readable (once cleared, cannot be set again) | ||
|- | |- | ||
| 2 || | | 2 || Keyable (forced set if bit3 is set; forced clear if bit0 is clear; can be toggled back and forth) | ||
|- | |- | ||
| 3 || | | 3 || Readable (forced clear if bit1 is clear; can be toggled back and forth) | ||
|- | |- | ||
| 4 || | | 4 || Writeable (can be toggled back and forth) | ||
|} | |} | ||
On boot, the ACL is 0x1F for all $cX. | On boot, the ACL is 0x1F for all $cX. | ||
Loading into $cX using xdst instruction sets ACL($cX) to 0x13 and 0x1F, for secure and | Loading into $cX using xdst instruction sets ACL($cX) to 0x13 and 0x1F, for heavy secure and non-secure mode respectively. | ||
Spilling a $cX to DMEM using xdld instruction is allowed if (ACL($cX) & 2) or (ACL($cX) & 8), for secure and | Spilling a $cX to DMEM using xdld instruction is allowed if (ACL($cX) & 2) or (ACL($cX) & 8), for heavy secure and non-secure mode respectively. | ||
Loading a secret into $cX sets a per-secret ACL, unconditionally. | Loading a secret into $cX sets a per-secret ACL, unconditionally. | ||
Line 5,177: | Line 5,306: | ||
| 0x00 || 0x13 || Used by [[TSEC_Firmware#Keygen|Keygen]], nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares. | | 0x00 || 0x13 || Used by [[TSEC_Firmware#Keygen|Keygen]], nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares. | ||
|- | |- | ||
| 0x01 || | | 0x01 || 0x00 || Used by Falcon's [[#Secure BootROM|Secure BootROM]] for the signature generation algorithm. | ||
|- | |- | ||
| 0x02 || | | 0x02 || 0x00 || | ||
|- | |- | ||
| 0x03 || | | 0x03 || 0x01 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares. | ||
|- | |- | ||
| 0x04 || | | 0x04 || 0x00 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares. | ||
|- | |- | ||
| 0x05 || 0x13 || Used by nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares. | | 0x05 || 0x13 || Used by nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares. | ||
|- | |- | ||
| 0x06 || | | 0x06 || 0x01 || Used by Falcon's [[#Secure BootROM|Secure BootROM]] as key to decrypt data during authentication (decided by bit 17 in the [[#SEC|SEC]] register). | ||
|- | |- | ||
| 0x07 || | | 0x07 || 0x01 || Used by [6.0.0+] nvhost_tsec firmware. | ||
|- | |- | ||
| 0x08 || | | 0x08 || 0x00 || | ||
|- | |- | ||
| 0x09 || 0x13 || Used by nvhost_tsec firmware. | | 0x09 || 0x13 || Used by nvhost_tsec firmware. | ||
|- | |- | ||
| 0x0A || | | 0x0A || 0x01 || | ||
|- | |- | ||
| 0x0B || | | 0x0B || 0x00 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares. | ||
|- | |- | ||
| 0x0C || 0x13 || | | 0x0C || 0x13 || | ||
|- | |- | ||
| 0x0D || | | 0x0D || 0x01 || | ||
|- | |- | ||
| 0x0E || | | 0x0E || 0x00 || | ||
|- | |- | ||
| 0x0F || 0x13 || Used by nvhost_tsec firmware. | | 0x0F || 0x13 || Used by nvhost_tsec firmware. | ||
|- | |- | ||
| 0x10 || | | 0x10 || 0x01 || Used by [1.0.0-5.1.0] nvhost_tsec firmware. | ||
|- | |- | ||
| 0x11 || | | 0x11 || 0x00 || | ||
|- | |- | ||
| 0x12 || 0x13 || | | 0x12 || 0x13 || | ||
|- | |- | ||
| 0x13 || | | 0x13 || 0x01 || | ||
|- | |- | ||
| 0x14 || | | 0x14 || 0x00 || | ||
|- | |- | ||
| 0x15 || 0x13 || Used by nvhost_nvdec_bl020_prod, [5.0.0+] nvhost_nvdec020_prod, [5.0.0+] nvhost_nvdec020_ns and [6.0.0+] nvhost_tsec firmwares. | | 0x15 || 0x13 || Used by nvhost_nvdec_bl020_prod, [5.0.0+] nvhost_nvdec020_prod, [5.0.0+] nvhost_nvdec020_ns and [6.0.0+] nvhost_tsec firmwares. | ||
|- | |- | ||
| 0x16 || | | 0x16 || 0x01 || | ||
|- | |- | ||
| 0x17 || | | 0x17 || 0x00 || Used by [11.0.0+] nvhost_tsec firmware. | ||
|- | |- | ||
| 0x18 || 0x13 || | | 0x18 || 0x13 || | ||
|- | |- | ||
| 0x19 || | | 0x19 || 0x01 || | ||
|- | |- | ||
| 0x1A || | | 0x1A || 0x00 || | ||
|- | |- | ||
| 0x1B || 0x13 || | | 0x1B || 0x13 || | ||
|- | |- | ||
| 0x1C || | | 0x1C || 0x01 || | ||
|- | |- | ||
| 0x1D || | | 0x1D || 0x00 || | ||
|- | |- | ||
| 0x1E || 0x13 || | | 0x1E || 0x13 || | ||
|- | |- | ||
| 0x1F || | | 0x1F || 0x01 || | ||
|- | |- | ||
| 0x20 || | | 0x20 || 0x00 || | ||
|- | |- | ||
| 0x21 || 0x13 || | | 0x21 || 0x13 || | ||
|- | |- | ||
| 0x22 || | | 0x22 || 0x01 || | ||
|- | |- | ||
| 0x23 || | | 0x23 || 0x00 || | ||
|- | |- | ||
| 0x24 || 0x13 || | | 0x24 || 0x13 || | ||
|- | |- | ||
| 0x25 || | | 0x25 || 0x01 || | ||
|- | |- | ||
| 0x26 || | | 0x26 || 0x00 || Used by [[TSEC_Firmware#KeygenLdr|KeygenLdr]] and [[TSEC_Firmware#SecureBoot|SecureBoot]] | ||
|- | |- | ||
| 0x27 || 0x13 || | | 0x27 || 0x13 || | ||
|- | |- | ||
| 0x28 || | | 0x28 || 0x01 || | ||
|- | |- | ||
| 0x29 || | | 0x29 || 0x00 || | ||
|- | |- | ||
| 0x2A || 0x13 || | | 0x2A || 0x13 || | ||
|- | |- | ||
| 0x2B || | | 0x2B || 0x01 || | ||
|- | |- | ||
| 0x2C || | | 0x2C || 0x00 || | ||
|- | |- | ||
| 0x2D || 0x13 || | | 0x2D || 0x13 || | ||
|- | |- | ||
| 0x2E || | | 0x2E || 0x01 || | ||
|- | |- | ||
| 0x2F || | | 0x2F || 0x00 || | ||
|- | |- | ||
| 0x30 || 0x13 || | | 0x30 || 0x13 || | ||
|- | |- | ||
| 0x31 || | | 0x31 || 0x01 || | ||
|- | |- | ||
| 0x32 || | | 0x32 || 0x00 || | ||
|- | |- | ||
| 0x33 || 0x13 || | | 0x33 || 0x13 || | ||
|- | |- | ||
| 0x34 || | | 0x34 || 0x01 || | ||
|- | |- | ||
| 0x35 || | | 0x35 || 0x00 || | ||
|- | |- | ||
| 0x36 || 0x13 || | | 0x36 || 0x13 || | ||
|- | |- | ||
| 0x37 || | | 0x37 || 0x01 || | ||
|- | |- | ||
| 0x38 || | | 0x38 || 0x00 || | ||
|- | |- | ||
| 0x39 || 0x13 || | | 0x39 || 0x13 || | ||
|- | |- | ||
| 0x3A || | | 0x3A || 0x01 || | ||
|- | |- | ||
| 0x3B || | | 0x3B || 0x00 || | ||
|- | |- | ||
| 0x3C || 0x13 || Used by nvhost_tsec firmware. | | 0x3C || 0x13 || Used by nvhost_tsec firmware. | ||
|- | |- | ||
| 0x3D || | | 0x3D || 0x01 || | ||
|- | |- | ||
| 0x3E || | | 0x3E || 0x00 || | ||
|- | |- | ||
| 0x3F || | | 0x3F || 0x00 || Used by [[TSEC_Firmware#Keygen|Keygen]], nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares. | ||
|} | |} |