Re: [PATCH v3 1/5] ARM: add basic Trusted Foundations support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Aug 16, 2013 at 10:23 PM, Dave Martin <Dave.Martin@xxxxxxx> wrote:
> On Thu, Aug 15, 2013 at 04:02:52PM -0600, Stephen Warren wrote:
>> On 08/15/2013 05:52 AM, Dave Martin wrote:
>> > On Tue, Aug 13, 2013 at 11:29:48AM +0900, Alexandre Courbot wrote:
>> >> Trusted Foundations is a TrustZone-based secure monitor for ARM that
>> >> can be invoked  using a consistent smc-based API on all supported
>> >> platforms. This patch adds initial basic support for Trusted
>> >> Foundations using the ARM firmware API. Current features are limited
>> >> to the ability to boot secondary processors.
>>
>> >> diff --git a/Documentation/devicetree/bindings/arm/firmware/tl,trusted-foundations.txt b/Documentation/devicetree/bindings/arm/firmware/tl,trusted-foundations.txt
>>
>> >> +Required properties:
>> >> +- compatible : "tl,trusted-foundations"
>> >> +- version : Must contain the version number string of the Trusted Foundation
>> >> +  firmware.
>> >
>> > Are you sure there is no low-level way to probe vendor and version info?
>> > If there is, then the DT should describe nothing except the fact that
>> > the probe interface exists.
>> >
>> > I also worry that two integrations on different SoCs might have the
>> > same version number, yet still be different due to vendor-specific
>> > features and options.
>>
>> I would expect HW-specific compatible values also to be present in a DT.
>> For example, perhaps:
>>
>> compatible = "tl,trusted-foundations-nvidia-shield",
>> "tl,trusted-foundations";
>>
>> (nvidia vendor, shield board/implementation)
>>
>> This would allow matching on the specific value
>> "tl,trusted-foundations-nvidia-shield" in the future if some quirking
>> was needed, but if this wasn't needed, drivers could just bind to the
>> generic "tl,trusted-foundations".
>
> That seems reasonable *unless* there is a reliable way to obtain
> a vendor ID from the SMC ABI directly, in which case we should just
> use that.
>
> One could debate whether the extra compatible string should have
> "nvidia," or "tl," but the fact that "nvidia" is in the name at all
> pretty much narrows it down.
>
>>
>> >> +- version : Must contain the version number string of the Trusted Foundation
>> >> +  firmware.
>> >
>> > Are you sure there is no low-level way to probe vendor and version info?
>> > If there is, then the DT should describe nothing except the fact that
>> > the probe interface exists.
>> >
>> > I also worry that two integrations on different SoCs might have the
>> > same version number, yet still be different due to vendor-specific
>> > features and options.
>>
>> Talking of the version - if we do need to represent this in the DT, how
>> about 2 separate cells for major/minor version rather than encoding it
>> into a string? Then, no parsing would be required.
>
> I think the key thing here is to match whatever TF's native notion of
> version is.
>
> If it's truly a string with specific comparison rules, we should leave it
> a string and write code to examine it.  If it's a simple <major minor>
> pair, then putting it in the DT in this form makes sense.

TF's native version is this major/minor pair, and indeed it should be
sensible and harmless to turn it into a pair of cells.

Then there are other components that can be added to build a more
precise "version string". You can have a look at this file to see how
this is done:

http://nv-tegra.nvidia.com/gitweb/?p=linux-2.6.git;a=blob;f=security/tf_driver/s_version.h;h=d75c5f35d32d597b664c9533b1c5a52696e81b49;hb=rel-roth-ota-1

The version string I used to far is the S_VERSION_MAIN macro, since it
is the only one that seems to be platform-independant.
S_VERSION_PLATFORM and S_VERSION_OS can be used to indentify if
Android is used and which version. Then all these strings (plus a few
others) are concatenated to build S_VERSION_STRING which is the
ultimate version, but also considerably more complicated to handle.

At the current level of support, I don't think it makes sense to look
further than S_VERSION_MAIN for the moment. If we switch it to a pair
of integer cells as Stephen suggested, nothing prevents us to extend
the bindings with other properties (for instance version-platform and
version-os) if they become necessary. But at the moment I don't think
it makes sense to overthink versions beyond the main version number,
especially if it can be extended safely if needed in the future.

Thanks,
Alex.
--
To unsubscribe from this list: send the line "unsubscribe linux-tegra" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [ARM Kernel]     [Linux ARM]     [Linux ARM MSM]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux