Received: by 2002:ac0:e34a:0:0:0:0:0 with SMTP id g10csp822450imn; Tue, 26 Jul 2022 10:11:46 -0700 (PDT) X-Google-Smtp-Source: AGRyM1s4sRyL+0Ahf02/uYR8sQGO8/W176fL+99eoDCxSaDA6CsnfPvzQ8GyLic4jGI6RdEi9sOf X-Received: by 2002:a17:90b:4c4a:b0:1f1:f3d2:d3db with SMTP id np10-20020a17090b4c4a00b001f1f3d2d3dbmr200886pjb.202.1658855505770; Tue, 26 Jul 2022 10:11:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658855505; cv=none; d=google.com; s=arc-20160816; b=VAJ5FKquEmqwjWkVNhSKXUqSO/9z22XRwWuMlMvsRRe/xyoFjqHg6P7WVywvsNwkU4 KNpaKti5le1nQBYAYP9OKPHW9kP4uH3eMZEAEgTPNt4IIbq58aDrYkMAhKGc/VV4ESdC J2Lsec30IGSCn2+QnzZY2EJroEuRE4g3ww+tZ90cXhQDoi9B70eilDJfc9lRzTf5lSRI olToUmpXwQDgVV9QRTckFXLHVviwscJ06N0YLCoTEn7UAr3IqSO8mWajzddZon0ib8E+ aEsX4i0rH0ZD9SKvC2eZkdgbA7K42vq04D+lr0mrN1abHnLuxFOsTT7x5PIw+0M3Oy+o hxZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=NbaTapVTjMuA8ZsqkyiWb1fIAjT6txQZhbh0GKz3IA4=; b=UxCyo+Au6SHA6BYsjnWz2jzY4sso+jJhHeR/a8zjJtE5XrDHeOo8oT/k13ecpHWHog Fp0K0HLMj+nC0ysHiVmMgwIZA3HCQA7KwKLlPufpGnMNMXXw9GFYwONm5jk/bcLhkQCn cxZhMsSz3mH29hh8DcrRAwwKO50iTcskIIdYyFl99KwMO2eUHZXpm4q9XksRX0TFD0Xk AeknFPVougv3JUGNrtG7k4VV+8cdTpxL9LjNQ5EdMtkNwSAP+U8/lj6Fbsf0KMyn+z6z z8LBrwGDUM5JmtO+4Hdci7uhppjNVBxFM0ex9GyD/45/2PRUV0XOy68PpAqmiue7jfdu e4pA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=VnVDHcXs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f127-20020a636a85000000b00419b1269177si17399035pgc.597.2022.07.26.10.11.30; Tue, 26 Jul 2022 10:11:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=VnVDHcXs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230388AbiGZRBe (ORCPT + 99 others); Tue, 26 Jul 2022 13:01:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38280 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231896AbiGZRBc (ORCPT ); Tue, 26 Jul 2022 13:01:32 -0400 Received: from mail-ej1-x62e.google.com (mail-ej1-x62e.google.com [IPv6:2a00:1450:4864:20::62e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3DCF42A411; Tue, 26 Jul 2022 10:01:31 -0700 (PDT) Received: by mail-ej1-x62e.google.com with SMTP id b11so27227982eju.10; Tue, 26 Jul 2022 10:01:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:content-language:to :cc:references:from:in-reply-to:content-transfer-encoding; bh=NbaTapVTjMuA8ZsqkyiWb1fIAjT6txQZhbh0GKz3IA4=; b=VnVDHcXsW+0Sq6u9pAephU5mG5MRWuSSMurKkVzEhqGpxhbqkcxn4RX5CjYbgtlkgJ M3LAb15RQpPWO8g/X0cgPUK79Ma60vU+Jy7N1H6539UgeK8jXWzP+vM7w+RV7oRYdSwo KaS/ERr+QNuWRN7zH4zEKDpPlaTkRYK192/PWbA4Y6NlSnl/7yrFvZx3tYAqSIbIOpab WkTiIv3+y0CpJGLE6rIkEN1DX+8j5/R3G7tNwkQXJ9GnRfq6D+xTvAJs53KKKcV7Ui7n b1xcC0MKOFf8CpQ3HSok2ASM7iNUvh4DB0qZpAiWt03qIghViz1UxmzmIFsbpYOY9XpV 0+Dg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=NbaTapVTjMuA8ZsqkyiWb1fIAjT6txQZhbh0GKz3IA4=; b=xnHDcStvwmnfLuzbZuFLIal40gcw6wz7e/BEJJorRHN80SEj4aH8G6/jK3xONxmBDn Q7hCOw4tq/76Z5cFrlCOd7zwVKUV9lNt3B8makryHS8TrAwcuxIVfSHyK0NGk6Qt0UwE ITRowmlcuv3tLXuZt7SfDGeMrwGj6p/2KmV92NoZHcwu/8yxu3n2PIdnGMil85CFTlU5 d0vaZAfFdtFEtbW6xOAKWYtN4d3aSeBUTq5xDfTBYbPCOscKLJWULoRqItBd/YneM6Id 7fwr5Uk3qno2dckk1fyLux3hB3Gv0ou7sEhNRYJapfKQ/pWFsqXLbmcjTXCaivwOr1pm 6uqg== X-Gm-Message-State: AJIora/9DSQ+diIZxV/U8/5+ILTh0dL/pzTTTapFwhuNYewOzsXSpQeW 6bdBVbPx1NQuUsKjhpR+ja0= X-Received: by 2002:a17:906:cc0e:b0:72b:311b:8ed9 with SMTP id ml14-20020a170906cc0e00b0072b311b8ed9mr15002494ejb.186.1658854889674; Tue, 26 Jul 2022 10:01:29 -0700 (PDT) Received: from [10.30.0.4] ([37.120.217.82]) by smtp.gmail.com with ESMTPSA id d18-20020a170906305200b006feba31171bsm6670821ejd.11.2022.07.26.10.01.28 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 26 Jul 2022 10:01:29 -0700 (PDT) Message-ID: Date: Tue, 26 Jul 2022 19:01:28 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 Subject: Re: [PATCH 4/4] dt-bindings: firmware: Add Qualcomm UEFI Secure Application client Content-Language: en-US To: Sudeep Holla Cc: Andy Gross , Bjorn Andersson , Ard Biesheuvel , Konrad Dybcio , Rob Herring , Krzysztof Kozlowski , Steev Klimaszewski , Shawn Guo , Cristian Marussi , Greg Kroah-Hartman , linux-arm-msm@vger.kernel.org, linux-efi@vger.kernel.org, devicetree@vger.kernel.org, linux-kernel@vger.kernel.org References: <20220723224949.1089973-1-luzmaximilian@gmail.com> <20220723224949.1089973-5-luzmaximilian@gmail.com> <20220726143005.wt4be7yo7sbd3xut@bogus> <829c8fee-cae5-597d-933d-784b4b57bd73@gmail.com> <20220726154138.74avqs6iqlzqpzjk@bogus> From: Maximilian Luz In-Reply-To: <20220726154138.74avqs6iqlzqpzjk@bogus> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=1.2 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,NICE_REPLY_A, RCVD_IN_DNSWL_NONE,RCVD_IN_SBL_CSS,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Level: * X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 7/26/22 17:41, Sudeep Holla wrote: > On Tue, Jul 26, 2022 at 05:15:41PM +0200, Maximilian Luz wrote: >> >> So ultimately I think it's better to add a DT entry for it. > > I disagree for the reason that once you discover more apps running on the > secure side, you want to add more entries and update DT on the platform > every time you discover some new firmware entity and you wish to interact > with it from the non-secure side. Just as you'll have to add a driver to the kernel and update whatever is probing the TrEE interface and add those strings to that interface. If you then start doing SoC-specific lists, I think you'd be pretty much re-implementing a DT in the kernel driver... I don't quite understand why this is a problem. I think per device, there's a reasonably limited set of apps that we would want to interact with from the kernel. And for one single device, that set doesn't change over time. So what's the difference to, say, an I2C device? > As along as get this application ID can handle any random name, I prefer > to use that as the discover mechanism and not have this DT. Apart from the above, some apps must also be loaded from the system. And those you can't detect: If an app isn't running, it doesn't have an ID (uefisecapp and the tpm app are loaded by the firmware at boot). Those are mostly vendor-specific things as far as I can tell, or HDCP stuff. So you'd need to specify those as firmware somehow, and since (as far as I can tell) those are signed specifically by/for that vendor and potentially device (similar to the GPU zap shader or remoteproc firmware), you'll need to use per-device paths. That means you either hard-code them in the driver and have a compatible per model, do DMI matching, or something similar (again, essentially baking DTs into the kernel driver...), or just store them in the DT (like we already do for GPU/remoteprocs). While you could hard-code some known loaded-by-firmware apps and use the DT for others, I think we should keep everything in the same place. Windows uses a hard-coded list of supported apps in the driver (to specify which apps the driver supports) and in addition to that uses Registry entries (added via .inf files) to specify which app is supposed to be present on the device and, for apps that need to be loaded, where the firmware to be loaded is stored. It only ever attempts to connect to those apps that are marked present in the registry. Which, again, may be model/vendor specific. And this is another reason I'm hesitant to use that function: Windows doesn't use it in this way and that I don't know whether there can be any subtle breakage or unexpected behavior if we use the function like that (i.e., who's to say some broken firmware returns "app is present" but the app is broken?). Regards, Max