| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 28 Jan 2020 20:06:08 +0000
From: Benjamin GAIGNARD <benjamin.gaignard@...com>
To: Sudeep Holla <sudeep.holla@....com>
CC: "broonie@...nel.org" <broonie@...nel.org>,
"robh@...nel.org" <robh@...nel.org>,
"arnd@...db.de" <arnd@...db.de>,
"shawnguo@...nel.org" <shawnguo@...nel.org>,
"s.hauer@...gutronix.de" <s.hauer@...gutronix.de>,
"fabio.estevam@....com" <fabio.estevam@....com>,
"lkml@...ux.net" <lkml@...ux.net>,
Loic PALLARDY <loic.pallardy@...com>,
"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-imx@....com" <linux-imx@....com>,
"kernel@...gutronix.de" <kernel@...gutronix.de>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>,
"devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
"system-dt@...ts.openampproject.org"
<system-dt@...ts.openampproject.org>,
"stefano.stabellini@...inx.com" <stefano.stabellini@...inx.com>,
Mark Rutland <mark.rutland@....com>,
"Robin.Murphy@....com" <Robin.Murphy@....com>
Subject: Re: [PATCH v2 0/7] Introduce bus firewall controller framework
On 1/28/20 6:17 PM, Sudeep Holla wrote:
> On Tue, Jan 28, 2020 at 04:46:41PM +0000, Benjamin GAIGNARD wrote:
>> On 1/28/20 5:36 PM, Sudeep Holla wrote:
>>> On Tue, Jan 28, 2020 at 04:37:59PM +0100, Benjamin Gaignard wrote:
>>>> Bus firewall framework aims to provide a kernel API to set the configuration
>>>> of the harware blocks in charge of busses access control.
>>>>
>>>> Framework architecture is inspirated by pinctrl framework:
>>>> - a default configuration could be applied before bind the driver.
>>>> If a configuration could not be applied the driver is not bind
>>>> to avoid doing accesses on prohibited regions.
>>>> - configurations could be apllied dynamically by drivers.
>>>> - device node provides the bus firewall configurations.
>>>>
>>>> An example of bus firewall controller is STM32 ETZPC hardware block
>>>> which got 3 possible configurations:
>>>> - trust: hardware blocks are only accessible by software running on trust
>>>> zone (i.e op-tee firmware).
>>>> - non-secure: hardware blocks are accessible by non-secure software (i.e.
>>>> linux kernel).
>>>> - coprocessor: hardware blocks are only accessible by the coprocessor.
>>>> Up to 94 hardware blocks of the soc could be managed by ETZPC.
>>>>
>>> /me confused. Is ETZPC accessible from the non-secure kernel space to
>>> begin with ? If so, is it allowed to configure hardware blocks as secure
>>> or trusted ? I am failing to understand the overall design of a system
>>> with ETZPC controller.
>> Non-secure kernel could read the values set in ETZPC, if it doesn't match
>> with what is required by the device node the driver won't be probed.
>>
> OK, but I was under the impression that it was made clear that Linux is
> not firmware validation suite. The firmware need to ensure all the devices
> that are not accessible in the Linux kernel are marked as disabled and
> this needs to happen before entering the kernel. So if this is what this
> patch series achieves, then there is no need for it. Please stop pursuing
> this any further or provide any other reasons(if any) to have it. Until
> you have other reasons, NACK for this series.
No it doesn't disable the nodes.
When the firmware disable a node before the kernel that means it change
the DTB and that is a problem when you want to sign it. With my proposal
the DTB remains the same.
>
> Note you haven't cc-ed 2 people who has comments earlier[1][2]
I will cc them, thanks
> --
> Regards,
> Sudeep
>
> [1] https://lkml.org/lkml/2018/2/27/512
> [2] https://lkml.org/lkml/2018/2/27/598
Powered by blists - more mailing lists