Changes

Jump to navigation Jump to search
1,906 bytes added ,  20:14, 9 May 2021
no edit summary
Line 723: Line 723:  
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_RND_CTL2
+
| [[#TSEC_SCP_RND_CTL2|TSEC_SCP_RND_CTL2]]
 
| 0x54501508
 
| 0x54501508
 
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_RND_CTL3
+
| [[#TSEC_SCP_RND_CTL3|TSEC_SCP_RND_CTL3]]
 
| 0x5450150C
 
| 0x5450150C
 
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_RND_CTL4
+
| [[#TSEC_SCP_RND_CTL4|TSEC_SCP_RND_CTL4]]
 
| 0x54501510
 
| 0x54501510
 
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_RND_CTL5
+
| [[#TSEC_SCP_RND_CTL5|TSEC_SCP_RND_CTL5]]
 
| 0x54501514
 
| 0x54501514
 
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_RND_CTL6
+
| [[#TSEC_SCP_RND_CTL6|TSEC_SCP_RND_CTL6]]
 
| 0x54501518
 
| 0x54501518
 
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_RND_CTL7
+
| [[#TSEC_SCP_RND_CTL7|TSEC_SCP_RND_CTL7]]
 
| 0x5450151C
 
| 0x5450151C
 
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_RND_CTL8
+
| [[#TSEC_SCP_RND_CTL8|TSEC_SCP_RND_CTL8]]
 
| 0x54501520
 
| 0x54501520
 
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_RND_CTL9
+
| [[#TSEC_SCP_RND_CTL9|TSEC_SCP_RND_CTL9]]
 
| 0x54501524
 
| 0x54501524
 
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_RND_CTL10
+
| [[#TSEC_SCP_RND_CTL10|TSEC_SCP_RND_CTL10]]
 
| 0x54501528
 
| 0x54501528
 
| 0x04
 
| 0x04
 
|-
 
|-
| TSEC_SCP_RND_CTL11
+
| [[#TSEC_SCP_RND_CTL11|TSEC_SCP_RND_CTL11]]
 
| 0x5450152C
 
| 0x5450152C
 
| 0x04
 
| 0x04
Line 3,577: Line 3,577:  
|-
 
|-
 
| 10
 
| 10
| Enable the [[#LOAD|LOAD]] block's interface
+
| Enable [[#LOAD|Falcon<->LOAD]] interface
 
|-
 
|-
 
| 12
 
| 12
| Enable the [[#STORE|STORE]] block's interface
+
| Enable [[#STORE|Falcon<->STORE]] interface
 
|-
 
|-
 
| 14
 
| 14
| Enable the [[#CMD|CMD]] block's interface
+
| Enable [[#CMD|Falcon<->CMD]] interface
 
|-
 
|-
 
| 16
 
| 16
| Enable the [[#SEQ|SEQ]] block
+
| Enable [[#SEQ|SEQ]]
 
|-
 
|-
 
| 20
 
| 20
| Enable the [[#CTL|CTL]] block
+
| Enable [[#CTL|CTL]]
 
|}
 
|}
   Line 3,598: Line 3,598:  
|-
 
|-
 
| 0
 
| 0
| Clear [[#SEQ|SEQ]] block's pipeline
+
| Clear [[#SEQ|SEQ]]
 
|-
 
|-
 
| 8
 
| 8
| Clear the main [[#SCP|SCP]] pipeline
+
| Clear [[#SCP|SCP]]'s internal pipeline
 
|-
 
|-
 
| 11
 
| 11
| Enable [[#RNG|RNG]] block's test mode
+
| Enable [[#RNG|RNG]]'s test mode
 
|-
 
|-
 
| 12
 
| 12
| Enable the [[#RNG|RNG]] block
+
| Enable [[#RNG|RNG]]
 
|-
 
|-
 
| 16
 
| 16
| Enable [[#LOAD|LOAD]] block's interface dummy mode (all reads return 0)
+
| Enable [[#LOAD|Falcon<->LOAD]] interface's dummy mode (all reads return 0)
 
|-
 
|-
 
| 20
 
| 20
| Enable [[#LOAD|LOAD]] block's interface bypassing (all reads are dropped)
+
| Enable [[#LOAD|Falcon<->LOAD]] interface bypassing (all reads are dropped)
 
|-
 
|-
 
| 24
 
| 24
| Enable [[#STORE|STORE]] block's interface bypassing (all writes are dropped)
+
| Enable [[#STORE|Falcon<->STORE]] interface bypassing (all writes are dropped)
 
|}
 
|}
   Line 3,635: Line 3,635:  
| 0
 
| 0
 
| Enable lockdown mode (locks IMEM and DMEM)
 
| Enable lockdown mode (locks IMEM and DMEM)
|-
  −
| 1
  −
| Unknown
  −
|-
  −
| 2
  −
| Unknown
  −
|-
  −
| 3
  −
| Unknown
   
|-
 
|-
 
| 4
 
| 4
| Lock the [[#SCP|SCP]]
+
| Lock [[#SCP|SCP]]'s MMIO register space
|-
  −
| 5
  −
| Unknown
  −
|-
  −
| 6
  −
| Unknown
  −
|-
  −
| 7
  −
| Unknown
   
|}
 
|}
   Line 3,666: Line 3,648:  
|-
 
|-
 
| 0
 
| 0
| Unknown
+
| Endianness for ADD
 +
0: Little
 +
1: Big
 
|-
 
|-
 
| 1
 
| 1
| Unknown
+
| Endianness for GFMUL
 +
0: Little
 +
1: Big
 
|-
 
|-
 
| 2
 
| 2
| Unknown
+
| Endianness for [[#LOAD|LOAD]]
 +
0: Little
 +
1: Big
 
|-
 
|-
 
| 3
 
| 3
| Unknown
+
| Endianness for [[#STORE|STORE]]
 +
0: Little
 +
1: Big
 
|-
 
|-
 
| 4
 
| 4
| [[#AES|AES]] block's endianness
+
| Endianness for [[#AES|AES]]
 
  0: Little
 
  0: Little
 
  1: Big
 
  1: Big
 
|-
 
|-
 
| 8
 
| 8
| Flush [[#CMD|CMD]] block's pipeline
+
| Flush [[#CMD|CMD]]
 
|-
 
|-
 
| 12-13
 
| 12-13
| Carry chain size
+
| Carry chain's size
 
  0: 32 bits
 
  0: 32 bits
 
  1: 64 bits
 
  1: 64 bits
Line 3,693: Line 3,683:  
|-
 
|-
 
| 16-31
 
| 16-31
| Timeout value
+
| [[#SCP|SCP]]'s internal pipeline stall timeout value
 
|}
 
|}
   Line 3,702: Line 3,692:  
|-
 
|-
 
| 0
 
| 0
| Swap [[#SCP|SCP]] master
+
| Swap [[#SCP|SCP]]'s master
 
|-
 
|-
 
| 1
 
| 1
| Current [[#SCP|SCP]] master
+
| Current [[#SCP|SCP]]'s master
 
  0: Falcon
 
  0: Falcon
 
  1: External
 
  1: External
Line 3,759: Line 3,749:  
|-
 
|-
 
| 8-12
 
| 8-12
| [[#SEQ|SEQ]] block's current sequence size
+
| [[#SEQ|SEQ]]'s current sequence's size
 
|-
 
|-
 
| 13-16
 
| 13-16
| [[#SEQ|SEQ]] block's current instruction address
+
| [[#SEQ|SEQ]]'s current instruction's address
 
|-
 
|-
 
| 17
 
| 17
| [[#SEQ|SEQ]] block's current instruction is valid
+
| [[#SEQ|SEQ]]'s current instruction is valid
 
|-
 
|-
 
| 18
 
| 18
| [[#SEQ|SEQ]] block is running in HS mode
+
| [[#SEQ|SEQ]] is running in HS mode
 
|-
 
|-
 
| 19-22
 
| 19-22
| [[#LOAD|LOAD]] block's pipeline size
+
| [[#LOAD|LOAD]]'s queue's size
 
|-
 
|-
 
| 23
 
| 23
| [[#LOAD|LOAD]] block's current operation is valid
+
| [[#LOAD|LOAD]]'s current operation is valid
 
|-
 
|-
 
| 24
 
| 24
| [[#LOAD|LOAD]] block is running in HS mode
+
| [[#LOAD|LOAD]] is running in HS mode
 
|-
 
|-
 
| 25-26
 
| 25-26
| [[#STORE|STORE]] block's pipeline size
+
| [[#STORE|STORE]]'s queue's size
 
|-
 
|-
 
| 30
 
| 30
| [[#STORE|STORE]] block's current operation is valid
+
| [[#STORE|STORE]]'s current operation is valid
 
|-
 
|-
 
| 31
 
| 31
| [[#STORE|STORE]] block is running in HS mode
+
| [[#STORE|STORE]] is running in HS mode
 
|}
 
|}
   Line 3,796: Line 3,786:  
!  Description
 
!  Description
 
|-
 
|-
| 0-3
+
| 0-31
| [[#SEQ|SEQ]] block's current instruction's first operand
+
| Data
|-
+
If target is SEQ:
| 4-9
+
  Bits 0-3: current instruction's first operand
| [[#SEQ|SEQ]] block's current instruction's second operand
+
  Bits 4-9: current instruction's second operand
|-
+
  Bits 10-14: current instruction's opcode
| 10-14
  −
| [[#SEQ|SEQ]] block's current instruction's opcode
   
|}
 
|}
   −
Used for retrieving debug data. Contains information on the last crypto sequence created when debugging the SEQ controller.
+
Used for retrieving debug data. Contains information on the last crypto sequence created when debugging the [[#SEQ|SEQ]] block.
    
=== TSEC_SCP_DBG2 ===
 
=== TSEC_SCP_DBG2 ===
Line 3,814: Line 3,802:  
|-
 
|-
 
| 0-1
 
| 0-1
| [[#SEQ|SEQ]] block's state
+
| [[#SEQ|SEQ]]'s state
 
  0: Idle
 
  0: Idle
 
  1: Recording is active (cs0begin/cs1begin)
 
  1: Recording is active (cs0begin/cs1begin)
 
|-
 
|-
 
| 4-7
 
| 4-7
| Number of [[#SEQ|SEQ]] block's instructions left
+
| Number of instructions left in [[#SEQ|SEQ]]
 
|-
 
|-
 
| 12-15
 
| 12-15
| Active crypto key register
+
| Active crypto key register (ckeyreg)
 
|}
 
|}
   Line 3,867: Line 3,855:  
|-
 
|-
 
| 28
 
| 28
| [[#CMD|CMD]] block's current instruction is valid
+
| [[#CMD|CMD]]'s current instruction is valid
 
|-
 
|-
 
| 31
 
| 31
| [[#CMD|CMD]] block is running in HS mode
+
| [[#CMD|CMD]] is running in HS mode
 
|}
 
|}
   Line 3,884: Line 3,872:  
|-
 
|-
 
| 2
 
| 2
| [[#CMD|CMD]] block's interface is active
+
| [[#CMD|CMD]] is active
 
|-
 
|-
 
| 4
 
| 4
| [[#STORE|STORE]] block's interface is active
+
| [[#STORE|STORE]] is active
 
|-
 
|-
 
| 6
 
| 6
| [[#SEQ|SEQ]] block is active
+
| [[#SEQ|SEQ]] is active
 
|-
 
|-
 
| 8
 
| 8
| [[#CTL|CTL]] block is active
+
| [[#CTL|CTL]] is active
 
|-
 
|-
 
| 10
 
| 10
| [[#LOAD|LOAD]] block's interface is active
+
| [[#LOAD|LOAD]] is active
 
|-
 
|-
 
| 14
 
| 14
| [[#AES|AES]] block is active
+
| [[#AES|AES]] is active
 
|-
 
|-
 
| 16
 
| 16
| [[#RNG|RNG]] block is active
+
| [[#RNG|RNG]] is active
 
|}
 
|}
   −
Contains the status of the hardware blocks and interfaces.
+
Contains the statuses of hardware blocks.
    
=== TSEC_SCP_STAT1 ===
 
=== TSEC_SCP_STAT1 ===
Line 3,920: Line 3,908:  
|-
 
|-
 
| 4
 
| 4
| [[#LOAD|LOAD]] block's interface is running in HS mode
+
| [[#LOAD|Falcon<->LOAD]] interface is running in HS mode
 
|-
 
|-
 
| 6
 
| 6
| [[#LOAD|LOAD]] block's interface is ready
+
| [[#LOAD|Falcon<->LOAD]] interface is ready
 
|-
 
|-
 
| 8
 
| 8
| [[#STORE|STORE]] block's interface is running in HS mode
+
| [[#STORE|Falcon<->STORE]] interface is running in HS mode
 
|-
 
|-
 
| 10
 
| 10
| [[#STORE|STORE]] block's interface received a valid operation
+
| [[#STORE|Falcon<->STORE]] interface received a valid operation
 
|-
 
|-
 
| 12
 
| 12
| [[#CMD|CMD]] block's interface is running in HS mode
+
| [[#CMD|Falcon<->CMD]] interface is running in HS mode
 
|-
 
|-
 
| 14
 
| 14
| [[#CMD|CMD]] block's interface received a valid instruction
+
| [[#CMD|Falcon<->CMD]] interface received a valid instruction
 
|}
 
|}
   −
Contains the status of the last authentication attempt and other miscellaneous statuses.
+
Contains the statuses of hardware interfaces and the result of the last authentication attempt.
    
=== TSEC_SCP_STAT2 ===
 
=== TSEC_SCP_STAT2 ===
Line 3,946: Line 3,934:  
|-
 
|-
 
| 0-4
 
| 0-4
| Current [[#SEQ|SEQ]] block opcode
+
| Current opcode in [[#SEQ|SEQ]]
 
|-
 
|-
 
| 5-9
 
| 5-9
| Current [[#CMD|CMD]] block's interface opcode
+
| Current opcode in [[#CMD|Falcon<->CMD]] interface
 
|-
 
|-
 
| 10-14
 
| 10-14
| Pending [[#CMD|CMD]] block opcode
+
| Pending opcode in [[#CMD|CMD]]
 
|-
 
|-
 
| 15-16
 
| 15-16
| Current [[#AES|AES]] block operation
+
| Current opcode in [[#AES|AES]]
 
  0: Encryption
 
  0: Encryption
 
  1: Decryption
 
  1: Decryption
Line 3,962: Line 3,950:  
|-
 
|-
 
| 24
 
| 24
| Unknown
+
| [[#SCP|SCP]]'s internal pipeline is stalled on hazard
 
|-
 
|-
 
| 25
 
| 25
| [[#STORE|STORE]] block is stalled
+
| [[#STORE|STORE]] is stalled
 
|-
 
|-
 
| 26
 
| 26
| [[#LOAD|LOAD]] block is stalled
+
| [[#LOAD|LOAD]] is stalled
 
|-
 
|-
 
| 27
 
| 27
| [[#RNG|RNG]] block is stalled
+
| [[#RNG|RNG]] is stalled
 
|-
 
|-
 
| 28
 
| 28
| Unknown
+
| [[#SCP|SCP]]'s internal pipeline is stalled on writeback
 
|-
 
|-
 
| 29
 
| 29
| [[#AES|AES]] block is stalled
+
| [[#AES|AES]] is stalled
 
|}
 
|}
   Line 3,988: Line 3,976:  
|-
 
|-
 
| 0
 
| 0
| [[#RND|RND]] block is ready
+
| [[#RND|RND]] is ready
 
|-
 
|-
 
| 4-7
 
| 4-7
Line 4,036: Line 4,024:  
|-
 
|-
 
| 24
 
| 24
| [[#RND|RND]] operation
+
| [[#RND|RND]] clock trigger
 
|-
 
|-
 
| 28
 
| 28
| Timeout
+
| Stall timeout
 
|}
 
|}
  −
Used for getting the status of crypto IRQs.
      
=== TSEC_SCP_IRQMASK ===
 
=== TSEC_SCP_IRQMASK ===
Line 4,065: Line 4,051:  
|-
 
|-
 
| 24
 
| 24
| [[#RND|RND]] operation
+
| [[#RND|RND]] clock trigger
 
|-
 
|-
 
| 28
 
| 28
| Timeout
+
| Stall timeout
 
|}
 
|}
  −
Used for getting the value of the mask for crypto IRQs.
      
=== TSEC_SCP_ACL_ERR ===
 
=== TSEC_SCP_ACL_ERR ===
Line 4,131: Line 4,115:  
| SEC error occurred
 
| SEC error occurred
 
|}
 
|}
 +
 +
Contains information on errors generated by the [[#TSEC_SCP_IRQSTAT|SEC error]] IRQ.
    
=== TSEC_SCP_CMD_ERR ===
 
=== TSEC_SCP_CMD_ERR ===
Line 4,138: Line 4,124:  
|-
 
|-
 
| 0
 
| 0
| Invalid [[#CMD|CMD]] command
+
| [[#CMD|CMD]]'s instruction is invalid
 
|-
 
|-
 
| 4
 
| 4
| Empty [[#SEQ|SEQ]] sequence
+
| [[#SEQ|SEQ]]'s sequence is empty
 
|-
 
|-
 
| 8
 
| 8
| [[#SEQ|SEQ]] sequence is too long
+
| [[#SEQ|SEQ]]'s sequence is too long
 
|-
 
|-
 
| 12
 
| 12
| [[#SEQ|SEQ]] sequence was not finished
+
| [[#SEQ|SEQ]]'s sequence was not finished
 
|-
 
|-
 
| 16
 
| 16
Line 4,167: Line 4,153:  
|-
 
|-
 
| 0-31
 
| 0-31
| [[#RND|RND]] clock trigger lower limit
+
| [[#RND|RND]] clock trigger's lower limit
 
|}
 
|}
   Line 4,176: Line 4,162:  
|-
 
|-
 
| 0-15
 
| 0-15
| [[#RND|RND]] clock trigger upper limit
+
| [[#RND|RND]] clock trigger's upper limit
 
|-
 
|-
 
| 16-31
 
| 16-31
| [[#RND|RND]] clock trigger mask
+
| [[#RND|RND]] clock trigger's mask
 +
|}
 +
 
 +
=== TSEC_SCP_RND_CTL2 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-15
 +
| Unknown
 +
|}
 +
 
 +
=== TSEC_SCP_RND_CTL3 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 12
 +
| Trigger first LFSR
 +
|-
 +
| 16
 +
| Trigger second LFSR
 +
|}
 +
 
 +
=== TSEC_SCP_RND_CTL4 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-31
 +
| First LFSR's polynomial for [[#RNG|RNG]]'s test mode
 +
|}
 +
 
 +
=== TSEC_SCP_RND_CTL5 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-31
 +
| First LFSR's initial state for [[#RNG|RNG]]'s test mode
 +
|}
 +
 
 +
=== TSEC_SCP_RND_CTL6 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-31
 +
| Second LFSR's polynomial for [[#RNG|RNG]]'s test mode
 +
|}
 +
 
 +
=== TSEC_SCP_RND_CTL7 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-31
 +
| Second LFSR's initial state for [[#RNG|RNG]]'s test mode
 +
|}
 +
 
 +
=== TSEC_SCP_RND_CTL8 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-15
 +
| Unknown
 +
|-
 +
| 16-31
 +
| Unknown
 +
|}
 +
 
 +
=== TSEC_SCP_RND_CTL9 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-15
 +
| Unknown
 +
|-
 +
| 16-31
 +
| Unknown
 +
|}
 +
 
 +
=== TSEC_SCP_RND_CTL10 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0-15
 +
| Unknown
 +
|-
 +
| 16-31
 +
| Unknown
 +
|}
 +
 
 +
=== TSEC_SCP_RND_CTL11 ===
 +
{| class="wikitable" border="1"
 +
!  Bits
 +
!  Description
 +
|-
 +
| 0
 +
| Unknown
 +
|-
 +
| 1
 +
| Unknown
 +
|-
 +
| 2
 +
| Unknown
 +
|-
 +
| 3
 +
| Unknown
 +
|-
 +
| 4-5
 +
| First sampler's source
 +
0: Oscillator
 +
1: Unknown
 +
2: LFSR
 +
3: Dummy
 +
|-
 +
| 6-7
 +
| Second sampler's source
 +
0: Oscillator
 +
1: Unknown
 +
2: LFSR
 +
3: Dummy
 +
|-
 +
| 8-11
 +
| First sampler's tap value
 +
|-
 +
| 12-15
 +
| Second sampler's tap value
 +
|-
 +
| 16-19
 +
| Unknown
 +
|-
 +
| 20-23
 +
| Unknown
 +
|-
 +
| 24-30
 +
| Unknown
 +
|-
 +
| 31
 +
| Unknown
 
|}
 
|}
   Line 5,136: Line 5,265:  
* Write 0x7FFF to [[#TSEC_SCP_RND_CTL0|TSEC_SCP_RND_CTL0]].
 
* Write 0x7FFF to [[#TSEC_SCP_RND_CTL0|TSEC_SCP_RND_CTL0]].
 
* Write 0x3FF0000 to [[#TSEC_SCP_RND_CTL1|TSEC_SCP_RND_CTL1]].
 
* Write 0x3FF0000 to [[#TSEC_SCP_RND_CTL1|TSEC_SCP_RND_CTL1]].
* Write 0xFF00 to TSEC_SCP_RND_CTL11.
+
* Write 0xFF00 to [[#TSEC_SCP_RND_CTL11|TSEC_SCP_RND_CTL11]].
 
* Write 0x1000 to [[#TSEC_SCP_CTL1|TSEC_SCP_CTL1]].
 
* Write 0x1000 to [[#TSEC_SCP_CTL1|TSEC_SCP_CTL1]].
   Line 5,148: Line 5,277:  
!  Description
 
!  Description
 
|-
 
|-
| 0 || Secure key. Forced set if bit1 is set. Once cleared, cannot be set again.
+
| 0 || Secure Keyable (forced set if bit1 is set; once cleared, cannot be set again)
 
|-
 
|-
| 1 || Secure readable. Once cleared, cannot be set again.
+
| 1 || Secure Readable (once cleared, cannot be set again)
 
|-
 
|-
| 2 || Insecure key. Forced set if bit3 is set. Forced clear if bit0 is clear. Can be toggled back and forth.
+
| 2 || Keyable (forced set if bit3 is set; forced clear if bit0 is clear; can be toggled back and forth)
 
|-
 
|-
| 3 || Insecure readable. Forced clear if bit1 is clear. Can be toggled back and forth.
+
| 3 || Readable (forced clear if bit1 is clear; can be toggled back and forth)
 
|-
 
|-
| 4 || Insecure overwritable. Can be toggled back and forth.
+
| 4 || Writeable (can be toggled back and forth)
 
|}
 
|}
    
On boot, the ACL is 0x1F for all $cX.
 
On boot, the ACL is 0x1F for all $cX.
   −
Loading into $cX using xdst instruction sets ACL($cX) to 0x13 and 0x1F, for secure and insecure mode respectively.
+
Loading into $cX using xdst instruction sets ACL($cX) to 0x13 and 0x1F, for heavy secure and non-secure mode respectively.
   −
Spilling a $cX to DMEM using xdld instruction is allowed if (ACL($cX) & 2) or (ACL($cX) & 8), for secure and insecure mode respectively.
+
Spilling a $cX to DMEM using xdld instruction is allowed if (ACL($cX) & 2) or (ACL($cX) & 8), for heavy secure and non-secure mode respectively.
    
Loading a secret into $cX sets a per-secret ACL, unconditionally.
 
Loading a secret into $cX sets a per-secret ACL, unconditionally.
Line 5,177: Line 5,306:  
| 0x00 || 0x13 || Used by [[TSEC_Firmware#Keygen|Keygen]], nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares.
 
| 0x00 || 0x13 || Used by [[TSEC_Firmware#Keygen|Keygen]], nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares.
 
|-
 
|-
| 0x01 || 0x10 || Used by Falcon's [[#Secure BootROM|Secure BootROM]] for the signature generation algorithm.
+
| 0x01 || 0x00 || Used by Falcon's [[#Secure BootROM|Secure BootROM]] for the signature generation algorithm.
 
|-
 
|-
| 0x02 || 0x10 ||
+
| 0x02 || 0x00 ||
 
|-
 
|-
| 0x03 || 0x11 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
+
| 0x03 || 0x01 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
 
|-
 
|-
| 0x04 || 0x10 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
+
| 0x04 || 0x00 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
 
|-
 
|-
 
| 0x05 || 0x13 || Used by nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares.
 
| 0x05 || 0x13 || Used by nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares.
 
|-
 
|-
| 0x06 || 0x11 || Used by Falcon's [[#Secure BootROM|Secure BootROM]] as key to decrypt data during authentication (decided by bit 17 in the [[#SEC|SEC]] register).
+
| 0x06 || 0x01 || Used by Falcon's [[#Secure BootROM|Secure BootROM]] as key to decrypt data during authentication (decided by bit 17 in the [[#SEC|SEC]] register).
 
|-
 
|-
| 0x07 || 0x11 || Used by [6.0.0+] nvhost_tsec firmware.
+
| 0x07 || 0x01 || Used by [6.0.0+] nvhost_tsec firmware.
 
|-
 
|-
| 0x08 || 0x10 ||
+
| 0x08 || 0x00 ||
 
|-
 
|-
 
| 0x09 || 0x13 || Used by nvhost_tsec firmware.
 
| 0x09 || 0x13 || Used by nvhost_tsec firmware.
 
|-
 
|-
| 0x0A || 0x11 ||
+
| 0x0A || 0x01 ||
 
|-
 
|-
| 0x0B || 0x10 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
+
| 0x0B || 0x00 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
 
|-
 
|-
 
| 0x0C || 0x13 ||
 
| 0x0C || 0x13 ||
 
|-
 
|-
| 0x0D || 0x11 ||
+
| 0x0D || 0x01 ||
 
|-
 
|-
| 0x0E || 0x10 ||
+
| 0x0E || 0x00 ||
 
|-
 
|-
 
| 0x0F || 0x13 || Used by nvhost_tsec firmware.
 
| 0x0F || 0x13 || Used by nvhost_tsec firmware.
 
|-
 
|-
| 0x10 || 0x11 || Used by [1.0.0-5.1.0] nvhost_tsec firmware.
+
| 0x10 || 0x01 || Used by [1.0.0-5.1.0] nvhost_tsec firmware.
 
|-
 
|-
| 0x11 || 0x10 ||
+
| 0x11 || 0x00 ||
 
|-
 
|-
 
| 0x12 || 0x13 ||
 
| 0x12 || 0x13 ||
 
|-
 
|-
| 0x13 || 0x11 ||
+
| 0x13 || 0x01 ||
 
|-
 
|-
| 0x14 || 0x10 ||
+
| 0x14 || 0x00 ||
 
|-
 
|-
 
| 0x15 || 0x13 || Used by nvhost_nvdec_bl020_prod, [5.0.0+] nvhost_nvdec020_prod, [5.0.0+] nvhost_nvdec020_ns and [6.0.0+] nvhost_tsec firmwares.
 
| 0x15 || 0x13 || Used by nvhost_nvdec_bl020_prod, [5.0.0+] nvhost_nvdec020_prod, [5.0.0+] nvhost_nvdec020_ns and [6.0.0+] nvhost_tsec firmwares.
 
|-
 
|-
| 0x16 || 0x11 ||
+
| 0x16 || 0x01 ||
 
|-
 
|-
| 0x17 || 0x10 || Used by [11.0.0+] nvhost_tsec firmware.
+
| 0x17 || 0x00 || Used by [11.0.0+] nvhost_tsec firmware.
 
|-
 
|-
 
| 0x18 || 0x13 ||
 
| 0x18 || 0x13 ||
 
|-
 
|-
| 0x19 || 0x11 ||
+
| 0x19 || 0x01 ||
 
|-
 
|-
| 0x1A || 0x10 ||
+
| 0x1A || 0x00 ||
 
|-
 
|-
 
| 0x1B || 0x13 ||
 
| 0x1B || 0x13 ||
 
|-
 
|-
| 0x1C || 0x11 ||
+
| 0x1C || 0x01 ||
 
|-
 
|-
| 0x1D || 0x10 ||
+
| 0x1D || 0x00 ||
 
|-
 
|-
 
| 0x1E || 0x13 ||
 
| 0x1E || 0x13 ||
 
|-
 
|-
| 0x1F || 0x11 ||
+
| 0x1F || 0x01 ||
 
|-
 
|-
| 0x20 || 0x10 ||
+
| 0x20 || 0x00 ||
 
|-
 
|-
 
| 0x21 || 0x13 ||
 
| 0x21 || 0x13 ||
 
|-
 
|-
| 0x22 || 0x11 ||
+
| 0x22 || 0x01 ||
 
|-
 
|-
| 0x23 || 0x10 ||
+
| 0x23 || 0x00 ||
 
|-
 
|-
 
| 0x24 || 0x13 ||
 
| 0x24 || 0x13 ||
 
|-
 
|-
| 0x25 || 0x11 ||
+
| 0x25 || 0x01 ||
 
|-
 
|-
| 0x26 || 0x10 || Used by [[TSEC_Firmware#KeygenLdr|KeygenLdr]] and [[TSEC_Firmware#SecureBoot|SecureBoot]]
+
| 0x26 || 0x00 || Used by [[TSEC_Firmware#KeygenLdr|KeygenLdr]] and [[TSEC_Firmware#SecureBoot|SecureBoot]]
 
|-
 
|-
 
| 0x27 || 0x13 ||
 
| 0x27 || 0x13 ||
 
|-
 
|-
| 0x28 || 0x11 ||
+
| 0x28 || 0x01 ||
 
|-
 
|-
| 0x29 || 0x10 ||
+
| 0x29 || 0x00 ||
 
|-
 
|-
 
| 0x2A || 0x13 ||
 
| 0x2A || 0x13 ||
 
|-
 
|-
| 0x2B || 0x11 ||
+
| 0x2B || 0x01 ||
 
|-
 
|-
| 0x2C || 0x10 ||
+
| 0x2C || 0x00 ||
 
|-
 
|-
 
| 0x2D || 0x13 ||
 
| 0x2D || 0x13 ||
 
|-
 
|-
| 0x2E || 0x11 ||
+
| 0x2E || 0x01 ||
 
|-
 
|-
| 0x2F || 0x10 ||
+
| 0x2F || 0x00 ||
 
|-
 
|-
 
| 0x30 || 0x13 ||
 
| 0x30 || 0x13 ||
 
|-
 
|-
| 0x31 || 0x11 ||
+
| 0x31 || 0x01 ||
 
|-
 
|-
| 0x32 || 0x10 ||
+
| 0x32 || 0x00 ||
 
|-
 
|-
 
| 0x33 || 0x13 ||
 
| 0x33 || 0x13 ||
 
|-
 
|-
| 0x34 || 0x11 ||
+
| 0x34 || 0x01 ||
 
|-
 
|-
| 0x35 || 0x10 ||
+
| 0x35 || 0x00 ||
 
|-
 
|-
 
| 0x36 || 0x13 ||
 
| 0x36 || 0x13 ||
 
|-
 
|-
| 0x37 || 0x11 ||
+
| 0x37 || 0x01 ||
 
|-
 
|-
| 0x38 || 0x10 ||
+
| 0x38 || 0x00 ||
 
|-
 
|-
 
| 0x39 || 0x13 ||
 
| 0x39 || 0x13 ||
 
|-
 
|-
| 0x3A || 0x11 ||
+
| 0x3A || 0x01 ||
 
|-
 
|-
| 0x3B || 0x10 ||
+
| 0x3B || 0x00 ||
 
|-
 
|-
 
| 0x3C || 0x13 || Used by nvhost_tsec firmware.
 
| 0x3C || 0x13 || Used by nvhost_tsec firmware.
 
|-
 
|-
| 0x3D || 0x11 ||
+
| 0x3D || 0x01 ||
 
|-
 
|-
| 0x3E || 0x10 ||
+
| 0x3E || 0x00 ||
 
|-
 
|-
| 0x3F || 0x10 || Used by [[TSEC_Firmware#Keygen|Keygen]], nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
+
| 0x3F || 0x00 || Used by [[TSEC_Firmware#Keygen|Keygen]], nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
 
|}
 
|}

Navigation menu