lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Zjw9044yBRn9+adW@lizhi-Precision-Tower-5810>
Date: Wed, 8 May 2024 23:06:59 -0400
From: Frank Li <Frank.li@....com>
To: Vabhav Sharma <vabhav.sharma@....com>
Cc: Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>,
	Conor Dooley <conor+dt@...nel.org>,
	Franck LENORMAND <franck.lenormand@....com>,
	Dong Aisheng <aisheng.dong@....com>,
	Shawn Guo <shawnguo@...nel.org>,
	Sascha Hauer <s.hauer@...gutronix.de>,
	Pengutronix Kernel Team <kernel@...gutronix.de>,
	Fabio Estevam <festevam@...il.com>, Peng Fan <peng.fan@....com>,
	devicetree@...r.kernel.org, linux-kernel@...r.kernel.org,
	imx@...ts.linux.dev, linux-arm-kernel@...ts.infradead.org,
	Varun Sethi <V.Sethi@....com>,
	Silvano Di Ninno <silvano.dininno@....com>,
	Pankaj Gupta <pankaj.gupta@....com>, daniel.baluta@....com
Subject: Re: [PATCH 1/4] dt-bindings: firmware: secvio: Add device tree
 bindings

On Thu, May 09, 2024 at 02:45:32AM +0200, Vabhav Sharma wrote:
> Document the secvio device tree bindings.

reduntant sentence. 
> 
> The tampers are security feature available on i.MX products and
> managed by SNVS block.The tamper goal is to detect the variation
                        ^^ space here

> of hardware or physical parameters, which can indicate an attack.
> 
> The SNVS, which provides secure non-volatile storage, allows to
> detect some hardware attacks against the SoC.They are connected
                                               ^^ space here 
> to the security-violation ports, which send an alert when an
> out-of-range value is detected.
> 
> The "imx-secvio-sc" module is designed to report security violations
> and tamper triggering via SCU firmware to the user.
> 
> Add the imx-scu secvio sub node and secvio sub node description.
> 
> Signed-off-by: Franck LENORMAND <franck.lenormand@....com>
> Signed-off-by: Vabhav Sharma <vabhav.sharma@....com>
> ---
>  .../bindings/arm/freescale/fsl,scu-secvio.yaml     | 35 ++++++++++++++++++++++
>  .../devicetree/bindings/firmware/fsl,scu.yaml      | 10 +++++++
>  2 files changed, 45 insertions(+)
> 
> diff --git a/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml
> new file mode 100644
> index 000000000000..30dc1e21f903
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml
> @@ -0,0 +1,35 @@
> +# SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause)
> +%YAML 1.2
> +---
> +$id: http://devicetree.org/schemas/arm/freescale/fsl,scu-secvio.yaml#
> +$schema: http://devicetree.org/meta-schemas/core.yaml#
> +
> +title: NXP i.MX Security Violation driver

Violation detect driver

> +
> +maintainers:
> +  - Franck LENORMAND <franck.lenormand@....com>
> +
> +description: |

Needn't "|"

> +  Receive security violation from the SNVS via the SCU firmware. Allow to
> +  register notifier for additional processing
> +
> +properties:
> +  compatible:
> +    enum:
> +      - fsl,imx-sc-secvio
> +
> +  nvmem:
> +    maxItems: 1
> +

any interrupt defined? how do you notify such violation event?

> +required:
> +  - compatible
> +  - nvmem
> +
> +additionalProperties: false
> +
> +examples:
> +  - |
> +    secvio {
> +        compatible = "fsl,imx-sc-secvio";
> +        nvmem = <&ocotp>;
> +    };
> diff --git a/Documentation/devicetree/bindings/firmware/fsl,scu.yaml b/Documentation/devicetree/bindings/firmware/fsl,scu.yaml
> index 557e524786c2..b40e127fdc88 100644
> --- a/Documentation/devicetree/bindings/firmware/fsl,scu.yaml
> +++ b/Documentation/devicetree/bindings/firmware/fsl,scu.yaml
> @@ -129,6 +129,11 @@ properties:
>        RTC controller provided by the SCU
>      $ref: /schemas/rtc/fsl,scu-rtc.yaml
>  
> +  secvio:
> +    description:
> +      Receive security violation from the SNVS via the SCU firmware
> +    $ref: /schemas/arm/freescale/fsl,scu-secvio.yaml
> +
>    thermal-sensor:
>      description:
>        Thermal sensor provided by the SCU
> @@ -197,6 +202,11 @@ examples:
>                  compatible = "fsl,imx8qxp-sc-rtc";
>              };
>  
> +            secvio {
> +                compatible = "fsl,imx-sc-secvio";
> +                nvmem = <&ocotp>;
> +            };
> +
>              keys {
>                  compatible = "fsl,imx8qxp-sc-key", "fsl,imx-sc-key";
>                  linux,keycodes = <KEY_POWER>;
> 
> -- 
> 2.25.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ