| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMuHMdUgAutuRes9yTsDVCZ+rMeyQrhuX+BW60ft7_S9OU3RRg@mail.gmail.com>
Date: Tue, 13 Jul 2021 11:24:24 +0200
From: Geert Uytterhoeven <geert@...ux-m68k.org>
To: Sudeep Holla <sudeep.holla@....com>
Cc: "Lad, Prabhakar" <prabhakar.csengg@...il.com>,
Lad Prabhakar <prabhakar.mahadev-lad.rj@...renesas.com>,
Rob Herring <robh+dt@...nel.org>,
Magnus Damm <magnus.damm@...il.com>,
"open list:OPEN FIRMWARE AND FLATTENED DEVICE TREE BINDINGS"
<devicetree@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Linux-Renesas <linux-renesas-soc@...r.kernel.org>,
Biju Das <biju.das.jz@...renesas.com>
Subject: Re: [PATCH] arm64: dts: renesas: r9a07g044: Add missing GICv3 node properties
Hi Sudeep,
On Tue, Jul 13, 2021 at 11:16 AM Sudeep Holla <sudeep.holla@....com> wrote:
> On Tue, Jul 13, 2021 at 11:04:09AM +0200, Geert Uytterhoeven wrote:
> > On Tue, Jul 13, 2021 at 10:56 AM Sudeep Holla <sudeep.holla@....com> wrote:
> > > On Tue, Jul 13, 2021 at 10:30:36AM +0200, Geert Uytterhoeven wrote:
>
> [...]
>
> > > > And a possible use case: the RT CPU core may want to reset the AP GIC.
> > >
> > > I didn't want to add new bindings without details on the implementation
> > > to avoid possible issues with backward compatibility as this was not
> > > thought through completely and correctly before it was added.
> > >
> > > OK, now let us discuss your use-case: *RT CPU wants to reset AP GIC*
> > >
> > > 1. Will it just reset AP GIC or will it request the AP reset as a whole ?
> > > I am not sure if we can handle former, if you think otherwise what is
> > > the reset notification mechanism ?
> > >
> > > 2. Will that bypass secure world/PSCI ? Again more details on this would
> > > be helpful to visualise the entire use-case end-to-end better.
> > >
> > > By GIC reset, I am assuming it will be complete GIC reset including it's
> > > CPU interface.
> > >
> > > I don't think we can reset GIC without actual CPU reset. Even if we get
> > > some notification magically to the CPU that its GIC alone needs to be
> > > reset, it needs to safely higher exceptions to get its GIC CPU interface
> > > reprogrammed to correct (saved) values before OS can reprogram the NS
> > > world values. All these seems overall complicated and may be unnecessary.
> >
> > Probably both. Might make sense to reset on wake-up, after having disabled
> > clocks and powered down the AP CPU, AP GIC, ...
> >
>
> /me confused. If this is arm64 platform, then you have to use *PSCI* and
> I expect the reset to be done as part of CPU wake-up in PSCI firmware.
DT Rule #1: DT describes hardware not software policy.
The fact that _Linux_ must use PSCI is a (unfortunate) software policy.
What about other OSes, or bare-metal software?
> > If that bypasses PSCI: well, if the unsecure software can do it, it
> > means the hardware is not secure. Or at least Linux has to be trusted.
>
> No, if the system has PSCI, then you simply can't bypass that for GIC
> reset. Or at-least I am failing to understand the complete flow of that.
PSCI can only prevent other software from bypassing GIC reset if PSCI
programs the hardware to prevent access to the GIC reset (if possible
at all).
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
Powered by blists - more mailing lists