| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250304110904.qr5rtsvkqa3l64t4@localhost.localdomain>
Date: Tue, 4 Mar 2025 13:09:04 +0200
From: "Ivan T. Ivanov" <iivanov@...e.de>
To: Pankaj Gupta <pankaj.gupta@....com>
Cc: Jonathan Corbet <corbet@....net>, Rob Herring <robh@...nel.org>,
Krzysztof Kozlowski <krzk+dt@...nel.org>,
Conor Dooley <conor+dt@...nel.org>, Shawn Guo <shawnguo@...nel.org>,
Sascha Hauer <s.hauer@...gutronix.de>,
Pengutronix Kernel Team <kernel@...gutronix.de>,
Fabio Estevam <festevam@...il.com>, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org, devicetree@...r.kernel.org,
imx@...ts.linux.dev, linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH v12 1/5] Documentation/firmware: add imx/se to
other_interfaces
Hi,
On 01-20 22:22, Pankaj Gupta wrote:
>
> Documents i.MX SoC's Service layer and C_DEV driver for selected SoC(s)
> that contains the NXP hardware IP(s) for Secure Enclaves(se) like:
> - NXP EdgeLock Enclave on i.MX93 & i.MX8ULP
>
> Signed-off-by: Pankaj Gupta <pankaj.gupta@....com>
> ---
> .../driver-api/firmware/other_interfaces.rst | 121 +++++++++++++++++++++
> 1 file changed, 121 insertions(+)
>
<snip>
> +
> +- c_dev:
> + This layer offers character device contexts, created as '/dev/<se>_mux_chx'.
> + Using these multiple device contexts that are getting multiplexed over a single MU,
> + userspace application(s) can call fops like write/read to send the command message,
> + and read back the command response message to/from Firmware.
> + fops like read & write use the above defined service layer API(s) to communicate with
> + Firmware.
> +
> + Misc-device(/dev/<se>_mux_chn) synchronization protocol:
> +
> + Non-Secure + Secure
> + |
> + |
> + +---------+ +-------------+ |
> + | se_fw.c +<---->+imx-mailbox.c| |
> + | | | mailbox.c +<-->+------+ +------+
> + +---+-----+ +-------------+ | MU X +<-->+ ELE |
> + | +------+ +------+
> + +----------------+ |
> + | | |
> + v v |
> + logical logical |
> + receiver waiter |
> + + + |
> + | | |
> + | | |
> + | +----+------+ |
> + | | | |
> + | | | |
> + device_ctx device_ctx device_ctx |
> + |
> + User 0 User 1 User Y |
> + +------+ +------+ +------+ |
> + |misc.c| |misc.c| |misc.c| |
> + kernel space +------+ +------+ +------+ |
> + |
> + +------------------------------------------------------ |
> + | | | |
> + userspace /dev/ele_muXch0 | | |
> + /dev/ele_muXch1 | |
> + /dev/ele_muXchY |
> + |
I tried these patches on FRDM i.MX 93 board using this
devicetree excerpt:
ele_if0: secure-enclave {
compatible = "fsl,imx93-se";
mbox-names = "tx", "rx";
mboxes = <&s4muap 0 0>,
<&s4muap 1 0>;
memory-region = <&ele_reserved>;
};
ele_reserved: ele-reserved@...20000 {
compatible = "shared-dma-pool";
reg = <0 0xa4120000 0 0x100000>;
no-map;
};
Unfortunately I do not see these device nodes, but only /dev/hsm0_ch0.
...
fsl-se secure-enclave: i.MX secure-enclave: hsm0 interface to firmware, configured.
...
This matches SE_TYPE_STR_HSM, so perhaps documentation needs updating.
Then I build imx-secure-enclave user space tools. I have to update device
nodes ELE_MU_HSM_PATH_xxx to match what c_dev exports, hopefully I
patched it in the right place :-)
Unfortunately just starting nvm_daemon gives me following kernel
crash [1].
Please could you point me to the proper instruction how to test this?
Thank you,
Ivan
---
# ./usr/bin/nvm_daemon ./etc/file ./etc/ 0
[ 597.387002][ C0] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010
[ 597.396866][ C0] Mem abort info:
[ 597.400347][ C0] ESR = 0x0000000096000006
[ 597.404775][ C0] EC = 0x25: DABT (current EL), IL = 32 bits
[ 597.410764][ C0] SET = 0, FnV = 0
[ 597.414499][ C0] EA = 0, S1PTW = 0
[ 597.418321][ C0] FSC = 0x06: level 2 translation fault
[ 597.423877][ C0] Data abort info:
[ 597.427438][ C0] ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000
[ 597.433600][ C0] CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[ 597.439329][ C0] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[ 597.445318][ C0] user pgtable: 4k pages, 48-bit VAs, pgdp=00000000a04ac000
[ 597.452433][ C0] [0000000000000010] pgd=08000000a04b0003, p4d=08000000a04b0003, pud=08000000a04b3003, pmd=0000000000000000
[ 597.463728][ C0] Internal error: Oops: 0000000096000006 [#1] SMP
[ 597.469985][ C0] Modules linked in: af_packet trusted caam_jr caamhash_desc caamalg_desc caam error crypto_engine asn1_encoder authenc libdes btnxpuart snd_soc_fsl_asoc_card snd_soc_imx_audmux snd_soc_simple_card_utils snd_ac97_codec snd_soc_fsl_sai bluetooth fsl_imx9_ddr_perf imx_pcm_dma snd_soc_fsl_utils qoriq_thermal ecdh_generic rfkill snd_soc_fsl_mqs flexcan snd_soc_core snd_compress can_dev optee sec_enclave(OE) imx_rproc ac97_bus ffa_core snd_pcm_dmaengine tee snd_pcm snd_timer snd soundcore nls_iso8859_1 nls_cp437 vfat fat uio_pdrv_genirq fuse dmi_sysfs ip_tables x_tables spidev mmc_block rpmb_core tcpci tcpm typec rtc_pcf2127 crct10dif_ce pca9450_regulator ci_hdrc_imx 8021q ci_hdrc ghash_ce usb_otg_fsm garp gf128mul ulpi mrp sm4 sha2_ce udc_core sha256_arm64 pwrseq_simple roles ehci_hcd sha1_ce dwmac_imx usbcore phy_generic gpio_keys usb_common nvmem_imx_ocotp_ele usbmisc_imx sdhci_esdhc_imx stmmac_platform sdhci_pltfm stmmac cqhci sdhci pwm_imx_tpm mmc_core pcs_xpcs i2c_imx_lpi2c phylink spi_fsl_lpspi imx7ulp_wdt
[ 597.470224][ C0] fsl_edma fixed overlay btrfs blake2b_generic xor xor_neon raid6_pq libcrc32c sunrpc dm_mirror dm_region_hash dm_log dm_mod be2iscsi bnx2i cnic uio cxgb4i cxgb4 tls libcxgbi libcxgb qla4xxx iscsi_boot_sysfs iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi sd_mod sg scsi_mod scsi_common br_netfilter bridge stp llc efivarfs aes_neon_bs aes_neon_blk aes_ce_blk aes_ce_cipher
[ 597.595841][ C0] Supported: No, Unreleased kernel
[ 597.600794][ C0] CPU: 0 UID: 0 PID: 1912 Comm: nvm_daemon Tainted: G OE 6.12.0-g6dd51d0 #1 (unreleased) 1bbfa4b46f0796a1c0b0abee639edd3b3230f00f
[ 597.617891][ C0] Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[ 597.623877][ C0] Hardware name: fsl NXP i.MX93 11X11 FRDM board/NXP i.MX93 11X11 FRDM board, BIOS 2024.04-00004-g27baba14a58-dirty 04/01/2024
[ 597.636801][ C0] pstate: 804000c9 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[ 597.644443][ C0] pc : se_if_rx_callback+0xa8/0x1f0 [sec_enclave]
[ 597.650709][ C0] lr : mbox_chan_received_data+0x24/0x40
[ 597.656187][ C0] sp : ffff800080003e20
[ 597.660182][ C0] x29: ffff800080003e20 x28: ffff000085e60080 x27: 000000000000001b
[ 597.667999][ C0] x26: ffff0000e89f388c x25: 0000000000000004 x24: ffff0000996a4ac8
[ 597.675816][ C0] x23: ffff0000a43e3810 x22: ffff0000996a4ac8 x21: ffff0000996a4a80
[ 597.683634][ C0] x20: 000000000000000c x19: ffff0000e89f3880 x18: 0000000000000000
[ 597.691451][ C0] x17: ffff80007d89b000 x16: ffff800080000000 x15: 0000000000000000
[ 597.699268][ C0] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000
[ 597.707086][ C0] x11: 0000000000000040 x10: ffff0000801fab30 x9 : ffff800080cbfbfc
[ 597.714903][ C0] x8 : ffff000080400948 x7 : 0000000000000000 x6 : 0000000000000000
[ 597.722720][ C0] x5 : 0000000000000008 x4 : 000000000000000c x3 : 00000000e1100307
[ 597.730538][ C0] x2 : 0000000000000000 x1 : ffff80007bb5fb98 x0 : ffff0000a43e3810
[ 597.738356][ C0] Call trace:
[ 597.741485][ C0] se_if_rx_callback+0xa8/0x1f0 [sec_enclave eaa590c7f5850e16202e831d5a0ef9bbd976ab91]
[ 597.750957][ C0] mbox_chan_received_data+0x24/0x40
[ 597.756087][ C0] imx_mu_specific_rx+0x1ec/0x280
[ 597.760958][ C0] imx_mu_isr+0x314/0x340
[ 597.765135][ C0] __handle_irq_event_percpu+0x58/0x240
[ 597.770526][ C0] handle_irq_event+0x54/0xd0
[ 597.775041][ C0] handle_fasteoi_irq+0xac/0x1e0
[ 597.779825][ C0] handle_irq_desc+0x48/0x70
[ 597.784254][ C0] generic_handle_domain_irq+0x24/0x40
[ 597.789549][ C0] gic_handle_irq+0x11c/0x260
[ 597.794073][ C0] call_on_irq_stack+0x24/0x30
[ 597.798684][ C0] do_interrupt_handler+0x88/0xa0
[ 597.803554][ C0] el1_interrupt+0x44/0xd0
[ 597.807818][ C0] el1h_64_irq_handler+0x18/0x30
[ 597.812602][ C0] el1h_64_irq+0x7c/0x80
[ 597.816684][ C0] _raw_spin_unlock_irq+0x14/0x70
[ 597.821555][ C0] wait_for_completion_interruptible+0x28/0x50
[ 597.827544][ C0] ele_msg_rcv+0xa0/0x100 [sec_enclave eaa590c7f5850e16202e831d5a0ef9bbd976ab91]
[ 597.836488][ C0] se_if_fops_read+0xc8/0x1f0 [sec_enclave eaa590c7f5850e16202e831d5a0ef9bbd976ab91]
[ 597.845779][ C0] vfs_read+0xcc/0x320
[ 597.849696][ C0] ksys_read+0x78/0x120
[ 597.853691][ C0] __arm64_sys_read+0x24/0x40
[ 597.858207][ C0] invoke_syscall+0x70/0x100
[ 597.862644][ C0] el0_svc_common.constprop.0+0x48/0xf0
[ 597.868034][ C0] do_el0_svc+0x24/0x40
[ 597.872038][ C0] el0_svc+0x3c/0x170
[ 597.875869][ C0] el0t_64_sync_handler+0x120/0x130
[ 597.880913][ C0] el0t_64_sync+0x1a8/0x1b0
[ 597.885258][ C0] Code: b9400263 2a1403e4 f0fffe61 912e6021 (f9400842)
[ 597.892035][ C0] ---[ end trace 0000000000000000 ]---
[ 597.897330][ C0] Kernel panic - not syncing: Oops: Fatal exception in interrupt
[ 597.904878][ C0] SMP: stopping secondary CPUs
[ 597.909521][ C0] Kernel Offset: disabled
[ 597.913691][ C0] CPU features: 0x0,0000000c,00000004,00280928,4201721b
[ 597.920468][ C0] Memory Limit: none
[ 597.924205][ C0] Rebooting in 90 seconds..
Powered by blists - more mailing lists