Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp2852772rdb; Mon, 4 Dec 2023 09:09:41 -0800 (PST) X-Google-Smtp-Source: AGHT+IEeZB6akW5LJ2WFjdQyg8bvaAAGD4bvyspp1ivjFLehSFfPX76uIJSGT4xy/AudpsnFEYIY X-Received: by 2002:a05:6a00:b46:b0:6ce:2731:7a06 with SMTP id p6-20020a056a000b4600b006ce27317a06mr1569739pfo.60.1701709781583; Mon, 04 Dec 2023 09:09:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701709781; cv=none; d=google.com; s=arc-20160816; b=AQeu0FjqRtSSVOMPJyi405Oh9rOm+5Omv8EGsmpoXMLt9tJX6gLqFUe08t6VrQOEyx GubyxobPDSGGBfKPyyvo2g5pxlKhFExVjtQNZFeo0IL5OhBxItJkRM1Vdar/KOR5Q9/c ItUEwIXZIPq8BVk7UtwMFS74FGK0vsy5kV6exY+axl4Y272IiCHdGIb4OpBPfSLfn/TE yWwBGBfSL5Bx8JZwb0WCi5Syb+hIsZ36XkX1loW+1M/iFnsYuQwYUnAhUmpALgXdAq3A tGiBb5F7RTKRvJf949Lp9CoJ8QiVaA5Q8YYfI4h3PkEXsWQSUwWvdrz412eeajLTfHxy njUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature:dkim-filter; bh=leU52NKS+4j0SOtSDOYOhhz0uxpcfS2T59lZis83zKw=; fh=+4v4DkMF8ETlpkbLeXhLwvq9CYcIVtV3TSga9lLjQxY=; b=0i+VrbbEJ9XPtD6Nxb+WTpecaVFrzx4HC3Uv9qnwRj7l2ZMbYhS/9Oy+OSTh4tMHLP AoVuNPTXkf9Mqe0QcupdCfyrvtJu413E+/sypfbyYn9/VocC+wSjmggZE+AzOXOS08+3 sakPLGzCvWUUIcviiXpJ4Ap0I+wvjHUC09y2M1NuSyupacn7cF7KOyG41ncwHOnwIVMk GO7uGruu47dA6lcUngL7NuxIi+NlNR1uhgIaLnGlGwNtEhojQ1EyFQoCsICVAzkZfphh dLqAQfq3tZaQ1HuY85nXcTooV8OOiLHve+xNuUE6NtjgWXPt5tx9HD4zq+6hmLtqWpzn 5MXg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@soulik.info header.s=mail header.b="O7ErB/Cx"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=soulik.info Return-Path: Received: from howler.vger.email (howler.vger.email. [23.128.96.34]) by mx.google.com with ESMTPS id fi40-20020a056a0039a800b0068fe12b361dsi8225365pfb.249.2023.12.04.09.09.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Dec 2023 09:09:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) client-ip=23.128.96.34; Authentication-Results: mx.google.com; dkim=pass header.i=@soulik.info header.s=mail header.b="O7ErB/Cx"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=soulik.info Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id 0554E80A6EDC; Mon, 4 Dec 2023 09:09:39 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230523AbjLDRJY (ORCPT + 99 others); Mon, 4 Dec 2023 12:09:24 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49708 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229561AbjLDRJX (ORCPT ); Mon, 4 Dec 2023 12:09:23 -0500 Received: from kozue.soulik.info (kozue.soulik.info [IPv6:2001:19f0:7000:8404:5400:ff:fe00:d7d6]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 544D7F0 for ; Mon, 4 Dec 2023 09:09:29 -0800 (PST) Received: from [192.168.10.7] (unknown [10.0.12.132]) by kozue.soulik.info (Postfix) with ESMTPSA id BB0652FEC41; Tue, 5 Dec 2023 02:09:22 +0900 (JST) DKIM-Filter: OpenDKIM Filter v2.11.0 kozue.soulik.info BB0652FEC41 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=soulik.info; s=mail; t=1701709763; bh=leU52NKS+4j0SOtSDOYOhhz0uxpcfS2T59lZis83zKw=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=O7ErB/CxKhYKG4nlGKr3vsziESDbTDQTjRWFfYVZyrBf+FCitbkZmVsu61itW5BZC BkuhKzQiNSAx5PnL17tMdzbzYPgQ/GBUDRqn9TqyJCCrM6lOdEtd96b7Sl/Toh1ckQ LbywmuN0R9VIAgtnYioVywWwsOj7UpZDT/mMv5eM= Message-ID: <1f282d44-7593-47f2-9572-131323f846a1@soulik.info> Date: Tue, 5 Dec 2023 01:09:26 +0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: Could secure monitor let op-tee handle secure interrupter? Content-Language: en-US To: Sumit Garg Cc: op-tee@lists.trustedfirmware.org, linux-kernel@vger.kernel.org References: From: Randy Li In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Mon, 04 Dec 2023 09:09:39 -0800 (PST) On 2023/12/4 21:54, Sumit Garg wrote: > Hi Randy, > > On Mon, 27 Nov 2023 at 13:03, Randy Li via OP-TEE > wrote: >> Hello >> >> I was wondering whether the current op-tee os support this that secure >> monitor would trigger the op-tee to handle the native interrupter >> without forwarding it to the REE? > I would suggest you to go through this doc [1] to see if it answers > all your questions. If not then let us know, we will help to clarify > further. > > [1] https://optee.readthedocs.io/en/latest/architecture/core.html#interrupt-handling > > -Sumit "When a secure interrupt is signaled by the Arm GIC, it shall reach the OP-TEE OS interrupt exception vector. If the secure world is executing, OP-TEE OS will handle interrupt straight from its exception vector." And Section "Deliver secure interrupt to secure world when SCR_NS is set" I think those are the answer to my initial question. But I didn't see such practice. In the recent changes to Linux kernel, likes OP-TEE notifications, I think the most of platforms would like not let the Secure OS handle the devices' interrupters? I didn't know such a driver in Linux kernel either. When a CPU core, which is holding a spinlock, have been restored to Secure context by monitor, would it halt the other cores which are waiting for the release of that spinlock? Besides, when we use a spinlock in the kernel, in the most of time, we except all IRQs are masked(spin_lock_irqsave), could this masked the secure interrupter? Also, I didn't see there is a guideline about how OP-TEE os should handle native interrupt in this case. If it took too much time, it may lead an innocent process be regarded as hardlockup (or softlockup if it turns to REE after all) in the linux kernel. >> If the answer is yes, could it lead to a dead lock when the linux kernel >> is holding a spinlock(usually irq is disabled in that CPU core) ? >> >> I didn't find much about how should we handle the secure interrupter >> from document, the general way seems to either forward it to REE or just >> don't use the secure interrupter at all. >> >> Let the REE handle the interrupter may not be a good idea, since the >> device could we should ack the interrupter in it, is protected by the >> trustzone, we need to switch CPU to secure mode to handle this tiny task. >> >> I wish I could know more solution about the interrupter here. >> >> Sincerely >> >> Randy >>