lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 21 Aug 2023 12:14:22 +0200
From:   Robert Marko <robimarko@...il.com>
To:     Konrad Dybcio <konrad.dybcio@...aro.org>
Cc:     agross@...nel.org, andersson@...nel.org, robh+dt@...nel.org,
        krzysztof.kozlowski+dt@...aro.org, conor+dt@...nel.org,
        quic_gurus@...cinc.com, linux-arm-msm@...r.kernel.org,
        devicetree@...r.kernel.org, linux-kernel@...r.kernel.org,
        quic_mojha@...cinc.com, computersforpeace@...il.com
Subject: Re: [PATCH v3 2/4] firmware: qcom_scm: disable SDI if required

On Wed, 16 Aug 2023 at 19:33, Konrad Dybcio <konrad.dybcio@...aro.org> wrote:
>
> On 16.08.2023 18:45, Robert Marko wrote:
> > IPQ5018 has SDI (Secure Debug Image) enabled by TZ by default, and that
> > means that WDT being asserted or just trying to reboot will hang the board
> > in the debug mode and only pulling the power and repowering will help.
> > Some IPQ4019 boards like Google WiFI have it enabled as well.
> >
> > Luckily, SDI can be disabled via an SCM call.
> >
> > So, lets use the boolean DT property to identify boards that have SDI
> > enabled by default and use the SCM call to disable SDI during SCM probe.
> > It is important to disable it as soon as possible as we might have a WDT
> > assertion at any time which would then leave the board in debug mode,
> > thus disabling it during SCM removal is not enough.
> >
> > Signed-off-by: Robert Marko <robimarko@...il.com>
> > ---
> [...]
>
>
> > +     /*
> > +      * Disable SDI if indicated by DT that it is enabled by default.
> > +      */
> > +     if (of_property_read_bool(pdev->dev.of_node, "qcom,sdi-enabled"))
> > +             qcom_scm_disable_sdi();
> Should we care about the return value?

I dont really see a point, as we cant really do anything about it if it fails.
Also, the SDI SCM call seems to have weird return codes, for example, it works
but it returns 2.

Maybe somebody from QCA can shine some light on that?

Regards,
Robert
>
> Konrad

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ