[0/4] Add secure domains support

Message ID	1632485951-13473-1-git-send-email-jeyr@codeaurora.org (mailing list archive)
Headers	show Return-Path: <linux-arm-msm-owner@kernel.org> From: Jeya R <jeyr@codeaurora.org> To: linux-arm-msm@vger.kernel.org, srinivas.kandagatla@linaro.org Cc: Jeya R <jeyr@codeaurora.org>, gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, fastrpc.upstream@qti.qualcomm.com Subject: [PATCH 0/4] Add secure domains support Date: Fri, 24 Sep 2021 17:49:07 +0530 Message-Id: <1632485951-13473-1-git-send-email-jeyr@codeaurora.org> Precedence: bulk
Series	Add secure domains support \| expand [0/4] Add secure domains support [1/4] dt-bindings: devicetree documentation for secure domain [2/4] misc: fastrpc: Add secure device node support [3/4] misc: fastrpc: Set channel as secure [4/4] misc: fastrpc: reject non-secure node for secure domain

Message ID

1632485951-13473-1-git-send-email-jeyr@codeaurora.org (mailing list archive)

Headers

From: Jeya R <jeyr@codeaurora.org>
To: linux-arm-msm@vger.kernel.org, srinivas.kandagatla@linaro.org
Cc: Jeya R <jeyr@codeaurora.org>, gregkh@linuxfoundation.org,
        linux-kernel@vger.kernel.org, fastrpc.upstream@qti.qualcomm.com
Subject: [PATCH 0/4] Add secure domains support
Date: Fri, 24 Sep 2021 17:49:07 +0530
Message-Id: <1632485951-13473-1-git-send-email-jeyr@codeaurora.org>
Precedence: bulk

Series

Add secure domains support | expand

Message

Jeya R Sept. 24, 2021, 12:19 p.m. UTC

This patch series adds secure domains support. All DSP domains other
than CDSP are set as secure by default and CDSP is set as secure domain
if fastrpc DT node carries secure domains property. If any process is
getting initialized using non-secure device and the dsp channel is
secure, then the session gets rejected. 

Jeya R (4):
  dt-bindings: devicetree documentation for secure domain
  misc: fastrpc: Add secure device node support
  misc: fastrpc: Set channel as secure
  misc: fastrpc: reject non-secure node for secure domain

 .../devicetree/bindings/misc/qcom,fastrpc.txt      |  6 ++
 drivers/misc/fastrpc.c                             | 64 +++++++++++++++++++++-
 2 files changed, 68 insertions(+), 2 deletions(-)

Comments

Srinivas Kandagatla Sept. 29, 2021, 2:06 p.m. UTC | #1

On 24/09/2021 13:19, Jeya R wrote:
> This patch series adds secure domains support. All DSP domains other
> than CDSP are set as secure by default and CDSP is set as secure domain

This is going to break the existing devices that work with this driver? 
Alteast the non cdsp cases.
like msm8996, sdm845, sm8250 ....

> if fastrpc DT node carries secure domains property. If any process is
> getting initialized using non-secure device and the dsp channel is
> secure, then the session gets rejected.

Could you elaborate on what exactly you meant by secure here?
Is this SE linux policy we are talking about ?

Why can't we deal with this directly on /dev/[adsp|cdsp]-fastrpc nodes, 
why do we need this extra secured node?

--srini

> 
> Jeya R (4):
>    dt-bindings: devicetree documentation for secure domain
>    misc: fastrpc: Add secure device node support
>    misc: fastrpc: Set channel as secure
>    misc: fastrpc: reject non-secure node for secure domain
> 
>   .../devicetree/bindings/misc/qcom,fastrpc.txt      |  6 ++
>   drivers/misc/fastrpc.c                             | 64 +++++++++++++++++++++-
>   2 files changed, 68 insertions(+), 2 deletions(-)
>