lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1592623132.15277.7.camel@mtkswgap22>
Date:   Sat, 20 Jun 2020 11:18:52 +0800
From:   Neal Liu <neal.liu@...iatek.com>
To:     Chun-Kuang Hu <chunkuang.hu@...nel.org>
CC:     Rob Herring <robh+dt@...nel.org>,
        Matthias Brugger <matthias.bgg@...il.com>,
        <devicetree@...r.kernel.org>,
        wsd_upstream <wsd_upstream@...iatek.com>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        "moderated list:ARM/Mediatek SoC support" 
        <linux-mediatek@...ts.infradead.org>,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH v2 2/2] soc: mediatek: devapc: add devapc-mt6873 driver

Hi Chun-Kuang,

Thanks for your quick feedback.

On Sat, 2020-06-20 at 00:25 +0800, Chun-Kuang Hu wrote:
> Hi, Neal:
> 
> Neal Liu <neal.liu@...iatek.com> 於 2020年6月19日 週五 下午6:01寫道:
> >
> > MT6873 bus frabric provides TrustZone security support and data
> > protection to prevent slaves from being accessed by unexpected
> > masters.
> > The security violations are logged and sent to the processor for
> > further analysis or countermeasures.
> >
> > Any occurrence of security violation would raise an interrupt, and
> > it will be handled by devapc-mt6873 driver. The violation
> > information is printed in order to find the murderer.
> >
> > Signed-off-by: Neal Liu <neal.liu@...iatek.com>
> > ---
> 
> [snip]
> 
> > +
> > +/*
> > + * mtk_devapc_pd_get - get devapc pd_types of register address.
> > + *
> > + * Returns the value of reg addr
> > + */
> > +static void __iomem *mtk_devapc_pd_get(struct mtk_devapc_context *devapc_ctx,
> > +                                      int slave_type,
> > +                                      enum DEVAPC_PD_REG_TYPE pd_reg_type,
> > +                                      u32 index)
> > +{
> > +       struct mtk_devapc_vio_info *vio_info = devapc_ctx->soc->vio_info;
> > +       u32 slave_type_num = devapc_ctx->soc->slave_type_num;
> > +       const u32 *devapc_pds = devapc_ctx->soc->devapc_pds;
> 
> devapc_pds = mt6873_devapc_pds;

Are you saying all platform related variables & functions should assign
& call it directly in this common flow?
I don't think it's a good idea to go backwards since we already extract
the common out of it.

> 
> 
> > +       void __iomem *reg;
> > +
> > +       if (!devapc_pds)
> 
> Never happen.
> 
> > +               return NULL;
> > +
> > +       if ((slave_type < slave_type_num &&
> > +            index < vio_info->vio_mask_sta_num[slave_type]) &&
> > +           pd_reg_type < PD_REG_TYPE_NUM) {
> 
> Always true.
> 
> > +               reg = devapc_ctx->devapc_pd_base[slave_type] +
> > +                       devapc_pds[pd_reg_type];
> > +
> > +               if (pd_reg_type == VIO_MASK || pd_reg_type == VIO_STA)
> > +                       reg += 0x4 * index;
> > +
> > +       } else {
> > +               pr_err(PFX "Out Of Boundary, slave_type:0x%x/pd_reg_type:0x%x/index:0x%x\n",
> > +                      slave_type, pd_reg_type, index);
> > +               return NULL;
> > +       }
> > +
> > +       return reg;
> > +}
> > +
> 
> [snip]
> 
> > +
> > +/*
> > + * start_devapc - initialize devapc status and start receiving interrupt
> > + *               while devapc violation is triggered.
> > + */
> > +static void start_devapc(struct mtk_devapc_context *devapc_ctx)
> > +{
> > +       u32 slave_type_num = devapc_ctx->soc->slave_type_num;
> > +       const struct mtk_device_info **device_info;
> > +       const struct mtk_device_num *ndevices;
> > +       void __iomem *pd_vio_shift_sta_reg;
> > +       void __iomem *pd_apc_con_reg;
> > +       int slave_type, i, vio_idx, index;
> > +       u32 vio_shift_sta;
> > +
> > +       ndevices = devapc_ctx->soc->ndevices;
> 
> ndevices = mtk6873_devices_num;
> 
> 
> > +
> > +       device_info = devapc_ctx->soc->device_info;
> > +
> > +       for (slave_type = 0; slave_type < slave_type_num; slave_type++) {
> > +               pd_apc_con_reg = mtk_devapc_pd_get(devapc_ctx, slave_type,
> > +                                                  APC_CON, 0);
> > +               pd_vio_shift_sta_reg = mtk_devapc_pd_get(devapc_ctx, slave_type,
> > +                                                        VIO_SHIFT_STA, 0);
> > +
> > +               if (!pd_apc_con_reg || !pd_vio_shift_sta_reg || !device_info)
> > +                       return;
> > +
> > +               /* Clear DEVAPC violation status */
> > +               writel(BIT(31), pd_apc_con_reg);
> > +
> > +               /* Clear violation shift status */
> > +               vio_shift_sta = readl(pd_vio_shift_sta_reg);
> > +               if (vio_shift_sta)
> > +                       writel(vio_shift_sta, pd_vio_shift_sta_reg);
> > +
> > +               /* Clear type 2 violation status */
> > +               check_type2_vio_status(devapc_ctx, slave_type, &vio_idx, &i);
> > +
> > +               /* Clear violation status */
> > +               for (i = 0; i < ndevices[slave_type].vio_slave_num; i++) {
> > +                       vio_idx = device_info[slave_type][i].vio_index;
> > +                       if ((check_vio_status(devapc_ctx, slave_type, vio_idx)
> > +                                             == VIOLATION_TRIGGERED) &&
> > +                            clear_vio_status(devapc_ctx, slave_type,
> > +                                             vio_idx)) {
> > +                               pr_warn(PFX "Clear vio status failed, slave_type:0x%x, vio_index:0x%x\n",
> > +                                       slave_type, vio_idx);
> > +
> > +                               index = i;
> > +                               mtk_devapc_dump_vio_dbg(devapc_ctx, slave_type,
> > +                                                       &vio_idx, &index);
> > +                               i = index - 1;
> > +                       }
> > +
> > +                       mask_module_irq(devapc_ctx, slave_type, vio_idx, false);
> > +               }
> > +       }
> > +}
> > +
> > +static DEFINE_SPINLOCK(devapc_lock);
> 
> Useless, so remove it.

We use devapc_lock in below isr, what do you mean useless?

> 
> > +
> > +/*
> > + * devapc_violation_irq - the devapc Interrupt Service Routine (ISR) will dump
> > + *                       violation information including which master violates
> > + *                       access slave.
> > + */
> > +static irqreturn_t devapc_violation_irq(int irq_number,
> > +                                       struct mtk_devapc_context *devapc_ctx)
> > +{
> > +       u32 slave_type_num = devapc_ctx->soc->slave_type_num;
> > +       const struct mtk_device_info **device_info;
> > +       struct mtk_devapc_vio_info *vio_info;
> > +       int slave_type, vio_idx, index;
> > +       const char *vio_master;
> > +       unsigned long flags;
> > +       u8 perm;
> > +
> > +       spin_lock_irqsave(&devapc_lock, flags);
> > +
> > +       device_info = devapc_ctx->soc->device_info;
> > +       vio_info = devapc_ctx->soc->vio_info;
> > +       vio_idx = -1;
> > +       index = -1;
> > +
> > +       /* There are multiple DEVAPC_PD */
> > +       for (slave_type = 0; slave_type < slave_type_num; slave_type++) {
> > +               if (!check_type2_vio_status(devapc_ctx, slave_type, &vio_idx,
> > +                                           &index))
> > +                       if (!mtk_devapc_dump_vio_dbg(devapc_ctx, slave_type,
> > +                                                    &vio_idx, &index))
> > +                               continue;
> > +
> > +               /* Ensure that violation info are written before
> > +                * further operations
> > +                */
> > +               smp_mb();
> > +
> > +               mask_module_irq(devapc_ctx, slave_type, vio_idx, true);
> > +
> > +               clear_vio_status(devapc_ctx, slave_type, vio_idx);
> > +
> > +               perm = get_permission(devapc_ctx, slave_type, index,
> > +                                     vio_info->domain_id);
> > +
> > +               vio_master = devapc_ctx->soc->master_get
> > +                       (vio_info->master_id,
> > +                        vio_info->vio_addr,
> > +                        slave_type,
> > +                        vio_info->shift_sta_bit,
> > +                        vio_info->domain_id);
> 
> Call mt6873_bus_id_to_master() directly.
> 
> > +
> > +               if (!vio_master)
> > +                       vio_master = "UNKNOWN_MASTER";
> > +
> > +               pr_info(PFX "Violation - slave_type:0x%x, sys_index:0x%x, ctrl_index:0x%x, vio_index:0x%x\n",
> > +                       slave_type,
> > +                       device_info[slave_type][index].sys_index,
> > +                       device_info[slave_type][index].ctrl_index,
> > +                       device_info[slave_type][index].vio_index);
> > +
> > +               pr_info(PFX "Violation Master: %s\n", vio_master);
> > +
> > +               devapc_vio_reason(perm);
> > +
> > +               mask_module_irq(devapc_ctx, slave_type, vio_idx, false);
> > +       }
> > +
> > +       spin_unlock_irqrestore(&devapc_lock, flags);
> > +       return IRQ_HANDLED;
> > +}
> > +

[snip]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ