| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 7 Nov 2018 21:44:52 -0800
From: Bjorn Andersson <bjorn.andersson@...aro.org>
To: Stephen Boyd <swboyd@...omium.org>
Cc: Stephen Boyd <sboyd@...nel.org>,
Michael Turquette <mturquette@...libre.com>,
linux-kernel@...r.kernel.org, linux-clk@...r.kernel.org,
linux-arm-msm@...r.kernel.org, devicetree@...r.kernel.org,
Rob Herring <robh+dt@...nel.org>,
Taniya Das <tdas@...eaurora.org>
Subject: Re: [PATCH 1/2] dt-bindings: clk: Introduce 'protected-clocks'
property
On Mon 05 Nov 17:04 PST 2018, Bjorn Andersson wrote:
> On Mon 05 Nov 11:40 PST 2018, Stephen Boyd wrote:
>
> > Add a generic clk property for clks which are not intended to be used by
> > the OS due to security restrictions put in place by firmware. For
> > example, on some Qualcomm firmwares reading or writing certain clk
> > registers causes the entire system to reboot, but on other firmwares
> > reading and writing those same registers is required to make devices
> > like QSPI work. Rather than adding one-off properties each time a new
> > set of clks appears to be protected, let's add a generic clk property to
> > describe any set of clks that shouldn't be touched by the OS. This way
> > we never need to register the clks or use them in certain firmware
> > configurations.
> >
> > Cc: Rob Herring <robh+dt@...nel.org>
> > Cc: Bjorn Andersson <bjorn.andersson@...aro.org>
>
> Reviewed-by: Bjorn Andersson <bjorn.andersson@...aro.org>
>
Gave this some additional thought. The way this is blacklisting
protected clocks makes it impossible to be backwards compatible with an
older DT while adding new protected clocks to an existing driver.
I don't have better suggestion for handling this and the problem should
primarily be isolated to the beginning of the upstream life of a
platform, so perhaps we can just ignore this issue?
Regards,
Bjorn
> Regards,
> Bjorn
>
> > Cc: Taniya Das <tdas@...eaurora.org>
> > Signed-off-by: Stephen Boyd <swboyd@...omium.org>
> > ---
> > .../devicetree/bindings/clock/clock-bindings.txt | 16 ++++++++++++++++
> > 1 file changed, 16 insertions(+)
> >
> > diff --git a/Documentation/devicetree/bindings/clock/clock-bindings.txt b/Documentation/devicetree/bindings/clock/clock-bindings.txt
> > index 2ec489eebe72..b646bbcf7f92 100644
> > --- a/Documentation/devicetree/bindings/clock/clock-bindings.txt
> > +++ b/Documentation/devicetree/bindings/clock/clock-bindings.txt
> > @@ -168,3 +168,19 @@ a shared clock is forbidden.
> >
> > Configuration of common clocks, which affect multiple consumer devices can
> > be similarly specified in the clock provider node.
> > +
> > +==Protected clocks==
> > +
> > +Some platforms or firmwares may not fully expose all the clocks to the OS, such
> > +as in situations where those clks are used by drivers running in ARM secure
> > +execution levels. Such a configuration can be specified in device tree with the
> > +protected-clocks property in the form of a clock specifier list. This property should
> > +only be specified in the node that is providing the clocks being protected:
> > +
> > + clock-controller@...0f000 {
> > + compatible = "vendor,clk95;
> > + reg = <0xa000f000 0x1000>
> > + #clocks-cells = <1>;
> > + ...
> > + protected-clocks = <UART3_CLK>, <SPI5_CLK>;
> > + };
> > --
> > Sent by a computer through tubes
> >
Powered by blists - more mailing lists