On Wed, Jan 26, 2022 at 11:19:08PM +0000, David Brazdil wrote: > Hi Rob, > > On Wed, Jan 26, 2022 at 11:12:36PM +0000, David Brazdil wrote: > > Add DeviceTree bindings for Open Profile for DICE, an open protocol for > > measured boot. Firmware uses DICE to measure the hardware/software > > combination and generates Compound Device Identifier (CDI) certificates. > > These are stored in memory and the buffer is described in the DT as > > a reserved memory region compatible with 'google,open-dice'. > > > > 'no-map' is required to ensure the memory region is never treated by > > the kernel as system memory. > > > > Signed-off-by: David Brazdil <dbrazdil@xxxxxxxxxx> > > --- > > .../reserved-memory/google,open-dice.yaml | 46 +++++++++++++++++++ > > 1 file changed, 46 insertions(+) > > create mode 100644 Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml > > > > diff --git a/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml b/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml > > new file mode 100644 > > index 000000000000..257a0b51994a > > --- /dev/null > > +++ b/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml > > @@ -0,0 +1,46 @@ > > +# SPDX-License-Identifier: GPL-2.0-only OR BSD-2-Clause > > +%YAML 1.2 > > +--- > > +$id: http://devicetree.org/schemas/reserved-memory/google,open-dice.yaml# > > +$schema: http://devicetree.org/meta-schemas/core.yaml# > > + > > +title: Open Profile for DICE Device Tree Bindings > > + > > +description: | > > + This binding represents a reserved memory region containing data > > + generated by the Open Profile for DICE protocol. > > + > > + See https://pigweed.googlesource.com/open-dice/ > > + > > +maintainers: > > + - David Brazdil <dbrazdil@xxxxxxxxxx> > > + > > +allOf: > > + - $ref: "reserved-memory.yaml" > > + > > +properties: > > + compatible: > > + const: google,open-dice > > + > > + reg: > > + description: page-aligned region of memory containing DICE data > > + > > +required: > > + - compatible > > + - reg > > + - no-map > > You already gave this a Reviewed-by in v6. Just want to mention that I > didn't pick it up because I added a required no-map here. It was always > included in our DTs but I made it required because the kernel should > never treat that region as system memory. The kernel will warn when the > driver tries to wipe the memory otherwise. That's small enough change to keep tags. Reviewed-by: Rob Herring <robh@xxxxxxxxxx>
