Using the Vybrid Security Reference Manual (Rev 1, 5/2013) I've been able to write code to configure and setup SNVS for external and wire-mesh tamper events. I'm able to force tamper and see the indicated in the SNVS_HPSVSR and SNVS_LPSR.
When I enable security violations and setup the interrupts via SNVS_HPSICR and force a tamper event an interrupt will be generated to my software. How do I clear the SNVS security violation interrupts? (I've tried writing 0xFFFFFFFF to SNVS_LPSR & SNVS_HPSVSR with no luck.
Thanks,
Ryan
已解决! 转到解答。
My guess is that in order to be able to clear the status flag, you should first move to a non-secure mode or a soft-fail mode
I found some code, where they are checking that the state is soft-fail and caam is in state mode before clearing the violation. But not sure exactly where the state is really moved
The reg32_read_test, seems to be just reading and comparing against the expected value, but not really writing.
void snvs_sec_interrupt(void){
reg32_read_tst(SNVS_HPSR, 0x80000300,0xFFFFFFFF); // Moved to Soft-Fail
reg32_read_tst(CAAM_CSTA, 0x00000300,0x00000300); // CAAM in Fail Mode
reg32_read_tst(SNVS_LPSR, 0x40000000,0xFFFFFFFF);
reg32clrbit (SNVS_HPCOMR, 9); // clr fail security violation
// Probably move back to secure mode here
return;
}
Hope you find this info useful
juangutierrez can you continue with the follow up?
Privileged read/write accessible registers can only be accessed for read/write by privileged software. Unauthorized write accesses are ignored, and unauthorized read accesses return zero. Non-privileged software can access privileged access registers when the non-privileged software access enable bit is set in the SNVS _HP Command Register.
In addition, all privileged access registers (except HPSVSR and LPSR) can be written to only if the system security monitor is in one of the three functional states:
• Non-Secure
• Trusted
• Secure
So I guess you need to move to one of this states in order to be able to
Try to Enable SNVS_HPCOMR[NPSWA_EN], so any software can access privileged registers, and see it that helps