Qoriq Trust Architecture 2.1 User Guide

The guide covers mechanisms to ensure the system hasn't been compromised while it is running.

---

This guide is current as of TA 2.1 implemented in LS series chips. Always verify your exact SoC version, as fuse maps differ slightly between T-series (e500 cores) and Layerscape (ARM Cortex-A).

The QorIQ Trust Architecture 2.1 User Guide is a restricted document for NXP Layerscape processors, covering secure boot, internal key protection, TrustZone, and hardware resource partitioning. Access to this documentation requires registration and approval through the NXP Support Portal due to the sensitive nature of the security information. For more information, visit NXP Support Portal NXP Community Trusted Architecture questions on ls1012a - NXP Community qoriq trust architecture 2.1 user guide

>4. I couldn't find "QorIQ Trust Architecture 2.1 User Guide", >which is pointed out by QorIQ LS1012A reference manual. Is that. > NXP Community Trusted Architecture questions on ls1012a - NXP Community

>4. I couldn't find "QorIQ Trust Architecture 2.1 User Guide", >which is pointed out by QorIQ LS1012A reference manual. Is that. > NXP Community The guide covers mechanisms to ensure the system

From U-Boot:

# Write a key to SNVS slot 0
=> snvs --write 0 0xDEADBEEFCAFEBABE...
# Read back
=> snvs --read 0

From Linux (using CAAM driver):

// Using /dev/crypto or keyctl
#include <asm/crypto.h>
struct caam_snvs_key key;
key.slot = 0;
memcpy(key.data, user_key, 16);
ioctl(fd, CAAM_SNVS_ADD, &key);

The SNVS is erased if the device detects a physical tamper event (e.g., temperature or voltage glitch) or if the chassis is opened (via a GPIO tamper switch).

---