Documentation
¶
Overview ¶
Package bee implements a driver for the NXP Bus Encryption Engine (BEE) adopting the following reference specifications:
- IMX6ULSRM - i.MX6UL Security Reference Manual - Rev 0 04/2016
This package is only meant to be used with `GOOS=tamago GOARCH=arm` as supported by the TamaGo framework for bare metal Go, see https://github.com/usbarmory/tamago.
Index ¶
Constants ¶
const ( BEE_CTRL = 0x00 CTRL_CLK_EN_LOCK = 31 CTRL_SFTRST_N_LOCK = 30 CTRL_AES_MODE_LOCK = 29 CTRL_SECURITY_LEVEL_LOCK = 24 CTRL_AES_KEY_SEL_LOCK = 20 CTRL_BEE_ENABLE_LOCK = 16 CTRL_CLK_EN = 15 CTRL_SFTRST_N = 14 CTRL_AES_MODE = 13 CTRL_SECURITY_LEVEL = 8 CTRL_AES_KEY_SEL = 4 CTRL_BEE_ENABLE = 0 BEE_ADDR_OFFSET0 = 0x04 BEE_ADDR_OFFSET1 = 0x08 // AES key BEE_AES_KEY0_W0 = 0x0c BEE_AES_KEY0_W1 = 0x10 BEE_AES_KEY0_W2 = 0x14 BEE_AES_KEY0_W3 = 0x18 // AES CTR nonce BEE_AES_KEY1_W0 = 0x20 BEE_AES_KEY1_W1 = 0x24 BEE_AES_KEY1_W2 = 0x28 BEE_AES_KEY1_W3 = 0x2c )
BEE registers
const ( AliasRegion0 = 0x10000000 AliasRegion1 = 0x30000000 AliasRegionSize = 0x20000000 )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BEE ¶
type BEE struct {
// Base register
Base uint32
// SNVS instance
SNVS *snvs.SNVS
// contains filtered or unexported fields
}
BEE represents the Bus Encryption Engine instance.
func (*BEE) Enable ¶
Enable activates the BEE using the argument memory regions, each can be up to AliasRegionSize (512 MB) in size.
After activation the regions are encrypted using AES CTR. On secure booted systems the internal OTPMK is used as key, otherwise a random one is generated and assigned.
After enabling, both regions should only be accessed through their respective aliased spaces (see AliasRegion0 and AliasRegion1) and only with caching enabled (see arm.ConfigureMMU).
Source Files