| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250226212219.lthoofw7nrs3gtg6@pengutronix.de> Date: Wed, 26 Feb 2025 22:22:19 +0100 From: Marco Felsch <m.felsch@...gutronix.de> To: Laurentiu Mihalcea <laurentiumihalcea111@...il.com> Cc: Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>, Conor Dooley <conor+dt@...nel.org>, Shawn Guo <shawnguo@...nel.org>, Sascha Hauer <s.hauer@...gutronix.de>, Fabio Estevam <festevam@...il.com>, Daniel Baluta <daniel.baluta@....com>, Shengjiu Wang <shengjiu.wang@....com>, Frank Li <Frank.li@....com>, imx@...ts.linux.dev, linux-arm-kernel@...ts.infradead.org, Pengutronix Kernel Team <kernel@...gutronix.de>, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2 0/5] imx8mp: add support for the IMX AIPSTZ bridge Hi, On 25-02-26, Laurentiu Mihalcea wrote: > From: Laurentiu Mihalcea <laurentiu.mihalcea@....com> > > The AIPSTZ bridge offers some security-related configurations which can > be used to restrict master access to certain peripherals on the bridge. > > Normally, this could be done from a secure environment such as ATF before > Linux boots but the configuration of AIPSTZ5 is lost each time the power > domain is powered off and then powered on. Because of this, it has to be > configured each time the power domain is turned on and before any master > tries to access the peripherals (e.g: AP, CM7, DSP, on i.MX8MP). My question still stands: Setting these bits requires very often that the core is running at EL3 (e.g. secure-monitor) which is not the case for Linux. Can you please provide more information how Linux can set these bits? Regards, Marco > The child-parent relationship between the bridge and its peripherals > should guarantee that the bridge is configured before the AP attempts > to access the IPs. > > Other masters should use the 'access-controllers' property to enforce > a dependency between their device and the bridge device (see the DSP, > for example). > > At the moment, we only want to apply a default, more relaxed > configuration, which is why the number of access controller cells > is 0. > > The initial version of the series can be found at [1]. The new version > should provide better management of the device dependencies. > > [1]: https://lore.kernel.org/linux-arm-kernel/20241119130726.2761726-1-daniel.baluta@nxp.com/ > > --- > Changes in v2: > * adress Frank Li's comments > * pick up some A-b/R-b's > * don't use "simple-bus" as the second compatible. As per Krzysztof's > comment, AIPSTZ is not a "simple-bus". > --- > > Laurentiu Mihalcea (5): > dt-bindings: bus: add documentation for the IMX AIPSTZ bridge > dt-bindings: dsp: fsl,dsp: document 'access-controllers' property > bus: add driver for IMX AIPSTZ bridge > arm64: dts: imx8mp: convert 'aips5' to 'aipstz5' > arm64: dts: imx8mp: make 'dsp' node depend on 'aips5' > > .../bindings/bus/fsl,imx8mp-aipstz.yaml | 86 +++++++++++++++++ > .../devicetree/bindings/dsp/fsl,dsp.yaml | 3 + > arch/arm64/boot/dts/freescale/imx8mp.dtsi | 9 +- > drivers/bus/Kconfig | 6 ++ > drivers/bus/Makefile | 1 + > drivers/bus/imx-aipstz.c | 92 +++++++++++++++++++ > 6 files changed, 194 insertions(+), 3 deletions(-) > create mode 100644 Documentation/devicetree/bindings/bus/fsl,imx8mp-aipstz.yaml > create mode 100644 drivers/bus/imx-aipstz.c > > -- > 2.34.1 > > >
Powered by blists - more mailing lists