| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 May 2024 23:06:59 -0400
From: Frank Li <Frank.li@....com>
To: Vabhav Sharma <vabhav.sharma@....com>
Cc: Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>,
Conor Dooley <conor+dt@...nel.org>,
Franck LENORMAND <franck.lenormand@....com>,
Dong Aisheng <aisheng.dong@....com>,
Shawn Guo <shawnguo@...nel.org>,
Sascha Hauer <s.hauer@...gutronix.de>,
Pengutronix Kernel Team <kernel@...gutronix.de>,
Fabio Estevam <festevam@...il.com>, Peng Fan <peng.fan@....com>,
devicetree@...r.kernel.org, linux-kernel@...r.kernel.org,
imx@...ts.linux.dev, linux-arm-kernel@...ts.infradead.org,
Varun Sethi <V.Sethi@....com>,
Silvano Di Ninno <silvano.dininno@....com>,
Pankaj Gupta <pankaj.gupta@....com>, daniel.baluta@....com
Subject: Re: [PATCH 1/4] dt-bindings: firmware: secvio: Add device tree
bindings
On Thu, May 09, 2024 at 02:45:32AM +0200, Vabhav Sharma wrote:
> Document the secvio device tree bindings.
reduntant sentence.
>
> The tampers are security feature available on i.MX products and
> managed by SNVS block.The tamper goal is to detect the variation
^^ space here
> of hardware or physical parameters, which can indicate an attack.
>
> The SNVS, which provides secure non-volatile storage, allows to
> detect some hardware attacks against the SoC.They are connected
^^ space here
> to the security-violation ports, which send an alert when an
> out-of-range value is detected.
>
> The "imx-secvio-sc" module is designed to report security violations
> and tamper triggering via SCU firmware to the user.
>
> Add the imx-scu secvio sub node and secvio sub node description.
>
> Signed-off-by: Franck LENORMAND <franck.lenormand@....com>
> Signed-off-by: Vabhav Sharma <vabhav.sharma@....com>
> ---
> .../bindings/arm/freescale/fsl,scu-secvio.yaml | 35 ++++++++++++++++++++++
> .../devicetree/bindings/firmware/fsl,scu.yaml | 10 +++++++
> 2 files changed, 45 insertions(+)
>
> diff --git a/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml
> new file mode 100644
> index 000000000000..30dc1e21f903
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml
> @@ -0,0 +1,35 @@
> +# SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause)
> +%YAML 1.2
> +---
> +$id: http://devicetree.org/schemas/arm/freescale/fsl,scu-secvio.yaml#
> +$schema: http://devicetree.org/meta-schemas/core.yaml#
> +
> +title: NXP i.MX Security Violation driver
Violation detect driver
> +
> +maintainers:
> + - Franck LENORMAND <franck.lenormand@....com>
> +
> +description: |
Needn't "|"
> + Receive security violation from the SNVS via the SCU firmware. Allow to
> + register notifier for additional processing
> +
> +properties:
> + compatible:
> + enum:
> + - fsl,imx-sc-secvio
> +
> + nvmem:
> + maxItems: 1
> +
any interrupt defined? how do you notify such violation event?
> +required:
> + - compatible
> + - nvmem
> +
> +additionalProperties: false
> +
> +examples:
> + - |
> + secvio {
> + compatible = "fsl,imx-sc-secvio";
> + nvmem = <&ocotp>;
> + };
> diff --git a/Documentation/devicetree/bindings/firmware/fsl,scu.yaml b/Documentation/devicetree/bindings/firmware/fsl,scu.yaml
> index 557e524786c2..b40e127fdc88 100644
> --- a/Documentation/devicetree/bindings/firmware/fsl,scu.yaml
> +++ b/Documentation/devicetree/bindings/firmware/fsl,scu.yaml
> @@ -129,6 +129,11 @@ properties:
> RTC controller provided by the SCU
> $ref: /schemas/rtc/fsl,scu-rtc.yaml
>
> + secvio:
> + description:
> + Receive security violation from the SNVS via the SCU firmware
> + $ref: /schemas/arm/freescale/fsl,scu-secvio.yaml
> +
> thermal-sensor:
> description:
> Thermal sensor provided by the SCU
> @@ -197,6 +202,11 @@ examples:
> compatible = "fsl,imx8qxp-sc-rtc";
> };
>
> + secvio {
> + compatible = "fsl,imx-sc-secvio";
> + nvmem = <&ocotp>;
> + };
> +
> keys {
> compatible = "fsl,imx8qxp-sc-key", "fsl,imx-sc-key";
> linux,keycodes = <KEY_POWER>;
>
> --
> 2.25.1
>
Powered by blists - more mailing lists