| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAAOTY_-7PwoPG_0ce2p4BCNQ3rundg40Bsni14XSmVETExkKkw@mail.gmail.com>
Date: Thu, 9 Jul 2020 21:01:44 +0800
From: Chun-Kuang Hu <chunkuang.hu@...nel.org>
To: Neal Liu <neal.liu@...iatek.com>
Cc: Rob Herring <robh+dt@...nel.org>,
Matthias Brugger <matthias.bgg@...il.com>,
devicetree@...r.kernel.org,
wsd_upstream <wsd_upstream@...iatek.com>,
lkml <linux-kernel@...r.kernel.org>,
"moderated list:ARM/Mediatek SoC support"
<linux-mediatek@...ts.infradead.org>,
Linux ARM <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH v2 2/2] soc: mediatek: add mtk-devapc driver
Hi, Neal:
Neal Liu <neal.liu@...iatek.com> 於 2020年7月9日 週四 下午5:13寫道:
>
> MediaTek bus fabric provides TrustZone security support and data
> protection to prevent slaves from being accessed by unexpected
> masters.
> The security violation is logged and sent to the processor for
> further analysis or countermeasures.
>
> Any occurrence of security violation would raise an interrupt, and
> it will be handled by mtk-devapc driver. The violation
> information is printed in order to find the murderer.
>
> Signed-off-by: Neal Liu <neal.liu@...iatek.com>
[snip]
> +
> +static u32 get_shift_group(struct mtk_devapc_context *devapc_ctx,
> + int slave_type, int vio_idx)
vio_idx is useless, so remove it.
> +{
> + u32 vio_shift_sta;
> + void __iomem *reg;
> + int bit;
> +
> + reg = mtk_devapc_pd_get(devapc_ctx, slave_type, VIO_SHIFT_STA, 0);
> + vio_shift_sta = readl(reg);
> +
> + for (bit = 0; bit < 32; bit++) {
> + if ((vio_shift_sta >> bit) & 0x1)
> + break;
> + }
> +
> + return bit;
> +}
> +
[snip]
> +
> +/*
> + * devapc_violation_irq - the devapc Interrupt Service Routine (ISR) will dump
> + * violation information including which master violates
> + * access slave.
> + */
> +static irqreturn_t devapc_violation_irq(int irq_number,
> + struct mtk_devapc_context *devapc_ctx)
> +{
> + const struct mtk_device_info **device_info;
> + int slave_type_num;
> + int vio_idx = -1;
> + int slave_type;
> +
> + slave_type_num = devapc_ctx->slave_type_num;
> + device_info = devapc_ctx->device_info;
> +
> + for (slave_type = 0; slave_type < slave_type_num; slave_type++) {
If slave_type_num is 1, I think the code should be simpler.
> + if (!mtk_devapc_dump_vio_dbg(devapc_ctx, slave_type, &vio_idx))
> + continue;
> +
> + /* Ensure that violation info are written before
> + * further operations
> + */
> + smp_mb();
> +
> + mask_module_irq(devapc_ctx, slave_type, vio_idx, true);
Why do you mask irq?
> +
> + clear_vio_status(devapc_ctx, slave_type, vio_idx);
> +
> + mask_module_irq(devapc_ctx, slave_type, vio_idx, false);
> + }
> +
> + return IRQ_HANDLED;
> +}
> +
> +/*
> + * start_devapc - initialize devapc status and start receiving interrupt
> + * while devapc violation is triggered.
> + */
[snip]
> +
> +struct mtk_device_info {
> + int sys_index;
Useless, so remove it.
> + int ctrl_index;
Ditto.
Regards,
Chun-Kuang.
> + int vio_index;
> +};
> +
Powered by blists - more mailing lists