| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 5 Apr 2023 11:55:18 -0600
From: Mathieu Poirier <mathieu.poirier@...aro.org>
To: Arnaud Pouliquen <arnaud.pouliquen@...s.st.com>
Cc: Bjorn Andersson <andersson@...nel.org>,
Rob Herring <robh+dt@...nel.org>,
Krzysztof Kozlowski <krzysztof.kozlowski+dt@...aro.org>,
Alexandre Torgue <alexandre.torgue@...s.st.com>,
linux-remoteproc@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-stm32@...md-mailman.stormreply.com,
devicetree@...r.kernel.org
Subject: Re: [PATCH 3/5] remoteproc: stm32: Clean-up the management of the
hold boot by SMC call
Hi Arnaud,
On Fri, Mar 31, 2023 at 05:46:49PM +0200, Arnaud Pouliquen wrote:
> There are two ways to manage the Cortex-M4 hold boot:
> - by Linux thanks to a sys config controller
> - by the secure context when the hold boot is protected.
> Since the introduction of the SCMI server, the use of the SMC call
What SCMI server? Does this means stm32 is now able to use SCMI to manage the
remote processor hold boot? If so, that is what I should find in this
changelog. Otherwise this changelog needs to be re-written.
> is deprecated. If the trust zone is activated, the management of the
> hold boot must be done by the secure context thanks to a SCMI reset
> controller.
>
> This patch cleans-up the code related to the SMC call, replaced by
> the SCMI server.
>
> Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@...s.st.com>
> ---
> drivers/remoteproc/stm32_rproc.c | 34 ++------------------------------
> 1 file changed, 2 insertions(+), 32 deletions(-)
>
> diff --git a/drivers/remoteproc/stm32_rproc.c b/drivers/remoteproc/stm32_rproc.c
> index 7d782ed9e589..4be651e734ee 100644
> --- a/drivers/remoteproc/stm32_rproc.c
> +++ b/drivers/remoteproc/stm32_rproc.c
> @@ -5,7 +5,6 @@
> * Fabien Dessenne <fabien.dessenne@...com> for STMicroelectronics.
> */
>
> -#include <linux/arm-smccc.h>
> #include <linux/dma-mapping.h>
> #include <linux/interrupt.h>
> #include <linux/io.h>
> @@ -88,7 +87,6 @@ struct stm32_rproc {
> struct stm32_rproc_mem *rmems;
> struct stm32_mbox mb[MBOX_NB_MBX];
> struct workqueue_struct *workqueue;
> - bool secured_soc;
> void __iomem *rsc_va;
> };
>
> @@ -398,20 +396,12 @@ static int stm32_rproc_set_hold_boot(struct rproc *rproc, bool hold)
> {
> struct stm32_rproc *ddata = rproc->priv;
> struct stm32_syscon hold_boot = ddata->hold_boot;
> - struct arm_smccc_res smc_res;
> int val, err;
>
> val = hold ? HOLD_BOOT : RELEASE_BOOT;
>
> - if (IS_ENABLED(CONFIG_HAVE_ARM_SMCCC) && ddata->secured_soc) {
> - arm_smccc_smc(STM32_SMC_RCC, STM32_SMC_REG_WRITE,
> - hold_boot.reg, val, 0, 0, 0, 0, &smc_res);
> - err = smc_res.a0;
> - } else {
> - err = regmap_update_bits(hold_boot.map, hold_boot.reg,
> - hold_boot.mask, val);
> - }
> -
> + err = regmap_update_bits(hold_boot.map, hold_boot.reg,
> + hold_boot.mask, val);
> if (err)
> dev_err(&rproc->dev, "failed to set hold boot\n");
>
> @@ -680,8 +670,6 @@ static int stm32_rproc_parse_dt(struct platform_device *pdev,
> {
> struct device *dev = &pdev->dev;
> struct device_node *np = dev->of_node;
> - struct stm32_syscon tz;
> - unsigned int tzen;
> int err, irq;
>
> irq = platform_get_irq(pdev, 0);
> @@ -710,24 +698,6 @@ static int stm32_rproc_parse_dt(struct platform_device *pdev,
> return dev_err_probe(dev, PTR_ERR(ddata->rst),
> "failed to get mcu_reset\n");
>
> - /*
> - * if platform is secured the hold boot bit must be written by
> - * smc call and read normally.
> - * if not secure the hold boot bit could be read/write normally
> - */
> - err = stm32_rproc_get_syscon(np, "st,syscfg-tz", &tz);
> - if (err) {
> - dev_err(dev, "failed to get tz syscfg\n");
> - return err;
> - }
If I was to do a bisect here, I would not be able to boot boards that have a
trustzone. Add the new functionality and then remove the old one.
> -
> - err = regmap_read(tz.map, tz.reg, &tzen);
> - if (err) {
> - dev_err(dev, "failed to read tzen\n");
> - return err;
> - }
> - ddata->secured_soc = tzen & tz.mask;
> -
> err = stm32_rproc_get_syscon(np, "st,syscfg-holdboot",
> &ddata->hold_boot);
> if (err) {
> --
> 2.25.1
>
Powered by blists - more mailing lists