lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 7 Jun 2024 04:52:26 +0000
From: Vabhav Sharma <vabhav.sharma@....com>
To: Krzysztof Kozlowski <krzk@...nel.org>, Rob Herring <robh@...nel.org>,
	Krzysztof Kozlowski <krzk+dt@...nel.org>, Conor Dooley <conor+dt@...nel.org>,
	Franck Lenormand <franck.lenormand@....com>, Aisheng Dong
	<aisheng.dong@....com>, Shawn Guo <shawnguo@...nel.org>, Sascha Hauer
	<s.hauer@...gutronix.de>, Pengutronix Kernel Team <kernel@...gutronix.de>,
	Fabio Estevam <festevam@...il.com>, Peng Fan <peng.fan@....com>
CC: "devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"imx@...ts.linux.dev" <imx@...ts.linux.dev>,
	"linux-arm-kernel@...ts.infradead.org"
	<linux-arm-kernel@...ts.infradead.org>, Varun Sethi <V.Sethi@....com>,
	Silvano Di Ninno <silvano.dininno@....com>, Pankaj Gupta
	<pankaj.gupta@....com>, Frank Li <frank.li@....com>, Daniel Baluta
	<daniel.baluta@....com>, Iuliana Prodan <iuliana.prodan@....com>, Horia
 Geanta <horia.geanta@....com>
Subject: RE: [EXT] Re: [PATCH 0/4] soc: imx: secvio: Add secvio support



> -----Original Message-----
> From: Krzysztof Kozlowski <krzk@...nel.org>
> Sent: Thursday, May 9, 2024 11:21 AM
> To: Vabhav Sharma <vabhav.sharma@....com>; Rob Herring
> <robh@...nel.org>; Krzysztof Kozlowski <krzk+dt@...nel.org>; Conor Dooley
> <conor+dt@...nel.org>; Franck Lenormand <franck.lenormand@....com>;
> Aisheng Dong <aisheng.dong@....com>; Shawn Guo
> <shawnguo@...nel.org>; Sascha Hauer <s.hauer@...gutronix.de>;
> Pengutronix Kernel Team <kernel@...gutronix.de>; Fabio Estevam
> <festevam@...il.com>; Peng Fan <peng.fan@....com>
> Cc: devicetree@...r.kernel.org; linux-kernel@...r.kernel.org;
> imx@...ts.linux.dev; linux-arm-kernel@...ts.infradead.org; Varun Sethi
> <V.Sethi@....com>; Silvano Di Ninno <silvano.dininno@....com>; Pankaj
> Gupta <pankaj.gupta@....com>; Frank Li <frank.li@....com>; Daniel Baluta
> <daniel.baluta@....com>; Iuliana Prodan <iuliana.prodan@....com>; Horia
> Geanta <horia.geanta@....com>
> Subject: [EXT] Re: [PATCH 0/4] soc: imx: secvio: Add secvio support
> 
> Caution: This is an external email. Please take care when clicking links or
> opening attachments. When in doubt, report the message using the 'Report
> this email' button
> 
> 
> On 09/05/2024 02:45, Vabhav Sharma wrote:
> > The tampers are security feature available on i.MX products and
> > managed by SNVS block.The tamper goal is to detect the variation of
> > hardware or physical parameters, which can indicate an attack.
> >
> > The SNVS, which provides secure non-volatile storage, allows to detect
> > some hardware attacks against the SoC.They are connected to the
> > security-violation ports, which send an alert when an out-of-range
> > value is detected.
> >
> > This detection is done by:
> > -Analog tampers: measure analogic values
> >       - External clock frequency.
> >       - Temperature.
> >       - Voltage.
> >
> > - Digital tampers:
> >       - External tamper
> >       - Other detectors:
> >               - Secure real-time counter rollover tamper.
> >               - Monotonic counter rollover tamper.
> >               - Power supply glitch tamper.
> >
> > The on-chip sensors for voltage, temperature, and clock frequency
> > indicate if tamper scenarios may be present. These sensors generate an
> > out-of-range signal that causes a security violation to clear the
> > authentication and storage keys and to block access to sensitive
> > information.
> >
> > Add linux module secvio driver to handle security violation interrupt.
> >
> > The "imx-secvio-sc" module is designed to report security violations
> > and tamper triggering to the user.
> >
> > The functionalities of the module are accessible via the "debugfs"
> > kernel.The folder containing the interface files for the module is
> > "<kernel_debugfs>/secvio/".
> >
> > Get status
> > Reading from the "info" file will return the status of security:
> > - Fuse related to security tampers.
> > - SNVS readable registers.
> > - DGO registers.
> >
> > Signed-off-by: Vabhav Sharma <vabhav.sharma@....com>
> > ---
> > Vabhav Sharma (4):
> >       dt-bindings: firmware: secvio: Add device tree bindings
> >       firmware: imx: Add SC APIs required for secvio module
> >       soc: imx: secvio: Add support for SNVS secvio and tamper via SCFW
> >       arm64: dts: imx8q: Add node for Security Violation
> 
> Please version your patches correctly and provide changelog.
Sure, I will update the changelog for v1 and v2.
> 
> I wrote about b4 already, which solves this as well.
Ok, I used it, will provide details for changelog in next version
> 
> What changed here?
As highlighted by you, Used b4 script to auto add all maintainer/reviewer.
> 
> Best regards,
> Krzysztof

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ