Changes

Jump to navigation Jump to search
1,146 bytes added ,  21:57, 9 May 2021
no edit summary
Line 5,277: Line 5,277:  
!  Description
 
!  Description
 
|-
 
|-
| 0 || Secure Keyable (forced set if bit1 is set; once cleared, cannot be set again)
+
| 0 || [[#Secure Keyable|Secure Keyable]]
 
|-
 
|-
| 1 || Secure Readable (once cleared, cannot be set again)
+
| 1 || [[#Secure Readable|Secure Readable]]
 
|-
 
|-
| 2 || Keyable (forced set if bit3 is set; forced clear if bit0 is clear; can be toggled back and forth)
+
| 2 || [[#Insecure Keyable|Insecure Keyable]]
 
|-
 
|-
| 3 || Readable (forced clear if bit1 is clear; can be toggled back and forth)
+
| 3 || [[#Insecure Readable|Insecure Readable]]
 
|-
 
|-
| 4 || Writeable (can be toggled back and forth)
+
| 4 || [[#Insecure Writeable|Insecure Writeable]]
 
|}
 
|}
   −
On boot, the ACL is 0x1F for all $cX.
+
On boot, every crypto register has an ACL value of 0x1F.
   −
Loading into $cX using xdst instruction sets ACL($cX) to 0x13 and 0x1F, for heavy secure and non-secure mode respectively.
+
In HS mode, [[#STORE|STORE]] can always write to a crypto register and resets its ACL value back to 0x1F. In NS mode, [[#STORE|STORE]] can only write to a crypto register if it has the [[#Insecure Writeable|Insecure Writeable]] access mode.
   −
Spilling a $cX to DMEM using xdld instruction is allowed if (ACL($cX) & 2) or (ACL($cX) & 8), for heavy secure and non-secure mode respectively.
+
In HS mode, [[#LOAD|LOAD]] can only retrieve a crypto register's value if it has the [[#Secure Readable|Secure Readable]] access mode. In NS mode, [[#LOAD|LOAD]] can only retrieve a crypto register's value if it has the [[#Insecure Readable|Insecure Readable]] and [[#Secure Readable|Secure Readable]] access modes.
   −
Loading a secret into $cX sets a per-secret ACL, unconditionally.
+
Loading a secret into a crypto register sets a per-secret ACL, unconditionally.
 +
 
 +
==== Secure Keyable ====
 +
Controls if a crypto register can be used as key in HS mode.
 +
 
 +
Forced set if the crypto register has [[#Secure Readable|Secure Readable]] access. Once cleared, this access mode cannot be set again.
 +
 
 +
==== Secure Readable ====
 +
Controls if a crypto register can be read in HS mode.
 +
 
 +
Once cleared, this access mode cannot be set again.
 +
 
 +
==== Insecure Keyable ====
 +
Controls if a crypto register can be used as key in NS mode.
 +
 
 +
Forced set if the crypto register has [[#Secure Readable|Insecure Readable]] access. This access mode cannot be set if the crypto register doesn't have [[#Secure Keyable|Secure Keyable]] access.
 +
 
 +
==== Insecure Readable ====
 +
Controls if a crypto register can be read in NS mode.
 +
 
 +
This access mode cannot be set if the crypto register doesn't have [[#Secure Keyable|Secure Readable]] access.
 +
 
 +
==== Insecure Writeable ====
 +
Controls if a crypto register can be written to in NS mode.
 +
 
 +
This access mode has no effect in HS mode.
    
=== Secrets ===
 
=== Secrets ===
Line 5,304: Line 5,329:  
! Index || ACL || Description
 
! Index || ACL || Description
 
|-
 
|-
| 0x00 || 0x13 || Used by [[TSEC_Firmware#Keygen|Keygen]], nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares.
+
| 0x00 || 0x03 || Used by [[TSEC_Firmware#Keygen|Keygen]], nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares.
 
|-
 
|-
 
| 0x01 || 0x00 || Used by Falcon's [[#Secure BootROM|Secure BootROM]] for the signature generation algorithm.
 
| 0x01 || 0x00 || Used by Falcon's [[#Secure BootROM|Secure BootROM]] for the signature generation algorithm.
Line 5,314: Line 5,339:  
| 0x04 || 0x00 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
 
| 0x04 || 0x00 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
 
|-
 
|-
| 0x05 || 0x13 || Used by nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares.
+
| 0x05 || 0x03 || Used by nvhost_tsec, nvhost_nvdec_bl020_prod, nvhost_nvdec020_prod, nvhost_nvdec020_ns and acr_ucode firmwares.
 
|-
 
|-
 
| 0x06 || 0x01 || Used by Falcon's [[#Secure BootROM|Secure BootROM]] as key to decrypt data during authentication (decided by bit 17 in the [[#SEC|SEC]] register).
 
| 0x06 || 0x01 || Used by Falcon's [[#Secure BootROM|Secure BootROM]] as key to decrypt data during authentication (decided by bit 17 in the [[#SEC|SEC]] register).
Line 5,322: Line 5,347:  
| 0x08 || 0x00 ||
 
| 0x08 || 0x00 ||
 
|-
 
|-
| 0x09 || 0x13 || Used by nvhost_tsec firmware.
+
| 0x09 || 0x03 || Used by nvhost_tsec firmware.
 
|-
 
|-
 
| 0x0A || 0x01 ||
 
| 0x0A || 0x01 ||
Line 5,328: Line 5,353:  
| 0x0B || 0x00 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
 
| 0x0B || 0x00 || Used by nvhost_tsec, nvhost_nvdec020_prod and nvhost_nvdec020_ns firmwares.
 
|-
 
|-
| 0x0C || 0x13 ||
+
| 0x0C || 0x03 ||
 
|-
 
|-
 
| 0x0D || 0x01 ||
 
| 0x0D || 0x01 ||
Line 5,334: Line 5,359:  
| 0x0E || 0x00 ||
 
| 0x0E || 0x00 ||
 
|-
 
|-
| 0x0F || 0x13 || Used by nvhost_tsec firmware.
+
| 0x0F || 0x03 || Used by nvhost_tsec firmware.
 
|-
 
|-
 
| 0x10 || 0x01 || Used by [1.0.0-5.1.0] nvhost_tsec firmware.
 
| 0x10 || 0x01 || Used by [1.0.0-5.1.0] nvhost_tsec firmware.
Line 5,340: Line 5,365:  
| 0x11 || 0x00 ||
 
| 0x11 || 0x00 ||
 
|-
 
|-
| 0x12 || 0x13 ||
+
| 0x12 || 0x03 ||
 
|-
 
|-
 
| 0x13 || 0x01 ||
 
| 0x13 || 0x01 ||
Line 5,346: Line 5,371:  
| 0x14 || 0x00 ||
 
| 0x14 || 0x00 ||
 
|-
 
|-
| 0x15 || 0x13 || Used by nvhost_nvdec_bl020_prod, [5.0.0+] nvhost_nvdec020_prod, [5.0.0+] nvhost_nvdec020_ns and [6.0.0+] nvhost_tsec firmwares.
+
| 0x15 || 0x03 || Used by nvhost_nvdec_bl020_prod, [5.0.0+] nvhost_nvdec020_prod, [5.0.0+] nvhost_nvdec020_ns and [6.0.0+] nvhost_tsec firmwares.
 
|-
 
|-
 
| 0x16 || 0x01 ||
 
| 0x16 || 0x01 ||
Line 5,352: Line 5,377:  
| 0x17 || 0x00 || Used by [11.0.0+] nvhost_tsec firmware.
 
| 0x17 || 0x00 || Used by [11.0.0+] nvhost_tsec firmware.
 
|-
 
|-
| 0x18 || 0x13 ||
+
| 0x18 || 0x03 ||
 
|-
 
|-
 
| 0x19 || 0x01 ||
 
| 0x19 || 0x01 ||
Line 5,358: Line 5,383:  
| 0x1A || 0x00 ||
 
| 0x1A || 0x00 ||
 
|-
 
|-
| 0x1B || 0x13 ||
+
| 0x1B || 0x03 ||
 
|-
 
|-
 
| 0x1C || 0x01 ||
 
| 0x1C || 0x01 ||
Line 5,364: Line 5,389:  
| 0x1D || 0x00 ||
 
| 0x1D || 0x00 ||
 
|-
 
|-
| 0x1E || 0x13 ||
+
| 0x1E || 0x03 ||
 
|-
 
|-
 
| 0x1F || 0x01 ||
 
| 0x1F || 0x01 ||
Line 5,370: Line 5,395:  
| 0x20 || 0x00 ||
 
| 0x20 || 0x00 ||
 
|-
 
|-
| 0x21 || 0x13 ||
+
| 0x21 || 0x03 ||
 
|-
 
|-
 
| 0x22 || 0x01 ||
 
| 0x22 || 0x01 ||
Line 5,376: Line 5,401:  
| 0x23 || 0x00 ||
 
| 0x23 || 0x00 ||
 
|-
 
|-
| 0x24 || 0x13 ||
+
| 0x24 || 0x03 ||
 
|-
 
|-
 
| 0x25 || 0x01 ||
 
| 0x25 || 0x01 ||
Line 5,382: Line 5,407:  
| 0x26 || 0x00 || Used by [[TSEC_Firmware#KeygenLdr|KeygenLdr]] and [[TSEC_Firmware#SecureBoot|SecureBoot]]
 
| 0x26 || 0x00 || Used by [[TSEC_Firmware#KeygenLdr|KeygenLdr]] and [[TSEC_Firmware#SecureBoot|SecureBoot]]
 
|-
 
|-
| 0x27 || 0x13 ||
+
| 0x27 || 0x03 ||
 
|-
 
|-
 
| 0x28 || 0x01 ||
 
| 0x28 || 0x01 ||
Line 5,388: Line 5,413:  
| 0x29 || 0x00 ||
 
| 0x29 || 0x00 ||
 
|-
 
|-
| 0x2A || 0x13 ||
+
| 0x2A || 0x03 ||
 
|-
 
|-
 
| 0x2B || 0x01 ||
 
| 0x2B || 0x01 ||
Line 5,394: Line 5,419:  
| 0x2C || 0x00 ||
 
| 0x2C || 0x00 ||
 
|-
 
|-
| 0x2D || 0x13 ||
+
| 0x2D || 0x03 ||
 
|-
 
|-
 
| 0x2E || 0x01 ||
 
| 0x2E || 0x01 ||
Line 5,400: Line 5,425:  
| 0x2F || 0x00 ||
 
| 0x2F || 0x00 ||
 
|-
 
|-
| 0x30 || 0x13 ||
+
| 0x30 || 0x03 ||
 
|-
 
|-
 
| 0x31 || 0x01 ||
 
| 0x31 || 0x01 ||
Line 5,406: Line 5,431:  
| 0x32 || 0x00 ||
 
| 0x32 || 0x00 ||
 
|-
 
|-
| 0x33 || 0x13 ||
+
| 0x33 || 0x03 ||
 
|-
 
|-
 
| 0x34 || 0x01 ||
 
| 0x34 || 0x01 ||
Line 5,412: Line 5,437:  
| 0x35 || 0x00 ||
 
| 0x35 || 0x00 ||
 
|-
 
|-
| 0x36 || 0x13 ||
+
| 0x36 || 0x03 ||
 
|-
 
|-
 
| 0x37 || 0x01 ||
 
| 0x37 || 0x01 ||
Line 5,418: Line 5,443:  
| 0x38 || 0x00 ||
 
| 0x38 || 0x00 ||
 
|-
 
|-
| 0x39 || 0x13 ||
+
| 0x39 || 0x03 ||
 
|-
 
|-
 
| 0x3A || 0x01 ||
 
| 0x3A || 0x01 ||
Line 5,424: Line 5,449:  
| 0x3B || 0x00 ||
 
| 0x3B || 0x00 ||
 
|-
 
|-
| 0x3C || 0x13 || Used by nvhost_tsec firmware.
+
| 0x3C || 0x03 || Used by nvhost_tsec firmware.
 
|-
 
|-
 
| 0x3D || 0x01 ||
 
| 0x3D || 0x01 ||

Navigation menu