| Message ID | 20210317122513.42369-1-manivannan.sadhasivam@linaro.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | Add support for secure regions in NAND | expand |
Hi Manivannan, Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org> wrote on Wed, 17 Mar 2021 17:55:10 +0530: > On a typical end product, a vendor may choose to secure some regions in > the NAND memory which are supposed to stay intact between FW upgrades. > The access to those regions will be blocked by a secure element like > Trustzone. So the normal world software like Linux kernel should not > touch these regions (including reading). > > So this series adds a property for declaring such secure regions in DT > so that the driver can skip touching them. While at it, the Qcom NANDc > DT binding is also converted to YAML format. > > Thanks, > Mani > > Changes in v5: > > * Switched to "uint64-matrix" as suggested by Rob > * Moved the whole logic from qcom driver to nand core as suggested by Boris I'm really thinking about a nand-wide property now. Do you think it makes sense to move the helper to the NAND core (instead of the raw NAND core)? I'm fine only using it in the raw NAND core though. Also, can I request a global s/sec/secure/ update? I find the "sec" abbreviation unclear and I think we have more than enough cryptic names :-) Thanks, Miquèl
Hi Miquel, On Wed, Mar 17, 2021 at 03:51:21PM +0100, Miquel Raynal wrote: > Hi Manivannan, > > Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org> wrote on Wed, > 17 Mar 2021 17:55:10 +0530: > > > On a typical end product, a vendor may choose to secure some regions in > > the NAND memory which are supposed to stay intact between FW upgrades. > > The access to those regions will be blocked by a secure element like > > Trustzone. So the normal world software like Linux kernel should not > > touch these regions (including reading). > > > > So this series adds a property for declaring such secure regions in DT > > so that the driver can skip touching them. While at it, the Qcom NANDc > > DT binding is also converted to YAML format. > > > > Thanks, > > Mani > > > > Changes in v5: > > > > * Switched to "uint64-matrix" as suggested by Rob > > * Moved the whole logic from qcom driver to nand core as suggested by Boris > > I'm really thinking about a nand-wide property now. Do you think it > makes sense to move the helper to the NAND core (instead of the raw > NAND core)? I'm fine only using it in the raw NAND core though. > The reason why I didn't move the helper and checks to NAND core is I haven't seen any secure implementations in other NAND interfaces except rawnand. This change can be done in future if we start seeing implementations. > Also, can I request a global s/sec/secure/ update? I find the "sec" > abbreviation unclear and I think we have more than enough cryptic > names :-) > Sure. Thanks, Mani > Thanks, > Miquèl
On a typical end product, a vendor may choose to secure some regions in the NAND memory which are supposed to stay intact between FW upgrades. The access to those regions will be blocked by a secure element like Trustzone. So the normal world software like Linux kernel should not touch these regions (including reading). So this series adds a property for declaring such secure regions in DT so that the driver can skip touching them. While at it, the Qcom NANDc DT binding is also converted to YAML format. Thanks, Mani Changes in v5: * Switched to "uint64-matrix" as suggested by Rob * Moved the whole logic from qcom driver to nand core as suggested by Boris Changes in v4: * Used "uint32-matrix" instead of "uint32-array" as per Rob's review. * Collected Rob's review tag for binding conversion patch Changes in v3: * Removed the nand prefix from DT property and moved the property parsing logic before nand_scan() in driver. Changes in v2: * Moved the secure-regions property to generic NAND binding as a NAND chip property and renamed it as "nand-secure-regions". Manivannan Sadhasivam (3): dt-bindings: mtd: Convert Qcom NANDc binding to YAML dt-bindings: mtd: Add a property to declare secure regions in NAND chips mtd: rawnand: Add support for secure regions in NAND memory .../bindings/mtd/nand-controller.yaml | 7 + .../devicetree/bindings/mtd/qcom,nandc.yaml | 196 ++++++++++++++++++ .../devicetree/bindings/mtd/qcom_nandc.txt | 142 ------------- drivers/mtd/nand/raw/nand_base.c | 105 ++++++++++ include/linux/mtd/rawnand.h | 4 + 5 files changed, 312 insertions(+), 142 deletions(-) create mode 100644 Documentation/devicetree/bindings/mtd/qcom,nandc.yaml delete mode 100644 Documentation/devicetree/bindings/mtd/qcom_nandc.txt