linux-riscv.lists.infradead.org archive mirror
 help / color / mirror / Atom feed
From: ron minnich <rminnich@gmail.com>
To: Bruce Hoult <brucehoult@sifive.com>
Cc: "mark.rutland@arm.com" <mark.rutland@arm.com>,
	Christoph Hellwig <hch@infradead.org>,
	Damien Le Moal <Damien.LeMoal@wdc.com>,
	Olof Johansson <olof.johansson@gmail.com>,
	"alankao@andestech.com" <alankao@andestech.com>,
	"abner.chang@hpe.com" <abner.chang@hpe.com>,
	Benjamin Herrenschmidt <benh@kernel.crashing.org>,
	Palmer Dabbelt <palmer@sifive.com>,
	Alexander Graf <agraf@suse.de>,
	"zong@andestech.com" <zong@andestech.com>,
	Atish Patra <atish.patra@wdc.com>,
	"sw-dev@groups.riscv.org" <sw-dev@groups.riscv.org>,
	Paul Walmsley <paul.walmsley@sifive.com>,
	Anup Patel <anup@brainfault.org>,
	"mick@ics.forth.gr" <mick@ics.forth.gr>,
	Alistair Francis <Alistair.Francis@wdc.com>,
	Luke Kenneth Casson Leighton <lkcl@lkcl.net>,
	"linux-riscv@lists.infradead.org"
	<linux-riscv@lists.infradead.org>,
	Andrew Waterman <andrew@sifive.com>
Subject: Re: [sw-dev] SBI extension proposal v2
Date: Mon, 28 Jan 2019 20:28:24 -0800	[thread overview]
Message-ID: <CAP6exYJD0Qrnni+yCUBdNWv0tmR=3vYzLwJTy+oOnQEb83ja1g@mail.gmail.com> (raw)
In-Reply-To: <CAP8PnuS4vE-w07dENEpJWx_nu-yx3fsyM3nu3kUQoVFW5nzJcQ@mail.gmail.com>

On Mon, Jan 28, 2019 at 3:22 PM Bruce Hoult <brucehoult@sifive.com> wrote:
>
> On Mon, Jan 28, 2019 at 11:40 AM ron minnich <rminnich@gmail.com> wrote:
> > Short form: if the PMP makes it impossible to measure, disable and
> > replace firmware from the kernel, then PMP is a bug, not a feature.
>
> I disagree.
>
> The owner/user should be able to change the SBI, perhaps by booting
> into a special mode. The kernel in a system running normally shouldn't
> be able to.


The nice thing about riscv is that we can both get what we want here :-)

I can tell you that security-oriented folks I'm working with much
prefer that the kernel be able to measure, selectively disable, or
replace firmware; and then set the PMP registers. The kernel should
drive the security, not firmware, because we have such ample evidence
that firmware is far less secure than kernels, in how it's written,
how it's built, and how it's deployed. In such a world, platforms that
do not allow this will be marked as not trustable.

The good news is that neither you nor I have to to dictate this for
everyone. There are going to be multiple SBI implementations and
firmware implementations for riscv, and we can see where this ends up.
One thing I can say for sure is there won't be just one.

ron

_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv

  parent reply	other threads:[~2019-01-29  4:28 UTC|newest]

Thread overview: 100+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-11-10  2:42 SBI extension proposal v2 Atish Patra
2018-11-10  2:42 ` Atish Patra
2018-11-10  5:12 ` [sw-dev] " Luke Kenneth Casson Leighton
2018-11-10  5:12   ` Luke Kenneth Casson Leighton
2018-11-10 14:50   ` Nick Kossifidis
2018-11-10 14:50     ` Nick Kossifidis
2018-11-10 15:48     ` Luke Kenneth Casson Leighton
2018-11-10 15:48       ` Luke Kenneth Casson Leighton
2018-11-10 16:46       ` ron minnich
2018-11-10 16:46         ` ron minnich
2018-11-10 17:40         ` Luke Kenneth Casson Leighton
2018-11-10 17:40           ` Luke Kenneth Casson Leighton
2018-11-10 17:41         ` Samuel Falvo II
2018-11-10 17:41           ` Samuel Falvo II
2018-11-10 17:42           ` Luke Kenneth Casson Leighton
2018-11-10 17:42             ` Luke Kenneth Casson Leighton
2018-11-10 17:51             ` Samuel Falvo II
2018-11-10 17:51               ` Samuel Falvo II
2018-11-10 17:55               ` Luke Kenneth Casson Leighton
2018-11-10 17:55                 ` Luke Kenneth Casson Leighton
2018-11-10 18:03                 ` Samuel Falvo II
2018-11-10 18:03                   ` Samuel Falvo II
2018-11-10 17:43           ` Samuel Falvo II
2018-11-10 17:43             ` Samuel Falvo II
2018-11-10 17:41         ` Olof Johansson
2018-11-10 17:41           ` Olof Johansson
2018-11-10 17:47           ` Luke Kenneth Casson Leighton
2018-11-10 17:47             ` Luke Kenneth Casson Leighton
2018-11-10 17:59             ` Nick Kossifidis
2018-11-10 17:59               ` Nick Kossifidis
2018-11-10 18:01               ` ron minnich
2018-11-10 18:01                 ` ron minnich
2018-11-10 19:33                 ` Luke Kenneth Casson Leighton
2018-11-10 19:33                   ` Luke Kenneth Casson Leighton
2018-11-10 19:39               ` Luke Kenneth Casson Leighton
2018-11-10 19:39                 ` Luke Kenneth Casson Leighton
2018-11-11  3:15                 ` Nick Kossifidis
2018-11-11  3:15                   ` Nick Kossifidis
2018-11-11  7:14                   ` Luke Kenneth Casson Leighton
2018-11-11  7:14                     ` Luke Kenneth Casson Leighton
2018-11-11 13:17                     ` Nick Kossifidis
2018-11-11 13:17                       ` Nick Kossifidis
2018-11-12  2:08                     ` Palmer Dabbelt
2018-11-12  2:08                       ` Palmer Dabbelt
2018-11-10 18:02             ` Olof Johansson
2018-11-10 18:02               ` Olof Johansson
2018-11-10 19:34               ` Luke Kenneth Casson Leighton
2018-11-10 19:34                 ` Luke Kenneth Casson Leighton
2018-11-13  1:22             ` Michael Clark
2018-11-13  1:22               ` Michael Clark
2018-11-10 17:54           ` Nick Kossifidis
2018-11-10 17:54             ` Nick Kossifidis
2018-11-10 17:59           ` ron minnich
2018-11-10 17:59             ` ron minnich
2018-11-11  3:58         ` Atish Patra
2018-11-11  3:58           ` Atish Patra
2018-12-02  6:18           ` Benjamin Herrenschmidt
2019-01-28 12:31             ` Alexander Graf
2019-01-28 16:33               ` Luke Kenneth Casson Leighton
2019-01-28 16:38                 ` Alexander Graf
2019-01-28 16:47                   ` Nick Kossifidis
2019-01-28 19:43                     ` Alexander Graf
2019-01-28 19:47                       ` Atish Patra
2019-01-28 19:48                         ` Alexander Graf
2019-01-28 19:40                   ` ron minnich
2019-01-28 19:55                     ` Alexander Graf
2019-01-28 20:18                       ` ron minnich
2019-01-28 20:37                         ` Alexander Graf
2019-01-28 22:23                           ` ron minnich
2019-01-29  8:53                             ` Alexander Graf
2019-01-29 15:52                               ` ron minnich
2019-01-28 23:46                         ` Luke Kenneth Casson Leighton
2019-01-28 23:22                     ` Bruce Hoult
2019-01-29  0:03                       ` Luke Kenneth Casson Leighton
2019-01-29  4:28                       ` ron minnich [this message]
     [not found]                         ` <CANs6eMk4z-ZibLW_5o03onu8AQe23uMa2hSieceHFqKS7igLDQ@mail.gmail.com>
2019-01-30  0:05                           ` Luke Kenneth Casson Leighton
2019-01-30  0:17                             ` ron minnich
2019-01-30  0:49                             ` Bruce Hoult
2019-01-30  3:15                               ` Luke Kenneth Casson Leighton
     [not found]                     ` <09bede45-6ecf-4ded-8615-0be38aac33fc@groups.riscv.org>
2019-01-29  3:58                       ` Samuel Falvo II
2019-01-29  4:33                       ` ron minnich
2019-02-05 22:29                     ` Benjamin Herrenschmidt
2019-02-05 23:02                       ` Luís Marques
2019-02-06  7:03                         ` ron minnich
2019-02-06  7:54                           ` Damien Le Moal
2019-02-07  3:56                           ` Paul Walmsley
2019-02-07  7:17                             ` Anup Patel
2019-02-07  7:19                             ` Anup Patel
2019-01-29 22:41             ` Palmer Dabbelt
2018-11-10 17:43       ` Nick Kossifidis
2018-11-10 17:43         ` Nick Kossifidis
2018-11-10 17:51         ` Luke Kenneth Casson Leighton
2018-11-10 17:51           ` Luke Kenneth Casson Leighton
2018-11-10  5:36 ` David Abdurachmanov
2018-11-10  5:36   ` David Abdurachmanov
     [not found]   ` <CA++6G0BTdybjhqaXm9EhAz0HsgpwfozK6OEL7DuzbS48RbEChA@mail.gmail.com>
2018-11-10 15:09     ` Nick Kossifidis
2018-11-10 15:09       ` Nick Kossifidis
2018-11-12  4:33 ` Nick Kossifidis
2018-11-12  4:33   ` Nick Kossifidis
2018-12-04 23:22   ` [sw-dev] " Atish Patra

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAP6exYJD0Qrnni+yCUBdNWv0tmR=3vYzLwJTy+oOnQEb83ja1g@mail.gmail.com' \
    --to=rminnich@gmail.com \
    --cc=Alistair.Francis@wdc.com \
    --cc=Damien.LeMoal@wdc.com \
    --cc=abner.chang@hpe.com \
    --cc=agraf@suse.de \
    --cc=alankao@andestech.com \
    --cc=andrew@sifive.com \
    --cc=anup@brainfault.org \
    --cc=atish.patra@wdc.com \
    --cc=benh@kernel.crashing.org \
    --cc=brucehoult@sifive.com \
    --cc=hch@infradead.org \
    --cc=linux-riscv@lists.infradead.org \
    --cc=lkcl@lkcl.net \
    --cc=mark.rutland@arm.com \
    --cc=mick@ics.forth.gr \
    --cc=olof.johansson@gmail.com \
    --cc=palmer@sifive.com \
    --cc=paul.walmsley@sifive.com \
    --cc=sw-dev@groups.riscv.org \
    --cc=zong@andestech.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).