| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 25 Jun 2020 14:19:02 +0800
From: Chun-Kuang Hu <chunkuang.hu@...nel.org>
To: Neal Liu <neal.liu@...iatek.com>
Cc: Rob Herring <robh+dt@...nel.org>,
Matthias Brugger <matthias.bgg@...il.com>,
devicetree@...r.kernel.org,
wsd_upstream <wsd_upstream@...iatek.com>,
linux-kernel <linux-kernel@...r.kernel.org>,
"moderated list:ARM/Mediatek SoC support"
<linux-mediatek@...ts.infradead.org>,
Linux ARM <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH v2 2/2] soc: mediatek: devapc: add devapc-mt6873 driver
Hi, Neal:
Neal Liu <neal.liu@...iatek.com> 於 2020年6月19日 週五 下午6:01寫道:
>
> MT6873 bus frabric provides TrustZone security support and data
> protection to prevent slaves from being accessed by unexpected
> masters.
> The security violations are logged and sent to the processor for
> further analysis or countermeasures.
>
> Any occurrence of security violation would raise an interrupt, and
> it will be handled by devapc-mt6873 driver. The violation
> information is printed in order to find the murderer.
>
> Signed-off-by: Neal Liu <neal.liu@...iatek.com>
> ---
[snip]
> +
> +/*
> + * sramrom_vio_handler - clean sramrom violation & print violation information
> + * for debugging.
> + */
> +static void sramrom_vio_handler(struct mtk_devapc_context *devapc_ctx)
> +{
> + const struct mtk_sramrom_sec_vio_desc *sramrom_vios;
> + struct mtk_devapc_vio_info *vio_info;
> + struct arm_smccc_res res;
> + size_t sramrom_vio_sta;
> + int sramrom_vio;
> + u32 rw;
> +
> + sramrom_vios = devapc_ctx->soc->sramrom_sec_vios;
> + vio_info = devapc_ctx->soc->vio_info;
> +
> + arm_smccc_smc(MTK_SIP_KERNEL_CLR_SRAMROM_VIO,
> + 0, 0, 0, 0, 0, 0, 0, &res);
> +
This irq handler call arm_smccc_smc() to get into TrustZone, why not
let the whole irq handler in TrustZone?
Regards,
Chun-Kuang.
> + sramrom_vio = res.a0;
> + sramrom_vio_sta = res.a1;
> + vio_info->vio_addr = res.a2;
> +
> + if (sramrom_vio == SRAM_VIOLATION)
> + pr_info(PFX "SRAM violation is triggered\n");
> + else if (sramrom_vio == ROM_VIOLATION)
> + pr_info(PFX "ROM violation is triggered\n");
> + else
> + return;
> +
> + vio_info->master_id = (sramrom_vio_sta & sramrom_vios->vio_id_mask)
> + >> sramrom_vios->vio_id_shift;
> + vio_info->domain_id = (sramrom_vio_sta & sramrom_vios->vio_domain_mask)
> + >> sramrom_vios->vio_domain_shift;
> + rw = (sramrom_vio_sta & sramrom_vios->vio_rw_mask) >>
> + sramrom_vios->vio_rw_shift;
> +
> + if (rw)
> + vio_info->write = 1;
> + else
> + vio_info->read = 1;
> +
> + pr_info(PFX "%s: master_id:0x%x, domain_id:0x%x, rw:%s, vio_addr:0x%x\n",
> + __func__, vio_info->master_id, vio_info->domain_id,
> + rw ? "Write" : "Read", vio_info->vio_addr);
> +}
> +
Powered by blists - more mailing lists