From: Maximilian Luz <luzmaximilian@gmail.com>
To: Sudeep Holla <sudeep.holla@arm.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>,
Andy Gross <agross@kernel.org>,
Bjorn Andersson <bjorn.andersson@linaro.org>,
Ard Biesheuvel <ardb@kernel.org>,
Konrad Dybcio <konrad.dybcio@somainline.org>,
Rob Herring <robh+dt@kernel.org>,
Krzysztof Kozlowski <krzysztof.kozlowski+dt@linaro.org>,
Steev Klimaszewski <steev@kali.org>,
Shawn Guo <shawn.guo@linaro.org>,
Cristian Marussi <cristian.marussi@arm.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
linux-arm-msm@vger.kernel.org, linux-efi@vger.kernel.org,
devicetree@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 4/4] dt-bindings: firmware: Add Qualcomm UEFI Secure Application client
Date: Fri, 29 Jul 2022 17:11:04 +0200 [thread overview]
Message-ID: <097eb672-ee9f-523c-d52d-79e723a7bf2c@gmail.com> (raw)
In-Reply-To: <20220729085214.bh2cak5g2hcqun4i@bogus>
On 7/29/22 10:52, Sudeep Holla wrote:
> On Thu, Jul 28, 2022 at 07:27:19PM +0200, Maximilian Luz wrote:
>
> [...]
>
>> My current suggestion (already sent to Sudeep earlier) is (roughly)
>> this: Add one compatible for the TrEE / TrustZone interface.
>
> Still I don't understand why you need extra compatible if you know
> this laptop(with a unique compatible to identify it) always runs this
> TrEE interface.
First of all, to recap: I suggest adding a device and driver for the TrEE
interface, with a compatible for that. That then (based on platform)
instantiates devices and drivers for the applications running in TrEE. The
compatible I'm talking about is for that general TrEE interface. Not any
specific application.
a) Because this better reflects the ACPI tables on those devices. As I've said,
there is a HID specifically for the TrEE interface. You were concerned
earlier that we should try to add support for that, and now you want to
create a purely artificial divide between ACPI and DT? Ideally, we can have
the driver load via both the DT compatible and the ACPI HID depending on
whether we use one or the other without many other changes.
Would you equally suggest that we not load the driver by its ACPI HID and
instead do DMI matching?
b) Qualcomm also has a DT compatible for this (qcom,qseecom), see e.g. [1].
Note: they seem to have changed the name from Secure Execution Environment
to Trusted Execution Environment, at least in their Windows driver. This is
why I used "tee" instead of "see" (also their naming of things is somewhat
confusing and seems to change randomly). Fundamentally, this is the same
interface (they just implement a lot more things in their driver, the couple
of functions I proposed here handle the absolute minimum required for
uefisecapp, it can always be extended later when needed).
c) Given their naming of the DT compatible, this interface itself is pretty
much guaranteed to be stable. It's definitely not going away with some
firmware update. So your earlier concerns about having to update the DT in
case of firmware changes do simply not apply here. It is a core component of
these platforms. As far as I can see, your "let's load the TrEE driver via
the platform compatible" suggestion is now exactly the same as a "let's load
some PCIe controller via the platform/SoC compatible". It's an interface
that is either present or not present, depending on the device. We're not
encoding any firmware specifics (ie. what's running inside the TrEE) in the
DT, we just say that it's there (the rest is decided by the driver, e.g. via
platform compatibles or DMI matching).
d) By specifying it in the DT, we can properly link it up via a phandle to the
SCM and properly model the supplier/client relation between them. While we
can't do that with ACPI, I think it's still a good idea to handle this
properly in times we can.
Regards,
Max
[1]: https://git.codelinaro.org/clo/la/kernel/msm-4.14/-/blob/auto-kernel.lnx.4.14.c34/drivers/misc/qseecom.c
next prev parent reply other threads:[~2022-07-29 15:11 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-23 22:49 [PATCH 0/4] firmware: Add support for Qualcomm UEFI Secure Application Maximilian Luz
2022-07-23 22:49 ` [PATCH 1/4] firmware: qcom_scm: Export SCM call functions Maximilian Luz
2022-07-23 22:49 ` [PATCH 2/4] firmware: Add support for Qualcomm Trusted Execution Environment SCM calls Maximilian Luz
2022-07-23 22:49 ` [PATCH 3/4] firmware: Add support for Qualcomm UEFI Secure Application Maximilian Luz
2023-01-17 8:24 ` Johan Hovold
2023-01-17 8:42 ` Maximilian Luz
2023-01-18 20:45 ` Maximilian Luz
2023-01-19 16:47 ` Johan Hovold
2023-01-19 17:19 ` Maximilian Luz
2023-01-17 11:05 ` Johan Hovold
2023-01-17 12:07 ` Maximilian Luz
2022-07-23 22:49 ` [PATCH 4/4] dt-bindings: firmware: Add Qualcomm UEFI Secure Application client Maximilian Luz
2022-07-25 1:06 ` Rob Herring
2022-07-26 10:17 ` Krzysztof Kozlowski
2022-07-26 11:15 ` Maximilian Luz
2022-07-26 13:25 ` Krzysztof Kozlowski
2022-07-26 15:00 ` Maximilian Luz
2022-07-27 11:24 ` Krzysztof Kozlowski
2022-07-27 13:00 ` Maximilian Luz
2022-07-28 7:48 ` Krzysztof Kozlowski
2022-07-28 10:25 ` Maximilian Luz
2022-07-28 10:38 ` Krzysztof Kozlowski
2022-07-28 10:49 ` Maximilian Luz
2022-07-26 14:30 ` Sudeep Holla
2022-07-26 15:15 ` Maximilian Luz
2022-07-26 15:41 ` Sudeep Holla
2022-07-26 17:01 ` Maximilian Luz
2022-07-27 11:38 ` Krzysztof Kozlowski
2022-07-27 13:03 ` Maximilian Luz
2022-07-27 13:24 ` Sudeep Holla
2022-07-27 14:49 ` Maximilian Luz
2022-07-28 6:03 ` Ilias Apalodimas
2022-07-28 10:48 ` Maximilian Luz
2022-07-28 11:33 ` Sudeep Holla
2022-07-28 12:13 ` Maximilian Luz
2022-07-28 12:24 ` Ilias Apalodimas
2022-07-28 15:05 ` Ard Biesheuvel
2022-07-28 15:16 ` Ilias Apalodimas
2022-07-28 16:16 ` Sudeep Holla
2022-07-28 16:24 ` Konrad Dybcio
2022-07-28 12:35 ` Ilias Apalodimas
2022-07-28 12:49 ` Maximilian Luz
2022-07-28 16:56 ` Ilias Apalodimas
2022-07-28 17:27 ` Maximilian Luz
2022-07-29 8:52 ` Sudeep Holla
2022-07-29 15:11 ` Maximilian Luz [this message]
2022-07-31 9:54 ` Ilias Apalodimas
2022-07-31 22:48 ` Maximilian Luz
2022-07-28 8:23 ` Sudeep Holla
2022-07-28 10:05 ` Maximilian Luz
2022-07-28 11:21 ` Sudeep Holla
2022-07-28 11:45 ` Maximilian Luz
2022-07-28 13:42 ` Sudeep Holla
2022-07-28 14:09 ` Maximilian Luz
2022-07-25 19:27 ` [PATCH 0/4] firmware: Add support for Qualcomm UEFI Secure Application Rob Herring
2022-07-25 20:16 ` Maximilian Luz
2022-08-02 11:51 ` Srinivas Kandagatla
2022-08-02 13:22 ` Maximilian Luz
2022-08-02 14:02 ` Ard Biesheuvel
2022-08-02 19:11 ` Maximilian Luz
2022-09-02 7:26 ` Sumit Garg
2022-09-02 13:18 ` Maximilian Luz
2022-09-05 6:50 ` Sumit Garg
2022-11-23 11:22 ` Srinivas Kandagatla
2022-11-23 12:05 ` Maximilian Luz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=097eb672-ee9f-523c-d52d-79e723a7bf2c@gmail.com \
--to=luzmaximilian@gmail.com \
--cc=agross@kernel.org \
--cc=ardb@kernel.org \
--cc=bjorn.andersson@linaro.org \
--cc=cristian.marussi@arm.com \
--cc=devicetree@vger.kernel.org \
--cc=gregkh@linuxfoundation.org \
--cc=ilias.apalodimas@linaro.org \
--cc=konrad.dybcio@somainline.org \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=krzysztof.kozlowski@linaro.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=robh+dt@kernel.org \
--cc=shawn.guo@linaro.org \
--cc=steev@kali.org \
--cc=sudeep.holla@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).