lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 9 Mar 2023 22:43:13 +0200
From:   Dmitry Baryshkov <dmitry.baryshkov@...aro.org>
To:     Maximilian Luz <luzmaximilian@...il.com>
Cc:     Rob Herring <robh@...nel.org>,
        Bjorn Andersson <andersson@...nel.org>,
        Andy Gross <agross@...nel.org>,
        Konrad Dybcio <konrad.dybcio@...aro.org>,
        Ard Biesheuvel <ardb@...nel.org>,
        Krzysztof Kozlowski <krzysztof.kozlowski+dt@...aro.org>,
        Johan Hovold <johan@...nel.org>,
        Sudeep Holla <sudeep.holla@....com>,
        Ilias Apalodimas <ilias.apalodimas@...aro.org>,
        Srinivas Kandagatla <srinivas.kandagatla@...aro.org>,
        Sumit Garg <sumit.garg@...aro.org>,
        Steev Klimaszewski <steev@...i.org>,
        linux-arm-msm@...r.kernel.org, linux-kernel@...r.kernel.org,
        devicetree@...r.kernel.org
Subject: Re: [PATCH v3 3/4] dt-bindings: firmware: Add Qualcomm QSEECOM interface

On Thu, 9 Mar 2023 at 22:34, Maximilian Luz <luzmaximilian@...il.com> wrote:
>
> On 3/9/23 09:19, Dmitry Baryshkov wrote:
> > On 09/03/2023 04:27, Maximilian Luz wrote:
> >> On 3/9/23 02:33, Dmitry Baryshkov wrote:
> >>> On 09/03/2023 00:44, Maximilian Luz wrote:
> >>>> On 3/8/23 23:16, Rob Herring wrote:
> >>>>> On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote:
> >>>>>> Add bindings for the Qualcomm Secure Execution Environment interface
> >>>>>> (QSEECOM).
> >>>>>
> >>>>> Pretty sure I already asked, but no answer in the commit message. Why do
> >>>>> we need this? You've already declared the platform supports SCM calls
> >>>>> with "qcom,scm". Why can't you probe whether you have QSEECOM or not? DT
> >>>>> is for non-discoverable h/w we are stuck with.
> >>>>
> >>>> Yes, you've asked this before but I can only repeat what I've written in
> >>>> my last response to your question: I am not aware of any way to properly
> >>>> discover the interface at runtime from software.
> >>>>
> >>>> If it makes you happy, I can put this in the commit message as well...
> >>>>
> >>>>> Why is software made non-discoverable too?
> >>>>
> >>>> Please direct that question at the Qualcomm guys who actually designed
> >>>> that interface. I can't give you an answer to that, and I'm not all that
> >>>> happy about this either.
> >>>>
> >>>> To reiterate: I've reverse engineered this based on the Windows driver.
> >>>> The Windows driver loads on an ACPI HID and it doesn't use any function
> >>>> to check/verify whether the interface is actually present. Adding a DT
> >>>> entry is the straight-forward adaption to having a HID in ACPI.
> >>>>
> >>>>> Nodes with only a compatible string are usually just an abuse of DT to
> >>>>> instantiate some driver.
> >>>>
> >>>> If you or anyone here has any idea on how to discover the presence of
> >>>> this, please feel free to let me know and I'd be happy to implement
> >>>> that. Until then, I unfortunately don't see any other way of dealing
> >>>> with this.
> >>>
> >>> You can probably try requesting QSEECOM version. According to msm-3.18:
> >>>
> >>>          uint32_t feature = 10;
> >>>
> >>>          rc = qseecom_scm_call(6, 3, &feature, sizeof(feature),
> >>>                  &resp, sizeof(resp));
> >>>          pr_info("qseecom.qsee_version = 0x%x\n", resp.result);
> >>>          if (rc) {
> >>>                  pr_err("Failed to get QSEE version info %d\n", rc);
> >>>                  goto exit_del_cdev;
> >>>          }
> >>>
> >>
> >> Thanks! I'll give that a try.
> >>
> >> As I can't test this on a device that doesn't have qseecom, it would
> >> probably be a good idea if someone could test this on a device that has
> >> qcom_scm but no qseecom (if those even exist) to make sure this doesn't
> >> misbehave.
> >
> > I could not find a vendor dts which doesn't have the qseecom device (checked the source trees from 3.4 to the latest revisions).
> >
>
> Thanks for checking!
>
> So that only leaves one potential issue: The re-entrant/blocking calls
> not being handled at the moment. If we detect qseecom based on the
> version and then try to query the app ID, we could get some devices that
> use those.
>
> I'm not sure what the consequences there are, i.e. if we're potentially
> blocking something else if one of those calls blocks on such devices. Is
> there any way we can detect this beforehand?

Unfortunately I don't know.

>
> The current proposal isn't very good at handling that either as it
> assumes that this depends on the SoC generation (which it probably
> doesn't). So I guess one possibility is to make the list of app-names to
> be checked SoC specific as well. That at least limits the scope
> somewhat. Maybe you have some other ideas?

As long as it doesn't concern the external interfaces, it sounds fine
with me. Let's get the first implementation in, then we can expand and
extend the details/implementation.


-- 
With best wishes
Dmitry

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ