Security and Related Tools - wall comments

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

Security and Related Tools - wall comments

4,977件の閲覧回数
admin
Specialist II

The focus of this group is security and its tools issues, which cover topics about on-chip security features and settings.  The group’s focus covers these issues for all i.MX devices and OS’s.

0 件の賞賛
返信
23 返答(返信)

3,313件の閲覧回数
stevetsai
Contributor III

Do I can download the document and sample code to demonstrate how to implemnet trustzone in i.mx6? We need to use trustzone in the game console product. Thanks.

0 件の賞賛
返信

3,313件の閲覧回数
Yuri
NXP Employee
NXP Employee

Please use the enclosed my (very draft, sorry) example, based on ARM one.

0 件の賞賛
返信

3,313件の閲覧回数
YuryGeorgievski
Contributor I

Hello forum!

Not so crowded here, eh?

I start to wonder if anyone at all is using fsl PISA...

But still I'll give it a try...

i.MX PISA security-related SW can be found in http://git.freescale.com/git/

(i personally clone  remotes/origin/imx_3.0.35_1.1.0 branch)

All sec-related code is in drivers/mxc/security dir.

4 drivers/modules are involved in fsl SHW framework:

    1. shw

    2. rng

    3. dryice

    4. scc

Hope it's useful for somebody.

0 件の賞賛
返信

3,313件の閲覧回数
Yuri
NXP Employee
NXP Employee

   You are right, Linux for i.MX25 provides so called
Freescale Security Hardware API (FSL SHW API), which is intended
for access to security hardware components of Freescale.

To get more details how it may be used with i.MX25, please apply to
 

1) Chapter 18 (DryIce Driver) of “pdk2009_12_imx25_Linux_RM.pdf”
and
2) DOXYGEN documentation

 
in Linux documentation package on the Web.

Relevant functions may be found as “fsl_shw_*”.

   As has been mentioned, SAHARA is not included in i.MX25,

but some (general purpose, 3DES) crypto acceleration is available

for i.MX25, since the DryIce can work in pair with the SCC,

providing (external) keys. 

0 件の賞賛
返信

3,313件の閲覧回数
YuryGeorgievski
Contributor I

Thx!

0 件の賞賛
返信

3,313件の閲覧回数
YuryGeorgievski
Contributor I

Hello everyone,

Our company is working with IMX258 cpu with PISA (Platform-Independent Sec Architecture).

We manage to bring our HW to life with latest u-boot v2013.01 && linux 3.2.xx.

We have signed the image, and boot in the security mode.

Now the problem is that we need to export sec-related drivers API into the user space to test device tampering etc...

What I found up to now -- is  SAHARA2 Security Hardware Support with CONFIG_MXC_SAHARA flag.

My question is the following: where can I get latest security-related src code? If there is any git repo where I can clone from?

BTW we've got initial USB HAB bootstrap working from linux (command line tool for virgin imx258 bootstrapping). It's good to have some git repo where I can push && commit new sw.

Thank you for your help

Yury

0 件の賞賛
返信

3,313件の閲覧回数
Yuri
NXP Employee
NXP Employee

As I know the i.MX25 has no SAHARA module.

0 件の賞賛
返信

3,313件の閲覧回数
YuryGeorgievski
Contributor I

2 sub-frameworks are located in 'drivers/mxc/security' directory:

a. rng

b. sahara2

Exactly as you said -- imx258 does not have any SAHARA. So rng should be used.

It has an API to the userland and can be found in shw_driver.h (shw_user_request_t).

No DryIce interaction is possible with this ioctl. It should be extended.

Hope someone will find this info useful.

0 件の賞賛
返信

3,313件の閲覧回数
neerajsrivastav
Contributor I

Hi Sujata,

Can you provide the i.MX_TrustArchitecture_23Mar12.pdf PDF again as the above link is showing error while loading the Page.

If possible provide any other document which tells about the implementation of the TrustZone on IMX53/IM6 Sololite.



0 件の賞賛
返信

3,313件の閲覧回数
rajansoma
Contributor I

hi sujata,


We are company from hyderabad India, working on imx258.


We are using IMX258 but we want to implement security feature which is pci complaint.  Use SCC for secure pin encryption with TMK management from bank side.

We need a good webinar or training material on hab/SCC/Drye ice

0 件の賞賛
返信

3,313件の閲覧回数
hersioiwamoto
Contributor I

Hi Sujata,

I am interested on enabling HAB on iMx53.

I have received many information under NDA, but still not able to deploy it. We don´t know where the error is.

How can I get help? How to debug it?

0 件の賞賛
返信

3,313件の閲覧回数
rodz
Contributor III

To add to Sujata's comments, i.MX 6 in addition to the i.MX5 famility all support TrustZone.  There is no restriction on the use of TrustZone on any of these ICs.  The cores boot natively to the secure world.

0 件の賞賛
返信

3,313件の閲覧回数
sujataneidig
NXP Employee
NXP Employee

Gopu,


The i.MX 6 Series has not gone through a full market launch yet.  However, we do have partners who are offering embedded board solutions.Here's a link with available solutions at this time: http://imxcommunity.org/profiles/blogs/i-mx6-boards.

0 件の賞賛
返信

3,313件の閲覧回数
GopuSubramanian
Contributor I

Hello Sujata,

We are trying to develop a open source trustzone software framework. I would like to know whether we  have imx6 based open board to try the trustzone feature.

www.openvirtualization.org

0 件の賞賛
返信

3,313件の閲覧回数
ronaldbenvenutt
Contributor I

Hello Sujata :

Additional info : we are including security function on our product already running without security using i.mx258. This micro doesn't have examples, so we are adapting from imx53 and imx28. If you have some example or info specific of i.mx258, it would be welcome.

0 件の賞賛
返信

3,309件の閲覧回数
ronaldbenvenutt
Contributor I

Note : we already have the CST files.

0 件の賞賛
返信

3,313件の閲覧回数
ronaldbenvenutt
Contributor I

Hello Sujata :

I need the ZIP file(s) of pages 49, 50 and 51 of the last PDF presentation (apr 27)..

0 件の賞賛
返信

3,313件の閲覧回数
sujataneidig
NXP Employee
NXP Employee

Ronald, what specific files are you looking for?  The CST files are on our website.  Go to www.freescale.com and search for "IMX_CST_TOOL".

0 件の賞賛
返信

3,313件の閲覧回数
ronaldbenvenutt
Contributor I

Hi, we are developing a security product using imx258, and this is useful. Could someone please send the ZIP files associated to the presentation ?

0 件の賞賛
返信

3,313件の閲覧回数
sujataneidig
NXP Employee
NXP Employee

Hi, This presentation covers aspects of using security on the i.MX28 and i.MX53.  It was presented at last year's FTF and has recently been updated with more information.

GW: See attachment in post below.

Regards,

Grant

0 件の賞賛
返信