| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 Jun 2024 08:58:05 +0000
From: Pankaj Gupta <pankaj.gupta@....com>
To: Randy Dunlap <rdunlap@...radead.org>, Jonathan Corbet <corbet@....net>,
Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>,
Conor Dooley <conor+dt@...nel.org>, Shawn Guo <shawnguo@...nel.org>, Sascha
Hauer <s.hauer@...gutronix.de>, Pengutronix Kernel Team
<kernel@...gutronix.de>, Fabio Estevam <festevam@...il.com>, Rob Herring
<robh+dt@...nel.org>, Krzysztof Kozlowski <krzysztof.kozlowski+dt@...aro.org>
CC: "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
"imx@...ts.linux.dev" <imx@...ts.linux.dev>,
"linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>
Subject: RE: [EXT] Re: [PATCH v3 5/5] firmware: imx: adds miscdev
> -----Original Message-----
> From: Randy Dunlap <rdunlap@...radead.org>
> Sent: Wednesday, June 19, 2024 2:59 AM
> To: Pankaj Gupta <pankaj.gupta@....com>; Jonathan Corbet
> <corbet@....net>; Rob Herring <robh@...nel.org>; Krzysztof Kozlowski
> <krzk+dt@...nel.org>; Conor Dooley <conor+dt@...nel.org>; Shawn Guo
> <shawnguo@...nel.org>; Sascha Hauer <s.hauer@...gutronix.de>;
> Pengutronix Kernel Team <kernel@...gutronix.de>; Fabio Estevam
> <festevam@...il.com>; Rob Herring <robh+dt@...nel.org>; Krzysztof
> Kozlowski <krzysztof.kozlowski+dt@...aro.org>
> Cc: linux-doc@...r.kernel.org; linux-kernel@...r.kernel.org;
> devicetree@...r.kernel.org; imx@...ts.linux.dev; linux-arm-
> kernel@...ts.infradead.org
> Subject: [EXT] Re: [PATCH v3 5/5] firmware: imx: adds miscdev
>
> Caution: This is an external email. Please take care when clicking links or
> opening attachments. When in doubt, report the message using the 'Report
> this email' button
>
>
> Hi--
>
> On 6/17/24 12:29 AM, Pankaj Gupta wrote:
> > Adds the driver for communication interface to secure-enclave, for
> > exchanging messages with NXP secure enclave HW IP(s) like EdgeLock
> > Enclave from:
> > - User-Space Applications via character driver.
> >
> > ABI documentation for the NXP secure-enclave driver.
> >
> > User-space library using this driver:
> > - i.MX Secure Enclave library:
> > -- URL:
> > https://gith/
> > ub.com%2Fnxp-imx%2Fimx-secure-
> enclave.git&data=05%7C02%7Cpankaj.gupta%
> >
> 40nxp.com%7Cd87070a111b24f3791e208dc8fdda85c%7C686ea1d3bc2b4c6fa9
> 2cd99
> >
> c5c301635%7C0%7C0%7C638543429374404433%7CUnknown%7CTWFpbGZsb
> 3d8eyJWIjo
> >
> iMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7
> C%7C%
> >
> 7C&sdata=IYktUuoqdZgqHC%2FR1DbjAjQfhKDSjb%2Butki3j8LKBIk%3D&reserve
> d=0
> > ,
> > - i.MX Secure Middle-Ware:
> > -- URL:
> > https://gith/
> > ub.com%2Fnxp-imx%2Fimx-
> smw.git&data=05%7C02%7Cpankaj.gupta%40nxp.com%7
> >
> Cd87070a111b24f3791e208dc8fdda85c%7C686ea1d3bc2b4c6fa92cd99c5c3016
> 35%7
> >
> C0%7C0%7C638543429374411486%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiM
> C4wLjAwMD
> >
> AiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdat
> a=GM
> > BlK9xKKdk6dAOMAMhaPoCRGFr%2FJTeuL9omwMvV49I%3D&reserved=0
> >
> > Signed-off-by: Pankaj Gupta <pankaj.gupta@....com>
> > ---
> > Documentation/ABI/testing/se-cdev | 42 +++
> > drivers/firmware/imx/ele_common.c | 153 ++++++++-
> > drivers/firmware/imx/ele_common.h | 4 +
> > drivers/firmware/imx/se_ctrl.c | 694
> ++++++++++++++++++++++++++++++++++++++
> > drivers/firmware/imx/se_ctrl.h | 49 +++
> > include/uapi/linux/se_ioctl.h | 94 ++++++
> > 6 files changed, 1034 insertions(+), 2 deletions(-)
> >
> > diff --git a/Documentation/ABI/testing/se-cdev
> > b/Documentation/ABI/testing/se-cdev
> > new file mode 100644
> > index 000000000000..699525af6b86
> > --- /dev/null
> > +++ b/Documentation/ABI/testing/se-cdev
> > @@ -0,0 +1,42 @@
> > +What: /dev/<se>_mu[0-9]+_ch[0-9]+
> > +Date: May 2024
> > +KernelVersion: 6.8
> > +Contact: linux-imx@....com, pankaj.gupta@....com
> > +Description:
> > + NXP offers multiple hardware IP(s) for secure-enclaves
> > +like EdgeLock-
>
> for secure enclaves
Accepted.
>
> > + Enclave(ELE), SECO. The character device
> > + file-descriptors
>
> file descriptors
>
Accepted.
> and what is SECO?
There are multiple NXP IP(s) for secure enclaves.
Like: 1. EdgeLock Enclave(i.MX8ULP, i.MX9x),
2. SECO(i.MX8DXL),
3. V2X-HSM(i.MX8DXL/QXP/ULP, i.MX9x),
4. V2X-SHE(i.MX8DXL/QXP/ULP, i.MX9x),
>
> > + /dev/<se>_mu*_ch* are the interface between user-space
> > + NXP's secure-
>
> userspace secure
>
> > + enclave shared-library and the kernel driver.
>
> shared library
>
Accepted.
> > +
> > + The ioctl(2)-based ABI is defined and documented in
> > + [include]<linux/firmware/imx/ele_mu_ioctl.h>
> > + ioctl(s) are used primarily for:
> > + - shared memory management
> > + - allocation of I/O buffers
> > + - get mu info
>
> - getting mu info
>
Accepted.
> > + - setting a dev-ctx as receiver that is slave to fw
> > + - get SoC info
>
> - getting SoC info
Accepted.
>
> > +
> > + The following file operations are supported:
> > +
> > + open(2)
> > + Currently the only useful flags are O_RDWR.
> > +
> > + read(2)
> > + Every read() from the opened character device context is waiting on
> > + wakeup_intruptible, that gets set by the registered
> > + mailbox callback
>
> typo in that name?
> or is it something that this patch series introduces?
>
Replaced "wakeup_intruptible" with "wait_event_interruptible".
> > + function; indicating a message received from the
> > + firmware on message-
>
> function,
>
Accepted.
> > + unit.
> > +
> > + write(2)
> > + Every write() to the opened character device context needs to
> acquire
> > + mailbox_lock, before sending message on to the message unit.
>
> mailbox_lock before
>
Accepted.
> > +
> > + close(2)
> > + Stops and free up the I/O contexts that was associated
>
> frees up that were associated
>
Accepted.
> > + with the file descriptor.
> > +
> > +Users:
> https://github.c/
> om%2Fnxp-imx%2Fimx-secure-
> enclave.git&data=05%7C02%7Cpankaj.gupta%40nxp.com%7Cd87070a111b24f3
> 791e208dc8fdda85c%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C6
> 38543429374416161%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDA
> iLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata
> =yEk2XgoKnQM6HqBqrI3Pu%2BYMSRld%2FY%2B1GCSyRgeM%2FAw%3D&rese
> rved=0,
> > +
> https://github.c/
> om%2Fnxp-imx%2Fimx-
> smw.git&data=05%7C02%7Cpankaj.gupta%40nxp.com%7Cd87070a111b24f379
> 1e208dc8fdda85c%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C638
> 543429374419836%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiL
> CJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=u
> ND49ren%2FYcUM3kDOBRBYj6S8vbGbNDmzj2%2BZU5Xy18%3D&reserved=0
> > + crypto/skcipher,
> > + drivers/nvmem/imx-ocotp-ele.c
>
>
> --
> ~Randy
Powered by blists - more mailing lists