[PATCH v4 0/4] firmware: imx: secvio: Add secvio support

Krzysztof Kozlowski krzk at kernel.org
Thu Dec 5 01:17:13 PST 2024


On Thu, Dec 05, 2024 at 05:56:31AM +0100, Vabhav Sharma wrote:
> The tampers are security feature available on i.MX products and
> managed by SNVS block.The tamper goal is to detect the variation
> of hardware or physical parameters, which can indicate an attack.
> 
> The SNVS, which provides secure non-volatile storage, allows to
> detect some hardware attacks against the SoC.They are connected
> to the security-violation ports, which send an alert when an
> out-of-range value is detected.
> 
> This detection is done by:
> -Analog tampers: measure analogic values
> 	- External clock frequency.
> 	- Temperature.
> 	- Voltage.
> 
> - Digital tampers:
> 	- External tamper
> 	- Other detectors:
> 		- Secure real-time counter rollover tamper.
> 		- Monotonic counter rollover tamper.
> 		- Power supply glitch tamper.
> 
> The on-chip sensors for voltage, temperature, and clock frequency
> indicate if tamper scenarios may be present. These sensors generate an
> out-of-range signal that causes a security violation to clear the
> authentication and storage keys and to block access to sensitive
> information.
> 
> Add linux module secvio driver to handle security violation interrupt.
> 
> The "imx-secvio-sc" module is designed to report security violations
> and tamper triggering to the user.
> 
> The functionalities of the module are accessible via the "debugfs"
> kernel.The folder containing the interface files for the module is
> "<kernel_debugfs>/secvio/".


Debugfs is for debugging, not accessing functions. Come with proper
sysfs or other control interface and its ABI, not debugging one to avoid
any review.

Best regards,
Krzysztof




More information about the linux-arm-kernel mailing list