Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp344566pxf; Thu, 11 Mar 2021 05:25:22 -0800 (PST) X-Google-Smtp-Source: ABdhPJwBsoNgSRUaynRpDd0MaFgnOGDdGM8Me/16dQIpU3VgkvzrdTSnfkU9eIbhgVxKtwIIkwFH X-Received: by 2002:aa7:d954:: with SMTP id l20mr8441914eds.1.1615469121825; Thu, 11 Mar 2021 05:25:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1615469121; cv=none; d=google.com; s=arc-20160816; b=UlAE+FRVJdv3fZtGBQKv0Z+KsSRRnsnAAKlOTYfvL2LBo5sI56pqy/advd1v1uBi8Q FeBdqTgOmL8aQ/hMFpL5wMAIGdbzpagki+STPp+jDEZOSgylGDFuG0ntlDxrb8D9/IJD KOWFZp6H0WrmzkfpTl8tFGRbNsLwP+EBBti0bk9BQz/360YH4XU9RYbjkdMefbWJt0tu xcjloIrXZXoCljB+iPHm+IqyeATMFR5nC9+AvvLfFOfg9gouJmq1MQbSFZpZ5carV9Ff b+l65l+UNuj49tu9zXEM0elE9c4d88FspdxYurd5cqhpq6esOU4e0uVs0FHq6ZFCIfMP FGMQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=21oEMilcvB2s5BQ3L2qXdhw9S43YUD3XW93X1o0vius=; b=LavobJNWPmCZRagT7PG4uoMB1nvMwK1GmZW8jIMot8oqq3ZDZpNPyOwBEarUjWalCb tdoX94r7fqj4S2kUKjxFrnjXmTyIWe1/6QXkpnmTu7oZ7RbcZAv8pi1ydIQLbbyV+zhu ckxtyrANUg9g5pwfZWzuAJlQxDiKe6a37h8AR5MMZPlEC8csZKe5gVh/CndbxbbeEYvq 11EWtOwo6JoohLIvWlsyWpV83B9fL9m0VA7IzHHEJLm870YtU4bcpT9XpuJZCw5zI0Oe wIYF2xFE443mKCcJ6kc9l9RoHrI36+KIHp78tcXga8ow/KzWimJXQnywuig0ActBj0L1 r6qQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id cm2si1753093edb.549.2021.03.11.05.24.58; Thu, 11 Mar 2021 05:25:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233519AbhCKNXb (ORCPT + 99 others); Thu, 11 Mar 2021 08:23:31 -0500 Received: from mail-out.m-online.net ([212.18.0.10]:45956 "EHLO mail-out.m-online.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233522AbhCKNXR (ORCPT ); Thu, 11 Mar 2021 08:23:17 -0500 X-Greylist: delayed 6006 seconds by postgrey-1.27 at vger.kernel.org; Thu, 11 Mar 2021 08:23:16 EST Received: from frontend01.mail.m-online.net (unknown [192.168.8.182]) by mail-out.m-online.net (Postfix) with ESMTP id 4Dx8lR0Tzqz1rxM2; Thu, 11 Mar 2021 14:23:15 +0100 (CET) Received: from localhost (dynscan1.mnet-online.de [192.168.6.70]) by mail.m-online.net (Postfix) with ESMTP id 4Dx8lQ5SnGz1qr4q; Thu, 11 Mar 2021 14:23:14 +0100 (CET) X-Virus-Scanned: amavisd-new at mnet-online.de Received: from mail.mnet-online.de ([192.168.8.182]) by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new, port 10024) with ESMTP id vqhgIlzpzvH2; Thu, 11 Mar 2021 14:23:12 +0100 (CET) X-Auth-Info: vaM/MyCctl1jnKfAoeQi+iHMyd++jHdcGuu7CUSTTKQ= Received: from [IPv6:::1] (p578adb1c.dip0.t-ipconnect.de [87.138.219.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.mnet-online.de (Postfix) with ESMTPSA; Thu, 11 Mar 2021 14:23:12 +0100 (CET) Subject: Re: [PATCH v2 00/14] Introduce STM32MP1 RCC in secured mode To: Alexandre TORGUE , Alexandre TORGUE , "Alex G." , Gabriel FERNANDEZ - foss , Michael Turquette , Stephen Boyd , Rob Herring , Maxime Coquelin , Philipp Zabel , Etienne CARRIERE Cc: "devicetree@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "linux-clk@vger.kernel.org" , "linux-arm-kernel@lists.infradead.org" , "linux-stm32@st-md-mailman.stormreply.com" References: <20210126090120.19900-1-gabriel.fernandez@foss.st.com> <2e04f814-b694-119d-fe8a-13e6df129536@gmail.com> From: Marek Vasut Message-ID: <838b70a1-c02c-0433-ac3d-fc48874b132d@denx.de> Date: Thu, 11 Mar 2021 14:23:11 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 3/11/21 2:15 PM, Alexandre TORGUE wrote: > Hi Marek Hello Alexandre, > On 3/11/21 12:43 PM, Marek Vasut wrote: >> On 3/11/21 9:08 AM, Alexandre TORGUE wrote: >>> Hi ALex >> >> Hello everyone, >> >> [...] >> >>>> Subject: Re: [PATCH v2 00/14] Introduce STM32MP1 RCC in secured mode >>>> >>>> On 1/26/21 3:01 AM, gabriel.fernandez@foss.st.com wrote: >>>>> From: Gabriel Fernandez >>>>> >>>>> Platform STM32MP1 can be used in configuration where some clocks and >>>>> IP resets can relate as secure resources. >>>>> These resources are moved from a RCC clock/reset handle to a SCMI >>>>> clock/reset_domain handle. >>>>> >>>>> The RCC clock driver is now dependent of the SCMI driver, then we have >>>>> to manage now the probe defering. >>>>> >>>>> v1 -> v2: >>>>>     - fix yamllint warnings. >>>> >>>> Hi Gabriel, >>>> >>>> I don't have much clout with the maintainers, but I have to NAK this >>>> series >>>> after finding major breakage. >>>> >>>> The problem with series is that it breaks pretty much every board it >>>> touches. >>>> I have a DK2 here that I'm using for development, which no longer >>>> boots with >>>> this series applied. >>>> >>>> The crux of the matter is that this series assumes all boards will >>>> boot with an >>>> FSBL that implements a very specific SCMI clock tree. This is major ABI >>>> breakage for anyone not using TF-A as the first stage bootloader. >>>> Anyone >>>> using u-boot SPL is screwed. >>>> >>>> This series imposes a SOC-wide change via the dtsi files. So even >>>> boards that >>>> you don't intend to convert to SCMI will get broken this way. >>>> Adding a -no-scmi file that isn't used anywhere doesn't help things. >>> >>> You are right. We mainly take care about NO ST (DH/...) boards, but >>> not really about current usage >>> Of our stm32 boards. Several options exist: >> >> Since a lot of people benefit from the good upstream support for the >> MP1 _and_ keep updating their machines to get the latest fixes, it is >> very important to keep the current usage working. >> >>> 1- Break the current ABI: as soon as those patches are merged, >>> stm32mp157c-dk2.dtb will impose to use >>> A tf-a for scmi clocks. For people using u-boot spl, the will have to >>> create their own "no-secure" devicetree. >> >> NAK, this breaks existing boards and existing setups, e.g. DK2 that >> does not use ATF. > >>> 2-As you suggest, create a new "secure" dtb per boards (Not my wish >>> for maintenance perspectives). >> >> I agree with Alex (G) that the "secure" option should be opt-in. >> That way existing setups remain working and no extra requirements are >> imposed on MP1 users. Esp. since as far as I understand this, the >> "secure" part isn't really about security, but rather about moving >> clock configuration from Linux to some firmware blob. >> >>> 3- Keep kernel device tree as they are and applied this secure layer >>> (scmi clocks phandle) thanks to dtbo in >>> U-boot. >> >> Is this really better than >> #include "stm32mp15xx-enable-secure-stuff.dtsi" >> in a board DT ? Because that is how I imagine the opt-in "secure" >> option could work. > > The dtbo usage could avoid to add another st board (actually a secure > config) in arch/arm/boot/dts. It isn't even a board, it is a configuration. Could you detect this secure/non-secure state at runtime, have both clock options in the DT, and handle it accordingly ? That might be even better option.