linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Michael Walle <michael@walle.cc>
To: shiva.linuxworks@gmail.com
Cc: tudor.ambarus@microchip.com, p.yadav@ti.com,
	miquel.raynal@bootlin.com, richard@nod.at, vigneshr@ti.com,
	linux-mtd@lists.infradead.org, linux-kernel@vger.kernel.org,
	Shivamurthy Shastri <sshivamurthy@micron.com>
Subject: Re: [PATCH 1/4] mtd: spi-nor: micron-st: add advanced protection and security features
Date: Mon, 08 Nov 2021 16:43:15 +0100	[thread overview]
Message-ID: <24469d5c42e62959390c3f0aa75fc57a@walle.cc> (raw)
In-Reply-To: <20211027103352.8879-2-sshivamurthy@micron.com>

Hi,

Am 2021-10-27 12:33, schrieb shiva.linuxworks@gmail.com:
> From: Shivamurthy Shastri <sshivamurthy@micron.com>
> 
> Micron SPI NOR flashes are enabled with advanced sector protection
> features, using volatile lock bits, non-volatile lock bits, global
> freeze bits and password.
> 
> Advanced sector protection and security features offers additional
> levels of protection against accidentally corrupting code and data
> stored, and it also prevents malicious attacks that could intentionally
> modify or corrupt the code or data stored.
> 
> Signed-off-by: Shivamurthy Shastri <sshivamurthy@micron.com>
> ---
..

> +static const struct spi_nor_sec_ops authenta_ops = {
> +	.secure_read = authenta_secure_read,
> +	.secure_write = authenta_secure_write,
> +	.read_vlock_bits = authenta_read_vlock_bits,
> +	.write_vlock_bits = authenta_write_vlock_bits,
> +	.read_nvlock_bits = authenta_read_nvlock_bits,
> +	.write_nvlock_bits = authenta_write_nvlock_bits,
> +	.erase_nvlock_bits = authenta_erase_nvlock_bits,
> +	.read_global_freeze_bits = authenta_read_global_freeze_bits,
> +	.write_global_freeze_bits = authenta_write_global_freeze_bits,
> +	.read_password = authenta_read_password,

Could you please explain what secure read and write and all the
other ops actually are? Why is there no write password?

They all seem to be used together with advanced sector protection.
But you're just exporting all these ops to userspace. We already
have lock and unlock ioctls in place. I'd expect that this
sector protection will make use of these. Just exporting all the
commands to userspace is not the way to go.

-michael

  reply	other threads:[~2021-11-08 15:43 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-10-27 10:33 [PATCH 0/4] enabling Advanced protection and security features shiva.linuxworks
2021-10-27 10:33 ` [PATCH 1/4] mtd: spi-nor: micron-st: add advanced " shiva.linuxworks
2021-11-08 15:43   ` Michael Walle [this message]
2021-12-06 10:49   ` Paul Barker
2021-10-27 10:33 ` [PATCH 2/4] mtd: spi-nor: add advanced protection and security features support shiva.linuxworks
2021-10-27 21:00   ` kernel test robot
2021-10-27 23:01   ` kernel test robot
2021-10-28  4:43   ` kernel test robot
2021-12-06 11:03   ` Paul Barker
2021-10-27 10:33 ` [PATCH 3/4] mtd: add advanced protection and security ioctls shiva.linuxworks
2021-12-06 10:42   ` Paul Barker
2021-12-06 11:13     ` Paul Barker
2021-10-27 10:33 ` [PATCH 4/4] mtd: spi-nor: micron-st: add mt25qu128abb and mt25ql128abb shiva.linuxworks
2021-12-06 11:05   ` Paul Barker
2021-10-27 10:54 ` [PATCH 0/4] enabling Advanced protection and security features Richard Weinberger
2021-11-08 15:06   ` [EXT] " Shivamurthy Shastri (sshivamurthy)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=24469d5c42e62959390c3f0aa75fc57a@walle.cc \
    --to=michael@walle.cc \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mtd@lists.infradead.org \
    --cc=miquel.raynal@bootlin.com \
    --cc=p.yadav@ti.com \
    --cc=richard@nod.at \
    --cc=shiva.linuxworks@gmail.com \
    --cc=sshivamurthy@micron.com \
    --cc=tudor.ambarus@microchip.com \
    --cc=vigneshr@ti.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).