Re: [PATCH v2 5/8] dt-bindings: misc: add property to support non-secure DSP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 13/12/2021 10:57, Stephan Gerhold wrote:
On Thu, Dec 09, 2021 at 12:06:23PM +0000, Srinivas Kandagatla wrote:
From: Jeya R <jeyr@xxxxxxxxxxxxxx>

Add property to set DSP domain as non-secure.

ADSP/MDSP/SDSP are by default secured, where as CDSP can be either be
secured/unsecured.

Wouldn't it be easier to avoid the negation and add a "qcom,secure-domain"
property instead? Given PATCH 8/8 ("arm64: dts: qcom: add non-secure
domain property to fastrpc nodes") it looks like you are intentionally
breaking DT compatibility here, but this patch does not justify why this
is necessary.

By default all ADSP/MDSP/SDSP are secured, so this property is only required for something that is not default. Only case that is configurable is the CDSP case where in by adding this flag we should be able to load an unsigned process to dsp using unsecured node.

Having said that, TBH When we first added the fastrpc patchset we did not take care of this security feature properly :-)

From security point of view, its better to keep the default as secured rather than unsecured in DT too.

With this DTS patch older dts should continue to work.

--srini


Thanks,
Stephan




[Index of Archives]     [Device Tree Compilter]     [Device Tree Spec]     [Linux Driver Backports]     [Video for Linux]     [Linux USB Devel]     [Linux PCI Devel]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [XFree86]     [Yosemite Backpacking]


  Powered by Linux