From: Sudeep Holla <sudeep.holla@arm.com>
To: Benjamin Gaignard <benjamin.gaignard@st.com>
Cc: broonie@kernel.org, robh@kernel.org, arnd@arndb.de,
shawnguo@kernel.org, s.hauer@pengutronix.de,
fabio.estevam@nxp.com, lkml@metux.net, loic.pallardy@st.com,
gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org,
linux-imx@nxp.com, kernel@pengutronix.de,
linux-arm-kernel@lists.infradead.org, devicetree@vger.kernel.org,
system-dt@lists.openampproject.org,
stefano.stabellini@xilinx.com,
Sudeep Holla <sudeep.holla@arm.com>
Subject: Re: [PATCH v2 0/7] Introduce bus firewall controller framework
Date: Tue, 28 Jan 2020 16:36:28 +0000 [thread overview]
Message-ID: <20200128163628.GB30489@bogus> (raw)
In-Reply-To: <20200128153806.7780-1-benjamin.gaignard@st.com>
On Tue, Jan 28, 2020 at 04:37:59PM +0100, Benjamin Gaignard wrote:
> Bus firewall framework aims to provide a kernel API to set the configuration
> of the harware blocks in charge of busses access control.
>
> Framework architecture is inspirated by pinctrl framework:
> - a default configuration could be applied before bind the driver.
> If a configuration could not be applied the driver is not bind
> to avoid doing accesses on prohibited regions.
> - configurations could be apllied dynamically by drivers.
> - device node provides the bus firewall configurations.
>
> An example of bus firewall controller is STM32 ETZPC hardware block
> which got 3 possible configurations:
> - trust: hardware blocks are only accessible by software running on trust
> zone (i.e op-tee firmware).
> - non-secure: hardware blocks are accessible by non-secure software (i.e.
> linux kernel).
> - coprocessor: hardware blocks are only accessible by the coprocessor.
> Up to 94 hardware blocks of the soc could be managed by ETZPC.
>
/me confused. Is ETZPC accessible from the non-secure kernel space to
begin with ? If so, is it allowed to configure hardware blocks as secure
or trusted ? I am failing to understand the overall design of a system
with ETZPC controller.
> At least two other hardware blocks can take benefits of this:
> - ARM TZC-400: http://infocenter.arm.com/help/topic/com.arm.doc.100325_0001_02_en/arm_corelink_tzc400_trustzone_address_space_controller_trm_100325_0001_02_en.pdf
> which is able to manage up to 8 regions in address space.
I strongly have to disagree with the above and NACK any patch trying
to do so. AFAIK, no system designed has TZC with non-secure access.
So we simply can't access this in the kernel and hence need no driver
for the same. Please avoid adding above misleading information in future.
--
Regards,
Sudeep
next prev parent reply other threads:[~2020-01-28 16:36 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-28 15:37 [PATCH v2 0/7] Introduce bus firewall controller framework Benjamin Gaignard
2020-01-28 15:38 ` [PATCH v2 1/7] dt-bindings: bus: Add firewall bindings Benjamin Gaignard
2020-01-28 15:38 ` [PATCH v2 2/7] bus: Introduce firewall controller framework Benjamin Gaignard
2020-01-28 15:52 ` Greg KH
2020-01-28 16:41 ` Benjamin GAIGNARD
2020-01-28 16:57 ` Greg KH
2020-01-28 20:29 ` Benjamin GAIGNARD
2020-01-29 5:49 ` Greg KH
2020-01-29 9:42 ` Linus Walleij
2020-01-29 9:52 ` Greg KH
2020-01-29 11:17 ` Mark Brown
2020-01-31 8:37 ` Benjamin GAIGNARD
2020-01-31 9:06 ` Greg KH
2020-02-14 16:05 ` Linus Walleij
2020-02-14 21:40 ` Greg KH
2020-02-15 12:41 ` Benjamin GAIGNARD
2020-02-16 7:21 ` Greg KH
2020-01-28 15:38 ` [PATCH v2 3/7] base: Add calls to firewall controller Benjamin Gaignard
2020-01-28 15:38 ` [PATCH v2 4/7] dt-bindings: bus: Add STM32 ETZPC " Benjamin Gaignard
2020-01-28 15:38 ` [PATCH v2 5/7] bus: firewall: Add driver for STM32 ETZPC controller Benjamin Gaignard
2020-01-28 15:38 ` [PATCH v2 6/7] ARM: dts: stm32: Add firewall node for stm32mp157 SoC Benjamin Gaignard
2020-01-28 15:38 ` [PATCH v2 7/7] ARM: dts: stm32: enable firewall controller node on stm32mp157c-ed1 Benjamin Gaignard
2020-01-28 16:36 ` Sudeep Holla [this message]
2020-01-28 16:46 ` [PATCH v2 0/7] Introduce bus firewall controller framework Benjamin GAIGNARD
2020-01-28 17:17 ` Sudeep Holla
2020-01-28 20:06 ` Benjamin GAIGNARD
2020-01-28 22:06 ` Robin Murphy
2020-01-29 13:40 ` Benjamin GAIGNARD
2020-01-31 18:25 ` Robin Murphy
2020-02-03 13:16 ` Benjamin GAIGNARD
2020-01-31 20:51 ` Florian Fainelli
2020-02-03 13:41 ` Benjamin GAIGNARD
2020-01-31 20:48 ` Florian Fainelli
2020-02-02 12:23 ` Mark Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200128163628.GB30489@bogus \
--to=sudeep.holla@arm.com \
--cc=arnd@arndb.de \
--cc=benjamin.gaignard@st.com \
--cc=broonie@kernel.org \
--cc=devicetree@vger.kernel.org \
--cc=fabio.estevam@nxp.com \
--cc=gregkh@linuxfoundation.org \
--cc=kernel@pengutronix.de \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-imx@nxp.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lkml@metux.net \
--cc=loic.pallardy@st.com \
--cc=robh@kernel.org \
--cc=s.hauer@pengutronix.de \
--cc=shawnguo@kernel.org \
--cc=stefano.stabellini@xilinx.com \
--cc=system-dt@lists.openampproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).