| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Dec 2023 06:13:01 +0000
From: Jason-JH Lin (林睿祥) <Jason-JH.Lin@...iatek.com>
To: CK Hu (胡俊光) <ck.hu@...iatek.com>,
"jassisinghbrar@...il.com" <jassisinghbrar@...il.com>,
"matthias.bgg@...il.com" <matthias.bgg@...il.com>,
"angelogioacchino.delregno@...labora.com"
<angelogioacchino.delregno@...labora.com>, "robh+dt@...nel.org"
<robh+dt@...nel.org>, "krzysztof.kozlowski+dt@...aro.org"
<krzysztof.kozlowski+dt@...aro.org>, "chunkuang.hu@...nel.org"
<chunkuang.hu@...nel.org>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-mediatek@...ts.infradead.org" <linux-mediatek@...ts.infradead.org>,
Singo Chang (張興國) <Singo.Chang@...iatek.com>,
Johnson Wang (王聖鑫) <Johnson.Wang@...iatek.com>,
"linux-media@...r.kernel.org" <linux-media@...r.kernel.org>,
"devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
Jason-ch Chen (陳建豪)
<Jason-ch.Chen@...iatek.com>, Shawn Sung (宋孝謙)
<Shawn.Sung@...iatek.com>, "mchehab@...nel.org" <mchehab@...nel.org>,
Nancy Lin (林欣螢) <Nancy.Lin@...iatek.com>,
"conor+dt@...nel.org" <conor+dt@...nel.org>,
Project_Global_Chrome_Upstream_Group
<Project_Global_Chrome_Upstream_Group@...iatek.com>,
"linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH v3 8/9] mailbox: mediatek: Add CMDQ secure mailbox driver
Hi CK,
Thanks for the reviews.
On Tue, 2023-12-26 at 06:46 +0000, CK Hu (胡俊光) wrote:
> Hi, Jason:
>
> On Fri, 2023-12-22 at 12:52 +0800, Jason-JH.Lin wrote:
> > To support secure video path feature, GCE have to read/write
> > registgers
> > in the secure world. GCE will enable the secure access permission
> > to
> > the
> > HW who wants to access the secure content buffer.
> >
> > Add CMDQ secure mailbox driver to make CMDQ client user is able to
> > sending their HW settings to the secure world. So that GCE can
> > execute
> > all instructions to configure HW in the secure world.
> >
> > Signed-off-by: Jason-JH.Lin <jason-jh.lin@...iatek.com>
> > ---
>
> [snip]
>
> > +
> > +static int cmdq_sec_session_init(struct cmdq_sec_context *context)
> > +{
> > + int err = 0;
> > +
> > + if (context->state >= IWC_SES_OPENED) {
> > + pr_debug("session opened:%u", context->state);
> > + return 0;
> > + }
> > +
> > + switch (context->state) {
> > + case IWC_INIT:
> > + err = cmdq_sec_init_context(&context->tee_ctx);
> > + if (err)
> > + return err;
> > + context->state = IWC_CONTEXT_INITED;
> > + fallthrough;
> > + case IWC_CONTEXT_INITED:
> > + if (context->iwc_msg) {
> > + pr_err("iwcMessage not NULL:%p", context-
> > > iwc_msg);
> >
> > + return -EINVAL;
> > + }
> > +
> > + err = cmdq_sec_allocate_wsm(&context->tee_ctx,
> > &context->iwc_msg,
> > + sizeof(struct
> > iwc_cmdq_message_t));
> > + if (err)
> > + return err;
> > +
> > + context->state = IWC_WSM_ALLOCATED;
> > + fallthrough;
>
> Squash cmdq_sec_session_init() into cmdq_sec_mbox_of_xlate() and drop
> the context->state.
>
> Regards,
> CK
>
cmdq_sec_session_init() is called in the first cmdq_sec_task_submit().
It means we don't need to connect a session to TEE or allocate share
memory if no one submit secure task.
On the other hand, optee may load slower than cmdq secure driver. If we
move it to xlate secure session may init fail.
Regards,
Jason-JH.Lin
Powered by blists - more mailing lists