lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 27 Jun 2024 16:59:38 +0530
From: Gokul Sriram P <quic_gokulsri@...cinc.com>
To: Dmitry Baryshkov <dmitry.baryshkov@...aro.org>
CC: <sboyd@...nel.org>, <andersson@...nel.org>, <bjorn.andersson@...aro.org>,
        <david.brown@...aro.org>, <devicetree@...r.kernel.org>,
        <jassisinghbrar@...il.com>, <linux-arm-msm@...r.kernel.org>,
        <linux-clk@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        <linux-remoteproc@...r.kernel.org>, <mark.rutland@....com>,
        <mturquette@...libre.com>, <ohad@...ery.com>, <robh@...nel.org>,
        <sricharan@...eaurora.org>, <gokulsri@...eaurora.org>
Subject: Re: [PATCH v9 1/8] remoteproc: qcom: Add PRNG proxy clock


On 6/27/2024 4:38 PM, Dmitry Baryshkov wrote:
> On Thu, Jun 27, 2024 at 03:31:01PM GMT, Gokul Sriram P wrote:
>> On 6/27/2024 12:47 AM, Dmitry Baryshkov wrote:
>>> On Tue, Jun 25, 2024 at 11:03:30AM GMT, Gokul Sriram P wrote:
>>>> On 6/22/2024 2:38 AM, Dmitry Baryshkov wrote:
>>>>> On Fri, Jun 21, 2024 at 05:16:52PM GMT, Gokul Sriram Palanisamy wrote:
>>>>>> PRNG clock is needed by the secure PIL, support for the same
>>>>>> is added in subsequent patches.
>>>>> Which 'same'?
>>>>> What is 'secure PIL'?
>>>>     will elaborate in the updated version.
>>>>     To answer your question, secure PIL is signed PIL image which only
>>>> TrustZone can authenticate and load.
>>> Fine. So, the current driver can not load WCSS firmware on IPQ8074, is
>>> that correct? Or was there some kind of firmware interface change? The
>>> driver was added in 2018, so I can only hope that at that point it
>>> worked. Could you please explain, what happened?
>> The existing wcss driver can load unsigned PIL images without the
>> involvement of TrustZone. That works even now.
>> With the current change, we are trying to add signed PIL as an option based
>> on "wcss->need_mem_protection" if set. For signed PIL alone, we send a PAS
>> request to TrustZone to authenticate and load.
> I see that you are enabling it unconditionally for IPQ8074. How is it
> going to work?

Correct Dmitry. In this change, it is forcing secure PIL. With a 
separate driver for secure PIL, this will be sorted right?

Regards,

Gokul

>> I also just noticed that Bjorn had suggested to submit a new driver for the
>> PAS based IPQ WCSS instead of overloading this driver. Will also address
>> that and post a new driver in updated revision.
>>
>> Regards,
>> Gokul
>>>>>> Signed-off-by: Nikhil Prakash V <quic_nprakash@...cinc.com>
>>>>>> Signed-off-by: Sricharan R <quic_srichara@...cinc.com>
>>>>>> Signed-off-by: Gokul Sriram Palanisamy <quic_gokulsri@...cinc.com>
>>>>>> ---
>>>>>>     drivers/remoteproc/qcom_q6v5_wcss.c | 65 +++++++++++++++++++++--------
>>>>>>     1 file changed, 47 insertions(+), 18 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ