lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 9 Dec 2019 15:51:04 +0100
From:   Tobias Schramm <t.schramm@...jaro.org>
To:     Peter Geis <pgwipeout@...il.com>,
        Robin Murphy <robin.murphy@....com>
Cc:     Anand Moon <linux.amoon@...il.com>,
        Rob Herring <robh+dt@...nel.org>,
        Mark Rutland <mark.rutland@....com>,
        Heiko Stuebner <heiko@...ech.de>,
        Jagan Teki <jagan@...rulasolutions.com>,
        Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org>,
        Daniel Schultz <d.schultz@...tec.de>,
        devicetree@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-arm-kernel@...ts.infradead.org,
        "open list:ARM/Rockchip SoC..." <linux-rockchip@...ts.infradead.org>
Subject: Re: [RFCv1 0/8] RK3399 clean shutdown issue

Hi,

> On Mon, Dec 9, 2019 at 8:29 AM Robin Murphy <robin.murphy@....com> wrote:
>> On 06/12/2019 6:45 pm, Anand Moon wrote:
>>> Most of the RK3399 SBC boards do not perform clean
>>> shutdown and clean reboot.
>> FWIW reboot problems on RK3399 have been tracked down to issues in
>> upstream ATF, and are unrelated to the PMIC.
>>
>>> These patches try to help resolve the issue with proper
>>> shutdown by turning off the PMIC.
>> As mentioned elsewhere[1], although this is what the BSP kernel seems to
>> do, and in practice it's unlikely to matter for the majority of devboard
>> users like you and me, I still feel a bit uncomfortable with this
>> solution for systems using ATF as in principle the secure world might
>> want to know about orderly shutdowns, and this effectively makes every
>> shutdown an unexpected power loss from secure software's point of view.
>>
>> Robin.
> Since ATF is operating completely in volatile memory, and shouldn't be
> touching hardware once it passes off control to the kernel anyways,
> what is the harm of pulling the rug out from under it?
> If this idea is to prevent issues in the future, such as if ATF does
> gain the ability to preempt hardware control, then at that time ATF
> will need to be able to handle actually powering off devices using the
> same functionality.

As far as I know ATF implements PSCI, doesn't it? Thus I would assume 
that it should most definitely handle power off for all platforms as 
indicated by the presence of platform handlers in [1].

> But as we discussed previously, ATF doesn't have this capability, so
> in this case any board without a dedicated power-off gpio will be
> unable to power off at all.
> Also it seems that giving ATF this functionality, with the current
> state of ATF, would be cost prohibitive.
>
> I personally feel that allowing the kernel to do this is a solution to
> the problem we have now.

Maybe I'm missing something here but I'd suggest that implementing an 
i2c driver in the rockchip platform part of ATF using libfdt to find the 
PMIC from the devicetree would be the way to go.

[1] 
https://github.com/ARM-software/arm-trusted-firmware/blob/master/lib/psci/psci_system_off.c#L31

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ