From: Mathieu Poirier <mathieu.poirier@linaro.org>
To: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
Cc: Bjorn Andersson <andersson@kernel.org>,
Jens Wiklander <jens.wiklander@linaro.org>,
Rob Herring <robh+dt@kernel.org>,
Krzysztof Kozlowski <krzk+dt@kernel.org>,
Conor Dooley <conor+dt@kernel.org>,
linux-stm32@st-md-mailman.stormreply.com,
linux-arm-kernel@lists.infradead.org,
linux-remoteproc@vger.kernel.org, linux-kernel@vger.kernel.org,
op-tee@lists.trustedfirmware.org, devicetree@vger.kernel.org
Subject: Re: [RESEND PATCH v16 0/6] Introduction of a remoteproc tee to load signed firmware
Date: Mon, 9 Jun 2025 09:23:09 -0600 [thread overview]
Message-ID: <aEb8XbhY5dR__GM-@p14s> (raw)
In-Reply-To: <20250603100808.1074812-1-arnaud.pouliquen@foss.st.com>
On Tue, Jun 03, 2025 at 12:08:02PM +0200, Arnaud Pouliquen wrote:
> Hello Bjorn and Mathieu,
>
> I am resending this series after waiting for over two months for Bjorn's
> feedback, despite a prior reminder.
>
> Please could you coordinate between yourselves to determine who will continue
> reviewing this series? It would be greatly appreciated if the review could
> proceed within a more reasonable timeframe.
>
> Thanks in advance and best regards,
> Arnaud
>
>
> Main updates from version V15[1]:
> - Removed the rproc_ops:load_fw() operation introduced in the previous version.
> - Returned to managing the remoteproc firmware loading in rproc_tee_parse_fw to
> load and authenticate the firmware before getting the resource table.
> - Added spinlock and dev_link mechanisms in remoteproc TEE to better manage
> bind/unbind.
>
Have all pending issues been resolved or is there still questions about some
aspects of the design?
> More details are available in each patch commit message.
>
> [1] https://lore.kernel.org/linux-remoteproc/20241128084219.2159197-7-arnaud.pouliquen@foss.st.com/T/
>
> Tested-on: commit 0ff41df1cb26 ("Linux 6.15")
>
> Description of the feature:
> --------------------------
> This series proposes the implementation of a remoteproc tee driver to
> communicate with a TEE trusted application responsible for authenticating
> and loading the remoteproc firmware image in an Arm secure context.
>
> 1) Principle:
>
> The remoteproc tee driver provides services to communicate with the OP-TEE
> trusted application running on the Trusted Execution Context (TEE).
> The trusted application in TEE manages the remote processor lifecycle:
>
> - authenticating and loading firmware images,
> - isolating and securing the remote processor memories,
> - supporting multi-firmware (e.g., TF-M + Zephyr on a Cortex-M33),
> - managing the start and stop of the firmware by the TEE.
>
> 2) Format of the signed image:
>
> Refer to:
> https://github.com/OP-TEE/optee_os/blob/master/ta/remoteproc/src/remoteproc_core.c#L18-L57
>
> 3) OP-TEE trusted application API:
>
> Refer to:
> https://github.com/OP-TEE/optee_os/blob/master/ta/remoteproc/include/ta_remoteproc.h
>
> 4) OP-TEE signature script
>
> Refer to:
> https://github.com/OP-TEE/optee_os/blob/master/scripts/sign_rproc_fw.py
>
> Example of usage:
> sign_rproc_fw.py --in <fw1.elf> --in <fw2.elf> --out <signed_fw.sign> --key ${OP-TEE_PATH}/keys/default.pem
>
>
> 5) Impact on User space Application
>
> No sysfs impact. The user only needs to provide the signed firmware image
> instead of the ELF image.
>
>
> For more information about the implementation, a presentation is available here
> (note that the format of the signed image has evolved between the presentation
> and the integration in OP-TEE).
>
> https://resources.linaro.org/en/resource/6c5bGvZwUAjX56fvxthxds
>
> Arnaud Pouliquen (6):
> remoteproc: core: Introduce rproc_pa_to_va helper
> remoteproc: Add TEE support
> remoteproc: Introduce release_fw optional operation
> dt-bindings: remoteproc: Add compatibility for TEE support
> remoteproc: stm32: Create sub-functions to request shutdown and
> release
> remoteproc: stm32: Add support of an OP-TEE TA to load the firmware
>
> .../bindings/remoteproc/st,stm32-rproc.yaml | 58 +-
> drivers/remoteproc/Kconfig | 10 +
> drivers/remoteproc/Makefile | 1 +
> drivers/remoteproc/remoteproc_core.c | 52 ++
> drivers/remoteproc/remoteproc_internal.h | 6 +
> drivers/remoteproc/remoteproc_tee.c | 619 ++++++++++++++++++
> drivers/remoteproc/stm32_rproc.c | 139 +++-
> include/linux/remoteproc.h | 4 +
> include/linux/remoteproc_tee.h | 90 +++
> 9 files changed, 935 insertions(+), 44 deletions(-)
> create mode 100644 drivers/remoteproc/remoteproc_tee.c
> create mode 100644 include/linux/remoteproc_tee.h
>
>
> base-commit: 0ff41df1cb268fc69e703a08a57ee14ae967d0ca
> --
> 2.25.1
>
WARNING: multiple messages have this Message-ID (diff)
From: Mathieu Poirier <mathieu.poirier@linaro.org>
To: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
Cc: Bjorn Andersson <andersson@kernel.org>,
Rob Herring <robh+dt@kernel.org>,
Krzysztof Kozlowski <krzk+dt@kernel.org>,
Conor Dooley <conor+dt@kernel.org>,
linux-stm32@st-md-mailman.stormreply.com,
linux-arm-kernel@lists.infradead.org,
linux-remoteproc@vger.kernel.org, linux-kernel@vger.kernel.org,
op-tee@lists.trustedfirmware.org, devicetree@vger.kernel.org
Subject: Re: [RESEND PATCH v16 0/6] Introduction of a remoteproc tee to load signed firmware
Date: Mon, 9 Jun 2025 09:23:09 -0600 [thread overview]
Message-ID: <aEb8XbhY5dR__GM-@p14s> (raw)
In-Reply-To: <20250603100808.1074812-1-arnaud.pouliquen@foss.st.com>
On Tue, Jun 03, 2025 at 12:08:02PM +0200, Arnaud Pouliquen wrote:
> Hello Bjorn and Mathieu,
>
> I am resending this series after waiting for over two months for Bjorn's
> feedback, despite a prior reminder.
>
> Please could you coordinate between yourselves to determine who will continue
> reviewing this series? It would be greatly appreciated if the review could
> proceed within a more reasonable timeframe.
>
> Thanks in advance and best regards,
> Arnaud
>
>
> Main updates from version V15[1]:
> - Removed the rproc_ops:load_fw() operation introduced in the previous version.
> - Returned to managing the remoteproc firmware loading in rproc_tee_parse_fw to
> load and authenticate the firmware before getting the resource table.
> - Added spinlock and dev_link mechanisms in remoteproc TEE to better manage
> bind/unbind.
>
Have all pending issues been resolved or is there still questions about some
aspects of the design?
> More details are available in each patch commit message.
>
> [1] https://lore.kernel.org/linux-remoteproc/20241128084219.2159197-7-arnaud.pouliquen@foss.st.com/T/
>
> Tested-on: commit 0ff41df1cb26 ("Linux 6.15")
>
> Description of the feature:
> --------------------------
> This series proposes the implementation of a remoteproc tee driver to
> communicate with a TEE trusted application responsible for authenticating
> and loading the remoteproc firmware image in an Arm secure context.
>
> 1) Principle:
>
> The remoteproc tee driver provides services to communicate with the OP-TEE
> trusted application running on the Trusted Execution Context (TEE).
> The trusted application in TEE manages the remote processor lifecycle:
>
> - authenticating and loading firmware images,
> - isolating and securing the remote processor memories,
> - supporting multi-firmware (e.g., TF-M + Zephyr on a Cortex-M33),
> - managing the start and stop of the firmware by the TEE.
>
> 2) Format of the signed image:
>
> Refer to:
> https://github.com/OP-TEE/optee_os/blob/master/ta/remoteproc/src/remoteproc_core.c#L18-L57
>
> 3) OP-TEE trusted application API:
>
> Refer to:
> https://github.com/OP-TEE/optee_os/blob/master/ta/remoteproc/include/ta_remoteproc.h
>
> 4) OP-TEE signature script
>
> Refer to:
> https://github.com/OP-TEE/optee_os/blob/master/scripts/sign_rproc_fw.py
>
> Example of usage:
> sign_rproc_fw.py --in <fw1.elf> --in <fw2.elf> --out <signed_fw.sign> --key ${OP-TEE_PATH}/keys/default.pem
>
>
> 5) Impact on User space Application
>
> No sysfs impact. The user only needs to provide the signed firmware image
> instead of the ELF image.
>
>
> For more information about the implementation, a presentation is available here
> (note that the format of the signed image has evolved between the presentation
> and the integration in OP-TEE).
>
> https://resources.linaro.org/en/resource/6c5bGvZwUAjX56fvxthxds
>
> Arnaud Pouliquen (6):
> remoteproc: core: Introduce rproc_pa_to_va helper
> remoteproc: Add TEE support
> remoteproc: Introduce release_fw optional operation
> dt-bindings: remoteproc: Add compatibility for TEE support
> remoteproc: stm32: Create sub-functions to request shutdown and
> release
> remoteproc: stm32: Add support of an OP-TEE TA to load the firmware
>
> .../bindings/remoteproc/st,stm32-rproc.yaml | 58 +-
> drivers/remoteproc/Kconfig | 10 +
> drivers/remoteproc/Makefile | 1 +
> drivers/remoteproc/remoteproc_core.c | 52 ++
> drivers/remoteproc/remoteproc_internal.h | 6 +
> drivers/remoteproc/remoteproc_tee.c | 619 ++++++++++++++++++
> drivers/remoteproc/stm32_rproc.c | 139 +++-
> include/linux/remoteproc.h | 4 +
> include/linux/remoteproc_tee.h | 90 +++
> 9 files changed, 935 insertions(+), 44 deletions(-)
> create mode 100644 drivers/remoteproc/remoteproc_tee.c
> create mode 100644 include/linux/remoteproc_tee.h
>
>
> base-commit: 0ff41df1cb268fc69e703a08a57ee14ae967d0ca
> --
> 2.25.1
>
next prev parent reply other threads:[~2025-06-09 15:58 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-03 10:08 [RESEND PATCH v16 0/6] Introduction of a remoteproc tee to load signed firmware Arnaud Pouliquen
2025-06-03 10:08 ` Arnaud Pouliquen
2025-06-03 10:08 ` [RESEND PATCH v16 1/6] remoteproc: core: Introduce rproc_pa_to_va helper Arnaud Pouliquen
2025-06-03 10:08 ` Arnaud Pouliquen
2025-06-03 10:08 ` [RESEND PATCH v16 2/6] remoteproc: Add TEE support Arnaud Pouliquen
2025-06-03 10:08 ` Arnaud Pouliquen
2025-06-09 16:04 ` Mathieu Poirier
2025-06-09 16:04 ` Mathieu Poirier
2025-06-03 10:08 ` [RESEND PATCH v16 3/6] remoteproc: Introduce release_fw optional operation Arnaud Pouliquen
2025-06-03 10:08 ` Arnaud Pouliquen
2025-06-03 10:08 ` [RESEND PATCH v16 4/6] dt-bindings: remoteproc: Add compatibility for TEE support Arnaud Pouliquen
2025-06-03 10:08 ` Arnaud Pouliquen
2025-06-03 10:08 ` [RESEND PATCH v16 5/6] remoteproc: stm32: Create sub-functions to request shutdown and release Arnaud Pouliquen
2025-06-03 10:08 ` Arnaud Pouliquen
2025-06-03 10:08 ` [RESEND PATCH v16 6/6] remoteproc: stm32: Add support of an OP-TEE TA to load the firmware Arnaud Pouliquen
2025-06-03 10:08 ` Arnaud Pouliquen
2025-06-09 15:23 ` Mathieu Poirier [this message]
2025-06-09 15:23 ` [RESEND PATCH v16 0/6] Introduction of a remoteproc tee to load signed firmware Mathieu Poirier
2025-06-09 16:30 ` Arnaud POULIQUEN
2025-06-09 16:30 ` Arnaud POULIQUEN
2025-06-10 17:36 ` Mathieu Poirier
2025-06-10 17:36 ` Mathieu Poirier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aEb8XbhY5dR__GM-@p14s \
--to=mathieu.poirier@linaro.org \
--cc=andersson@kernel.org \
--cc=arnaud.pouliquen@foss.st.com \
--cc=conor+dt@kernel.org \
--cc=devicetree@vger.kernel.org \
--cc=jens.wiklander@linaro.org \
--cc=krzk+dt@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-remoteproc@vger.kernel.org \
--cc=linux-stm32@st-md-mailman.stormreply.com \
--cc=op-tee@lists.trustedfirmware.org \
--cc=robh+dt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.