lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5ce30bf52a4f2e4f6f76d0a4c25a08a45f14b6fe.camel@mediatek.com>
Date: Tue, 28 May 2024 02:19:38 +0000
From: CK Hu (胡俊光) <ck.hu@...iatek.com>
To: "jassisinghbrar@...il.com" <jassisinghbrar@...il.com>,
	"matthias.bgg@...il.com" <matthias.bgg@...il.com>,
	Jason-JH Lin (林睿祥) <Jason-JH.Lin@...iatek.com>,
	"chunkuang.hu@...nel.org" <chunkuang.hu@...nel.org>, "robh+dt@...nel.org"
	<robh+dt@...nel.org>, "krzysztof.kozlowski+dt@...aro.org"
	<krzysztof.kozlowski+dt@...aro.org>,
	"angelogioacchino.delregno@...labora.com"
	<angelogioacchino.delregno@...labora.com>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Singo Chang (張興國) <Singo.Chang@...iatek.com>,
	"linux-mediatek@...ts.infradead.org" <linux-mediatek@...ts.infradead.org>,
	Jason-ch Chen (陳建豪)
	<Jason-ch.Chen@...iatek.com>, "devicetree@...r.kernel.org"
	<devicetree@...r.kernel.org>, Shawn Sung (宋孝謙)
	<Shawn.Sung@...iatek.com>, Nancy Lin (林欣螢)
	<Nancy.Lin@...iatek.com>, "conor+dt@...nel.org" <conor+dt@...nel.org>,
	"dri-devel@...ts.freedesktop.org" <dri-devel@...ts.freedesktop.org>,
	Project_Global_Chrome_Upstream_Group
	<Project_Global_Chrome_Upstream_Group@...iatek.com>,
	"linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH RESEND, v6 6/8] mailbox: mediatek: Add CMDQ secure mailbox
 driver

On Sun, 2024-05-26 at 22:44 +0800, Jason-JH.Lin wrote:
> To support secure video path feature, GCE have to read/write registgers
> in the secure world. GCE will enable the secure access permission to the
> HW who wants to access the secure content buffer.
> 
> Add CMDQ secure mailbox driver to make CMDQ client user is able to
> sending their HW settings to the secure world. So that GCE can execute
> all instructions to configure HW in the secure world.
> 
> TODO:
> 1. Squash cmdq_sec_task_exec_work() into cmdq_sec_mbox_send_data().
> 2. Call into TEE to query cookie instead of using shared memory in
>    cmdq_sec_get_cookie().
> 3. Register shared memory as command buffer instead of copying normal
>    command buffer to IWC shared memory.
> 4. Use SOFTDEP to make cmdq_sec_probe later than OPTEE loaded and then
>    move cmdq_sec_session_init into cmdq_sec_probe().
> 5. Remove timeout detection in cmdq_sec_session_send().
> 
> Signed-off-by: Jason-JH.Lin <jason-jh.lin@...iatek.com>
> Signed-off-by: Hsiao Chien Sung <shawn.sung@...iatek.com>
> ---

[snip]

> +static void cmdq_sec_irq_notify_work(struct work_struct *work_item)
> +{
> +	struct cmdq_sec *cmdq = container_of(work_item, struct cmdq_sec, irq_notify_work);
> +	int i;
> +
> +	mutex_lock(&cmdq->exec_lock);
> +
> +	for (i = 0; i <= cmdq->pdata->secure_thread_nr; i++) {
> +		struct cmdq_sec_thread *sec_thread = &cmdq->sec_thread[i];
> +		u32 cookie = cmdq_sec_get_cookie(cmdq, sec_thread->idx);

I prefer to get current pa instead of cookie, but the current pa is mapped from secure packet pa to normal packet pa.
If something wrong, normal world could know where GCE is stalled. And this is how normal thread irq handler does.
We could use one method for both normal thread and secure thread. This is easier to maintain code.

Regards,
CK

> +
> +		if (cookie < sec_thread->wait_cookie || !sec_thread->task_cnt)
> +			continue;
> +
> +		cmdq_sec_irq_handler(sec_thread, cookie, 0);
> +	}
> +
> +	mutex_unlock(&cmdq->exec_lock);
> +}
> +

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ