lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20131029183937.GC17573@beef>
Date:	Tue, 29 Oct 2013 14:39:37 -0400
From:	Matt Porter <matt.porter@...aro.org>
To:	Kumar Gala <galak@...eaurora.org>
Cc:	Mark Rutland <mark.rutland@....com>,
	"devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
	Kevin Hilman <khilman@...aro.org>,
	Russell King <linux@....linux.org.uk>,
	Arnd Bergmann <arnd@...db.de>, Pawel Moll <Pawel.Moll@....com>,
	Stephen Warren <swarren@...dotorg.org>,
	Tomasz Figa <t.figa@...sung.com>,
	Ian Campbell <ijc+devicetree@...lion.org.uk>,
	Tomasz Figa <tomasz.figa@...il.com>,
	"rob.herring@...xeda.com" <rob.herring@...xeda.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"linux-tegra@...r.kernel.org" <linux-tegra@...r.kernel.org>,
	Alexandre Courbot <acourbot@...dia.com>,
	Olof Johansson <olof@...om.net>,
	Dave P Martin <Dave.Martin@....com>,
	"linux-arm-kernel@...ts.infradead.org" 
	<linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH v9 1/5] ARM: add basic support for Trusted Foundations

On Tue, Oct 29, 2013 at 03:12:05AM -0500, Kumar Gala wrote:
> 
> On Oct 28, 2013, at 7:25 PM, Mark Rutland wrote:
> 
> > On Mon, Oct 28, 2013 at 11:31:36PM +0000, Tomasz Figa wrote:
> >> On Monday 28 of October 2013 14:56:49 Olof Johansson wrote:
> >>> On Mon, Oct 28, 2013 at 05:57:04AM -0500, Kumar Gala wrote:
> >>>> On Oct 28, 2013, at 5:28 AM, Alexandre Courbot wrote:
> >>>>> Trusted Foundations is a TrustZone-based secure monitor for ARM that
> >>>>> can be invoked using the same SMC-based API on all supported
> >>>>> platforms. This patch adds initial basic support for Trusted
> >>>>> Foundations using the ARM firmware API. Current features are limited
> >>>>> to the ability to boot secondary processors.
> >>>>> 
> >>>>> Note: The API followed by Trusted Foundations does *not* follow the
> >>>>> SMC
> >>>>> calling conventions. It has nothing to do with PSCI neither and is
> >>>>> only
> >>>>> relevant to devices that use Trusted Foundations (like most
> >>>>> Tegra-based
> >>>>> retail devices).
> >>>>> 
> >>>>> Signed-off-by: Alexandre Courbot <acourbot@...dia.com>
> >>>>> Reviewed-by: Tomasz Figa <t.figa@...sung.com>
> >>>>> Reviewed-by: Stephen Warren <swarren@...dia.com>
> >>>>> ---
> >>>>> .../arm/firmware/tl,trusted-foundations.txt        | 20 ++++++
> >>>>> .../devicetree/bindings/vendor-prefixes.txt        |  1 +
> >>>>> arch/arm/Kconfig                                   |  2 +
> >>>>> arch/arm/Makefile                                  |  1 +
> >>>>> arch/arm/firmware/Kconfig                          | 28 ++++++++
> >>>>> arch/arm/firmware/Makefile                         |  1 +
> >>>>> arch/arm/firmware/trusted_foundations.c            | 79
> >>>>> ++++++++++++++++++++++ arch/arm/include/asm/trusted_foundations.h  
> >>>>>      | 67 ++++++++++++++++++ 8 files changed, 199 insertions(+)
> >>>>> create mode 100644
> >>>>> Documentation/devicetree/bindings/arm/firmware/tl,trusted-foundatio
> >>>>> ns.txt create mode 100644 arch/arm/firmware/Kconfig
> >>>>> create mode 100644 arch/arm/firmware/Makefile
> >>>>> create mode 100644 arch/arm/firmware/trusted_foundations.c
> >>>>> create mode 100644 arch/arm/include/asm/trusted_foundations.h
> >>>>> 
> >>>>> diff --git
> >>>>> a/Documentation/devicetree/bindings/arm/firmware/tl,trusted-foundat
> >>>>> ions.txt
> >>>>> b/Documentation/devicetree/bindings/arm/firmware/tl,trusted-foundat
> >>>>> ions.txt new file mode 100644
> >>>>> index 0000000..2ec75c9
> >>>>> --- /dev/null
> >>>>> +++
> >>>>> b/Documentation/devicetree/bindings/arm/firmware/tl,trusted-foundat
> >>>>> ions.txt @@ -0,0 +1,20 @@
> >>>>> +Trusted Foundations
> >>>>> +-------------------
> >>>>> +
> >>>>> +Boards that use the Trusted Foundations secure monitor can signal
> >>>>> its
> >>>>> +presence by declaring a node compatible with
> >>>>> "tl,trusted-foundations"
> >>>>> +under the /firmware/ node
> >>>>> +
> >>>>> +Required properties:
> >>>>> +- compatible : "tl,trusted-foundations"
> >>>>> +- version-major : major version number of Trusted Foundations
> >>>>> firmware
> >>>>> +- version-minor: minor version number of Trusted Foundations
> >>>>> firmware
> >>>> 
> >>>> vendor prefix version.
> >>> 
> >>> Are you saying he should use tl,version-major tl,version-minor? For
> >>> bindings that are already vendor-specific we haven't (on ARM) asked for
> >>> vendor prefix on properties. It doesn't mean that we should keep going
> >>> down that route though, so I'm just asking for clarification for my own
> >>> edification. :)
> >> 
> >> This is a good question. We should decide what the right thing (TM) is and 
> >> write it down. I, on the contrary, was convinced that it's the way Kumar 
> >> says.
> > 
> > The impression I got was that properties should be prefixed when they're
> > extremely vendor-specific and could clash with a more generic property. I'm not
> > sure that firmware will ever have a generic binding given the variation even in
> > the set of implemented functionality.
> > 
> > I would imagine that there are many ways different firmwares might be
> > versioned, and I can't see version-major or version-minor clashing with a
> > generic property we might add later. However prefixing would not be harmful, so
> > I'm not opposed to it if others want that.
> > 
> > Another option would be to support a fallback compatible list (e.g.
> > "tl,trusted-foundations-${MAJOR}-${MINOR}", "tl,trusted-foundations"), and get
> > versioning information from there. Given that could be painful to handle I
> > don't want to force it if not required.
> > 
> > Thanks,
> > Mark.
> 
> I'm of the opinion that making all vendor specific properties vendor prefixed is the easiest rule of thumb and leaves no gray area to have to argue about.

That would really help all of us to self-police our submissions and
reduce the burden on the DT maintainer team.

-Matt
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ