lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <be816a6d-c4e6-4cf1-b5dd-fd59515a42ef@oss.qualcomm.com>
Date: Wed, 22 Oct 2025 19:00:05 +0200
From: Konrad Dybcio <konrad.dybcio@....qualcomm.com>
To: Viken Dadhaniya <viken.dadhaniya@....qualcomm.com>, andersson@...nel.org,
        konradybcio@...nel.org, robh@...nel.org, krzk+dt@...nel.org,
        conor+dt@...nel.org, linux-arm-msm@...r.kernel.org,
        devicetree@...r.kernel.org, linux-kernel@...r.kernel.org
Cc: mukesh.savaliya@....qualcomm.com, anup.kulkarni@....qualcomm.com
Subject: Re: [PATCH v1] arm64: dts: qcom: monaco-evk: Add firmware-name to
 QUPv3 nodes

On 9/26/25 8:43 AM, Viken Dadhaniya wrote:
> 
> 
> On 9/25/2025 2:22 PM, Konrad Dybcio wrote:
>> On 9/25/25 6:26 AM, Viken Dadhaniya wrote:
>>> Traditionally, firmware loading for Serial Engines (SE) in the QUP hardware
>>> of Qualcomm SoCs has been managed by TrustZone (TZ). While this approach
>>> ensures secure SE assignment and access control, it limits flexibility for
>>> developers who need to enable various protocols on different SEs.
>>>
>>> Add the firmware-name property to QUPv3 nodes in the device tree to enable
>>> firmware loading from the Linux environment. Handle SE assignments and
>>> access control permissions directly within Linux, removing the dependency
>>> on TrustZone.
>>>
>>> Signed-off-by: Viken Dadhaniya <viken.dadhaniya@....qualcomm.com>
>>> ---
>>
>> Viken, you've posted a lot of patches like these lately for
>> specific boards.
>>
>> Should we instead push this to the SoC DTSI, to limit the boilerplate?
> 
> The firmware load from Linux feature is applicable only to devkit boards
> (RB3 Gen2 and EVK), and therefore, it is being added exclusively to the
> board-specific device tree files.

Do we expect GENI_SE_INVALID_PROTO to ever show up on hardware that
can't make use of fw loading though?

>> If I recall correctly, you said these ELFs are not vendor-signed, so
>> it should be OK to have them be assigned globally
>>
> 
> This feature is intended solely for use with the development kit and is not
> intended for commercialization. Therefore, vendor sign-off is currently not
> applicable.

Well you conveniently never really mentioned this in the driver patchset..

Konrad

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ