All of lore.kernel.org
 help / color / mirror / Atom feed
From: Doug Anderson <dianders@chromium.org>
To: Pavel Machek <pavel@ucw.cz>
Cc: Srinivas Kandagatla <srinivas.kandagatla@linaro.org>,
	Rob Herring <robh+dt@kernel.org>,
	Bjorn Andersson <bjorn.andersson@linaro.org>,
	Andy Gross <agross@kernel.org>,
	dhavalp@codeaurora.org, mturney@codeaurora.org,
	Rajendra Nayak <rnayak@codeaurora.org>,
	Ravi Kumar Bokka <rbokka@codeaurora.org>,
	linux-arm-msm <linux-arm-msm@vger.kernel.org>,
	Sai Prakash Ranjan <saiprakash.ranjan@codeaurora.org>,
	sparate@codeaurora.org, mkurumel@codeaurora.org,
	LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v3 3/4] nvmem: qfprom: Add fuse blowing support
Date: Tue, 23 Jun 2020 07:48:32 -0700	[thread overview]
Message-ID: <CAD=FV=Up9MfQju_5Pvqqe1kU1ebZrmWK-qWvA_-zm8K74wkKNg@mail.gmail.com> (raw)
In-Reply-To: <20200623133559.GD2783@bug>

Hi,

On Tue, Jun 23, 2020 at 6:36 AM Pavel Machek <pavel@ucw.cz> wrote:
>
> Hi!
>
> > This patch adds support for blowing fuses to the qfprom driver if the
> > required properties are defined in the device tree.
>
> Should we have this in kernel?
>
> If so, should we make it harder to use, like passing module parameter
> enabling this kind of support or something? Kconfig option as most users
> will not need this so this should be compiled out?
>
>                                                                         Pavel

It's definitely a good question.  I'm curious: who are you trying to
protect these fuses from?  A bumbling user or a malicious bit of code.

For a bumbling user we presumably just need something that makes it
not quite so easy to blow the fuses.  Passing a module parameter isn't
a bad idea.  Would the module parameter only take effect if provided
when the module was loaded, or could it be switched on later via
sysfs?

For a malicious bit of code: the only real protection is to have the
bootloader protect these, or to blow the fuses which disable future
fuses from being blown (the access permission fuses).  Otherwise
malicious code could always just code up its own driver to bypass any
protections.

NOTE: if we already have protection from malicious code by having the
bootloader configure protections, I wonder if we still need additional
protections against a bumbling user?


-Doug

  reply	other threads:[~2020-06-23 14:48 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-06-17 14:51 [PATCH v3 0/4] nvmem: qfprom: Patches for fuse blowing on Qualcomm SoCs Douglas Anderson
2020-06-17 14:51 ` [PATCH v3 1/4] dt-bindings: nvmem: qfprom: Convert to yaml Douglas Anderson
2020-06-17 15:18   ` Srinivas Kandagatla
2020-06-17 16:26     ` Ravi Kumar Bokka (Temp)
2020-06-17 17:28       ` Doug Anderson
2020-06-18 18:43   ` Rob Herring
2020-06-17 14:51 ` [PATCH v3 2/4] dt-bindings: nvmem: Add properties needed for blowing fuses Douglas Anderson
2020-06-17 15:19   ` Srinivas Kandagatla
2020-06-17 17:22     ` Doug Anderson
2020-06-18 10:10       ` Srinivas Kandagatla
2020-06-18 13:48         ` Doug Anderson
2020-06-18 14:01           ` Srinivas Kandagatla
2020-06-18 15:32             ` Doug Anderson
     [not found]               ` <159249930746.62212.6196028697481604160@swboyd.mtv.corp.google.com>
2020-06-18 17:25                 ` Doug Anderson
2020-06-19  9:22                   ` Srinivas Kandagatla
2020-06-17 14:51 ` [PATCH v3 3/4] nvmem: qfprom: Add fuse blowing support Douglas Anderson
2020-06-17 15:03   ` Jeffrey Hugo
2020-06-17 15:18   ` Srinivas Kandagatla
2020-06-17 17:13     ` Doug Anderson
2020-06-23 13:35   ` Pavel Machek
2020-06-23 14:48     ` Doug Anderson [this message]
2020-06-17 14:51 ` [PATCH v3 4/4] arm64: dts: qcom: sc7180: Add properties to qfprom for fuse blowing Douglas Anderson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAD=FV=Up9MfQju_5Pvqqe1kU1ebZrmWK-qWvA_-zm8K74wkKNg@mail.gmail.com' \
    --to=dianders@chromium.org \
    --cc=agross@kernel.org \
    --cc=bjorn.andersson@linaro.org \
    --cc=dhavalp@codeaurora.org \
    --cc=linux-arm-msm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mkurumel@codeaurora.org \
    --cc=mturney@codeaurora.org \
    --cc=pavel@ucw.cz \
    --cc=rbokka@codeaurora.org \
    --cc=rnayak@codeaurora.org \
    --cc=robh+dt@kernel.org \
    --cc=saiprakash.ranjan@codeaurora.org \
    --cc=sparate@codeaurora.org \
    --cc=srinivas.kandagatla@linaro.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.