| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <95f9dd3b-1f33-4af5-8757-a97e8b9bb216@arm.com>
Date: Tue, 12 Sep 2023 11:13:50 +0100
From: Robin Murphy <robin.murphy@....com>
To: Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>,
Yong Wu (吴勇) <Yong.Wu@...iatek.com>,
"robh@...nel.org" <robh@...nel.org>
Cc: "sumit.semwal@...aro.org" <sumit.semwal@...aro.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-mediatek@...ts.infradead.org"
<linux-mediatek@...ts.infradead.org>,
"jstultz@...gle.com" <jstultz@...gle.com>,
"linaro-mm-sig@...ts.linaro.org" <linaro-mm-sig@...ts.linaro.org>,
"christian.koenig@....com" <christian.koenig@....com>,
"devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
Jianjiao Zeng (曾健姣)
<Jianjiao.Zeng@...iatek.com>,
"linux-media@...r.kernel.org" <linux-media@...r.kernel.org>,
Kuohong Wang (王國鴻)
<kuohong.wang@...iatek.com>,
"Brian.Starkey@....com" <Brian.Starkey@....com>,
"conor+dt@...nel.org" <conor+dt@...nel.org>,
"benjamin.gaignard@...labora.com" <benjamin.gaignard@...labora.com>,
"tjmercier@...gle.com" <tjmercier@...gle.com>,
"krzysztof.kozlowski+dt@...aro.org"
<krzysztof.kozlowski+dt@...aro.org>,
"dri-devel@...ts.freedesktop.org" <dri-devel@...ts.freedesktop.org>,
"matthias.bgg@...il.com" <matthias.bgg@...il.com>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>,
"angelogioacchino.delregno@...labora.com"
<angelogioacchino.delregno@...labora.com>
Subject: Re: [PATCH 8/9] dt-bindings: reserved-memory: MediaTek: Add reserved
memory for SVP
On 12/09/2023 9:28 am, Krzysztof Kozlowski wrote:
> On 12/09/2023 08:16, Yong Wu (吴勇) wrote:
>> Hi Rob,
>>
>> Thanks for your review.
>>
>> On Mon, 2023-09-11 at 10:44 -0500, Rob Herring wrote:
>>>
>>> External email : Please do not click links or open attachments until
>>> you have verified the sender or the content.
>>> On Mon, Sep 11, 2023 at 10:30:37AM +0800, Yong Wu wrote:
>>>> This adds the binding for describing a CMA memory for MediaTek
>>> SVP(Secure
>>>> Video Path).
>>>
>>> CMA is a Linux thing. How is this related to CMA?
>>
>>>>
>>>> Signed-off-by: Yong Wu <yong.wu@...iatek.com>
>>>> ---
>>>> .../mediatek,secure_cma_chunkmem.yaml | 42
>>> +++++++++++++++++++
>>>> 1 file changed, 42 insertions(+)
>>>> create mode 100644 Documentation/devicetree/bindings/reserved-
>>> memory/mediatek,secure_cma_chunkmem.yaml
>>>>
>>>> diff --git a/Documentation/devicetree/bindings/reserved-
>>> memory/mediatek,secure_cma_chunkmem.yaml
>>> b/Documentation/devicetree/bindings/reserved-
>>> memory/mediatek,secure_cma_chunkmem.yaml
>>>> new file mode 100644
>>>> index 000000000000..cc10e00d35c4
>>>> --- /dev/null
>>>> +++ b/Documentation/devicetree/bindings/reserved-
>>> memory/mediatek,secure_cma_chunkmem.yaml
>>>> @@ -0,0 +1,42 @@
>>>> +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
>>>> +%YAML 1.2
>>>> +---
>>>> +$id:
>>> http://devicetree.org/schemas/reserved-memory/mediatek,secure_cma_chunkmem.yaml#
>>>> +$schema: http://devicetree.org/meta-schemas/core.yaml#
>>>> +
>>>> +title: MediaTek Secure Video Path Reserved Memory
>>>
>>> What makes this specific to Mediatek? Secure video path is fairly
>>> common, right?
>>
>> Here we just reserve a buffer and would like to create a dma-buf secure
>> heap for SVP, then the secure engines(Vcodec and DRM) could prepare
>> secure buffer through it.
>>
>> But the heap driver is pure SW driver, it is not platform device and
>
> All drivers are pure SW.
>
>> we don't have a corresponding HW unit for it. Thus I don't think I
>> could create a platform dtsi node and use "memory-region" pointer to
>> the region. I used RESERVEDMEM_OF_DECLARE currently(The code is in
>> [9/9]). Sorry if this is not right.
>
> If this is not for any hardware and you already understand this (since
> you cannot use other bindings) then you cannot have custom bindings for
> it either.
>
>>
>> Then in our usage case, is there some similar method to do this? or
>> any other suggestion?
>
> Don't stuff software into DTS.
Aren't most reserved-memory bindings just software policy if you look at
it that way, though? IIUC this is a pool of memory that is visible and
available to the Non-Secure OS, but is fundamentally owned by the Secure
TEE, and pages that the TEE allocates from it will become physically
inaccessible to the OS. Thus the platform does impose constraints on how
the Non-Secure OS may use it, and per the rest of the reserved-memory
bindings, describing it as a "reusable" reservation seems entirely
appropriate. If anything that's *more* platform-related and so
DT-relevant than typical arbitrary reservations which just represent
"save some memory to dedicate to a particular driver" and don't actually
bear any relationship to firmware or hardware at all.
However, the fact that Linux's implementation of how to reuse reserved
memory areas is called CMA is indeed still irrelevant and has no place
in the binding itself.
Thanks,
Robin.
Powered by blists - more mailing lists