| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 Oct 2013 14:39:37 -0400
From: Matt Porter <matt.porter@...aro.org>
To: Kumar Gala <galak@...eaurora.org>
Cc: Mark Rutland <mark.rutland@....com>,
"devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
Kevin Hilman <khilman@...aro.org>,
Russell King <linux@....linux.org.uk>,
Arnd Bergmann <arnd@...db.de>, Pawel Moll <Pawel.Moll@....com>,
Stephen Warren <swarren@...dotorg.org>,
Tomasz Figa <t.figa@...sung.com>,
Ian Campbell <ijc+devicetree@...lion.org.uk>,
Tomasz Figa <tomasz.figa@...il.com>,
"rob.herring@...xeda.com" <rob.herring@...xeda.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-tegra@...r.kernel.org" <linux-tegra@...r.kernel.org>,
Alexandre Courbot <acourbot@...dia.com>,
Olof Johansson <olof@...om.net>,
Dave P Martin <Dave.Martin@....com>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH v9 1/5] ARM: add basic support for Trusted Foundations
On Tue, Oct 29, 2013 at 03:12:05AM -0500, Kumar Gala wrote:
>
> On Oct 28, 2013, at 7:25 PM, Mark Rutland wrote:
>
> > On Mon, Oct 28, 2013 at 11:31:36PM +0000, Tomasz Figa wrote:
> >> On Monday 28 of October 2013 14:56:49 Olof Johansson wrote:
> >>> On Mon, Oct 28, 2013 at 05:57:04AM -0500, Kumar Gala wrote:
> >>>> On Oct 28, 2013, at 5:28 AM, Alexandre Courbot wrote:
> >>>>> Trusted Foundations is a TrustZone-based secure monitor for ARM that
> >>>>> can be invoked using the same SMC-based API on all supported
> >>>>> platforms. This patch adds initial basic support for Trusted
> >>>>> Foundations using the ARM firmware API. Current features are limited
> >>>>> to the ability to boot secondary processors.
> >>>>>
> >>>>> Note: The API followed by Trusted Foundations does *not* follow the
> >>>>> SMC
> >>>>> calling conventions. It has nothing to do with PSCI neither and is
> >>>>> only
> >>>>> relevant to devices that use Trusted Foundations (like most
> >>>>> Tegra-based
> >>>>> retail devices).
> >>>>>
> >>>>> Signed-off-by: Alexandre Courbot <acourbot@...dia.com>
> >>>>> Reviewed-by: Tomasz Figa <t.figa@...sung.com>
> >>>>> Reviewed-by: Stephen Warren <swarren@...dia.com>
> >>>>> ---
> >>>>> .../arm/firmware/tl,trusted-foundations.txt | 20 ++++++
> >>>>> .../devicetree/bindings/vendor-prefixes.txt | 1 +
> >>>>> arch/arm/Kconfig | 2 +
> >>>>> arch/arm/Makefile | 1 +
> >>>>> arch/arm/firmware/Kconfig | 28 ++++++++
> >>>>> arch/arm/firmware/Makefile | 1 +
> >>>>> arch/arm/firmware/trusted_foundations.c | 79
> >>>>> ++++++++++++++++++++++ arch/arm/include/asm/trusted_foundations.h
> >>>>> | 67 ++++++++++++++++++ 8 files changed, 199 insertions(+)
> >>>>> create mode 100644
> >>>>> Documentation/devicetree/bindings/arm/firmware/tl,trusted-foundatio
> >>>>> ns.txt create mode 100644 arch/arm/firmware/Kconfig
> >>>>> create mode 100644 arch/arm/firmware/Makefile
> >>>>> create mode 100644 arch/arm/firmware/trusted_foundations.c
> >>>>> create mode 100644 arch/arm/include/asm/trusted_foundations.h
> >>>>>
> >>>>> diff --git
> >>>>> a/Documentation/devicetree/bindings/arm/firmware/tl,trusted-foundat
> >>>>> ions.txt
> >>>>> b/Documentation/devicetree/bindings/arm/firmware/tl,trusted-foundat
> >>>>> ions.txt new file mode 100644
> >>>>> index 0000000..2ec75c9
> >>>>> --- /dev/null
> >>>>> +++
> >>>>> b/Documentation/devicetree/bindings/arm/firmware/tl,trusted-foundat
> >>>>> ions.txt @@ -0,0 +1,20 @@
> >>>>> +Trusted Foundations
> >>>>> +-------------------
> >>>>> +
> >>>>> +Boards that use the Trusted Foundations secure monitor can signal
> >>>>> its
> >>>>> +presence by declaring a node compatible with
> >>>>> "tl,trusted-foundations"
> >>>>> +under the /firmware/ node
> >>>>> +
> >>>>> +Required properties:
> >>>>> +- compatible : "tl,trusted-foundations"
> >>>>> +- version-major : major version number of Trusted Foundations
> >>>>> firmware
> >>>>> +- version-minor: minor version number of Trusted Foundations
> >>>>> firmware
> >>>>
> >>>> vendor prefix version.
> >>>
> >>> Are you saying he should use tl,version-major tl,version-minor? For
> >>> bindings that are already vendor-specific we haven't (on ARM) asked for
> >>> vendor prefix on properties. It doesn't mean that we should keep going
> >>> down that route though, so I'm just asking for clarification for my own
> >>> edification. :)
> >>
> >> This is a good question. We should decide what the right thing (TM) is and
> >> write it down. I, on the contrary, was convinced that it's the way Kumar
> >> says.
> >
> > The impression I got was that properties should be prefixed when they're
> > extremely vendor-specific and could clash with a more generic property. I'm not
> > sure that firmware will ever have a generic binding given the variation even in
> > the set of implemented functionality.
> >
> > I would imagine that there are many ways different firmwares might be
> > versioned, and I can't see version-major or version-minor clashing with a
> > generic property we might add later. However prefixing would not be harmful, so
> > I'm not opposed to it if others want that.
> >
> > Another option would be to support a fallback compatible list (e.g.
> > "tl,trusted-foundations-${MAJOR}-${MINOR}", "tl,trusted-foundations"), and get
> > versioning information from there. Given that could be painful to handle I
> > don't want to force it if not required.
> >
> > Thanks,
> > Mark.
>
> I'm of the opinion that making all vendor specific properties vendor prefixed is the easiest rule of thumb and leaves no gray area to have to argue about.
That would really help all of us to self-police our submissions and
reduce the burden on the DT maintainer team.
-Matt
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists