lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 20 Jan 2023 17:42:15 +0000
From:   Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
To:     Patrick Delaunay <patrick.delaunay@...s.st.com>,
        Alexandre TORGUE <alexandre.torgue@...s.st.com>,
        Maxime Coquelin <mcoquelin.stm32@...il.com>
Cc:     Etienne CARRIERE <etienne.carriere@...aro.org>,
        Fabrice GASNIER <fabrice.gasnier@...s.st.com>,
        Amelie DELAUNAY <amelie.delaunay@...s.st.com>,
        Lionel DEBIEVE <lionel.debieve@...s.st.com>,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
        linux-stm32@...md-mailman.stormreply.com
Subject: Re: [PATCH v6 3/3] nvmem: stm32: detect bsec pta presence for
 STM32MP15x



On 18/01/2023 17:29, Patrick Delaunay wrote:
> On STM32MP15x SoC, the SMC backend is optional when OP-TEE is used;
> the PTA BSEC should be used as it is done on STM32MP13x platform,
> but the BSEC SMC can be also used: it is a legacy mode in OP-TEE,
> not recommended but used in previous OP-TEE firmware.
> 
> The presence of OP-TEE is dynamically detected in STM32MP15x device tree
> and the supported NVMEM backend is dynamically detected:
> - PTA with stm32_bsec_pta_find
> - SMC with stm32_bsec_check
> 
> With OP-TEE but without PTA and SMC detection, the probe is deferred for
> STM32MP15x devices.
> 
> On STM32MP13x platform, only the PTA is supported with cfg->ta = true
> and this detection is skipped.
> 
> Signed-off-by: Patrick Delaunay <patrick.delaunay@...s.st.com>
> Reviewed-by: Etienne Carriere <etienne.carriere@...aro.org>
> ---


Applied thanks,

--srini

> 
> Changes in v6:
> - added reviewed by Etienne Carriere
> 
> Changes in v5:
> - update the BSEC SMC detection logic in stm32_romem_probe()
>    after Etienne Carierre review to support NVMEM probe after OP-TEE probe
> 
> Changes in v3:
> - use of_find_compatible_node in optee_presence_check function
>    instead of of_find_node_by_path("/firmware/optee")
> 
> Changes in v2:
> - Added patch in the serie for BSEC PTA support on STM32MP15x
>    with dynamic detection of OP-TEE presence and SMC support (legacy mode)
> 
>   drivers/nvmem/stm32-romem.c | 38 +++++++++++++++++++++++++++++++++----
>   1 file changed, 34 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/nvmem/stm32-romem.c b/drivers/nvmem/stm32-romem.c
> index 978a63edf297..ba779e26937a 100644
> --- a/drivers/nvmem/stm32-romem.c
> +++ b/drivers/nvmem/stm32-romem.c
> @@ -159,6 +159,31 @@ static int stm32_bsec_pta_write(void *context, unsigned int offset, void *buf,
>   	return stm32_bsec_optee_ta_write(priv->ctx, priv->lower, offset, buf, bytes);
>   }
>   
> +static bool stm32_bsec_smc_check(void)
> +{
> +	u32 val;
> +	int ret;
> +
> +	/* check that the OP-TEE support the BSEC SMC (legacy mode) */
> +	ret = stm32_bsec_smc(STM32_SMC_READ_SHADOW, 0, 0, &val);
> +
> +	return !ret;
> +}
> +
> +static bool optee_presence_check(void)
> +{
> +	struct device_node *np;
> +	bool tee_detected = false;
> +
> +	/* check that the OP-TEE node is present and available. */
> +	np = of_find_compatible_node(NULL, NULL, "linaro,optee-tz");
> +	if (np && of_device_is_available(np))
> +		tee_detected = true;
> +	of_node_put(np);
> +
> +	return tee_detected;
> +}
> +
>   static int stm32_romem_probe(struct platform_device *pdev)
>   {
>   	const struct stm32_romem_cfg *cfg;
> @@ -195,11 +220,16 @@ static int stm32_romem_probe(struct platform_device *pdev)
>   	} else {
>   		priv->cfg.size = cfg->size;
>   		priv->lower = cfg->lower;
> -		if (cfg->ta) {
> +		if (cfg->ta || optee_presence_check()) {
>   			rc = stm32_bsec_optee_ta_open(&priv->ctx);
> -			/* wait for OP-TEE client driver to be up and ready */
> -			if (rc)
> -				return rc;
> +			if (rc) {
> +				/* wait for OP-TEE client driver to be up and ready */
> +				if (rc == -EPROBE_DEFER)
> +					return -EPROBE_DEFER;
> +				/* BSEC PTA is required or SMC not supported */
> +				if (cfg->ta || !stm32_bsec_smc_check())
> +					return rc;
> +			}
>   		}
>   		if (priv->ctx) {
>   			rc = devm_add_action_or_reset(dev, stm32_bsec_optee_ta_close, priv->ctx);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ