| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 Apr 2019 14:36:24 +0200
From: Benjamin Gaignard <benjamin.gaignard@...aro.org>
To: Sudeep Holla <sudeep.holla@....com>
Cc: Benjamin Gaignard <benjamin.gaignard@...com>,
Mark Brown <broonie@...nel.org>, Rob Herring <robh@...nel.org>,
Arnd Bergmann <arnd@...db.de>, Shawn Guo <shawnguo@...nel.org>,
s.hauer@...gutronix.de, Fabio Estevam <fabio.estevam@....com>,
Loic PALLARDY <loic.pallardy@...com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
linux-imx@....com, kernel@...gutronix.de,
Linux ARM <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [RESEND PATCH 0/7] Introduce bus domains controller framework
Le lun. 18 mars 2019 à 12:05, Benjamin Gaignard
<benjamin.gaignard@...aro.org> a écrit :
>
> Le lun. 18 mars 2019 à 11:43, Sudeep Holla <sudeep.holla@....com> a écrit :
> >
> > On Mon, Mar 18, 2019 at 11:05:58AM +0100, Benjamin Gaignard wrote:
> > > Bus domains controllers allow to divided system on chip into multiple domains
> > > that can be used to select by who hardware blocks could be accessed.
> > > A domain could be a cluster of CPUs (or coprocessors), a range of addresses or
> > > a group of hardware blocks.
> > >
> > > Framework architecture is inspirated by pinctrl framework:
> > > - a default configuration could be applied before bind the driver
> > > - configurations could be apllied dynamically by drivers
> > > - device node provides the bus domains configurations
> > >
> > > An example of bus domains controller is STM32 ETZPC hardware block
> > > which got 3 domains:
> > > - secure: hardware blocks are only accessible by software running on trust
> > > zone.
> > > - non-secure: hardware blocks are accessible by non-secure software (i.e.
> > > linux kernel).
> > > - coprocessor: hardware blocks are only accessible by the corpocessor.
> > > Up to 94 hardware blocks of the soc could be managed by ETZPC and
> > > assigned to one of the three domains.
> > >
> >
> > You fail to explain why do we need this in non-secure Linux ?
> > You need to have solid reasons as why this can't be done in secure
> > firmware. And yes I mean even on arm32. On platforms with such hardware
> > capabilities you will need some secure firmware to be running and these
> > things can be done there. I don't want this enabled for ARM64 at all,
> > firmware *has to deal* with this.
>
> We use ETZPC to define if hardware blocks can be used by Cortex A7 or Cortex M4
> (both non-secure) on STM32MP1 SoC, this new framework allow to change hardware
> block split at runtime. This could be done even on non-secure world
> because their is
> nothing critical to change hardware blocks users.
> For example you can do "complex" tasks like display pipe configuration
> on Cortex A7
> where linux is running and handover the control of this hardware block
> to Cortex M4 to
> offload drawing on framebuffer.
>
Gentle ping to get more feedback on this series
Benjamin
> Benjamin
>
> >
> > --
> > Regards,
> > Sudeep
Powered by blists - more mailing lists