On Thu, Dec 05, 2024 at 05:56:31AM +0100, Vabhav Sharma wrote: > The tampers are security feature available on i.MX products and > managed by SNVS block.The tamper goal is to detect the variation > of hardware or physical parameters, which can indicate an attack. > > The SNVS, which provides secure non-volatile storage, allows to > detect some hardware attacks against the SoC.They are connected > to the security-violation ports, which send an alert when an > out-of-range value is detected. > > This detection is done by: > -Analog tampers: measure analogic values > - External clock frequency. > - Temperature. > - Voltage. > > - Digital tampers: > - External tamper > - Other detectors: > - Secure real-time counter rollover tamper. > - Monotonic counter rollover tamper. > - Power supply glitch tamper. > > The on-chip sensors for voltage, temperature, and clock frequency > indicate if tamper scenarios may be present. These sensors generate an > out-of-range signal that causes a security violation to clear the > authentication and storage keys and to block access to sensitive > information. > > Add linux module secvio driver to handle security violation interrupt. > > The "imx-secvio-sc" module is designed to report security violations > and tamper triggering to the user. > > The functionalities of the module are accessible via the "debugfs" > kernel.The folder containing the interface files for the module is > "<kernel_debugfs>/secvio/". Debugfs is for debugging, not accessing functions. Come with proper sysfs or other control interface and its ABI, not debugging one to avoid any review. Best regards, Krzysztof
