| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <18e9d774-813b-427e-9938-53853d695e18@kernel.org> Date: Sat, 28 Sep 2024 15:45:49 +0200 From: Krzysztof Kozlowski <krzk@...nel.org> To: Daniel Golle <daniel@...rotopia.org> Cc: Miquel Raynal <miquel.raynal@...tlin.com>, Richard Weinberger <richard@....at>, Vignesh Raghavendra <vigneshr@...com>, Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>, Conor Dooley <conor+dt@...nel.org>, Zhihao Cheng <chengzhihao1@...wei.com>, John Crispin <john@...ozen.org>, linux-mtd@...ts.infradead.org, devicetree@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH RFC 1/2] dt-bindings: mtd: ubi-volume: add 'volume-is-critical' property On 28/09/2024 15:09, Daniel Golle wrote: > On Sat, Sep 28, 2024 at 03:02:47PM +0200, Krzysztof Kozlowski wrote: >> On 28/09/2024 14:47, Daniel Golle wrote: >>> Add the 'volume-is-critical' boolean property which marks a UBI volume >>> as critical for the device to boot. If set it prevents the user from >>> all kinds of write access to the volume as well as from renaming it or >>> detaching the UBI device it is located on. >>> >>> Signed-off-by: Daniel Golle <daniel@...rotopia.org> >>> --- >>> .../devicetree/bindings/mtd/partitions/ubi-volume.yaml | 9 +++++++++ >>> 1 file changed, 9 insertions(+) >>> >>> diff --git a/Documentation/devicetree/bindings/mtd/partitions/ubi-volume.yaml b/Documentation/devicetree/bindings/mtd/partitions/ubi-volume.yaml >>> index 19736b26056b..2bd751bb7f9e 100644 >>> --- a/Documentation/devicetree/bindings/mtd/partitions/ubi-volume.yaml >>> +++ b/Documentation/devicetree/bindings/mtd/partitions/ubi-volume.yaml >>> @@ -29,6 +29,15 @@ properties: >>> description: >>> This container may reference an NVMEM layout parser. >>> >>> + volume-is-critical: >>> + description: This parameter, if present, indicates that the UBI volume >>> + contains early-boot firmware images or data which should not be clobbered. >>> + If set, it prevents the user from renaming the volume, writing to it or >>> + making any changes affecting it, as well as detaching the UBI device it is >>> + located on, so direct access to the underlying MTD device is prevented as >>> + well. >>> + type: boolean >> >> UBI volumes are mapping to partitions 1-to-1, right? So rather I would >> propose to use partition.yaml - we already have read-only there with >> very similar description. > > No, that's not the case. > > An MTD partition can be used as UBI device. A UBI device (and hence MTD > partition) can host *several* UBI volumes. > > Marking the MTD partition as 'read-only' won't work, as UBI needs > read-write access to perform bad block relocation, scrubbing, ... OK, so not partition but read-only volume. > > Also, typically not all UBI volumes on a UBI device are > read-only/critical but only a subset of them. > > But you are right that the description is inspired by the description > of the 'read-only' property in partition.yaml ;) > > I initially thought to also name the property 'read-only', just like > for MTD partitions. However, as the desired effect goes beyond > preventing write access to the volume itself, I thought it'd be > better to use a new name. Yeah, maybe... critical indeed covers multiple cases but is also subjective. For some bootloader is critical, for other bootloader still might be fully A/B updateable thus could be modifiable. For others, they want to use fw_setenv from user-space so not critical at all. I am in general not so happy in describing flash layout in DT, because it sounds way too policy or one-use-case specific. UBI volume is purely SW construct. One OS can partition MTD in multiple ways, so maybe I just do not understand why we have in the first place. Best regards, Krzysztof
Powered by blists - more mailing lists