BL1: Update bl_secure_mem(cpy|eql) functions
Remove bl_secure_memcpy. As bl_secure_memeql is never used on secret
data, remove the unnecessary DPA and timing countermeasures and rename
to make clear it is hardened against fault injection only.
Change-Id: I8a1d9209350fad8b282e3aa89f923a4f80e12b24
Signed-off-by: Raef Coles <raef.coles@arm.com>
diff --git a/docs/design_docs/booting/bl1.rst b/docs/design_docs/booting/bl1.rst
index 831d019..434a389 100644
--- a/docs/design_docs/booting/bl1.rst
+++ b/docs/design_docs/booting/bl1.rst
@@ -224,23 +224,12 @@
BL1 reuses the FI countermeasures used in the TF-M runtime, which are found in
``lib/fih/``.
-BL1 implements countermeasures against DPA, which are primarily targeted
-towards being able to handle cryptographic material without leaking its
-contents. The functions with these countermeasures are found in
-``bl1/bl1_1/shared_lib/util.c``
+BL1 implements countermeasures against fault injection. The functions with these
+countermeasures are found in ``bl1/bl1_1/shared_lib/util.c``
-``bl_secure_memeql`` tests if memory regions have the same value
+``bl_fih_memeql`` tests if memory regions have the same value
-- It does not perform early exits to prevent timing attacks.
-- It compares chunks in random orders to prevent DPA trace correlation analysis
-- It inserts random delays to prevent DPA trace correlation analysis
-- It performs loop integrity checks
-- It uses FIH constructs
-
-``bl_secure_memcpy`` copies memory regions
-
-- It copies chunks in random orders to prevent DPA trace correlation analysis
-- It inserts random delays to prevent DPA trace correlation analysis
+- It inserts random delays to improve resilience to FIH attacks
- It performs loop integrity checks
- It uses FIH constructs
@@ -299,4 +288,4 @@
--------------
-*Copyright (c) 2022, Arm Limited. All rights reserved.*
+*Copyright (c) 2022-2023, Arm Limited. All rights reserved.*