lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 25 Apr 2019 19:01:35 +0100
From:   Mark Brown <broonie@...nel.org>
To:     Benjamin GAIGNARD <benjamin.gaignard@...com>
Cc:     Sudeep Holla <sudeep.holla@....com>,
        Benjamin Gaignard <benjamin.gaignard@...aro.org>,
        Rob Herring <robh@...nel.org>, Arnd Bergmann <arnd@...db.de>,
        Shawn Guo <shawnguo@...nel.org>,
        "s.hauer@...gutronix.de" <s.hauer@...gutronix.de>,
        Fabio Estevam <fabio.estevam@....com>,
        Loic PALLARDY <loic.pallardy@...com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        "linux-imx@....com" <linux-imx@....com>,
        "kernel@...gutronix.de" <kernel@...gutronix.de>,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [RESEND PATCH 0/7] Introduce bus domains controller framework

On Tue, Apr 23, 2019 at 02:17:23PM +0000, Benjamin GAIGNARD wrote:
> On 4/23/19 3:55 PM, Sudeep Holla wrote:

> > The above statement makes me wonder if Cortex-M4 firmware is really
> > non-secure, if so why does it need such an isolation from other masters
> > like Cortex-A7. For me Cortex-M4 is secure and Cortex-A7 can execute
> > in non-secure hence Cortex-M4 needs to be isolated from Cortex-A7 as
> > mentioned in the above excerpts from the datasheet.

> Cortex-M4 firmware is non-secure, it could be a free RTOS.
> ETZPC doesn't isolate Cortex M4 or A7 but control which of them have 
> access to hardware blocks.
> For example ETZPC controls if M4 or A7 can have access to I2C hardware 
> blocks. The goal is to make sure
> firmware running on each side don't use the hardware blocks of the other 
> side.

The goal AIUI is mainly for robustness rather than security - trying to
mitigate against any bugs that might happen, making them more apparent
during development and mititgating their impact if they slip through.

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists