lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sun, 14 Jun 2020 11:26:21 +0800
From:   Chun-Kuang Hu <chunkuang.hu@...nel.org>
To:     Neal Liu <neal.liu@...iatek.com>
Cc:     Rob Herring <robh+dt@...nel.org>,
        Matthias Brugger <matthias.bgg@...il.com>,
        devicetree@...r.kernel.org,
        wsd_upstream <wsd_upstream@...iatek.com>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        "moderated list:ARM/Mediatek SoC support" 
        <linux-mediatek@...ts.infradead.org>,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH 2/2] soc: mediatek: devapc: add devapc-mt6873 driver

Hi, Neal:

Neal Liu <neal.liu@...iatek.com> 於 2020年6月9日 週二 下午6:25寫道:
>
> MT6873 bus frabric provides TrustZone security support and data
> protection to prevent slaves from being accessed by unexpected
> masters.
> The security violations are logged and sent to the processor for
> further analysis or countermeasures.
>
> Any occurrence of security violation would raise an interrupt, and
> it will be handled by devapc-mt6873 driver. The violation
> information is printed in order to find the murderer.
>
> Signed-off-by: Neal Liu <neal.liu@...iatek.com>
> ---

[snip]

> +
> +       /* 50 */
> +       {-1, -1, 50, "OOB_way_en", true},
> +       {-1, -1, 51, "OOB_way_en", true},
> +       {-1, -1, 52, "OOB_way_en", true},
> +       {-1, -1, 53, "OOB_way_en", true},
> +       {-1, -1, 54, "OOB_way_en", true},
> +       {-1, -1, 55, "OOB_way_en", true},
> +       {-1, -1, 56, "Decode_error", true},
> +       {-1, -1, 57, "Decode_error", true},
> +       {-1, -1, 58, "DISP_PWM", false},
> +       {-1, -1, 59, "IMP_IIC_WRAP", false},
> +
> +       /* 60 */
> +       {-1, -1, 60, "DEVICE_APC_PERI_PAR__AO", false},
> +       {-1, -1, 61, "DEVICE_APC_PERI_PAR_PDN", false},

You does not process the item whose enable_vio_irq is false, so I
think you should remove these items and remove enable_vio_irq because
the rest item's enable_vio_irq would always be true.

> +};
> +
> +static struct mtk_device_num mtk6873_devices_num[] = {
> +       {SLAVE_TYPE_INFRA, VIO_SLAVE_NUM_INFRA},
> +       {SLAVE_TYPE_PERI, VIO_SLAVE_NUM_PERI},
> +       {SLAVE_TYPE_PERI2, VIO_SLAVE_NUM_PERI2},
> +       {SLAVE_TYPE_PERI_PAR, VIO_SLAVE_NUM_PERI_PAR},
> +};
> +
> +static struct PERIAXI_ID_INFO peri_mi_id_to_master[] = {
> +       {"THERM2",       { 0, 0, 0 } },
> +       {"SPM",          { 0, 1, 0 } },
> +       {"CCU",          { 0, 0, 1 } },
> +       {"THERM",        { 0, 1, 1 } },
> +       {"SPM_DRAMC",    { 1, 1, 0 } },

The bits { 1, 1, 0 } equal to a number 0x3, I thiink you should use a
number instead of bits and everything would be more easy.

> +};
> +

[snip]

> +
> +/*
> + * mtk_devapc_vio_check - check violation shift status is raised or not.
> + *
> + * Returns the value of violation shift status reg
> + */
> +static void mtk_devapc_vio_check(int slave_type, int *shift_bit)
> +{
> +       u32 slave_type_num = mtk_devapc_ctx->soc->slave_type_num;
> +       struct mtk_devapc_vio_info *vio_info;
> +       u32 vio_shift_sta;
> +       int i;
> +
> +       if (slave_type >= slave_type_num) {

This never happen, so remove it.

> +               pr_err(PFX "%s: param check failed, %s:0x%x\n",
> +                      __func__, "slave_type", slave_type);
> +               return;
> +       }
> +
> +       vio_info = mtk_devapc_ctx->soc->vio_info;
> +       vio_shift_sta = readl(mtk_devapc_pd_get(slave_type, VIO_SHIFT_STA, 0));
> +
> +       if (!vio_shift_sta) {
> +               pr_info(PFX "violation is triggered before. %s:0x%x\n",
> +                       "shift_bit", *shift_bit);
> +
> +       } else if (vio_shift_sta & (0x1UL << *shift_bit)) {
> +               pr_debug(PFX "%s: 0x%x is matched with %s:%d\n",
> +                        "vio_shift_sta", vio_shift_sta,
> +                        "shift_bit", *shift_bit);
> +
> +       } else {
> +               pr_info(PFX "%s: 0x%x is not matched with %s:%d\n",
> +                       "vio_shift_sta", vio_shift_sta,
> +                       "shift_bit", *shift_bit);
> +
> +               for (i = 0; i < MOD_NO_IN_1_DEVAPC * 2; i++) {
> +                       if (vio_shift_sta & (0x1 << i)) {
> +                               *shift_bit = i;
> +                               break;
> +                       }
> +               }
> +       }
> +
> +       vio_info->shift_sta_bit = *shift_bit;
> +}
> +
> +static void devapc_extract_vio_dbg(int slave_type)
> +{
> +       u32 slave_type_num = mtk_devapc_ctx->soc->slave_type_num;
> +       void __iomem *vio_dbg0_reg, *vio_dbg1_reg, *vio_dbg2_reg;
> +       const struct mtk_infra_vio_dbg_desc *vio_dbgs;
> +       struct mtk_devapc_vio_info *vio_info;
> +       u32 dbg0;
> +
> +       if (slave_type >= slave_type_num) {

Ditto.

Regards,
Chun-Kuang.

> +               pr_err(PFX "%s: param check failed, %s:0x%x\n",
> +                      __func__, "slave_type", slave_type);
> +               return;
> +       }
> +
> +       vio_dbg0_reg = mtk_devapc_pd_get(slave_type, VIO_DBG0, 0);
> +       vio_dbg1_reg = mtk_devapc_pd_get(slave_type, VIO_DBG1, 0);
> +       vio_dbg2_reg = mtk_devapc_pd_get(slave_type, VIO_DBG2, 0);
> +
> +       vio_dbgs = mtk_devapc_ctx->soc->vio_dbgs;
> +       vio_info = mtk_devapc_ctx->soc->vio_info;
> +
> +       /* Extract violation information */
> +       dbg0 = readl(vio_dbg0_reg);
> +       vio_info->master_id = readl(vio_dbg1_reg);
> +       vio_info->vio_addr = readl(vio_dbg2_reg);
> +
> +       vio_info->domain_id = (dbg0 & vio_dbgs->vio_dbg_dmnid)
> +               >> vio_dbgs->vio_dbg_dmnid_start_bit;
> +       vio_info->write = ((dbg0 & vio_dbgs->vio_dbg_w_vio)
> +                       >> vio_dbgs->vio_dbg_w_vio_start_bit) == 1;
> +       vio_info->read = ((dbg0 & vio_dbgs->vio_dbg_r_vio)
> +                       >> vio_dbgs->vio_dbg_r_vio_start_bit) == 1;
> +       vio_info->vio_addr_high = (dbg0 & vio_dbgs->vio_addr_high)
> +               >> vio_dbgs->vio_addr_high_start_bit;
> +
> +       devapc_vio_info_print();
> +}
> +
> +/*

Powered by blists - more mailing lists