On 4/26/23 08:47, Pavel Machek wrote:
Hi!
Dynamic boost control is a feature of some SoCs that allows
an authenticated entity to send commands to the security processor
to control certain SOC characteristics with the intention to improve
performance.
This is implemented via a mechanism that a userspace application would
authenticate using a nonce and key exchange over an IOCTL interface.
After authentication is complete an application can exchange signed
messages with the security processor and both ends can validate the
data transmitted.
Why is this acceptable? This precludes cross-platform interfaces,
right? Why would application want to validate data from PSP? That
precludes virtualization, right?
Just put the key in kernel. Users have right to control their own
hardware.
Pavel
This matches exactly how the interface works in Windows as well.
The reason for validating the data from the PSP is because the data
crosses multiple trust boundaries and this ensures that the application
can trust it to make informed decisions.