lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Jul 2012 10:53:39 -0400 From: Christopher Covington <cov@...eaurora.org> To: Catalin Marinas <catalin.marinas@....com> CC: Jon Masters <jonathan@...masters.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Arnd Bergmann <arnd@...db.de>, Will Deacon <Will.Deacon@....com> Subject: Re: [PATCH 08/36] AArch64: Kernel booting and initialisation Hi Catalin, On 07/20/2012 09:48 AM, Catalin Marinas wrote: > On Thu, Jul 19, 2012 at 06:31:07PM +0100, Christopher Covington wrote: >> On 07/18/2012 02:57 AM, Jon Masters wrote: >>> On 07/06/2012 05:05 PM, Catalin Marinas wrote: >>> >>>> +- CPU mode >>>> + All forms of interrupts must be masked in PSTATE.DAIF (Debug, SError, >>>> + IRQ and FIQ). >>>> + The CPU must be in either EL2 (RECOMMENDED) or non-secure EL1. >> >> Why not secure EL1? > > Because the secure side does not have virtualisation extensions so you > won't be able to run something like KVM. This is another useful explanation to include, in my opinion. >>> Even though this stuff is likely to be replaced with the result of some >>> of the other standardization, I'd like it if you'd strongly consider >>> removing the "or non-secure EL1". If you give an inch, someone will take >>> a mile and build a system that enters other than in EL2. Or, something >>> to the effect of "the highest non-secure exception level implemented" >>> would be my preference if you don't want to specify. >> >> I think it would be best to list the technical limitations, from the >> kernel's perspective, of the unsupported exception levels and the >> advantages of the supported exception levels here. If you want to guide >> system builders towards EL2, I think it'd be more convincing to document >> the relevant technical aspects (perhaps KVM needs facilities only >> available in EL2) than just providing an unexplained requirement. > > That's not meant to be an official document for SoC designers. It just > states the requirements from the Linux kernel perspective. But ARM is > producing platform design documents covering hardware and firmware > requirements and these will be made available. I agree that the main audience for this document should be kernel and bootloader hackers and I now think I concentrated a little too much on how my suggestions, meant to advocate for that audience, could be seen as aligned with Jon's comment. Christopher -- Employee of Qualcomm Innovation Center, Inc. Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists