Linux SDK for AM62D
12_00_00_07_04
1. Overview
2. Release Specific
3. Foundational Components
3.1. U-Boot
3.2. Kernel
3.3. Power Management
3.4. Security
3.4.1. Device Security
3.4.2. Secure Boot
3.4.3. SELinux - User Guide
3.4.4. Authenticated Boot User Guide
3.4.5. Memory Firewalls
3.4.6. File System Encryption with fTPM
3.4.7. Post-quantum cryptography
3.5. Filesystem
3.6. Tools
3.7. IPC for AM62Dx
3.8. Virtualization
3.9. Machine Learning
3.10. ARM Trusted Firmware-A
3.11. OP-TEE
4. How to Guides
5. RTOS/NO-RTOS [MCU+ SDK]
6. Demo Applications
7. Documentation Tarball
Linux SDK for AM62D
3.
Foundational Components
3.4.
Security
Edit on GitHub
3.4.
Security
3.4.1. Device Security
3.4.1.1. Security Overview
3.4.1.2. Security Domains
3.4.1.3. Security Features at a Glance
3.4.2. Secure Boot
3.4.2.1. Introduction
3.4.2.2. Secure Boot Flow
3.4.2.3. HS Boot Flow Tools
3.4.3. SELinux - User Guide
3.4.3.1. Introduction
3.4.3.2. Filesystem Setup
3.4.3.2.1. Yocto
3.4.3.2.2. Debian
3.4.3.3. Permissive mode Setup
3.4.3.4. Enforcing mode Setup
3.4.3.5. Integrating into Yocto for production
3.4.4. Authenticated Boot User Guide
3.4.4.1. Introduction
3.4.4.2. Learning
3.4.4.2.1. Root of Trust (RoT)
3.4.4.2.2. Chain of Trust (CoT)
3.4.4.2.3. Device Mapper
3.4.4.2.3.1. dm-verity
3.4.4.2.3.2. dm-crypt
3.4.4.3. Setup
3.4.4.4. Next steps
3.4.4.5. See Also
3.4.5. Memory Firewalls
3.4.5.1. Overview
3.4.5.2. What Happens During a Firewall Violation
3.4.5.3. Triggering a Firewall Exception
3.4.5.4. Enabling TIFS Logs
3.4.5.4.1. Modify U-Boot Configuration
3.4.5.4.2. Build and Deploy U-Boot
3.4.5.5. Accessing TIFS Logs
3.4.5.6. Interpreting TIFS Logs
3.4.6. File System Encryption with fTPM
3.4.6.1. Introduction
3.4.6.2. Key features
3.4.6.3. Concepts
3.4.6.3.1. Root Filesystem Encryption
3.4.6.3.2. Firmware TPM (fTPM)
3.4.6.3.3. eMMC RPMB
3.4.6.4. Implementation Details
3.4.6.4.1. System Architecture
3.4.6.4.2. Boot Process Flow
3.4.6.4.3. Key Management Flow
3.4.6.4.4. Encryption Process
3.4.6.5. Setup
3.4.6.6. dm-crypt performance
3.4.6.7. Security Considerations
3.4.6.7.1. Reference Implementation
3.4.6.7.2. Further Enhancements
3.4.7. Post-quantum cryptography
3.4.7.1. Introduction
3.4.7.2. Verifying post-quantum support
3.4.7.3. Supported algorithms
3.4.7.3.1. Key encapsulation
3.4.7.3.2. Digital signatures
3.4.7.3.3. Hash-based signatures
3.4.7.4. Usage examples
3.4.7.4.1. Generating keys and signing
3.4.7.4.2. Hash-based key signing
3.4.7.4.3. Self-signed certificate
3.4.7.5. Testing the key exchange
3.4.7.5.1. Generating a certificate
3.4.7.5.2. Starting the server
3.4.7.5.3. Connecting the client
3.4.7.5.4. Handshake walkthrough
3.4.7.6. Notes
3.4.7.7. See also