linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH v2 0/5] Add support of SECVIO from SNVS on iMX8q/x
@ 2020-07-21 15:20 franck.lenormand
  2020-07-21 15:20 ` [PATCH v2 1/5] firmware: imx: scu-seco: Add SEcure Controller APIS franck.lenormand
                   ` (5 more replies)
  0 siblings, 6 replies; 18+ messages in thread
From: franck.lenormand @ 2020-07-21 15:20 UTC (permalink / raw)
  To: shawnguo, s.hauer, festevam
  Cc: franck.lenormand, kernel, linux-kernel, linux-arm-kernel,
	linux-imx, aisheng.dong, abel.vesa, Anson.Huang, linux,
	leonard.crestez, daniel.baluta, qiangqing.zhang, peng.fan

From: Franck LENORMAND <franck.lenormand@oss.nxp.com>

This patchset aims to add support for the SECurity VIOlation (SECVIO) of the
SNVS. A secvio is a signal emitted by the SNVS when a hardware attack
is detected. On imx8x and imx8q SoC, the SNVS is controlled by the
SECO and it is possible to interact with it using the SCU using the SC APIs.

For the driver to communicate with the SNVS via the SCU and the SECO, I had to:
 - Add support for exchange of big message with the SCU (needed for
imx_scu_irq_get_status)
 - Add API to check linux can control the SECVIO (imx_sc_rm_is_resource_owned)
 - Add APIs for the driver to read the state of the SECVIO registers of the
SNVS and DGO (imx_sc_seco_secvio_enable and imx_sc_seco_secvio_enable).

To check the state of the SECVIO IRQ in the SCU, I added the
imx_scu_irq_get_status API.

The secvio driver is designed to receive the IRQ produced by the
SNVS in case of hardware attack and notify the status to the
audit framework which can be used by the user.

The goal of the driver is to be self suficient but can be extended by the
user to perform custom operations on values read (imx_sc_seco_secvio_enable)

v2:
 - Removed (firmware: imx: scu-rm: Add Resource Management APIs)
	-> Code required is already present
 - Removed (firmware: imx: scu: Support reception of messages of any size)
	-> The imx-scu is already working in fast-ipc mode
 - (soc: imx8: Add the SC SECVIO driver):
	- Fixed the warnings reported by kernel test robot

Franck LENORMAND (5):
  firmware: imx: scu-seco: Add SEcure Controller APIS
  firmware: imx: scu-irq: Add API to retrieve status of IRQ
  dt-bindings: firmware: imx-scu: Add SECVIO resource
  dt-bindings: arm: imx: Documentation of the SC secvio driver
  soc: imx8: Add the SC SECVIO driver

 .../bindings/arm/freescale/fsl,imx-sc-secvio.yaml  |  34 +
 drivers/firmware/imx/Makefile                      |   2 +-
 drivers/firmware/imx/imx-scu-irq.c                 |  37 +-
 drivers/firmware/imx/imx-scu.c                     |   3 +
 drivers/firmware/imx/seco.c                        | 275 +++++++
 drivers/soc/imx/Kconfig                            |  10 +
 drivers/soc/imx/Makefile                           |   1 +
 drivers/soc/imx/secvio/Kconfig                     |  10 +
 drivers/soc/imx/secvio/Makefile                    |   3 +
 drivers/soc/imx/secvio/imx-secvio-audit.c          |  39 +
 drivers/soc/imx/secvio/imx-secvio-debugfs.c        | 379 +++++++++
 drivers/soc/imx/secvio/imx-secvio-sc-int.h         |  84 ++
 drivers/soc/imx/secvio/imx-secvio-sc.c             | 858 +++++++++++++++++++++
 include/dt-bindings/firmware/imx/rsrc.h            |   3 +-
 include/linux/firmware/imx/ipc.h                   |   1 +
 include/linux/firmware/imx/sci.h                   |   5 +
 include/linux/firmware/imx/svc/seco.h              |  73 ++
 include/soc/imx/imx-secvio-sc.h                    | 177 +++++
 18 files changed, 1991 insertions(+), 3 deletions(-)
 create mode 100644 Documentation/devicetree/bindings/arm/freescale/fsl,imx-sc-secvio.yaml
 create mode 100644 drivers/firmware/imx/seco.c
 create mode 100644 drivers/soc/imx/secvio/Kconfig
 create mode 100644 drivers/soc/imx/secvio/Makefile
 create mode 100644 drivers/soc/imx/secvio/imx-secvio-audit.c
 create mode 100644 drivers/soc/imx/secvio/imx-secvio-debugfs.c
 create mode 100644 drivers/soc/imx/secvio/imx-secvio-sc-int.h
 create mode 100644 drivers/soc/imx/secvio/imx-secvio-sc.c
 create mode 100644 include/linux/firmware/imx/svc/seco.h
 create mode 100644 include/soc/imx/imx-secvio-sc.h

-- 
2.7.4


^ permalink raw reply	[flat|nested] 18+ messages in thread

end of thread, other threads:[~2020-10-19  1:08 UTC | newest]

Thread overview: 18+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-21 15:20 [PATCH v2 0/5] Add support of SECVIO from SNVS on iMX8q/x franck.lenormand
2020-07-21 15:20 ` [PATCH v2 1/5] firmware: imx: scu-seco: Add SEcure Controller APIS franck.lenormand
2020-10-18  4:30   ` Aisheng Dong
2020-07-21 15:20 ` [PATCH v2 2/5] firmware: imx: scu-irq: Add API to retrieve status of IRQ franck.lenormand
2020-10-18  4:48   ` Aisheng Dong
2020-07-21 15:20 ` [PATCH v2 3/5] dt-bindings: firmware: imx-scu: Add SECVIO resource franck.lenormand
2020-10-18  4:50   ` Aisheng Dong
2020-07-21 15:20 ` [PATCH v2 4/5] dt-bindings: arm: imx: Documentation of the SC secvio driver franck.lenormand
2020-10-18  5:03   ` Aisheng Dong
2020-07-21 15:20 ` [PATCH v2 5/5] soc: imx8: Add the SC SECVIO driver franck.lenormand
2020-08-19 13:31   ` Shawn Guo
2020-09-07  9:49     ` Franck Lenormand (OSS)
2020-10-18  5:21     ` Aisheng Dong
2020-10-18  9:31       ` Borislav Petkov
2020-10-19  1:08         ` Peng Fan
2020-08-18  7:52 ` [PATCH v2 0/5] Add support of SECVIO from SNVS on iMX8q/x Franck LENORMAND (OSS)
2020-08-19 13:23   ` Shawn Guo
2020-09-14  3:43     ` Aisheng Dong

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).