lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20250501-sc-el2-overlays-v1-0-9202e59e3348@trvn.ru>
Date: Thu, 01 May 2025 22:03:40 +0500
From: Nikita Travkin <nikita@...n.ru>
To: Bjorn Andersson <andersson@...nel.org>, 
 Konrad Dybcio <konradybcio@...nel.org>, Rob Herring <robh@...nel.org>, 
 Krzysztof Kozlowski <krzk+dt@...nel.org>, 
 Conor Dooley <conor+dt@...nel.org>, cros-qcom-dts-watchers@...omium.org
Cc: Marc Zyngier <maz@...nel.org>, 
 Jens Glathe <jens.glathe@...schoolsolutions.biz>, 
 linux-arm-msm@...r.kernel.org, devicetree@...r.kernel.org, 
 linux-kernel@...r.kernel.org, Nikita Travkin <nikita@...n.ru>
Subject: [PATCH 0/5] arm64: dts: qcom: Add EL2 overlays for WoA devices

WoA devices use firmware very similar to android, which means that Linux
has to run in EL1 due to the presence of Qualcomm's hypervisor (QHEE or
Gunyah). However Windows can replace that hypervisor using Secure-Launch
flow.

More recently the same approach became possible to be used to boot Linux
in EL2 on those devices, thanks to a tool called slbounce[1].

As of now, booting in EL2 comes with some downsides, most notably that
DSP remoteprocs (importantly, ADSP) can't be booted as Linux relied on
hyp's service to authenticate and launch the firmware. The lack of ADSP
results in missing battery/charging and type-c services (alongside with
missing sound of course). On the other hand it becomes more clear that
running under QHEE/Gunyah /also/ has downsides apart from lacking
virtualization support. For example, x1e devices can't use more than
32GiB of ram when running under Gunyah.

As booting in EL2 depreves us of QHEE/Gunyah services, some changes to
the DT are needed to boot in EL2 correctly:

- GPU ZAP shader must be disabled. Linux will zap the gpu itself;
- If PCIe is present, SMMUv3 must be enabled and controlled properly;
- On x1 devices, hyp-emulated watchdog must be disabled.

To make it easier to run WoA devices in EL2, this series introduces
per-SoC EL2 overlays and -el2.dtb variants of WoA device DTBs. Ready
presence of -el2.dtb-s will allow people to more easily use those
devices in EL2, especially as some recent work on fixing ADSP-related
limitations (at least on x1e) is already being done and can benefit EL2
case as well. [2]

[1] https://github.com/TravMurav/slbounce
[2] https://git.codelinaro.org/stephan.gerhold/linux/-/commit/7c2a82017d32a4a0007443680fd0847e7c92d5bb

Signed-off-by: Nikita Travkin <nikita@...n.ru>
---
Nikita Travkin (5):
      arm64: dts: qcom: sc7180: Add EL2 overlay for WoA devices
      arm64: dts: qcom: sc8280xp: Add PCIe IOMMU
      arm64: dts: qcom: sc8280xp: Add EL2 overlay for WoA devices
      arm64: dts: qcom: x1e80100: Add PCIe IOMMU
      arm64: dts: qcom: x1e/x1p: Add EL2 overlay for WoA devices

 arch/arm64/boot/dts/qcom/Makefile          | 54 ++++++++++++++++++++----------
 arch/arm64/boot/dts/qcom/sc7180-el2.dtso   | 22 ++++++++++++
 arch/arm64/boot/dts/qcom/sc8280xp-el2.dtso | 44 ++++++++++++++++++++++++
 arch/arm64/boot/dts/qcom/sc8280xp.dtsi     | 14 ++++++++
 arch/arm64/boot/dts/qcom/x1-el2.dtso       | 46 +++++++++++++++++++++++++
 arch/arm64/boot/dts/qcom/x1e80100.dtsi     | 16 ++++++++-
 6 files changed, 177 insertions(+), 19 deletions(-)
---
base-commit: 8a2d53ce3c5f82683ad3df9a9a55822816fe64e7
change-id: 20250501-sc-el2-overlays-b297325f3729

Best regards,
-- 
Nikita Travkin <nikita@...n.ru>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ