Freescale Semiconductor SEC2SWUG specifications VxWorks Environment, Driver Operation in User Mode

Page 40

VxWorks Environment

6.2.2 Driver Operation in User Mode

Operation of the SEC2 device in user mode is slightly more complex than in kernel mode. In particular, the transition from user to kernel memory space creates two complications for user mode operation:

1.User memory buffers can't be passed directly to the driver; instead, in this driver edition, the user must allocate and place data in kernel memory buffer for operation. This can be accomplished via SEC2_MALLOC, SEC2_FREE, SEC2_COPYFROM, and SEC2_COPYTO requests (see Section 3.3.1, “I/O Control Codes” for more information).

Note: extreme caution must be exercised by the user in transferring memory in this fashion; kernel memory space may easily be corrupted by the caller, causing target system instability.

2.Standard notification callbacks cannot work, since the routines to perform the callback are in user memory space, and cannot safely execute from kernel mode. In their place, standard POSIX signals can be used to indicate I/O completion by placing the process ID of the user task in the notification members of the request, and flagging NOTIFY_IS_PID in the notifyFlags member. The driver uses SIGUSR1 to indicate normal request completions, and SIGUSR2 to indicate error completions.

The example suite available with the driver illustrates the contrast between the two different application environments. Within the testAll.c file, there is a set of functions that shows the difference between the two operations. Building the example testing application with __KERNEL__ on (building a kernel mode test) shows the installation and usage of standard completion callbacks and a mutex used for interlock. Conversely, building the example testing application with USERMODE turned on shows the installation of signal handlers and their proper setup.

In USERMODE, this example also shows one possible means for handling the user to kernel memory transition via the use of three functions for transferring user buffers to and from kernel memory.

6.2.3 Driver Module License Macro

A common necessity of loadable modules for Linux is the inclusion of a license macro (MODULE_LICENSE) that declares a string defining the type of license terms under which the module's code has been published. In the case of the SEC2 driver module, this code is delivered in source form under the terms of a restricted license agreement. Therefore, this macro has been passed a name of “Freescale Restricted” to acknowledge the existence of this agreement.

When loading the driver object, the existence of a non-GPL, non-BSD license string will cause a warning message to be printed to the console, stating that loading a module with a proprietary license will “taint” the kernel. This message is normal, expected, and will not cause any adverse operation of your running system.

7 VxWorks Environment

The following sections describe the installation of the SEC2 security processor software drivers, BSP integration, and distribution archives.

7.1 Installation

To install the software drivers, extract the archive containing the driver source files into a suitable installation directory. If you want the driver and tests to be part of a standard VxWorks source tree, place them in:

SEC 2.0 Reference Device Driver User’s Guide, Rev. 0

40

PRELIMINARY—SUBJECT TO CHANGE WITHOUT NOTICE

Freescale Semiconductor

Image 40
Contents Overview Freescale SemiconductorAcronyms and Abbreviations OverviewTerm Meaning SEC 2.0 Reference Device Driver User’s Guide, RevDevice Driver Components Device Driver StructureDevice Driver Components End-User ApplicationInterrupt Service Routine Driver Initialization RoutineRequest Dispatch Routine Process Request RoutineDeferred Service Routine User InterfaceApplication Interface User InterfaceError Handling = DpdaesacbcencryptcryptGlobal Definitions 1 I/O Control CodesChannel Definitions Second and Third Arguments in the ioctl FunctionCallback Error Status Return Code Operation ID opId MasksReturn Codes Channel DefinesSEC2ADDRESSPROBLEM SEC2CHAERRORSEC2PARITYSYSTEMERROR SEC2TEAERRORSEC2CANCELLEDREQUEST Miscellaneous Request StructuresSEC2INVALIDADDRESS Define DescriptionProcess Request Structures StatusreqNotifyonerror Scatter-Gather Buffer ManagementDirect Scatter-Gather Usage Example Individual Request Type Descriptions Random Number RequestsDES Requests RngreqARC4 Requests Descryptreq1 ARC4LOADCTXCRYPTREQ Descbccryptreq Valid Descriptors opIdARC4LOADCTXCRYPTREQ Valid Descriptor opId 2 ARC4LOADKEYCRYPTUNLOADCTXREQARC4LOADKEYCRYPTUNLOADCTXREQ Valid Descriptor opId Hashreq Hash RequestsHashreq Valid Descriptors 0x4400 opId Hmacpadreq Hmac RequestsHashreq Valid Descriptors 0x4500 opId Aesacryptreq AES RequestsHmacpadreq Valid Descriptors opId Integer Public Key Requests ModexpreqAesacryptreq Valid Descriptors opId Modexpreq Valid Descriptor opIdModssexpreq MODR2MODNREQModssexpreq Valid Descriptor opId DpdmmssrsaexpModrrmodpreq 5 MOD2OPREQModrrmodpreq Valid Descriptor opId 0x5300MOD2OPREQ Valid Descriptors opId Value Function Description Eccpointreq ECC Public Key RequestsMOD2OPREQ Valid Descriptors opId 2 ECC2OPREQ Eccpointreq Valid Descriptors opIdEccspkbuildreq ECC2OPREQ Valid Descriptors opIdEccspkbuildreq Valid Descriptor opId DpdecspkbuildulctxIPSec Requests EccptadddblreqIpseccbcreq Eccptadddblreq Valid Descriptor opIdIpseccbcreq Valid Descriptors opId Descriptors Ipsececbreq Ipsececbreq Valid Descriptors opIdIpsecaescbcreq Ipsecaescbcreq Valid Descriptors opIdIpsecaesecbreq Ipsecespreq Ipsecaesecbreq Valid Descriptors opIdIpsecespreq Valid Descriptors opId Dpdipsecespinsdescbcdcrptshapad DPDIPSECESPOUTTDESCBCCRPTMD5PADDpdipsecespouttdescbccrptshapad DPDIPSECESPINTDESCBCDCRPTMD5PAD10 802.11 Protocol Requests Srtp Protocol RequestsCcmpreq SrtpreqDES Sample Sample CodeSrtpreq Valid Descriptors opId Ipsec Sample PRELIMINARY-SUBJECT to Change Without Notice Linux Environment InstallationOperation Driver Operation in User Mode VxWorks EnvironmentDriver Module License Macro VxWorks EnvironmentPorting Building the Interface ModulesBSP Integration VxWorks Interface Module VariablesHeader Files Interrupt Service RoutineSource Files Debug Messaging Conditional CompilationDistribution Archive How to Reach Us

SEC2SWUG specifications

Freescale Semiconductor, a prominent player in the semiconductor industry, has made significant strides in developing robust solutions tailored for the automotive and industrial sectors. One such innovation is the SEC2SWUG (Security Configuration to Software User Guide), a comprehensive framework designed to enhance security protocols across various applications.

The SEC2SWUG is particularly vital in an era where cybersecurity threats are increasingly sophisticated. This tool is built to help developers implement security measures seamlessly during the software design phase, ensuring products are resilient against potential vulnerabilities. One of the main features of the SEC2SWUG is its versatility; it can be applied across a wide range of microcontrollers and processors offered by Freescale. This is particularly advantageous for engineers who require a consistent security approach across different platforms.

In terms of technology, the SEC2SWUG incorporates advanced cryptographic algorithms, allowing for data encryption, decryption, and authentication processes. This ensures that sensitive information remains secure, particularly in automotive applications where vehicle-to-everything (V2X) communication is becoming paramount. Moreover, the guide details the implementation of secure boot processes, which verify the integrity of firmware before it executes, bolstering overall system security.

Another key characteristic of SEC2SWUG is its user-friendliness. Freescale has focused on creating a resource that not only provides theoretical knowledge but also practical guidelines, making it easier for developers to integrate security protocols into their projects. The guide features clear annotations, example code snippets, and troubleshooting tips, which enhance the developer experience and facilitate a smoother transition from concept to execution.

Additionally, SEC2SWUG is designed to be scalable. As industries evolve, the demand for security measures will only grow, and this framework ensures that developers can adapt their solutions accordingly. Whether working on embedded systems, IoT applications, or complex automotive networks, the SEC2SWUG offers a robust security foundation.

In conclusion, Freescale Semiconductor's SEC2SWUG is a vital tool for engineers and developers looking to embed security into their applications. With its focus on advanced technologies and user-centric design, the SEC2SWUG stands at the forefront of secure software development, addressing the critical need for safety in interconnected systems.