Line 5,302: |
Line 5,302: |
| On boot, every crypto register has an ACL value of 0x1F. | | On boot, every crypto register has an ACL value of 0x1F. |
| | | |
− | In HS mode, [[#STORE|STORE]] can always write to a crypto register and resets its ACL value back to 0x1F. In NS mode, [[#STORE|STORE]] can only write to a crypto register if it has the [[#Insecure Writeable|Insecure Writeable]] access mode. | + | In HS mode, [[#STORE|STORE]] can always write to a crypto register. In NS and LS modes, [[#STORE|STORE]] can only write to a crypto register if it has the [[#Insecure Writeable|Insecure Writeable]] access mode. |
| | | |
− | In HS mode, [[#LOAD|LOAD]] can only retrieve a crypto register's value if it has the [[#Secure Readable|Secure Readable]] access mode. In NS mode, [[#LOAD|LOAD]] can only retrieve a crypto register's value if it has the [[#Insecure Readable|Insecure Readable]] and [[#Secure Readable|Secure Readable]] access modes. | + | In HS mode, [[#LOAD|LOAD]] can only retrieve a crypto register's value if it has the [[#Secure Readable|Secure Readable]] access mode. In NS and LS modes, [[#LOAD|LOAD]] can only retrieve a crypto register's value if it has the [[#Insecure Readable|Insecure Readable]] and [[#Secure Readable|Secure Readable]] access modes. |
| | | |
| Loading a secret into a crypto register sets a per-secret ACL, unconditionally. | | Loading a secret into a crypto register sets a per-secret ACL, unconditionally. |
Line 5,319: |
Line 5,319: |
| | | |
| ==== Insecure Keyable ==== | | ==== Insecure Keyable ==== |
− | Controls if a crypto register can be used as key in NS mode. | + | Controls if a crypto register can be used as key in NS and LS modes. |
| | | |
| Forced set if the crypto register has [[#Secure Readable|Insecure Readable]] access. This access mode cannot be set if the crypto register doesn't have [[#Secure Keyable|Secure Keyable]] access. | | Forced set if the crypto register has [[#Secure Readable|Insecure Readable]] access. This access mode cannot be set if the crypto register doesn't have [[#Secure Keyable|Secure Keyable]] access. |
| | | |
| ==== Insecure Readable ==== | | ==== Insecure Readable ==== |
− | Controls if a crypto register can be read in NS mode. | + | Controls if a crypto register can be read in NS and LS modes. |
| | | |
| This access mode cannot be set if the crypto register doesn't have [[#Secure Keyable|Secure Readable]] access. | | This access mode cannot be set if the crypto register doesn't have [[#Secure Keyable|Secure Readable]] access. |
| | | |
| ==== Insecure Writeable ==== | | ==== Insecure Writeable ==== |
− | Controls if a crypto register can be written to in NS mode. | + | Controls if a crypto register can be written to in NS and LS modes. |
| | | |
| This access mode has no effect in HS mode. | | This access mode has no effect in HS mode. |