| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ihz4jczbhn3gdcs6nkgnzpyv3577ebd73qbkynw6jz7ciy4fu3@kxqu7olrrely> Date: Sat, 17 Feb 2024 21:50:01 -0600 From: Bjorn Andersson <andersson@...nel.org> To: Bartosz Golaszewski <brgl@...ev.pl> Cc: Andy Gross <agross@...nel.org>, Konrad Dybcio <konrad.dybcio@...aro.org>, Elliot Berman <quic_eberman@...cinc.com>, Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>, Guru Das Srinagesh <quic_gurus@...cinc.com>, Andrew Halaney <ahalaney@...hat.com>, Maximilian Luz <luzmaximilian@...il.com>, Alex Elder <elder@...aro.org>, Srini Kandagatla <srinivas.kandagatla@...aro.org>, Arnd Bergmann <arnd@...db.de>, linux-arm-msm@...r.kernel.org, linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, kernel@...cinc.com, Bartosz Golaszewski <bartosz.golaszewski@...aro.org>, Deepti Jaggi <quic_djaggi@...cinc.com> Subject: Re: [PATCH v7 11/12] firmware: qcom: scm: clarify the comment in qcom_scm_pas_init_image() On Mon, Feb 05, 2024 at 07:28:09PM +0100, Bartosz Golaszewski wrote: > From: Bartosz Golaszewski <bartosz.golaszewski@...aro.org> > > The "memory protection" mechanism mentioned in the comment is the SHM > Bridge. This is also the reason why we do not convert this call to using > the TZ memory allocator. > No, this mechanism predates shmbridge. > Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@...aro.org> > Tested-by: Andrew Halaney <ahalaney@...hat.com> # sc8280xp-lenovo-thinkpad-x13s > Tested-by: Deepti Jaggi <quic_djaggi@...cinc.com> #sa8775p-ride > Reviewed-by: Elliot Berman <quic_eberman@...cinc.com> > --- > drivers/firmware/qcom/qcom_scm.c | 10 +++++++--- > 1 file changed, 7 insertions(+), 3 deletions(-) > > diff --git a/drivers/firmware/qcom/qcom_scm.c b/drivers/firmware/qcom/qcom_scm.c > index 839773270a21..7ba5cff6e4e7 100644 > --- a/drivers/firmware/qcom/qcom_scm.c > +++ b/drivers/firmware/qcom/qcom_scm.c > @@ -563,9 +563,13 @@ int qcom_scm_pas_init_image(u32 peripheral, const void *metadata, size_t size, > struct qcom_scm_res res; > > /* > - * During the scm call memory protection will be enabled for the meta > - * data blob, so make sure it's physically contiguous, 4K aligned and > - * non-cachable to avoid XPU violations. What this is saying is that the memory will be made unaccessible to Linux, so it needs to be contiguous and aligned. > + * During the SCM call the hypervisor will make the buffer containing > + * the program data into an SHM Bridge. Are you saying that the hypervisor will convert this memory to a shmbridge, and then pass it to TrustZone? > This is why we exceptionally > + * must not use the TrustZone memory allocator here as - depending on > + * Kconfig - it may already use the SHM Bridge mechanism internally. > + * "it may already"? You describe above that we shouldn't pass shmbridge memory, and the other case never deals with shmbridges. So, I think you can omit this part. > + * If we pass a buffer that is already part of an SHM Bridge to this > + * call, it will fail. Could this be because the consumer of this buffer operates in EL2, and not TZ? Regards, Bjorn > */ > mdata_buf = dma_alloc_coherent(__scm->dev, size, &mdata_phys, > GFP_KERNEL); > -- > 2.40.1 >
Powered by blists - more mailing lists