Re: [PATCH 0/4] soc: imx: secvio: Add secvio support

From: Krzysztof Kozlowski
Date: Thu May 09 2024 - 01:51:26 EST


On 09/05/2024 02:45, Vabhav Sharma wrote:
> The tampers are security feature available on i.MX products and
> managed by SNVS block.The tamper goal is to detect the variation
> of hardware or physical parameters, which can indicate an attack.
>
> The SNVS, which provides secure non-volatile storage, allows to
> detect some hardware attacks against the SoC.They are connected
> to the security-violation ports, which send an alert when an
> out-of-range value is detected.
>
> This detection is done by:
> -Analog tampers: measure analogic values
> - External clock frequency.
> - Temperature.
> - Voltage.
>
> - Digital tampers:
> - External tamper
> - Other detectors:
> - Secure real-time counter rollover tamper.
> - Monotonic counter rollover tamper.
> - Power supply glitch tamper.
>
> The on-chip sensors for voltage, temperature, and clock frequency
> indicate if tamper scenarios may be present. These sensors generate an
> out-of-range signal that causes a security violation to clear the
> authentication and storage keys and to block access to sensitive
> information.
>
> Add linux module secvio driver to handle security violation interrupt.
>
> The "imx-secvio-sc" module is designed to report security violations
> and tamper triggering to the user.
>
> The functionalities of the module are accessible via the "debugfs"
> kernel.The folder containing the interface files for the module is
> "<kernel_debugfs>/secvio/".
>
> Get status
> Reading from the "info" file will return the status of security:
> - Fuse related to security tampers.
> - SNVS readable registers.
> - DGO registers.
>
> Signed-off-by: Vabhav Sharma <vabhav.sharma@xxxxxxx>
> ---
> Vabhav Sharma (4):
> dt-bindings: firmware: secvio: Add device tree bindings
> firmware: imx: Add SC APIs required for secvio module
> soc: imx: secvio: Add support for SNVS secvio and tamper via SCFW
> arm64: dts: imx8q: Add node for Security Violation

Please version your patches correctly and provide changelog.

I wrote about b4 already, which solves this as well.

What changed here?

Best regards,
Krzysztof