On 28/02/18 17:53, Mark Rutland wrote:
[...]
It is not about to "check" the DT but if Linux could get access to the
hardware. Hardware block assignment to secure or non-secure world
could change at runtime for example I2C block could be manage by
secure OS for a trusted application and when it have finish "release"
the it for Linux.
The driver does not do this today. It probe the HW once during early
boot, then aborts driver probes. It provides no provision for dynamic
assignment.
Is this something you plan to implement? How will the secure world
notify the non-secure world of its intent to manage a device, or
vice-versa?
Note that this is another thing which in general already happens -
control of (and correspondingly, hardware access to) things like display
engines and video decoders can get transferred between Linux (well,
Android at least) and a trusted OS. You need communication and
cooperation between the two sides via channels like tee-supplicant to
make it usable, though, at which point the fact that this ETZPC provides
non-secure-visible status unlike other TZASCs is rather superfluous - if
the secure side could just blindly take ownership of the I2C block in
response to some event, while the Linux I2C driver is in the middle of
its own transfer, a status bit in a register somewhere else isn't going
to be much help overall.
I don't think that could be done by changing DT.
I think that dhecking hardware blocks status bits before probe them is
also more robust than let
each driver discover at probe time that it hardware isn't responding.
I don't follow. Robin and I suggest that gets encoded in the DT, which
is *more* efficient than having each driver probe the DT, begin probing,
then abort via the notifier.
This really seems like something that should be done *prior* to entering
Linux.
Indeed; the DT by nature describes the initial state of the system at
the point that Linux takes control, and thus it really *should* reflect
whatever the current ETZPC configuration is. Note what DTSpec actually says:
"disabled"
Indicates that the device is not presently operational, but it might
become operational in the future (for example, something is not
plugged in, or switched off).
Refer to the device binding for details on what disabled means for a
given device.
The fact that the current behaviour of our OF platform code doesn't
really respect that last point and makes it tricky to bring
initially-unavailable devices to life later is a separate issue.
Robin.
--
To unsubscribe from this list: send the line "unsubscribe devicetree" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html