| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 20 Jun 2020 11:18:52 +0800
From: Neal Liu <neal.liu@...iatek.com>
To: Chun-Kuang Hu <chunkuang.hu@...nel.org>
CC: Rob Herring <robh+dt@...nel.org>,
Matthias Brugger <matthias.bgg@...il.com>,
<devicetree@...r.kernel.org>,
wsd_upstream <wsd_upstream@...iatek.com>,
linux-kernel <linux-kernel@...r.kernel.org>,
"moderated list:ARM/Mediatek SoC support"
<linux-mediatek@...ts.infradead.org>,
Linux ARM <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH v2 2/2] soc: mediatek: devapc: add devapc-mt6873 driver
Hi Chun-Kuang,
Thanks for your quick feedback.
On Sat, 2020-06-20 at 00:25 +0800, Chun-Kuang Hu wrote:
> Hi, Neal:
>
> Neal Liu <neal.liu@...iatek.com> 於 2020年6月19日 週五 下午6:01寫道:
> >
> > MT6873 bus frabric provides TrustZone security support and data
> > protection to prevent slaves from being accessed by unexpected
> > masters.
> > The security violations are logged and sent to the processor for
> > further analysis or countermeasures.
> >
> > Any occurrence of security violation would raise an interrupt, and
> > it will be handled by devapc-mt6873 driver. The violation
> > information is printed in order to find the murderer.
> >
> > Signed-off-by: Neal Liu <neal.liu@...iatek.com>
> > ---
>
> [snip]
>
> > +
> > +/*
> > + * mtk_devapc_pd_get - get devapc pd_types of register address.
> > + *
> > + * Returns the value of reg addr
> > + */
> > +static void __iomem *mtk_devapc_pd_get(struct mtk_devapc_context *devapc_ctx,
> > + int slave_type,
> > + enum DEVAPC_PD_REG_TYPE pd_reg_type,
> > + u32 index)
> > +{
> > + struct mtk_devapc_vio_info *vio_info = devapc_ctx->soc->vio_info;
> > + u32 slave_type_num = devapc_ctx->soc->slave_type_num;
> > + const u32 *devapc_pds = devapc_ctx->soc->devapc_pds;
>
> devapc_pds = mt6873_devapc_pds;
Are you saying all platform related variables & functions should assign
& call it directly in this common flow?
I don't think it's a good idea to go backwards since we already extract
the common out of it.
>
>
> > + void __iomem *reg;
> > +
> > + if (!devapc_pds)
>
> Never happen.
>
> > + return NULL;
> > +
> > + if ((slave_type < slave_type_num &&
> > + index < vio_info->vio_mask_sta_num[slave_type]) &&
> > + pd_reg_type < PD_REG_TYPE_NUM) {
>
> Always true.
>
> > + reg = devapc_ctx->devapc_pd_base[slave_type] +
> > + devapc_pds[pd_reg_type];
> > +
> > + if (pd_reg_type == VIO_MASK || pd_reg_type == VIO_STA)
> > + reg += 0x4 * index;
> > +
> > + } else {
> > + pr_err(PFX "Out Of Boundary, slave_type:0x%x/pd_reg_type:0x%x/index:0x%x\n",
> > + slave_type, pd_reg_type, index);
> > + return NULL;
> > + }
> > +
> > + return reg;
> > +}
> > +
>
> [snip]
>
> > +
> > +/*
> > + * start_devapc - initialize devapc status and start receiving interrupt
> > + * while devapc violation is triggered.
> > + */
> > +static void start_devapc(struct mtk_devapc_context *devapc_ctx)
> > +{
> > + u32 slave_type_num = devapc_ctx->soc->slave_type_num;
> > + const struct mtk_device_info **device_info;
> > + const struct mtk_device_num *ndevices;
> > + void __iomem *pd_vio_shift_sta_reg;
> > + void __iomem *pd_apc_con_reg;
> > + int slave_type, i, vio_idx, index;
> > + u32 vio_shift_sta;
> > +
> > + ndevices = devapc_ctx->soc->ndevices;
>
> ndevices = mtk6873_devices_num;
>
>
> > +
> > + device_info = devapc_ctx->soc->device_info;
> > +
> > + for (slave_type = 0; slave_type < slave_type_num; slave_type++) {
> > + pd_apc_con_reg = mtk_devapc_pd_get(devapc_ctx, slave_type,
> > + APC_CON, 0);
> > + pd_vio_shift_sta_reg = mtk_devapc_pd_get(devapc_ctx, slave_type,
> > + VIO_SHIFT_STA, 0);
> > +
> > + if (!pd_apc_con_reg || !pd_vio_shift_sta_reg || !device_info)
> > + return;
> > +
> > + /* Clear DEVAPC violation status */
> > + writel(BIT(31), pd_apc_con_reg);
> > +
> > + /* Clear violation shift status */
> > + vio_shift_sta = readl(pd_vio_shift_sta_reg);
> > + if (vio_shift_sta)
> > + writel(vio_shift_sta, pd_vio_shift_sta_reg);
> > +
> > + /* Clear type 2 violation status */
> > + check_type2_vio_status(devapc_ctx, slave_type, &vio_idx, &i);
> > +
> > + /* Clear violation status */
> > + for (i = 0; i < ndevices[slave_type].vio_slave_num; i++) {
> > + vio_idx = device_info[slave_type][i].vio_index;
> > + if ((check_vio_status(devapc_ctx, slave_type, vio_idx)
> > + == VIOLATION_TRIGGERED) &&
> > + clear_vio_status(devapc_ctx, slave_type,
> > + vio_idx)) {
> > + pr_warn(PFX "Clear vio status failed, slave_type:0x%x, vio_index:0x%x\n",
> > + slave_type, vio_idx);
> > +
> > + index = i;
> > + mtk_devapc_dump_vio_dbg(devapc_ctx, slave_type,
> > + &vio_idx, &index);
> > + i = index - 1;
> > + }
> > +
> > + mask_module_irq(devapc_ctx, slave_type, vio_idx, false);
> > + }
> > + }
> > +}
> > +
> > +static DEFINE_SPINLOCK(devapc_lock);
>
> Useless, so remove it.
We use devapc_lock in below isr, what do you mean useless?
>
> > +
> > +/*
> > + * devapc_violation_irq - the devapc Interrupt Service Routine (ISR) will dump
> > + * violation information including which master violates
> > + * access slave.
> > + */
> > +static irqreturn_t devapc_violation_irq(int irq_number,
> > + struct mtk_devapc_context *devapc_ctx)
> > +{
> > + u32 slave_type_num = devapc_ctx->soc->slave_type_num;
> > + const struct mtk_device_info **device_info;
> > + struct mtk_devapc_vio_info *vio_info;
> > + int slave_type, vio_idx, index;
> > + const char *vio_master;
> > + unsigned long flags;
> > + u8 perm;
> > +
> > + spin_lock_irqsave(&devapc_lock, flags);
> > +
> > + device_info = devapc_ctx->soc->device_info;
> > + vio_info = devapc_ctx->soc->vio_info;
> > + vio_idx = -1;
> > + index = -1;
> > +
> > + /* There are multiple DEVAPC_PD */
> > + for (slave_type = 0; slave_type < slave_type_num; slave_type++) {
> > + if (!check_type2_vio_status(devapc_ctx, slave_type, &vio_idx,
> > + &index))
> > + if (!mtk_devapc_dump_vio_dbg(devapc_ctx, slave_type,
> > + &vio_idx, &index))
> > + continue;
> > +
> > + /* Ensure that violation info are written before
> > + * further operations
> > + */
> > + smp_mb();
> > +
> > + mask_module_irq(devapc_ctx, slave_type, vio_idx, true);
> > +
> > + clear_vio_status(devapc_ctx, slave_type, vio_idx);
> > +
> > + perm = get_permission(devapc_ctx, slave_type, index,
> > + vio_info->domain_id);
> > +
> > + vio_master = devapc_ctx->soc->master_get
> > + (vio_info->master_id,
> > + vio_info->vio_addr,
> > + slave_type,
> > + vio_info->shift_sta_bit,
> > + vio_info->domain_id);
>
> Call mt6873_bus_id_to_master() directly.
>
> > +
> > + if (!vio_master)
> > + vio_master = "UNKNOWN_MASTER";
> > +
> > + pr_info(PFX "Violation - slave_type:0x%x, sys_index:0x%x, ctrl_index:0x%x, vio_index:0x%x\n",
> > + slave_type,
> > + device_info[slave_type][index].sys_index,
> > + device_info[slave_type][index].ctrl_index,
> > + device_info[slave_type][index].vio_index);
> > +
> > + pr_info(PFX "Violation Master: %s\n", vio_master);
> > +
> > + devapc_vio_reason(perm);
> > +
> > + mask_module_irq(devapc_ctx, slave_type, vio_idx, false);
> > + }
> > +
> > + spin_unlock_irqrestore(&devapc_lock, flags);
> > + return IRQ_HANDLED;
> > +}
> > +
[snip]
Powered by blists - more mailing lists