lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAA8EJpqzhEotdVsW3EudR9cqSOm-djjKSgRaqKRbEtJ6wTBZKQ@mail.gmail.com>
Date: Tue, 16 Jul 2024 14:03:26 +0300
From: Dmitry Baryshkov <dmitry.baryshkov@...aro.org>
To: Akhil P Oommen <quic_akhilpo@...cinc.com>
Cc: Bjorn Andersson <andersson@...nel.org>, Konrad Dybcio <konrad.dybcio@...aro.org>, 
	Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>, Conor Dooley <conor+dt@...nel.org>, 
	linux-arm-msm@...r.kernel.org, devicetree@...r.kernel.org, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] arm64: dts: qcom: disable GPU on x1e80100 by default

On Mon, 15 Jul 2024 at 22:01, Akhil P Oommen <quic_akhilpo@...cinc.com> wrote:
>
> On Mon, Jul 15, 2024 at 09:18:49PM +0300, Dmitry Baryshkov wrote:
> > The GPU on X1E80100 requires ZAP 'shader' file to be useful. Since the
> > file is signed by the OEM keys and might be not available by default,
> > disable the GPU node and drop the firmware name from the x1e80100.dtsi
> > file. Devices not being fused to use OEM keys can specify generic
> > location at `qcom/x1e80100/gen70500_zap.mbn` while enabling the GPU.
> >
> > The CRD was lucky enough to work with the default settings, so reenable
> > the GPU on that platform and provide correct firmware-name (including
> > the SoC subdir).
> >
> > Fixes: 721e38301b79 ("arm64: dts: qcom: x1e80100: Add gpu support")
> > Cc: Akhil P Oommen <quic_akhilpo@...cinc.com>
> > Reviewed-by: Konrad Dybcio <konrad.dybcio@...aro.org>
> > Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@...aro.org>
> > ---
> > Changes in v2:
> > - Keep GPU enabled for X1E80100-CRD (Johan)
> > - Link to v1: https://lore.kernel.org/r/20240715-x1e8-zap-name-v1-1-b66df09d0b65@linaro.org
> > ---
> >  arch/arm64/boot/dts/qcom/x1e80100-crd.dts | 8 ++++++++
> >  arch/arm64/boot/dts/qcom/x1e80100.dtsi    | 3 ++-
> >  2 files changed, 10 insertions(+), 1 deletion(-)
> >

[..]

> > diff --git a/arch/arm64/boot/dts/qcom/x1e80100.dtsi b/arch/arm64/boot/dts/qcom/x1e80100.dtsi
> > index 7bca5fcd7d52..8df90d01eba8 100644
> > --- a/arch/arm64/boot/dts/qcom/x1e80100.dtsi
> > +++ b/arch/arm64/boot/dts/qcom/x1e80100.dtsi
> > @@ -3155,9 +3155,10 @@ gpu: gpu@...0000 {
> >                       interconnects = <&gem_noc MASTER_GFX3D 0 &mc_virt SLAVE_EBI1 0>;
> >                       interconnect-names = "gfx-mem";
> >
> > +                     status = "disabled";
> > +
> >                       zap-shader {
> >                               memory-region = <&gpu_microcode_mem>;
> > -                             firmware-name = "qcom/gen70500_zap.mbn";
>
> In general, why not keep a default zap firmware listed here? Anyway we
> are disabling gpu node here in case of platforms which doesn't upstream
> secure firmwares.

Excuse me, I missed the question before sending v3, however the answer
is still going to be the same:

First of all, we don't do it for other platforms
Second, we don't do it for other firmware. Each DT declares its own
set of files.
Last, but not least, it's better to get an error message regarding
firmware-name not being present rather than a possibly cryptic message
regarding firmware failing authentication.

>
> -Akhil
>
> >                       };
> >
> >                       gpu_opp_table: opp-table {
> >
> > ---
> > base-commit: 3fe121b622825ff8cc995a1e6b026181c48188db
> > change-id: 20240715-x1e8-zap-name-7b3c79234401
> >
> > Best regards,
> > --
> > Dmitry Baryshkov <dmitry.baryshkov@...aro.org>
> >



--
With best wishes
Dmitry

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ