T239: Difference between revisions
Add initial T239 page with known specifications |
Document PAC, Memory Encryption |
||
| Line 2: | Line 2: | ||
CPU | CPU | ||
* Eight 64-bit ARM Cortex A78C cores | * Eight 64-bit ARM Cortex [https://developer.arm.com/Processors/Cortex-A78C A78C] cores | ||
Cache | Cache | ||
| Line 15: | Line 15: | ||
GPU | GPU | ||
* Cores 1536-core Ampere GPU | * Cores 1536-core Ampere GPU | ||
== Notable Security Features == | |||
=== PAC === | |||
A78C supports Armv8.3-A Pointer Authentication and Armv8.6-A Enhanced Pointer Authentication instructions. | |||
=== Memory Encryption === | |||
The T239 appears to support [https://docs.nvidia.com/jetson/archives/r35.4.1/DeveloperGuide/text/SD/Security/MemoryEncryption.html memory encryption], similar to the T234. | |||
Memory within certain carveout regions is encrypted. The memory controller transparently encrypts data during writes and decrypts data during reads. For these regions, an attacker sniffing the external memory bus will see only ciphertext. Application memory is not encrypted, presumably for performance reasons, since encryption incurs a latency cost. | |||
It is likely that encryption is tweaked on a per-physical-address basis. So, an attacker with control of the external memory bus cannot e.g. relocate data from one address to another. | |||
Revision as of 00:10, 29 June 2025
NVIDIA T239 SoC Specifications
CPU
- Eight 64-bit ARM Cortex A78C cores
Cache
- 4 MB Shared L3 Cache, 256KB L2 Cache per core, 64KB/64KB (I/D) L1 Cache per core
Memory Frequency
- LPDDR5X-3200, 128-bit (102 GB/s)
Memory Size
- 12 GB
GPU
- Cores 1536-core Ampere GPU
Notable Security Features
PAC
A78C supports Armv8.3-A Pointer Authentication and Armv8.6-A Enhanced Pointer Authentication instructions.
Memory Encryption
The T239 appears to support memory encryption, similar to the T234.
Memory within certain carveout regions is encrypted. The memory controller transparently encrypts data during writes and decrypts data during reads. For these regions, an attacker sniffing the external memory bus will see only ciphertext. Application memory is not encrypted, presumably for performance reasons, since encryption incurs a latency cost.
It is likely that encryption is tweaked on a per-physical-address basis. So, an attacker with control of the external memory bus cannot e.g. relocate data from one address to another.