From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from alsa0.perex.cz (alsa0.perex.cz [77.48.224.243]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6042BC001E0 for ; Thu, 27 Jul 2023 07:39:03 +0000 (UTC) Received: from alsa1.perex.cz (alsa1.perex.cz [207.180.221.201]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by alsa0.perex.cz (Postfix) with ESMTPS id F094384D; Thu, 27 Jul 2023 09:38:10 +0200 (CEST) DKIM-Filter: OpenDKIM Filter v2.11.0 alsa0.perex.cz F094384D DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=alsa-project.org; s=default; t=1690443541; bh=UMz7+bBeo1Yayet6kzgbOGCnIyTtGYB8mAkTxUOJaCk=; h=Date:From:To:Cc:Subject:References:In-Reply-To:List-Id: List-Archive:List-Help:List-Owner:List-Post:List-Subscribe: List-Unsubscribe:From; b=i9Jjjjmz/an+O0Sx9Z9oXujBbJm7/jbv9gGjWUgNx+F3roqH8L5Db7b4J2T7F7RD4 OQ5GMuJGVzuIcUnI2TGa2GdmMPFG9apTltSOIaho13ZJxH4HYhf052e7xBougY8dOG /Wd9L2vKhUnxXtFqa93NBIqv8wPOkP81yYoQp2y8= Received: by alsa1.perex.cz (Postfix, from userid 50401) id 7031EF80548; Thu, 27 Jul 2023 09:38:10 +0200 (CEST) Received: from mailman-core.alsa-project.org (mailman-core.alsa-project.org [10.254.200.10]) by alsa1.perex.cz (Postfix) with ESMTP id B817AF801F5; Thu, 27 Jul 2023 09:38:09 +0200 (CEST) Received: by alsa1.perex.cz (Postfix, from userid 50401) id 9EC2AF8019B; Wed, 26 Jul 2023 12:20:09 +0200 (CEST) Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on20700.outbound.protection.outlook.com [IPv6:2a01:111:f400:7eae::700]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by alsa1.perex.cz (Postfix) with ESMTPS id 8F299F80149 for ; Wed, 26 Jul 2023 12:19:52 +0200 (CEST) DKIM-Filter: OpenDKIM Filter v2.11.0 alsa1.perex.cz 8F299F80149 Authentication-Results: alsa1.perex.cz; dkim=pass (1024-bit key, unprotected) header.d=corigine.onmicrosoft.com header.i=@corigine.onmicrosoft.com header.a=rsa-sha256 header.s=selector2-corigine-onmicrosoft-com header.b=Hd5Y6Flk ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NUCMZaZfReunmMS88vSsK5G8+TkXa7pEcYjhVcxnbxyOCFihpd9+4xevziSqMon/ooj3W8AOfYsRd/gLsvu4ICGlpHIfK3SuUyFlxS/6vUvp7wr5KQNsnK6pdRZyxEucYcNPnKVtlP+lfKeNPoWxtg/KvNCkLHQXK4PpY6Ag+uG0bVE3o0KzVK8H25N9tAhGvTpE2saDwMRMTMdDnJ3prvJWycr66LJ+5qkp/NpHwbQSq1AvPyWcm/DX89QxWfPFaHZ3IhqWOCW7eylzGIVBBUML6WtEKHAGMjwT6/qMhqDauSVA+qx9OFruyLDga4vJQ5TjuAaxYmlzdzGN4tlNZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dttOZGVpYrvCbiWs7/nwb4n9deqZ+DT6/2Uq4zsMQoU=; b=iOFAxx6fJDEGbmZMIB2PJ4LDVos86ItM0xfaXLRvyNDWFEoecGvpVQPLjXXummRYAb33X2eeiPzZos/0iCvsrjwqZa2bi5uEVYRGOM5pMkkvd0YYdZpobDvSluWXfFYNnqTvWrjMkfYGdEbuzWFfphZRGwo7bYJumUxdcijEatjlqySZ+SE3qouTV+zH7dYGO/Q3G8GFfsRfDoZIe8j//UAKHq/Wnv2hWamyV4ZaNQl+8dhyBPsQvnv3OdVdQcuhA3aZgpK8+DeQR0nd9wLMaNEsfoxIl3HHuHDjhK9m7sB4I9ABtI9awBZTjwFvDbnZw45jqELE10B2vuDx2bwv1A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=corigine.com; dmarc=pass action=none header.from=corigine.com; dkim=pass header.d=corigine.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=corigine.onmicrosoft.com; s=selector2-corigine-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dttOZGVpYrvCbiWs7/nwb4n9deqZ+DT6/2Uq4zsMQoU=; b=Hd5Y6FlkHYA7fg7PmaINIDT9Ea5LuTrbtIQHG4lX1kxSsYL3zC9lpShsjFTicQ9BkZopNXDVNfN7ZXAjzBo+kYgUmEQxDWZHX8dXQK44b/Vv8tEVjXlM+0rp+ushamUnan94sGUULAWmnKaUr6lHtxAYlkv9i0SUE5swOxSibK8= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=corigine.com; Received: from PH0PR13MB4842.namprd13.prod.outlook.com (2603:10b6:510:78::6) by CO1PR13MB4840.namprd13.prod.outlook.com (2603:10b6:303:f6::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6631.29; Wed, 26 Jul 2023 10:19:46 +0000 Received: from PH0PR13MB4842.namprd13.prod.outlook.com ([fe80::fde7:9821:f2d9:101d]) by PH0PR13MB4842.namprd13.prod.outlook.com ([fe80::fde7:9821:f2d9:101d%7]) with mapi id 15.20.6609.032; Wed, 26 Jul 2023 10:19:46 +0000 Date: Wed, 26 Jul 2023 12:19:33 +0200 From: Simon Horman To: Gatien Chevallier Cc: Oleksii_Moisieiev@epam.com, gregkh@linuxfoundation.org, herbert@gondor.apana.org.au, davem@davemloft.net, robh+dt@kernel.org, krzysztof.kozlowski+dt@linaro.org, conor+dt@kernel.org, alexandre.torgue@foss.st.com, vkoul@kernel.org, jic23@kernel.org, olivier.moysan@foss.st.com, arnaud.pouliquen@foss.st.com, mchehab@kernel.org, fabrice.gasnier@foss.st.com, andi.shyti@kernel.org, ulf.hansson@linaro.org, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, hugues.fruchet@foss.st.com, lee@kernel.org, will@kernel.org, catalin.marinas@arm.com, arnd@kernel.org, richardcochran@gmail.com, Frank Rowand , linux-crypto@vger.kernel.org, devicetree@vger.kernel.org, linux-stm32@st-md-mailman.stormreply.com, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, dmaengine@vger.kernel.org, linux-i2c@vger.kernel.org, linux-iio@vger.kernel.org, alsa-devel@alsa-project.org, linux-media@vger.kernel.org, linux-mmc@vger.kernel.org, netdev@vger.kernel.org, linux-phy@lists.infradead.org, linux-serial@vger.kernel.org, linux-spi@vger.kernel.org, linux-usb@vger.kernel.org Subject: Re: [PATCH v2 05/11] firewall: introduce stm32_firewall framework Message-ID: References: <20230725164104.273965-1-gatien.chevallier@foss.st.com> <20230725164104.273965-6-gatien.chevallier@foss.st.com> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230725164104.273965-6-gatien.chevallier@foss.st.com> X-ClientProxiedBy: AM0PR02CA0127.eurprd02.prod.outlook.com (2603:10a6:20b:28c::24) To PH0PR13MB4842.namprd13.prod.outlook.com (2603:10b6:510:78::6) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PH0PR13MB4842:EE_|CO1PR13MB4840:EE_ X-MS-Office365-Filtering-Correlation-Id: a2d3bb4e-9421-4fe4-6b60-08db8dc1d5d0 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 9oWlcWlNNa2GhLeQt6EP9CIC9qoOGxP+Sm6OUB5ClU+aeESYL+dEPIGxxWnRjkfDFyZ6C9Dzcx4JCnZ6gM1TH/ny6/eTBIkfW1ORRGq/K38lmRsY+mDMJGouuBkjmx4AOi5hI4LJIGIzeJGHVnSR1dkt3NdP/e9hhbbxAqhe9060mkDpleZppEalBAo6Yj0uPTJu3nwIsi2Cd0iprvoYqZDgBV5YsBjFpT1Wtg+AoSI3JnRpAXBgthtSaBECmG09Cow/uuldBpIFTLY2hjNPjYKA+Rc+lNtPD2l8nTLQj0nnKiaVuLlnMSvxSPFMHZ5zpzlASywh6P/A9VK4tIv2pssGes1jwkxJuL+yvZ8WDCisr77Q2N5SXg+wOo+pCf0QmBTS4FAsf6v77zOT8C9jZuFeeDNMAbMOO2keTzwAaogbo7Ly3qj37b14o20KYzV+y6aWcpIWUtgWs7XMNi4nMHBza5rvSL7yvyHRdsExCYLQ4JZUbsZiLcooWsu4A0zpllWyLVW7oLPIse77w5/pVC64hvrmYvnnGTxGAD3/zazwewusACh9VzbPlvvN6UXH7/oppOiRI3wmvpvdDgDAC7U8FJsghf7rODXFdNmuz5I= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR13MB4842.namprd13.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(4636009)(366004)(39840400004)(376002)(346002)(396003)(136003)(451199021)(6666004)(6486002)(478600001)(83380400001)(6506007)(6512007)(6916009)(66476007)(4326008)(66556008)(66946007)(186003)(2616005)(38100700002)(44832011)(5660300002)(7406005)(7416002)(8936002)(8676002)(2906002)(316002)(41300700001)(66899021)(86362001)(36756003);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?iSrc3zndfBUC0ftuXazbVfMRd/AA8NsnhpOvULz1VYY5WHbg0UiXYtewsOSo?= =?us-ascii?Q?RQUeozi8wIBSV0VWj3YF+zlfnQ1LmEa1k5wZHQUXg+9PEDCV8KmAQfXHkRkA?= =?us-ascii?Q?cHZVyCIQCfr65vjaR4pD8AITPiHBZ26XulqzAoL2G1CyzhH6Wgn12Jofb3TU?= =?us-ascii?Q?qOtshyCGg517Cjd5UUe0vUq5SS7g05o60JN+vRYkqgp6le1S9HelitwNxC0F?= =?us-ascii?Q?RhUDnkV9xYbOJ4de1oBQlAsWhrgJZt75Uz4eBPslaR2y/vlP45o7olgd3TLh?= =?us-ascii?Q?CaViNt0nlMIxdz2ehecammYekwHK5H4+FSmMdfbKL1GaA3v36qkyshlO+H5L?= =?us-ascii?Q?dcPC7hb03s9THnlDC3zAHdkWaXNS0iOM6ex91NthhaiDP9weRSji3g12WRcH?= =?us-ascii?Q?aB+4xCK7WkNteRC4UCYz36H52RsK907G3i4WFrPNTnQWekRseeKnGWDflZar?= =?us-ascii?Q?OBkBb+Hm2KQgao3z9GTEl+4H4FqZA7pahVRlkcpgE7Ju15bPAADcHglamJqA?= =?us-ascii?Q?vHqhgU3e14k4EyhCW/WaxjvHoS2NQYnPTO64tjF25aIHIsltmbHTwv52zZoa?= =?us-ascii?Q?5fKzsSFIA5CEBal/VE2RHcF8+g6gV+nNYaxmZkxZj7UJA0zUnfe7a7XDqOHU?= =?us-ascii?Q?fp3qfKUh9lA/V8hQnvlhX+/lR/pquQq84fh0nz2guNY2tXH+4LqkmizHFGDR?= =?us-ascii?Q?eeYhFpWMlV4OB7IWH6cOW4KRmd0m4ZJBjAgHrugligEA/3Hi+sFmFZAj50E6?= =?us-ascii?Q?kR5WG0wQV5SYjJksPmWQpcMug3Z6kHPpo+TyDdhEixp98fzwwN6coxl4hKhN?= =?us-ascii?Q?eGYIzZoYKcldWnXgRV5M312FL/dd9gBOWKEhReU151FPK2xblpBpLMrr02U2?= =?us-ascii?Q?aNw0vBNk/rtaIMyvaz+zpbJR0Tdd00HXavSPkQtIggCP0j0Z0vXGcT+Y7g1N?= =?us-ascii?Q?NRwB6vvFwpySdHn+dNEC54rNf8pgCaqUfZaqlci3Sum/LXvXTCRF/7gHzuft?= =?us-ascii?Q?oapefsiOyljdtwxvdmVtj3KkOFFMSXgWdEfXjWue74VzuJqfgyRWDpaO7wV7?= =?us-ascii?Q?LfpX7GKBM9+cgL/yc4drpxCGjq8Ha77ZPwzPgT9bjihD7/uQnQD5ZxShakLN?= =?us-ascii?Q?dwqqzMGN2enl8jfbJNsEUFGhzjBsl3sWdiwap5Hc15iFm1M336CFRLYKniR9?= =?us-ascii?Q?3dETBhVAJdiCz+dnR1clhmrjpyjTuz4/51qi8UqoA58QUJLqHYCbPyntfsaE?= =?us-ascii?Q?xCp3ksAHYx4G9VEEN2eZikTiCEtY/srG9y2rXJPbPvF1pH4Lc1i2Bg/iM1w6?= =?us-ascii?Q?UnMHyVpxFAaeRy5psy11yx01+4fgjxj4AkgRglTmdUQBfW/tt7R/CZldawah?= =?us-ascii?Q?7IgakWIDznrjYdR9/pfFvKrLRO5orDbdZWdU+th/4OAFPne4sH6J74dYfbK0?= =?us-ascii?Q?x4cwqkozpdi0MgAFB3YB+9RPGgayuHpjh35LUJw1FDrs/b4hER7jYSe8ZV/p?= =?us-ascii?Q?XiKNMGBwIOkkS2IfE8ttlwvUDqepsuTuCdKU7glyXcLewhBXtpdcW9YehEoJ?= =?us-ascii?Q?Vyc8KvY2wtR+Bf7mA3rvwtPeqH9xJBgz4lBfuVTLyst8eAa+Lt1op2JSCaRD?= =?us-ascii?Q?Uu1mPd16fy+yvy9biioULHJYeGXjWqwFkvwfhP7bIV/zcNFV3o+ndIJeAONR?= =?us-ascii?Q?Nv3yjQ=3D=3D?= X-OriginatorOrg: corigine.com X-MS-Exchange-CrossTenant-Network-Message-Id: a2d3bb4e-9421-4fe4-6b60-08db8dc1d5d0 X-MS-Exchange-CrossTenant-AuthSource: PH0PR13MB4842.namprd13.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jul 2023 10:19:46.1717 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fe128f2c-073b-4c20-818e-7246a585940c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: lr689HA28hCxN0D1Fo6kFJfCcsD7UCd4ibt8xmloW+RtNHUFZYEdPujHl/KSVXnx1tP+KZsLoqJqYw1ij/6N5/VtvbbfVSb6vvsW8Rxr/nI= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR13MB4840 X-MailFrom: simon.horman@corigine.com X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-alsa-devel.alsa-project.org-0; header-match-alsa-devel.alsa-project.org-1 Message-ID-Hash: XHC6SMXZ4CACTOQMNTY7VFWT6ADEJNTU X-Message-ID-Hash: XHC6SMXZ4CACTOQMNTY7VFWT6ADEJNTU X-Mailman-Approved-At: Thu, 27 Jul 2023 07:36:59 +0000 X-Mailman-Version: 3.3.8 Precedence: list List-Id: "Alsa-devel mailing list for ALSA developers - http://www.alsa-project.org" Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On Tue, Jul 25, 2023 at 06:40:58PM +0200, Gatien Chevallier wrote: > Introduce a STM32 firewall framework that offers to firewall consumers > different firewall services such as the ability to check their access > rights against their firewall controller(s). > > The STM32 firewall framework offers a generic API for STM32 firewall > controllers that is defined in their drivers to best fit the > specificity of each firewall. > > There are various types of firewalls: > -Peripheral firewalls that filter accesses to peripherals > -Memory firewalls that filter accesses to memories or memory regions > -No type for undefined type of firewall > > Signed-off-by: Gatien Chevallier ... > diff --git a/drivers/bus/stm32_firewall.c b/drivers/bus/stm32_firewall.c ... > +int stm32_firewall_populate_bus(struct stm32_firewall_controller *firewall_controller) > +{ > + struct stm32_firewall *firewalls; > + struct device_node *child; > + struct device *parent; > + unsigned int i; > + int len; > + int err; > + > + parent = firewall_controller->dev; > + > + dev_dbg(parent, "Populating %s system bus\n", dev_name(firewall_controller->dev)); > + > + for_each_available_child_of_node(dev_of_node(parent), child) { > + /* The feature-domains property is mandatory for firewall bus devices */ > + len = of_count_phandle_with_args(child, "feature-domains", "#feature-domain-cells"); > + if (len <= 0) Coccinelle says that, due to breaking out of a for_each_available_child_of_node() loop, a call to of_node_put() is needed here > + return -EINVAL; > + > + firewalls = kcalloc(len, sizeof(*firewalls), GFP_KERNEL); > + if (!firewalls) And here. > + return -ENOMEM; > + > + err = stm32_firewall_get_firewall(child, firewalls, (unsigned int)len); > + if (err) { > + kfree(firewalls); And here. > + return err; > + } > + > + for (i = 0; i < len; i++) { > + if (firewall_controller->grant_access(firewall_controller, > + firewalls[i].firewall_id)) { > + /* > + * Peripheral access not allowed or not defined. > + * Mark the node as populated so platform bus won't probe it > + */ > + of_node_set_flag(child, OF_POPULATED); > + dev_err(parent, "%s: Device driver will not be probed\n", > + child->full_name); > + } > + } > + > + kfree(firewalls); > + } > + > + return 0; > +} > +EXPORT_SYMBOL_GPL(stm32_firewall_populate_bus); > diff --git a/drivers/bus/stm32_firewall.h b/drivers/bus/stm32_firewall.h ... > +/** > + * struct stm32_firewall_controller - Information on firewall controller supplying services > + * > + * @name Name of the firewall controller kernel-doc complains that name and the other fields of struct stm32_firewall_controller are not documented. I believe this is because a ':' is needed after the name of the parameter (in this case 'name'). * @name: Name of the firewall controller Likewise, elsewhere. > + * @dev Device reference of the firewall controller > + * @mmio Base address of the firewall controller > + * @entry List entry of the firewall controller list > + * @type Type of firewall > + * @max_entries Number of entries covered by the firewall > + * @grant_access Callback used to grant access for a device access against a > + * firewall controller > + * @release_access Callback used to release resources taken by a device when access was > + * granted > + * @grant_memory_range_access Callback used to grant access for a device to a given memory region > + */ > +struct stm32_firewall_controller { > + const char *name; > + struct device *dev; > + void __iomem *mmio; > + struct list_head entry; > + unsigned int type; > + unsigned int max_entries; > + > + int (*grant_access)(struct stm32_firewall_controller *ctrl, u32 id); > + void (*release_access)(struct stm32_firewall_controller *ctrl, u32 id); > + int (*grant_memory_range_access)(struct stm32_firewall_controller *ctrl, phys_addr_t paddr, > + size_t size); > +}; > + > +/** > + * int stm32_firewall_controller_register - Register a firewall controller to the STM32 firewall kernel-doc seems unhappy about the presence of 'int' on this line. * stm32_firewall_controller_register - Register a firewall controller to the STM32 firewall Likewise, elsewhere. > + * framework > + * @firewall_controller Firewall controller to register > + * > + * Returns 0 in case of success or -ENODEV if no controller was given. > + */ > +int stm32_firewall_controller_register(struct stm32_firewall_controller *firewall_controller); ... > diff --git a/include/linux/bus/stm32_firewall_device.h b/include/linux/bus/stm32_firewall_device.h > new file mode 100644 > index 000000000000..9bdc4060154c > --- /dev/null > +++ b/include/linux/bus/stm32_firewall_device.h > @@ -0,0 +1,140 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > +/* > + * Copyright (C) 2023, STMicroelectronics - All Rights Reserved > + */ > + > +#ifndef STM32_FIREWALL_DEVICE_H > +#define STM32_FIREWALL_DEVICE_H > + > +#include > +#include > +#include > + > +#define STM32_FIREWALL_MAX_EXTRA_ARGS 5 > + > +/* Opaque reference to stm32_firewall_controller */ > +struct stm32_firewall_controller; > + > +/** > + * stm32_firewall - Information on a device's firewall. Each device can have more than one firewall. kernel-doc seems unhappy about the absence of struct on this line. * struct stm32_firewall - Information on a device's firewall. Each device can have more than one firewall. > + * > + * @firewall_ctrl Pointer referencing a firewall controller of the device. It is > + * opaque so a device cannot manipulate the controller's ops or access > + * the controller's data > + * @extra_args Extra arguments that are implementation dependent > + * @entry Name of the firewall entry > + * @extra_args_size Number of extra arguments > + * @firewall_id Firewall ID associated the device for this firewall controller > + */ > +struct stm32_firewall { > + struct stm32_firewall_controller *firewall_ctrl; > + u32 extra_args[STM32_FIREWALL_MAX_EXTRA_ARGS]; > + const char *entry; > + size_t extra_args_size; > + u32 firewall_id; > +}; ... -- pw-bot: changes-requested From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7B670C001DC for ; Wed, 26 Jul 2023 10:20:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:In-Reply-To:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=X762Cy1bXmxn238xWQWwSKvAPYAp6jlVikrz5Sfne+U=; b=PlYeYSc0Eo6w+M tccr+EwKG41kODt+3MWjLrJZI9lZy4BHqMq6BNiUGReo1VERbfjxJp8WF97Sue5MCAv8mBwkgN3Wz 6K/3QEA60RnaERM4DTol/3+dsu3WtSXyontC2PWaXDPM7aGNjzuE4SzKG5K4BDB1XGg5PiNOV6m/z OmDLAHRJNWk2TavCv8wUxgAvFgZ5WTfXtC36xVRJMIrRuCM3sayHGWn4ExlxWzGgNpj3RSgQk2xr7 /10jBRHJEx9APr+ZK3uU/WHjl0ZOirE/UjmO54YvWZg65OZ+vA26fVVI3fTCLM10N9mVkGX+bLiOH AVe+qXx5uHF/OO585SsQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1qObcl-009sgA-0Z; Wed, 26 Jul 2023 10:20:07 +0000 Received: from mail-bn8nam11on20700.outbound.protection.outlook.com ([2a01:111:f400:7eae::700] helo=NAM11-BN8-obe.outbound.protection.outlook.com) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1qObce-009sdT-0s; Wed, 26 Jul 2023 10:20:05 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NUCMZaZfReunmMS88vSsK5G8+TkXa7pEcYjhVcxnbxyOCFihpd9+4xevziSqMon/ooj3W8AOfYsRd/gLsvu4ICGlpHIfK3SuUyFlxS/6vUvp7wr5KQNsnK6pdRZyxEucYcNPnKVtlP+lfKeNPoWxtg/KvNCkLHQXK4PpY6Ag+uG0bVE3o0KzVK8H25N9tAhGvTpE2saDwMRMTMdDnJ3prvJWycr66LJ+5qkp/NpHwbQSq1AvPyWcm/DX89QxWfPFaHZ3IhqWOCW7eylzGIVBBUML6WtEKHAGMjwT6/qMhqDauSVA+qx9OFruyLDga4vJQ5TjuAaxYmlzdzGN4tlNZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dttOZGVpYrvCbiWs7/nwb4n9deqZ+DT6/2Uq4zsMQoU=; b=iOFAxx6fJDEGbmZMIB2PJ4LDVos86ItM0xfaXLRvyNDWFEoecGvpVQPLjXXummRYAb33X2eeiPzZos/0iCvsrjwqZa2bi5uEVYRGOM5pMkkvd0YYdZpobDvSluWXfFYNnqTvWrjMkfYGdEbuzWFfphZRGwo7bYJumUxdcijEatjlqySZ+SE3qouTV+zH7dYGO/Q3G8GFfsRfDoZIe8j//UAKHq/Wnv2hWamyV4ZaNQl+8dhyBPsQvnv3OdVdQcuhA3aZgpK8+DeQR0nd9wLMaNEsfoxIl3HHuHDjhK9m7sB4I9ABtI9awBZTjwFvDbnZw45jqELE10B2vuDx2bwv1A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=corigine.com; dmarc=pass action=none header.from=corigine.com; dkim=pass header.d=corigine.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=corigine.onmicrosoft.com; s=selector2-corigine-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dttOZGVpYrvCbiWs7/nwb4n9deqZ+DT6/2Uq4zsMQoU=; b=Hd5Y6FlkHYA7fg7PmaINIDT9Ea5LuTrbtIQHG4lX1kxSsYL3zC9lpShsjFTicQ9BkZopNXDVNfN7ZXAjzBo+kYgUmEQxDWZHX8dXQK44b/Vv8tEVjXlM+0rp+ushamUnan94sGUULAWmnKaUr6lHtxAYlkv9i0SUE5swOxSibK8= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=corigine.com; Received: from PH0PR13MB4842.namprd13.prod.outlook.com (2603:10b6:510:78::6) by CO1PR13MB4840.namprd13.prod.outlook.com (2603:10b6:303:f6::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6631.29; Wed, 26 Jul 2023 10:19:46 +0000 Received: from PH0PR13MB4842.namprd13.prod.outlook.com ([fe80::fde7:9821:f2d9:101d]) by PH0PR13MB4842.namprd13.prod.outlook.com ([fe80::fde7:9821:f2d9:101d%7]) with mapi id 15.20.6609.032; Wed, 26 Jul 2023 10:19:46 +0000 Date: Wed, 26 Jul 2023 12:19:33 +0200 From: Simon Horman To: Gatien Chevallier Cc: Oleksii_Moisieiev@epam.com, gregkh@linuxfoundation.org, herbert@gondor.apana.org.au, davem@davemloft.net, robh+dt@kernel.org, krzysztof.kozlowski+dt@linaro.org, conor+dt@kernel.org, alexandre.torgue@foss.st.com, vkoul@kernel.org, jic23@kernel.org, olivier.moysan@foss.st.com, arnaud.pouliquen@foss.st.com, mchehab@kernel.org, fabrice.gasnier@foss.st.com, andi.shyti@kernel.org, ulf.hansson@linaro.org, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, hugues.fruchet@foss.st.com, lee@kernel.org, will@kernel.org, catalin.marinas@arm.com, arnd@kernel.org, richardcochran@gmail.com, Frank Rowand , linux-crypto@vger.kernel.org, devicetree@vger.kernel.org, linux-stm32@st-md-mailman.stormreply.com, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, dmaengine@vger.kernel.org, linux-i2c@vger.kernel.org, linux-iio@vger.kernel.org, alsa-devel@alsa-project.org, linux-media@vger.kernel.org, linux-mmc@vger.kernel.org, netdev@vger.kernel.org, linux-phy@lists.infradead.org, linux-serial@vger.kernel.org, linux-spi@vger.kernel.org, linux-usb@vger.kernel.org Subject: Re: [PATCH v2 05/11] firewall: introduce stm32_firewall framework Message-ID: References: <20230725164104.273965-1-gatien.chevallier@foss.st.com> <20230725164104.273965-6-gatien.chevallier@foss.st.com> Content-Disposition: inline In-Reply-To: <20230725164104.273965-6-gatien.chevallier@foss.st.com> X-ClientProxiedBy: AM0PR02CA0127.eurprd02.prod.outlook.com (2603:10a6:20b:28c::24) To PH0PR13MB4842.namprd13.prod.outlook.com (2603:10b6:510:78::6) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PH0PR13MB4842:EE_|CO1PR13MB4840:EE_ X-MS-Office365-Filtering-Correlation-Id: a2d3bb4e-9421-4fe4-6b60-08db8dc1d5d0 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 9oWlcWlNNa2GhLeQt6EP9CIC9qoOGxP+Sm6OUB5ClU+aeESYL+dEPIGxxWnRjkfDFyZ6C9Dzcx4JCnZ6gM1TH/ny6/eTBIkfW1ORRGq/K38lmRsY+mDMJGouuBkjmx4AOi5hI4LJIGIzeJGHVnSR1dkt3NdP/e9hhbbxAqhe9060mkDpleZppEalBAo6Yj0uPTJu3nwIsi2Cd0iprvoYqZDgBV5YsBjFpT1Wtg+AoSI3JnRpAXBgthtSaBECmG09Cow/uuldBpIFTLY2hjNPjYKA+Rc+lNtPD2l8nTLQj0nnKiaVuLlnMSvxSPFMHZ5zpzlASywh6P/A9VK4tIv2pssGes1jwkxJuL+yvZ8WDCisr77Q2N5SXg+wOo+pCf0QmBTS4FAsf6v77zOT8C9jZuFeeDNMAbMOO2keTzwAaogbo7Ly3qj37b14o20KYzV+y6aWcpIWUtgWs7XMNi4nMHBza5rvSL7yvyHRdsExCYLQ4JZUbsZiLcooWsu4A0zpllWyLVW7oLPIse77w5/pVC64hvrmYvnnGTxGAD3/zazwewusACh9VzbPlvvN6UXH7/oppOiRI3wmvpvdDgDAC7U8FJsghf7rODXFdNmuz5I= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR13MB4842.namprd13.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(4636009)(366004)(39840400004)(376002)(346002)(396003)(136003)(451199021)(6666004)(6486002)(478600001)(83380400001)(6506007)(6512007)(6916009)(66476007)(4326008)(66556008)(66946007)(186003)(2616005)(38100700002)(44832011)(5660300002)(7406005)(7416002)(8936002)(8676002)(2906002)(316002)(41300700001)(66899021)(86362001)(36756003);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?iSrc3zndfBUC0ftuXazbVfMRd/AA8NsnhpOvULz1VYY5WHbg0UiXYtewsOSo?= =?us-ascii?Q?RQUeozi8wIBSV0VWj3YF+zlfnQ1LmEa1k5wZHQUXg+9PEDCV8KmAQfXHkRkA?= =?us-ascii?Q?cHZVyCIQCfr65vjaR4pD8AITPiHBZ26XulqzAoL2G1CyzhH6Wgn12Jofb3TU?= =?us-ascii?Q?qOtshyCGg517Cjd5UUe0vUq5SS7g05o60JN+vRYkqgp6le1S9HelitwNxC0F?= =?us-ascii?Q?RhUDnkV9xYbOJ4de1oBQlAsWhrgJZt75Uz4eBPslaR2y/vlP45o7olgd3TLh?= =?us-ascii?Q?CaViNt0nlMIxdz2ehecammYekwHK5H4+FSmMdfbKL1GaA3v36qkyshlO+H5L?= =?us-ascii?Q?dcPC7hb03s9THnlDC3zAHdkWaXNS0iOM6ex91NthhaiDP9weRSji3g12WRcH?= =?us-ascii?Q?aB+4xCK7WkNteRC4UCYz36H52RsK907G3i4WFrPNTnQWekRseeKnGWDflZar?= =?us-ascii?Q?OBkBb+Hm2KQgao3z9GTEl+4H4FqZA7pahVRlkcpgE7Ju15bPAADcHglamJqA?= =?us-ascii?Q?vHqhgU3e14k4EyhCW/WaxjvHoS2NQYnPTO64tjF25aIHIsltmbHTwv52zZoa?= =?us-ascii?Q?5fKzsSFIA5CEBal/VE2RHcF8+g6gV+nNYaxmZkxZj7UJA0zUnfe7a7XDqOHU?= =?us-ascii?Q?fp3qfKUh9lA/V8hQnvlhX+/lR/pquQq84fh0nz2guNY2tXH+4LqkmizHFGDR?= =?us-ascii?Q?eeYhFpWMlV4OB7IWH6cOW4KRmd0m4ZJBjAgHrugligEA/3Hi+sFmFZAj50E6?= =?us-ascii?Q?kR5WG0wQV5SYjJksPmWQpcMug3Z6kHPpo+TyDdhEixp98fzwwN6coxl4hKhN?= =?us-ascii?Q?eGYIzZoYKcldWnXgRV5M312FL/dd9gBOWKEhReU151FPK2xblpBpLMrr02U2?= =?us-ascii?Q?aNw0vBNk/rtaIMyvaz+zpbJR0Tdd00HXavSPkQtIggCP0j0Z0vXGcT+Y7g1N?= =?us-ascii?Q?NRwB6vvFwpySdHn+dNEC54rNf8pgCaqUfZaqlci3Sum/LXvXTCRF/7gHzuft?= =?us-ascii?Q?oapefsiOyljdtwxvdmVtj3KkOFFMSXgWdEfXjWue74VzuJqfgyRWDpaO7wV7?= =?us-ascii?Q?LfpX7GKBM9+cgL/yc4drpxCGjq8Ha77ZPwzPgT9bjihD7/uQnQD5ZxShakLN?= =?us-ascii?Q?dwqqzMGN2enl8jfbJNsEUFGhzjBsl3sWdiwap5Hc15iFm1M336CFRLYKniR9?= =?us-ascii?Q?3dETBhVAJdiCz+dnR1clhmrjpyjTuz4/51qi8UqoA58QUJLqHYCbPyntfsaE?= =?us-ascii?Q?xCp3ksAHYx4G9VEEN2eZikTiCEtY/srG9y2rXJPbPvF1pH4Lc1i2Bg/iM1w6?= =?us-ascii?Q?UnMHyVpxFAaeRy5psy11yx01+4fgjxj4AkgRglTmdUQBfW/tt7R/CZldawah?= =?us-ascii?Q?7IgakWIDznrjYdR9/pfFvKrLRO5orDbdZWdU+th/4OAFPne4sH6J74dYfbK0?= =?us-ascii?Q?x4cwqkozpdi0MgAFB3YB+9RPGgayuHpjh35LUJw1FDrs/b4hER7jYSe8ZV/p?= =?us-ascii?Q?XiKNMGBwIOkkS2IfE8ttlwvUDqepsuTuCdKU7glyXcLewhBXtpdcW9YehEoJ?= =?us-ascii?Q?Vyc8KvY2wtR+Bf7mA3rvwtPeqH9xJBgz4lBfuVTLyst8eAa+Lt1op2JSCaRD?= =?us-ascii?Q?Uu1mPd16fy+yvy9biioULHJYeGXjWqwFkvwfhP7bIV/zcNFV3o+ndIJeAONR?= =?us-ascii?Q?Nv3yjQ=3D=3D?= X-OriginatorOrg: corigine.com X-MS-Exchange-CrossTenant-Network-Message-Id: a2d3bb4e-9421-4fe4-6b60-08db8dc1d5d0 X-MS-Exchange-CrossTenant-AuthSource: PH0PR13MB4842.namprd13.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jul 2023 10:19:46.1717 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fe128f2c-073b-4c20-818e-7246a585940c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: lr689HA28hCxN0D1Fo6kFJfCcsD7UCd4ibt8xmloW+RtNHUFZYEdPujHl/KSVXnx1tP+KZsLoqJqYw1ij/6N5/VtvbbfVSb6vvsW8Rxr/nI= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR13MB4840 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230726_032000_381428_943FB00A X-CRM114-Status: GOOD ( 33.42 ) X-BeenThere: linux-phy@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Linux Phy Mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-phy" Errors-To: linux-phy-bounces+linux-phy=archiver.kernel.org@lists.infradead.org On Tue, Jul 25, 2023 at 06:40:58PM +0200, Gatien Chevallier wrote: > Introduce a STM32 firewall framework that offers to firewall consumers > different firewall services such as the ability to check their access > rights against their firewall controller(s). > > The STM32 firewall framework offers a generic API for STM32 firewall > controllers that is defined in their drivers to best fit the > specificity of each firewall. > > There are various types of firewalls: > -Peripheral firewalls that filter accesses to peripherals > -Memory firewalls that filter accesses to memories or memory regions > -No type for undefined type of firewall > > Signed-off-by: Gatien Chevallier ... > diff --git a/drivers/bus/stm32_firewall.c b/drivers/bus/stm32_firewall.c ... > +int stm32_firewall_populate_bus(struct stm32_firewall_controller *firewall_controller) > +{ > + struct stm32_firewall *firewalls; > + struct device_node *child; > + struct device *parent; > + unsigned int i; > + int len; > + int err; > + > + parent = firewall_controller->dev; > + > + dev_dbg(parent, "Populating %s system bus\n", dev_name(firewall_controller->dev)); > + > + for_each_available_child_of_node(dev_of_node(parent), child) { > + /* The feature-domains property is mandatory for firewall bus devices */ > + len = of_count_phandle_with_args(child, "feature-domains", "#feature-domain-cells"); > + if (len <= 0) Coccinelle says that, due to breaking out of a for_each_available_child_of_node() loop, a call to of_node_put() is needed here > + return -EINVAL; > + > + firewalls = kcalloc(len, sizeof(*firewalls), GFP_KERNEL); > + if (!firewalls) And here. > + return -ENOMEM; > + > + err = stm32_firewall_get_firewall(child, firewalls, (unsigned int)len); > + if (err) { > + kfree(firewalls); And here. > + return err; > + } > + > + for (i = 0; i < len; i++) { > + if (firewall_controller->grant_access(firewall_controller, > + firewalls[i].firewall_id)) { > + /* > + * Peripheral access not allowed or not defined. > + * Mark the node as populated so platform bus won't probe it > + */ > + of_node_set_flag(child, OF_POPULATED); > + dev_err(parent, "%s: Device driver will not be probed\n", > + child->full_name); > + } > + } > + > + kfree(firewalls); > + } > + > + return 0; > +} > +EXPORT_SYMBOL_GPL(stm32_firewall_populate_bus); > diff --git a/drivers/bus/stm32_firewall.h b/drivers/bus/stm32_firewall.h ... > +/** > + * struct stm32_firewall_controller - Information on firewall controller supplying services > + * > + * @name Name of the firewall controller kernel-doc complains that name and the other fields of struct stm32_firewall_controller are not documented. I believe this is because a ':' is needed after the name of the parameter (in this case 'name'). * @name: Name of the firewall controller Likewise, elsewhere. > + * @dev Device reference of the firewall controller > + * @mmio Base address of the firewall controller > + * @entry List entry of the firewall controller list > + * @type Type of firewall > + * @max_entries Number of entries covered by the firewall > + * @grant_access Callback used to grant access for a device access against a > + * firewall controller > + * @release_access Callback used to release resources taken by a device when access was > + * granted > + * @grant_memory_range_access Callback used to grant access for a device to a given memory region > + */ > +struct stm32_firewall_controller { > + const char *name; > + struct device *dev; > + void __iomem *mmio; > + struct list_head entry; > + unsigned int type; > + unsigned int max_entries; > + > + int (*grant_access)(struct stm32_firewall_controller *ctrl, u32 id); > + void (*release_access)(struct stm32_firewall_controller *ctrl, u32 id); > + int (*grant_memory_range_access)(struct stm32_firewall_controller *ctrl, phys_addr_t paddr, > + size_t size); > +}; > + > +/** > + * int stm32_firewall_controller_register - Register a firewall controller to the STM32 firewall kernel-doc seems unhappy about the presence of 'int' on this line. * stm32_firewall_controller_register - Register a firewall controller to the STM32 firewall Likewise, elsewhere. > + * framework > + * @firewall_controller Firewall controller to register > + * > + * Returns 0 in case of success or -ENODEV if no controller was given. > + */ > +int stm32_firewall_controller_register(struct stm32_firewall_controller *firewall_controller); ... > diff --git a/include/linux/bus/stm32_firewall_device.h b/include/linux/bus/stm32_firewall_device.h > new file mode 100644 > index 000000000000..9bdc4060154c > --- /dev/null > +++ b/include/linux/bus/stm32_firewall_device.h > @@ -0,0 +1,140 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > +/* > + * Copyright (C) 2023, STMicroelectronics - All Rights Reserved > + */ > + > +#ifndef STM32_FIREWALL_DEVICE_H > +#define STM32_FIREWALL_DEVICE_H > + > +#include > +#include > +#include > + > +#define STM32_FIREWALL_MAX_EXTRA_ARGS 5 > + > +/* Opaque reference to stm32_firewall_controller */ > +struct stm32_firewall_controller; > + > +/** > + * stm32_firewall - Information on a device's firewall. Each device can have more than one firewall. kernel-doc seems unhappy about the absence of struct on this line. * struct stm32_firewall - Information on a device's firewall. Each device can have more than one firewall. > + * > + * @firewall_ctrl Pointer referencing a firewall controller of the device. It is > + * opaque so a device cannot manipulate the controller's ops or access > + * the controller's data > + * @extra_args Extra arguments that are implementation dependent > + * @entry Name of the firewall entry > + * @extra_args_size Number of extra arguments > + * @firewall_id Firewall ID associated the device for this firewall controller > + */ > +struct stm32_firewall { > + struct stm32_firewall_controller *firewall_ctrl; > + u32 extra_args[STM32_FIREWALL_MAX_EXTRA_ARGS]; > + const char *entry; > + size_t extra_args_size; > + u32 firewall_id; > +}; ... -- pw-bot: changes-requested -- linux-phy mailing list linux-phy@lists.infradead.org https://lists.infradead.org/mailman/listinfo/linux-phy