lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 18 Nov 2013 17:30:47 +0000
From:	Catalin Marinas <catalin.marinas@....com>
To:	Stephen Warren <swarren@...dotorg.org>
Cc:	Alex Courbot <acourbot@...dia.com>,
	Alexandre Courbot <gnurou@...il.com>,
	Kukjin Kim <kgene.kim@...sung.com>,
	Stephen Warren <swarren@...dia.com>,
	Tomasz Figa <t.figa@...sung.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Kyungmin Park <kyungmin.park@...sung.com>,
	"linux-samsung-soc@...r.kernel.org" 
	<linux-samsung-soc@...r.kernel.org>,
	Olof Johansson <olof@...om.net>,
	Russell King <linux@....linux.org.uk>,
	"linux-arm-kernel@...ts.infradead.org" 
	<linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH] ARM: move firmware_ops to drivers/firmware

On Mon, Nov 18, 2013 at 05:03:37PM +0000, Stephen Warren wrote:
> On 11/18/2013 04:58 AM, Catalin Marinas wrote:
> ...
> > Of course, trusted foundations interface could be plugged into cpu_ops
> > on arm64 but I will NAK it on the grounds of not using the PSCI API, nor
> > the SMC calling convention (and it's easy to fix when porting to ARMv8).
> > If a supported standard API is used, then there is no need for
> > additional code in the kernel.
> 
> What happens when someone takes an existing working secure-mode SW stack
> and simply re-uses it on some new ARMv8 SoC. Are you going to force
> people working on upstream to re-write the secure mode firmware in
> shipped hardware before allowing upstream kernel support?

Don't confuse the secure stack with the secure monitor running at EL3.
If you want AArch64 support for lower levels (EL2, EL1, EL0), your
monitor _must_ be AArch64. You can't run legacy AArch32 code at EL3 and
have lower levels in AArch64 mode (architectural constraint). You can
still keep the secure services at S-EL1 in AArch32, only that the SMCs
are handled by EL3 (and that's another aspect the SMC calling convention
spec is trying to address, mixed register-width secure/non-secure OSes).

-- 
Catalin
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ