From: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
To: Boris Brezillon <boris.brezillon@collabora.com>
Cc: miquel.raynal@bootlin.com, richard@nod.at, vigneshr@ti.com,
robh+dt@kernel.org, linux-arm-msm@vger.kernel.org,
devicetree@vger.kernel.org, linux-mtd@lists.infradead.org,
linux-kernel@vger.kernel.org, Daniele.Palmas@telit.com,
bjorn.andersson@linaro.org
Subject: Re: [PATCH v7 3/3] mtd: rawnand: Add support for secure regions in NAND memory
Date: Mon, 22 Mar 2021 15:09:23 +0530 [thread overview]
Message-ID: <20210322093923.GA70634@thinkpad> (raw)
In-Reply-To: <20210319175258.2cce6acd@collabora.com>
On Fri, Mar 19, 2021 at 05:52:58PM +0100, Boris Brezillon wrote:
> On Fri, 19 Mar 2021 20:30:10 +0530
> Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org> wrote:
>
> > On a typical end product, a vendor may choose to secure some regions in
> > the NAND memory which are supposed to stay intact between FW upgrades.
> > The access to those regions will be blocked by a secure element like
> > Trustzone. So the normal world software like Linux kernel should not
> > touch these regions (including reading).
> >
> > The regions are declared using a NAND chip DT property,
> > "secure-regions". So let's make use of this property in the raw NAND
> > core and skip access to the secure regions present in a system.
> >
> > Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
> > ---
> > drivers/mtd/nand/raw/nand_base.c | 111 +++++++++++++++++++++++++++++++
> > include/linux/mtd/rawnand.h | 4 ++
> > 2 files changed, 115 insertions(+)
> >
> > diff --git a/drivers/mtd/nand/raw/nand_base.c b/drivers/mtd/nand/raw/nand_base.c
> > index c33fa1b1847f..479a79e682cd 100644
> > --- a/drivers/mtd/nand/raw/nand_base.c
> > +++ b/drivers/mtd/nand/raw/nand_base.c
> > @@ -278,11 +278,47 @@ static int nand_block_bad(struct nand_chip *chip, loff_t ofs)
> > return 0;
> > }
> >
> > +/**
> > + * nand_check_secure_region() - Check if the region is secured
> > + * @chip: NAND chip object
> > + * @offset: Offset of the region to check
> > + * @size: Size of the region to check
> > + *
> > + * Checks if the region is secured by comparing the offset and size with the
> > + * list of secure regions obtained from DT. Returns -EIO if the region is
> > + * secured else 0.
> > + */
> > +static int nand_check_secure_region(struct nand_chip *chip, loff_t offset, u64 size)
> > +{
> > + int i, j;
> > +
> > + /* Skip touching the secure regions if present */
> > + for (i = 0, j = 0; i < chip->nr_secure_regions; i++, j += 2) {
> > + /* First compare the start offset */
> > + if (offset >= chip->secure_regions[j] &&
> > + (offset < chip->secure_regions[j] + chip->secure_regions[j + 1]))
> > + return -EIO;
> > + /* ...then offset + size */
> > + else if (offset < chip->secure_regions[i] &&
> > + (offset + size) >= chip->secure_regions[i])
> > + return -EIO;
>
> How about:
>
> const struct nand_secure_region *region = &chip->secure_regions[i];
>
> if (offset + size <= region->offset ||
> offset >= region->offset + region->size)
> continue;
>
> return -EIO;
>
I guess you mean this:
/* Skip touching the secure regions if present */
for (i = 0; i < chip->nr_secure_regions; i++) {
const struct nand_secure_region *region = &chip->secure_regions[i];
if (offset + size < region->offset ||
offset >= region->offset + region->size)
continue;
return -EIO;
}
return 0;
> > + }
> > +
> > + return 0;
> > +}
> > +
[...]
> > diff --git a/include/linux/mtd/rawnand.h b/include/linux/mtd/rawnand.h
> > index 6b3240e44310..d385c4fe8b0f 100644
> > --- a/include/linux/mtd/rawnand.h
> > +++ b/include/linux/mtd/rawnand.h
> > @@ -1086,6 +1086,8 @@ struct nand_manufacturer {
> > * NAND Controller drivers should not modify this value, but they're
> > * allowed to read it.
> > * @read_retries: The number of read retry modes supported
> > + * @secure_regions: Array representing the secure regions
> > + * @nr_secure_regions: Number of secure regions
> > * @controller: The hardware controller structure which is shared among multiple
> > * independent devices
> > * @ecc: The ECC controller structure
> > @@ -1135,6 +1137,8 @@ struct nand_chip {
> > unsigned int suspended : 1;
> > int cur_cs;
> > int read_retries;
> > + u64 *secure_regions;
>
>
> Can you please define the following struct:
>
> struct nand_secure_region {
> u64 offset;
> u64 size;
> };
>
> instead of having an array of u64 where even entries encode the offset
> and odd ones the size.
>
Hmm, I think you implicitly said this in your previous review as well and I
somehow lost it. Will incorporate. So we'll have something like this in
of_get_nand_secure_regions():
for (i = 0, j = 0; i < chip->nr_secure_regions; i++, j += 2) {
of_property_read_u64_index(dn, "secure-regions", j,
&chip->secure_regions[i].offset);
of_property_read_u64_index(dn, "secure-regions", j + 1,
&chip->secure_regions[i].size);
}
Thanks,
Mani
WARNING: multiple messages have this Message-ID (diff)
From: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
To: Boris Brezillon <boris.brezillon@collabora.com>
Cc: miquel.raynal@bootlin.com, richard@nod.at, vigneshr@ti.com,
robh+dt@kernel.org, linux-arm-msm@vger.kernel.org,
devicetree@vger.kernel.org, linux-mtd@lists.infradead.org,
linux-kernel@vger.kernel.org, Daniele.Palmas@telit.com,
bjorn.andersson@linaro.org
Subject: Re: [PATCH v7 3/3] mtd: rawnand: Add support for secure regions in NAND memory
Date: Mon, 22 Mar 2021 15:09:23 +0530 [thread overview]
Message-ID: <20210322093923.GA70634@thinkpad> (raw)
In-Reply-To: <20210319175258.2cce6acd@collabora.com>
On Fri, Mar 19, 2021 at 05:52:58PM +0100, Boris Brezillon wrote:
> On Fri, 19 Mar 2021 20:30:10 +0530
> Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org> wrote:
>
> > On a typical end product, a vendor may choose to secure some regions in
> > the NAND memory which are supposed to stay intact between FW upgrades.
> > The access to those regions will be blocked by a secure element like
> > Trustzone. So the normal world software like Linux kernel should not
> > touch these regions (including reading).
> >
> > The regions are declared using a NAND chip DT property,
> > "secure-regions". So let's make use of this property in the raw NAND
> > core and skip access to the secure regions present in a system.
> >
> > Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
> > ---
> > drivers/mtd/nand/raw/nand_base.c | 111 +++++++++++++++++++++++++++++++
> > include/linux/mtd/rawnand.h | 4 ++
> > 2 files changed, 115 insertions(+)
> >
> > diff --git a/drivers/mtd/nand/raw/nand_base.c b/drivers/mtd/nand/raw/nand_base.c
> > index c33fa1b1847f..479a79e682cd 100644
> > --- a/drivers/mtd/nand/raw/nand_base.c
> > +++ b/drivers/mtd/nand/raw/nand_base.c
> > @@ -278,11 +278,47 @@ static int nand_block_bad(struct nand_chip *chip, loff_t ofs)
> > return 0;
> > }
> >
> > +/**
> > + * nand_check_secure_region() - Check if the region is secured
> > + * @chip: NAND chip object
> > + * @offset: Offset of the region to check
> > + * @size: Size of the region to check
> > + *
> > + * Checks if the region is secured by comparing the offset and size with the
> > + * list of secure regions obtained from DT. Returns -EIO if the region is
> > + * secured else 0.
> > + */
> > +static int nand_check_secure_region(struct nand_chip *chip, loff_t offset, u64 size)
> > +{
> > + int i, j;
> > +
> > + /* Skip touching the secure regions if present */
> > + for (i = 0, j = 0; i < chip->nr_secure_regions; i++, j += 2) {
> > + /* First compare the start offset */
> > + if (offset >= chip->secure_regions[j] &&
> > + (offset < chip->secure_regions[j] + chip->secure_regions[j + 1]))
> > + return -EIO;
> > + /* ...then offset + size */
> > + else if (offset < chip->secure_regions[i] &&
> > + (offset + size) >= chip->secure_regions[i])
> > + return -EIO;
>
> How about:
>
> const struct nand_secure_region *region = &chip->secure_regions[i];
>
> if (offset + size <= region->offset ||
> offset >= region->offset + region->size)
> continue;
>
> return -EIO;
>
I guess you mean this:
/* Skip touching the secure regions if present */
for (i = 0; i < chip->nr_secure_regions; i++) {
const struct nand_secure_region *region = &chip->secure_regions[i];
if (offset + size < region->offset ||
offset >= region->offset + region->size)
continue;
return -EIO;
}
return 0;
> > + }
> > +
> > + return 0;
> > +}
> > +
[...]
> > diff --git a/include/linux/mtd/rawnand.h b/include/linux/mtd/rawnand.h
> > index 6b3240e44310..d385c4fe8b0f 100644
> > --- a/include/linux/mtd/rawnand.h
> > +++ b/include/linux/mtd/rawnand.h
> > @@ -1086,6 +1086,8 @@ struct nand_manufacturer {
> > * NAND Controller drivers should not modify this value, but they're
> > * allowed to read it.
> > * @read_retries: The number of read retry modes supported
> > + * @secure_regions: Array representing the secure regions
> > + * @nr_secure_regions: Number of secure regions
> > * @controller: The hardware controller structure which is shared among multiple
> > * independent devices
> > * @ecc: The ECC controller structure
> > @@ -1135,6 +1137,8 @@ struct nand_chip {
> > unsigned int suspended : 1;
> > int cur_cs;
> > int read_retries;
> > + u64 *secure_regions;
>
>
> Can you please define the following struct:
>
> struct nand_secure_region {
> u64 offset;
> u64 size;
> };
>
> instead of having an array of u64 where even entries encode the offset
> and odd ones the size.
>
Hmm, I think you implicitly said this in your previous review as well and I
somehow lost it. Will incorporate. So we'll have something like this in
of_get_nand_secure_regions():
for (i = 0, j = 0; i < chip->nr_secure_regions; i++, j += 2) {
of_property_read_u64_index(dn, "secure-regions", j,
&chip->secure_regions[i].offset);
of_property_read_u64_index(dn, "secure-regions", j + 1,
&chip->secure_regions[i].size);
}
Thanks,
Mani
______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/
next prev parent reply other threads:[~2021-03-22 9:40 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-19 15:00 [PATCH v7 0/3] Add support for secure regions in NAND Manivannan Sadhasivam
2021-03-19 15:00 ` Manivannan Sadhasivam
2021-03-19 15:00 ` [PATCH v7 1/3] dt-bindings: mtd: Convert Qcom NANDc binding to YAML Manivannan Sadhasivam
2021-03-19 15:00 ` Manivannan Sadhasivam
2021-03-19 15:00 ` [PATCH v7 2/3] dt-bindings: mtd: Add a property to declare secure regions in NAND chips Manivannan Sadhasivam
2021-03-19 15:00 ` Manivannan Sadhasivam
2021-03-19 15:00 ` [PATCH v7 3/3] mtd: rawnand: Add support for secure regions in NAND memory Manivannan Sadhasivam
2021-03-19 15:00 ` Manivannan Sadhasivam
2021-03-19 16:52 ` Boris Brezillon
2021-03-19 16:52 ` Boris Brezillon
2021-03-22 9:39 ` Manivannan Sadhasivam [this message]
2021-03-22 9:39 ` Manivannan Sadhasivam
2021-03-19 16:56 ` Boris Brezillon
2021-03-19 16:56 ` Boris Brezillon
2021-03-22 9:40 ` Manivannan Sadhasivam
2021-03-22 9:40 ` Manivannan Sadhasivam
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210322093923.GA70634@thinkpad \
--to=manivannan.sadhasivam@linaro.org \
--cc=Daniele.Palmas@telit.com \
--cc=bjorn.andersson@linaro.org \
--cc=boris.brezillon@collabora.com \
--cc=devicetree@vger.kernel.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
--cc=miquel.raynal@bootlin.com \
--cc=richard@nod.at \
--cc=robh+dt@kernel.org \
--cc=vigneshr@ti.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.