| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID:
<AM9PR04MB8604AC683625E13E1D93740995CF2@AM9PR04MB8604.eurprd04.prod.outlook.com>
Date: Wed, 19 Jun 2024 09:02:25 +0000
From: Pankaj Gupta <pankaj.gupta@....com>
To: Randy Dunlap <rdunlap@...radead.org>, Jonathan Corbet <corbet@....net>,
Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>,
Conor Dooley <conor+dt@...nel.org>, Shawn Guo <shawnguo@...nel.org>, Sascha
Hauer <s.hauer@...gutronix.de>, Pengutronix Kernel Team
<kernel@...gutronix.de>, Fabio Estevam <festevam@...il.com>, Rob Herring
<robh+dt@...nel.org>, Krzysztof Kozlowski <krzysztof.kozlowski+dt@...aro.org>
CC: "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
"imx@...ts.linux.dev" <imx@...ts.linux.dev>,
"linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>
Subject: RE: [EXT] Re: [PATCH v3 5/5] firmware: imx: adds miscdev
> -----Original Message-----
> From: Randy Dunlap <rdunlap@...radead.org>
> Sent: Wednesday, June 19, 2024 3:09 AM
> To: Pankaj Gupta <pankaj.gupta@....com>; Jonathan Corbet
> <corbet@....net>; Rob Herring <robh@...nel.org>; Krzysztof Kozlowski
> <krzk+dt@...nel.org>; Conor Dooley <conor+dt@...nel.org>; Shawn Guo
> <shawnguo@...nel.org>; Sascha Hauer <s.hauer@...gutronix.de>;
> Pengutronix Kernel Team <kernel@...gutronix.de>; Fabio Estevam
> <festevam@...il.com>; Rob Herring <robh+dt@...nel.org>; Krzysztof
> Kozlowski <krzysztof.kozlowski+dt@...aro.org>
> Cc: linux-doc@...r.kernel.org; linux-kernel@...r.kernel.org;
> devicetree@...r.kernel.org; imx@...ts.linux.dev; linux-arm-
> kernel@...ts.infradead.org
> Subject: [EXT] Re: [PATCH v3 5/5] firmware: imx: adds miscdev
>
> Caution: This is an external email. Please take care when clicking links or
> opening attachments. When in doubt, report the message using the 'Report
> this email' button
>
>
> Sorry, I missed one comment here:
>
>
> On 6/18/24 2:28 PM, Randy Dunlap wrote:
> > Hi--
> >
> > On 6/17/24 12:29 AM, Pankaj Gupta wrote:
> >> Adds the driver for communication interface to secure-enclave, for
> >> exchanging messages with NXP secure enclave HW IP(s) like EdgeLock
> >> Enclave from:
> >> - User-Space Applications via character driver.
> >>
> >> ABI documentation for the NXP secure-enclave driver.
> >>
> >> User-space library using this driver:
> >> - i.MX Secure Enclave library:
> >> -- URL:
> >> https://git/
> >> hub.com%2Fnxp-imx%2Fimx-secure-
> enclave.git&data=05%7C02%7Cpankaj.gupt
> >>
> a%40nxp.com%7C5a42a8d6ea17423104e408dc8fdf1a0a%7C686ea1d3bc2b4c6f
> a92c
> >>
> d99c5c301635%7C0%7C0%7C638543435571166030%7CUnknown%7CTWFpbG
> Zsb3d8eyJ
> >>
> WIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C
> 0%7
> >>
> C%7C%7C&sdata=vLyxSGFLArjDy5s2ebW%2Fw6EZI22QHWoKqHvrov15JI0%3D&
> reserv
> >> ed=0,
> >> - i.MX Secure Middle-Ware:
> >> -- URL:
> >> https://git/
> >> hub.com%2Fnxp-imx%2Fimx-
> smw.git&data=05%7C02%7Cpankaj.gupta%40nxp.com
> >> %7C5a42a8d6ea17423104e408dc8fdf1a0a%7C686ea1d3bc2b4c6fa92cd99c5
> c30163
> >>
> 5%7C0%7C0%7C638543435571176586%7CUnknown%7CTWFpbGZsb3d8eyJWIj
> oiMC4wLj
> >>
> AwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7
> C&sda
> >>
> ta=QFrkeMwm1yT1s2gyjmFHkVGhV%2BegAFKx84b5mmFsTOY%3D&reserved=0
> >>
> >> Signed-off-by: Pankaj Gupta <pankaj.gupta@....com>
> >> ---
> >> Documentation/ABI/testing/se-cdev | 42 +++
> >> drivers/firmware/imx/ele_common.c | 153 ++++++++-
> >> drivers/firmware/imx/ele_common.h | 4 +
> >> drivers/firmware/imx/se_ctrl.c | 694
> ++++++++++++++++++++++++++++++++++++++
> >> drivers/firmware/imx/se_ctrl.h | 49 +++
> >> include/uapi/linux/se_ioctl.h | 94 ++++++
> >> 6 files changed, 1034 insertions(+), 2 deletions(-)
> >>
> >> diff --git a/Documentation/ABI/testing/se-cdev
> >> b/Documentation/ABI/testing/se-cdev
> >> new file mode 100644
> >> index 000000000000..699525af6b86
> >> --- /dev/null
> >> +++ b/Documentation/ABI/testing/se-cdev
> >> @@ -0,0 +1,42 @@
> >> +What: /dev/<se>_mu[0-9]+_ch[0-9]+
> >> +Date: May 2024
> >> +KernelVersion: 6.8
> >> +Contact: linux-imx@....com, pankaj.gupta@....com
> >> +Description:
> >> + NXP offers multiple hardware IP(s) for secure-enclaves
> >> +like EdgeLock-
> >
> > for secure enclaves
> >
> >> + Enclave(ELE), SECO. The character device
> >> + file-descriptors
> >
> > file
> > descriptors
> >
> > and what is SECO?
> >
> >> + /dev/<se>_mu*_ch* are the interface between user-space
> >> + NXP's secure-
> >
> > userspace secure
> >
> >> + enclave shared-library and the kernel driver.
> >
> > shared library
> >
> >> +
> >> + The ioctl(2)-based ABI is defined and documented in
> >> + [include]<linux/firmware/imx/ele_mu_ioctl.h>
> >> + ioctl(s) are used primarily for:
> >> + - shared memory management
> >> + - allocation of I/O buffers
> >> + - get mu info
> >
> > - getting mu info
> >
> >> + - setting a dev-ctx as receiver that is slave to
> >> + fw
>
> Documentation/process/coding-style.rst says not to introduce new uses of the
> word "slave":
>
> For symbol names and documentation, avoid introducing new usage of 'master
> / slave' (or 'slave' independent of 'master') and 'blacklist / whitelist'.
>
Accepted.
- - setting a dev-ctx as receiver that is slave to fw
+ - setting a dev-ctx as receiver to receive all the commands from FW
> Recommended replacements for 'master / slave' are:
> '{primary,main} / {secondary,replica,subordinate}'
> '{initiator,requester} / {target,responder}'
> '{controller,host} / {device,worker,proxy}'
> 'leader / follower'
> 'director / performer'
>
>
> >> + - get SoC info
> >
> > - getting SoC info
> >
> >> +
> >> + The following file operations are supported:
> >> +
> >> + open(2)
> >> + Currently the only useful flags are O_RDWR.
> >> +
> >> + read(2)
> >> + Every read() from the opened character device context is waiting on
> >> + wakeup_intruptible, that gets set by the registered
> >> + mailbox callback
> >
> > typo in that name?
> > or is it something that this patch series introduces?
> >
> >> + function; indicating a message received from the
> >> + firmware on message-
> >
> > function,
> >
> >> + unit.
> >> +
> >> + write(2)
> >> + Every write() to the opened character device context needs to
> acquire
> >> + mailbox_lock, before sending message on to the message unit.
> >
> > mailbox_lock before
> >
> >> +
> >> + close(2)
> >> + Stops and free up the I/O contexts that was associated
> >
> > frees up that were associated
> >
> >> + with the file descriptor.
> >> +
> >> +Users:
> https://github.c/
> om%2Fnxp-imx%2Fimx-secure-
> enclave.git&data=05%7C02%7Cpankaj.gupta%40nxp.com%7C5a42a8d6ea17423
> 104e408dc8fdf1a0a%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C63
> 8543435571183041%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAi
> LCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=
> VNnIyu2RKFHaWh6aRo9aHEtjSSdI1gvzP%2BMy1%2BGggt4%3D&reserved=0,
> >> +
> https://github.c/
> om%2Fnxp-imx%2Fimx-
> smw.git&data=05%7C02%7Cpankaj.gupta%40nxp.com%7C5a42a8d6ea1742310
> 4e408dc8fdf1a0a%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C6385
> 43435571187283%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJ
> QIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=23
> Y%2FOKyv2%2BSGuPbGyekpBlCDHYlwiAA8sriLXydEgFw%3D&reserved=0
> >> + crypto/skcipher,
> >> + drivers/nvmem/imx-ocotp-ele.c
> >
> >
>
> --
> ~Randy
Powered by blists - more mailing lists