Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp3583630yba; Tue, 23 Apr 2019 06:24:29 -0700 (PDT) X-Google-Smtp-Source: APXvYqxnetASRffqIXT1fvR/fgKX2kzRRiZx9SQQ2FyEgT9F0uDAjWPk7OxXwkDXiIALtLREEpoe X-Received: by 2002:a63:db10:: with SMTP id e16mr24765083pgg.142.1556025869888; Tue, 23 Apr 2019 06:24:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556025869; cv=none; d=google.com; s=arc-20160816; b=NMAsvrLr74elds7xnO7eNNNe/T1u/0eVde2caOCW+qEpqdOxPZlpe1PyKRpGOCgt54 BnEdZSU/NhtGyTL+8b//DvoYS3RNKpOjV7Di3DyJe7mcKnI0SInsavYKJAV55IH9HK+n JEqWaZHnjKu40hMpEPnf4GGyqcrbRZttuKSoheqTgq6ux1pyBdx0yvkqBiUJqZcWuaFR ZA3xz9cyYZSYwey/WeUp9Z8owpvm7jhQdR9sLNYnH+Ph2S+M2B8OGMv/bfvoSxGBuF2f 24yID9CxerBwL+sWhiItPwPXS0plbl1t5QinfzcXG9I223HquKDs6LtoMpFpkVwrRoKa FfUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=/K6+2uvjcG1AmPFhKyG7hcUPB5xx8ziGQAr6N0rWTcM=; b=FL9waIEQNZRtJxsFU606B47GWvEatNZihFiYFAR0+hgnx0U3pto8u9BPHUTNO7T9xa nx3XpAoIG4KXJabaGy76u2Wa1RYLNFwG16jqczIdvmnPM1B3xtEGGpprfVodDEEYT89n Z+FFPw5a6INGXlUEwo8bF7NLlS7ZvpbsHH8fIIVe7HjJzbgPeaKR/ig8+MPmEQaeYXdV mt9+UnMzQ5MjLokLM1U99zd6mzbbF0YJhKZ3fO0eCvRwziFRqipwMQzax0iCuTqi+WNi OyGFz95lB7UpCkVm+sxtZohWm35cRWRHgHbmsOfEw4kXaM9x0dtwDcnySTpCQ55EsNw5 usDQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y5si7662828pgh.553.2019.04.23.06.24.14; Tue, 23 Apr 2019 06:24:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727870AbfDWNVh (ORCPT + 99 others); Tue, 23 Apr 2019 09:21:37 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:56144 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727500AbfDWNVh (ORCPT ); Tue, 23 Apr 2019 09:21:37 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 48257A78; Tue, 23 Apr 2019 06:21:36 -0700 (PDT) Received: from e107155-lin (e107155-lin.cambridge.arm.com [10.1.196.42]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id A23E13F706; Tue, 23 Apr 2019 06:21:33 -0700 (PDT) Date: Tue, 23 Apr 2019 14:21:26 +0100 From: Sudeep Holla To: Benjamin Gaignard Cc: Benjamin Gaignard , Mark Brown , Rob Herring , Arnd Bergmann , Shawn Guo , s.hauer@pengutronix.de, Fabio Estevam , Loic PALLARDY , Greg Kroah-Hartman , Linux Kernel Mailing List , linux-imx@nxp.com, kernel@pengutronix.de, Linux ARM , Sudeep Holla Subject: Re: [RESEND PATCH 0/7] Introduce bus domains controller framework Message-ID: <20190423132116.GA3892@e107155-lin> References: <20190318100605.29120-1-benjamin.gaignard@st.com> <20190318104343.GA15574@e107155-lin> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Mar 18, 2019 at 12:05:54PM +0100, Benjamin Gaignard wrote: > Le lun. 18 mars 2019 ? 11:43, Sudeep Holla a ?crit : > > > > On Mon, Mar 18, 2019 at 11:05:58AM +0100, Benjamin Gaignard wrote: > > > Bus domains controllers allow to divided system on chip into multiple domains > > > that can be used to select by who hardware blocks could be accessed. > > > A domain could be a cluster of CPUs (or coprocessors), a range of addresses or > > > a group of hardware blocks. > > > > > > Framework architecture is inspirated by pinctrl framework: > > > - a default configuration could be applied before bind the driver > > > - configurations could be apllied dynamically by drivers > > > - device node provides the bus domains configurations > > > > > > An example of bus domains controller is STM32 ETZPC hardware block > > > which got 3 domains: > > > - secure: hardware blocks are only accessible by software running on trust > > > zone. > > > - non-secure: hardware blocks are accessible by non-secure software (i.e. > > > linux kernel). > > > - coprocessor: hardware blocks are only accessible by the corpocessor. > > > Up to 94 hardware blocks of the soc could be managed by ETZPC and > > > assigned to one of the three domains. > > > > > > > You fail to explain why do we need this in non-secure Linux ? > > You need to have solid reasons as why this can't be done in secure > > firmware. And yes I mean even on arm32. On platforms with such hardware > > capabilities you will need some secure firmware to be running and these > > things can be done there. I don't want this enabled for ARM64 at all, > > firmware *has to deal* with this. > > We use ETZPC to define if hardware blocks can be used by Cortex A7 or Cortex > M4 (both non-secure) on STM32MP1 SoC, this new framework allow to change > hardware block split at runtime. This could be done even on non-secure world > because their is nothing critical to change hardware blocks users. OK, that's interesting, assuming Cortex M4 execution as non-secure. I would expect otherwise. Even if it's configurable, I would see that happen in secure entity via OPTEE or something similar from non-secure side. Do you have any documents that I can refer to get the overall security design for such platforms ? -- Regards, Sudeep