| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f544feb0-94e7-447b-8658-f9de9e3a82b2@quicinc.com>
Date: Fri, 11 Jul 2025 10:32:26 +0800
From: Ling Xu <quic_lxu5@...cinc.com>
To: Konrad Dybcio <konrad.dybcio@....qualcomm.com>, <srini@...nel.org>,
<amahesh@....qualcomm.com>, <robh@...nel.org>, <krzk+dt@...nel.org>,
<conor+dt@...nel.org>, <andersson@...nel.org>,
<konradybcio@...nel.org>, <arnd@...db.de>,
<gregkh@...uxfoundation.org>
CC: <quic_kuiw@...cinc.com>, <ekansh.gupta@....qualcomm.com>,
<devicetree@...r.kernel.org>, <linux-arm-msm@...r.kernel.org>,
<dri-devel@...ts.freedesktop.org>, <linux-kernel@...r.kernel.org>,
"Srinivas
Kandagatla" <srinivas.kandagatla@...aro.org>
Subject: Re: [PATCH v6 3/4] misc: fastrpc: Cleanup the domain names
在 7/10/2025 3:25 AM, Konrad Dybcio 写道:
> On 7/9/25 7:47 AM, Ling Xu wrote:
>> Currently the domain ids are added for each instance of domains, this is
>> totally not scalable approach. Clean this mess and create domain ids for
>> only domains not its instances.
>>
>> Co-developed-by: Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
>> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
>> Signed-off-by: Ling Xu <quic_lxu5@...cinc.com>
>> ---
>
> [...]
>
>> @@ -2330,21 +2323,20 @@ static int fastrpc_rpmsg_probe(struct rpmsg_device *rpdev)
>> case ADSP_DOMAIN_ID:
>> case MDSP_DOMAIN_ID:
>> case SDSP_DOMAIN_ID:
>> - /* Unsigned PD offloading is only supported on CDSP and CDSP1 */
>> + /* Unsigned PD offloading is only supported on CDSP */
>> data->unsigned_support = false;
>> - err = fastrpc_device_register(rdev, data, secure_dsp, domains[domain_id]);
>> + err = fastrpc_device_register(rdev, data, secure_dsp, domain);
>> if (err)
>> goto err_free_data;
>> break;
>> case CDSP_DOMAIN_ID:
>> - case CDSP1_DOMAIN_ID:
>> data->unsigned_support = true;
>> /* Create both device nodes so that we can allow both Signed and Unsigned PD */
>> - err = fastrpc_device_register(rdev, data, true, domains[domain_id]);
>> + err = fastrpc_device_register(rdev, data, true, domain);
>> if (err)
>> goto err_free_data;
>>
>> - err = fastrpc_device_register(rdev, data, false, domains[domain_id]);
>> + err = fastrpc_device_register(rdev, data, false, domain);
>> if (err)
>> goto err_deregister_fdev;
>> break;
>
> Taking a step back, do we realistically need these checks at all?
> I would assume that there is a layer of security on the DSP side
> that would disallow running code in unsigned PDs on e.g. the ADSP.
>
> What happens if one skips them and attempts doing just that?
>
do you mean comment data->unsigned_support lines?
On qcs9100, it works normal, test will fail on unsigned PD if it's not supported.
but we cannot comment what would happen on old DSPs.
I think it will be safer to keep this.
> Konrad
--
Thx and BRs,
Ling Xu
Powered by blists - more mailing lists