From: "Christian König" <christian.koenig@amd.com>
To: "Yong Wu (吴勇)" <Yong.Wu@mediatek.com>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"matthias.bgg@gmail.com" <matthias.bgg@gmail.com>,
"robh+dt@kernel.org" <robh+dt@kernel.org>,
"sumit.semwal@linaro.org" <sumit.semwal@linaro.org>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-mediatek@lists.infradead.org"
<linux-mediatek@lists.infradead.org>,
"jstultz@google.com" <jstultz@google.com>,
"Jianjiao Zeng (曾健姣)" <Jianjiao.Zeng@mediatek.com>,
"linaro-mm-sig@lists.linaro.org" <linaro-mm-sig@lists.linaro.org>,
"linux-media@vger.kernel.org" <linux-media@vger.kernel.org>,
"devicetree@vger.kernel.org" <devicetree@vger.kernel.org>,
"quic_vjitta@quicinc.com" <quic_vjitta@quicinc.com>,
"willy@infradead.org" <willy@infradead.org>,
"Kuohong Wang (王國鴻)" <kuohong.wang@mediatek.com>,
"pavel@ucw.cz" <pavel@ucw.cz>,
"robin.murphy@arm.com" <robin.murphy@arm.com>,
"contact@emersion.fr" <contact@emersion.fr>,
"logang@deltatee.com" <logang@deltatee.com>,
"daniel@ffwll.ch" <daniel@ffwll.ch>,
"jkardatzke@google.com" <jkardatzke@google.com>,
"conor+dt@kernel.org" <conor+dt@kernel.org>,
"Brian.Starkey@arm.com" <Brian.Starkey@arm.com>,
"benjamin.gaignard@collabora.com"
<benjamin.gaignard@collabora.com>,
"tjmercier@google.com" <tjmercier@google.com>,
"krzysztof.kozlowski+dt@linaro.org"
<krzysztof.kozlowski+dt@linaro.org>,
"dri-devel@lists.freedesktop.org"
<dri-devel@lists.freedesktop.org>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"joakim.bech@linaro.org" <joakim.bech@linaro.org>,
"ppaalanen@gmail.com" <ppaalanen@gmail.com>,
"angelogioacchino.delregno@collabora.com"
<angelogioacchino.delregno@collabora.com>,
"Youlin Pei (裴友林)" <youlin.pei@mediatek.com>
Subject: Re: [PATCH v5 2/9] scatterlist: Add a flag for the restricted memory
Date: Tue, 21 May 2024 20:36:55 +0200 [thread overview]
Message-ID: <cef8f87d-edab-41d8-8b95-f3fc39ad7f74@amd.com> (raw)
In-Reply-To: <779ce30a657754ff945ebd32b66e1c644635e84d.camel@mediatek.com>
Am 20.05.24 um 09:58 schrieb Yong Wu (吴勇):
> On Thu, 2024-05-16 at 10:17 +0200, Christian König wrote:
>>
>> External email : Please do not click links or open attachments until
>> you have verified the sender or the content.
>> Am 15.05.24 um 13:23 schrieb Yong Wu:
>>> Introduce a FLAG for the restricted memory which means the memory
>> is
>>> protected by TEE or hypervisor, then it's inaccessiable for kernel.
>>>
>>> Currently we don't use sg_dma_unmark_restricted, thus this
>> interface
>>> has not been added.
>> Why should that be part of the scatterlist? It doesn't seem to
>> affect
>> any of it's functionality.
>>
>> As far as I can see the scatterlist shouldn't be the transport of
>> this
>> kind of information.
> Thanks for the review. I will remove this.
>
> In our user scenario, DRM will import these buffers and check if this
> is a restricted buffer. If yes, it will use secure GCE takes over.
>
> If this judgment is not suitable to be placed in scatterlist. I don't
> know if it is ok to limit this inside dma-buf. Adding such an
> interface:
>
> static bool dma_buf_is_restricted(struct dma_buf *dmabuf)
> {
> return !strncmp(dmabuf->exp_name, "restricted", 10);
> }
No, usually stuff like that doesn't belong into DMA buf either.
Question here really is who controls the security status of the memory
backing the buffer?
In other words who tells the exporter that it should allocate and fill a
buffer with encrypted data?
If that is userspace then that is part of the format information and it
is also userspace who should tell the importer that it needs to work
with encrypted data.
The kernel is intentionally not involved in stuff like that.
Regards,
Christian.
>
> Thanks.
>
>> Regards,
>> Christian.
>>
>>> Signed-off-by: Yong Wu <yong.wu@mediatek.com>
>>> ---
>>> include/linux/scatterlist.h | 34
>> ++++++++++++++++++++++++++++++++++
>>> 1 file changed, 34 insertions(+)
>>>
>>> diff --git a/include/linux/scatterlist.h
>> b/include/linux/scatterlist.h
>>> index 77df3d7b18a6..a6ad9018eca0 100644
>>> --- a/include/linux/scatterlist.h
>>> +++ b/include/linux/scatterlist.h
>>> @@ -282,6 +282,7 @@ static inline void sg_unmark_end(struct
>> scatterlist *sg)
>>>
>>> #define SG_DMA_BUS_ADDRESS(1 << 0)
>>> #define SG_DMA_SWIOTLB(1 << 1)
>>> +#define SG_DMA_RESTRICTED(2 << 1)
>>>
>>> /**
>>> * sg_dma_is_bus_address - Return whether a given segment was
>> marked
>>> @@ -352,6 +353,31 @@ static inline void sg_dma_mark_swiotlb(struct
>> scatterlist *sg)
>>> sg->dma_flags |= SG_DMA_SWIOTLB;
>>> }
>>>
>>> +/**
>>> + * sg_dma_mark_restricted - Mark the scatterlist for restricted
>> buffer.
>>> + * @sg:SG entry
>>> + *
>>> + * Description:
>>> + * Marks a a scatterlist for the restricted buffer that may be
>> inaccessiable
>>> + * in kernel if it is protected.
>>> + */
>>> +static inline void sg_dma_mark_restricted(struct scatterlist *sg)
>>> +{
>>> +sg->dma_flags |= SG_DMA_RESTRICTED;
>>> +}
>>> +
>>> +/**
>>> + * sg_dma_is_restricted - Return whether the scatterlist was
>> marked as restricted
>>> + * buffer.
>>> + * @sg:SG entry
>>> + *
>>> + * Description:
>>> + * Returns true if the scatterlist was marked as restricted
>> buffer.
>>> + */
>>> +static inline bool sg_dma_is_restricted(struct scatterlist *sg)
>>> +{
>>> +return sg->dma_flags & SG_DMA_RESTRICTED;
>>> +}
>>> #else
>>>
>>> static inline bool sg_dma_is_bus_address(struct scatterlist *sg)
>>> @@ -372,6 +398,14 @@ static inline void sg_dma_mark_swiotlb(struct
>> scatterlist *sg)
>>> {
>>> }
>>>
>>> +static inline bool sg_dma_is_restricted(struct scatterlist *sg)
>>> +{
>>> +return false;
>>> +}
>>> +
>>> +static inline void sg_dma_mark_restrited(struct scatterlist *sg)
>>> +{
>>> +}
>>> #endif/* CONFIG_NEED_SG_DMA_FLAGS */
>>>
>>> /**
>>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2024-05-21 18:37 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-15 11:22 [PATCH v5 0/9] dma-buf: heaps: Add restricted heap Yong Wu
2024-05-15 11:23 ` [PATCH v5 1/9] dt-bindings: reserved-memory: Add mediatek,dynamic-restricted-region Yong Wu
2024-05-15 11:23 ` [PATCH v5 2/9] scatterlist: Add a flag for the restricted memory Yong Wu
2024-05-16 8:17 ` Christian König
2024-05-20 7:58 ` Yong Wu (吴勇)
2024-05-21 18:36 ` Christian König [this message]
2024-06-25 11:02 ` Jason-JH Lin (林睿祥)
[not found] ` <3104b765-5666-44e4-8788-f1b1b296fe17@amd.com>
2024-06-26 8:05 ` Jason-JH Lin (林睿祥)
[not found] ` <75dc1136-7751-4772-9fa7-dd9124684cd2@amd.com>
2024-06-26 17:56 ` Daniel Vetter
2024-06-27 3:21 ` Jason-JH Lin (林睿祥)
2024-06-27 6:57 ` Christian König
2024-06-27 14:40 ` mripard
2024-06-28 11:47 ` Thierry Reding
2024-06-28 13:21 ` mripard
2024-06-28 14:11 ` Thierry Reding
2024-06-28 20:34 ` Nicolas Dufresne
[not found] ` <c96f82e3-bbd6-407e-a71b-3a794a56585b@amd.com>
2024-06-28 13:57 ` Thierry Reding
2024-06-28 17:52 ` Daniel Vetter
[not found] ` <304c9faa-5a9c-4520-a3d8-0818f76dd7c9@amd.com>
2024-06-28 13:40 ` mripard
[not found] ` <18c6ab56-1d43-4646-914b-6de793811040@amd.com>
2024-07-10 9:56 ` Jason-JH Lin (林睿祥)
2024-06-28 20:23 ` Nicolas Dufresne
2024-06-28 20:16 ` Nicolas Dufresne
2024-07-01 8:41 ` [Linaro-mm-sig] " Christian König
2024-06-27 3:17 ` Jason-JH Lin (林睿祥)
2024-05-16 9:59 ` AngeloGioacchino Del Regno
2024-05-20 9:53 ` Yong Wu (吴勇)
2024-05-15 11:23 ` [PATCH v5 3/9] lib/scatterlist: Add sg_dup_table Yong Wu
2024-05-15 11:23 ` [PATCH v5 4/9] dma-buf: heaps: Initialize a restricted heap Yong Wu
2024-05-15 11:23 ` [PATCH v5 5/9] dma-buf: heaps: restricted_heap: Add private heap ops Yong Wu
2024-06-28 12:26 ` Thierry Reding
2024-05-15 11:23 ` [PATCH v5 6/9] dma-buf: heaps: restricted_heap: Add dma_ops Yong Wu
2024-05-15 11:23 ` [PATCH v5 7/9] dma-buf: heaps: restricted_heap: Add MediaTek restricted heap and heap_init Yong Wu
2024-06-28 12:38 ` Thierry Reding
2024-08-22 15:11 ` Jens Wiklander
2024-05-15 11:23 ` [PATCH v5 8/9] dma-buf: heaps: restricted_heap_mtk: Add TEE memory service call Yong Wu
2024-05-15 11:23 ` [PATCH v5 9/9] dma_buf: heaps: restricted_heap_mtk: Add a new CMA heap Yong Wu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cef8f87d-edab-41d8-8b95-f3fc39ad7f74@amd.com \
--to=christian.koenig@amd.com \
--cc=Brian.Starkey@arm.com \
--cc=Jianjiao.Zeng@mediatek.com \
--cc=Yong.Wu@mediatek.com \
--cc=akpm@linux-foundation.org \
--cc=angelogioacchino.delregno@collabora.com \
--cc=benjamin.gaignard@collabora.com \
--cc=conor+dt@kernel.org \
--cc=contact@emersion.fr \
--cc=daniel@ffwll.ch \
--cc=devicetree@vger.kernel.org \
--cc=dri-devel@lists.freedesktop.org \
--cc=jkardatzke@google.com \
--cc=joakim.bech@linaro.org \
--cc=jstultz@google.com \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=kuohong.wang@mediatek.com \
--cc=linaro-mm-sig@lists.linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=logang@deltatee.com \
--cc=matthias.bgg@gmail.com \
--cc=pavel@ucw.cz \
--cc=ppaalanen@gmail.com \
--cc=quic_vjitta@quicinc.com \
--cc=robh+dt@kernel.org \
--cc=robin.murphy@arm.com \
--cc=sumit.semwal@linaro.org \
--cc=tjmercier@google.com \
--cc=willy@infradead.org \
--cc=youlin.pei@mediatek.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).