Received: by 2002:a05:7412:798b:b0:fc:a2b0:25d7 with SMTP id fb11csp444126rdb; Thu, 22 Feb 2024 08:24:50 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXauNZSG/j8s6dJKF9XN5wqexWTHIDKpO/08sAJ7vb2/A9/XJPaGLEtHCLaDNBsnSSSF0ZBGwomsHseLSJTVJydfJ/DGobXH5N4VMfUWw== X-Google-Smtp-Source: AGHT+IE56IGxPOrvo/JvsK4+yHbzbtB/G/6EtomW2roq4GetsWtnqv0hpWhsz2CTm4zAWRMNRm83 X-Received: by 2002:a05:6a21:3383:b0:1a0:ddad:dbf1 with SMTP id yy3-20020a056a21338300b001a0ddaddbf1mr512147pzb.37.1708619090397; Thu, 22 Feb 2024 08:24:50 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708619090; cv=pass; d=google.com; s=arc-20160816; b=axdJSt7/3HqtBdXVD8zWGkmIBCyyRgXh+jByGlJ1nJaue8nka6+YObcW1nErhy5R16 YE5kfH8WJ6Pxs6fmIiDUGE0Zh1+quR32DTa65vE9N5ZgB0SjBAl49h1Xcii6HNluNPvx dK8Z4N854cX9a/cU12IYLlvc32h85bUVf8RWNKtzTYm2/J/EcmT1HyiCYIhBsnkC+vtG E5OHaPC9JE37b2DH8BgTLvTFSrgUmwY/bumgjSO+s07VqBj79AbhH3PvTGgk/hhNAC46 Qm/appeyUfI0fBu+Zhl6XdLpMNrOPL6CI/0z9aDrxlmECnc/t9TsaRRM1yhYvdNWQYLf t9pw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=bHZNKNWPjrBTR9qsh5AP/XHTKz3QTL5wx4YnCqn5+DU=; fh=klCH41QRyVikRYF7lzKFU6l5C1WLXxv3FrPkWVuv+8U=; b=xqy+Xp8fM1VcTCaPjbrgoweGibXM8ouBceJJ/xzMumXReneak9jrn6LwEDAlaFLgof csBahjQq+juMhtzOAwbJHUIcQgVUsvIe8zk2Bmpx2QlwUH8qDpqeCFRyd68FnENyFVTa NwbotWVxsGqkgaXag+fOqr5wT1C6S5mA4uV2N2FZApFSLdk03Rg+AfRCVi7UkaTLfkU+ zc0mXdFC7Wx1mv9SfTkfEQynS/HzjNtB6Klvd5I9RJNgHfEdeHJtSnf8ER8RbaW4dIYd 2VazXJxv1k01Ubqj3eGo4w2g5zPBmZT420Cs3FkRDYjd1x++8rATSQp8sCyjxYI6aHKJ 36wg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@bgdev-pl.20230601.gappssmtp.com header.s=20230601 header.b="PYcpE/Dg"; arc=pass (i=1 dkim=pass dkdomain=bgdev-pl.20230601.gappssmtp.com); spf=pass (google.com: domain of linux-kernel+bounces-76871-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-76871-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id lo13-20020a056a003d0d00b006e4be08ae7fsi2845172pfb.366.2024.02.22.08.24.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Feb 2024 08:24:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-76871-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@bgdev-pl.20230601.gappssmtp.com header.s=20230601 header.b="PYcpE/Dg"; arc=pass (i=1 dkim=pass dkdomain=bgdev-pl.20230601.gappssmtp.com); spf=pass (google.com: domain of linux-kernel+bounces-76871-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-76871-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 1B6EE287FE5 for ; Thu, 22 Feb 2024 16:24:50 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 0C218151CED; Thu, 22 Feb 2024 16:24:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=bgdev-pl.20230601.gappssmtp.com header.i=@bgdev-pl.20230601.gappssmtp.com header.b="PYcpE/Dg" Received: from mail-ua1-f50.google.com (mail-ua1-f50.google.com [209.85.222.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1E2C01534F5 for ; Thu, 22 Feb 2024 16:24:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.50 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708619074; cv=none; b=NWxx7ElMYb/SSqpUeqALE/XtlFp51RqrWKprZQhNr7G6THEhUTmOxgp0mMndiGmQfznM4qSkuhbyiMddfAIzDnT6JLv2tjrPt7C4CB3MfgBs+yx75CdUqkTaYbtvNB+vIiAw19ScDVLIWKfyLk2DKaJEWJ4pv3MAA17t0QV4GIU= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708619074; c=relaxed/simple; bh=O1kCwimtBhHwx5ieCprlpCnPISoK/7BjHdqpNvWzRM0=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=XFa6+ft2SeHko4KDopf9GSGkpp6r44dsBnI3hgPvu6CyGFPOp4Pzvef3bVOfwp+/nnoviHPHfXKbkAkCopZvSrTACNQAOtUddKThOTeNq13h2H3lZHwg4gzydTj7MnLi6RMpJgnRChZXKzqUSzjSljaXAxMQPvFCcvhr71TeDpA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=bgdev.pl; spf=none smtp.mailfrom=bgdev.pl; dkim=pass (2048-bit key) header.d=bgdev-pl.20230601.gappssmtp.com header.i=@bgdev-pl.20230601.gappssmtp.com header.b=PYcpE/Dg; arc=none smtp.client-ip=209.85.222.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=bgdev.pl Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=bgdev.pl Received: by mail-ua1-f50.google.com with SMTP id a1e0cc1a2514c-7ce3c7566e0so3758068241.1 for ; Thu, 22 Feb 2024 08:24:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bgdev-pl.20230601.gappssmtp.com; s=20230601; t=1708619071; x=1709223871; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=bHZNKNWPjrBTR9qsh5AP/XHTKz3QTL5wx4YnCqn5+DU=; b=PYcpE/DgCwu+2rPaVfFCbRKG71tw7dsQi3mw+eOC5DQy5+PFYHrCGjalqQcI0M6AE/ z+JmQ4IuS2qjItdvf6zhM3hORQdbO8UMSGDiHbY+dpX+rFKA6BdXEkQA2YEWxd3/XTFC aGPttOeStYVmRcmaDLmAM0cEqyKUvCMBehTZZzhsZVBFk//21MPvjIjC0RvFQvz5sqsH mIN8hz+Yg87lSMbUWkSjy5T+uii3gO1D141PukAdYAKF5gslBoKIeipXthdHk+rLoUHp A1pVryHDJvAnkCDRW+ZPq8edlR3RWvWpHxvj3Hr18POFPufRWctY2PBOAcx+09mEmskF RI4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708619071; x=1709223871; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bHZNKNWPjrBTR9qsh5AP/XHTKz3QTL5wx4YnCqn5+DU=; b=gIt0Z02zLbH2xOftb/kyYWWD+GVByZlDAAWxFPSF7ZBEaRpcuMJDOf7/LCgDB9NW3X gvEgVw+vXGWgt+y2/CXj5dFYL8/aBYPd/+K5pKoXCTLQFjgVfbGLq6hILxsUY2AJ5ACq 1eAALb/XVE6f0hzr6yzIrw5I53cWpUAIIGfHrq1dWByX3AdPQfg87KarY8ce57JUrT/q 2ar1SZivaU93T1kQ9NM+GphMAGYJsOGe8oIpZQ5b7Nsoiyzr8YZquAsnE+1yXNnZkgXf KQ8oc1UFWIoZN98kTpW4NiZ8gs7Zrlp9SonWppqGptSVvQGMVbp7ZF1CFaTHLNRqk3CS C5CA== X-Forwarded-Encrypted: i=1; AJvYcCXAL5/NsrrJ6WccjKHm/deNRNYa/oQGowdnYTEPJG3aM1dJsKsrt5vabHIskoH8Cp56Ii6VMa2B8D2USoKGgkiHFnDFadTHn5eRKy0v X-Gm-Message-State: AOJu0YwDHrQqlCozHa9128tpkHD0KlguDvdCC7lyTU54V50We7qgAvUQ e3eWtHuxRh1cBXtKwy4QBEPLT9qkkUa9FF3eVFW7E7w58YgoxXn/igToSFP4W3OH2HdKC5OIpr5 7THdfvpU22x4IjTxmW0zriX0WD4sYb+dpxeTjzw== X-Received: by 2002:a1f:4f02:0:b0:4c0:2d32:612f with SMTP id d2-20020a1f4f02000000b004c02d32612fmr14254274vkb.15.1708619070874; Thu, 22 Feb 2024 08:24:30 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240205182810.58382-1-brgl@bgdev.pl> <20240205182810.58382-11-brgl@bgdev.pl> <7pybw4wxlzxfl65yuqxzks5w7uq52hosyq53etlzas6i6o5l6d@vxd4sykcxora> In-Reply-To: <7pybw4wxlzxfl65yuqxzks5w7uq52hosyq53etlzas6i6o5l6d@vxd4sykcxora> From: Bartosz Golaszewski Date: Thu, 22 Feb 2024 17:24:19 +0100 Message-ID: Subject: Re: [PATCH v7 10/12] firmware: qcom: tzmem: enable SHM Bridge support To: Bjorn Andersson Cc: Andy Gross , Konrad Dybcio , Elliot Berman , Krzysztof Kozlowski , Guru Das Srinagesh , Andrew Halaney , Maximilian Luz , Alex Elder , Srini Kandagatla , Arnd Bergmann , linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kernel@quicinc.com, Bartosz Golaszewski , Deepti Jaggi Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Sun, Feb 18, 2024 at 4:41=E2=80=AFAM Bjorn Andersson wrote: > > On Mon, Feb 05, 2024 at 07:28:08PM +0100, Bartosz Golaszewski wrote: > > From: Bartosz Golaszewski > > [snip] > > > > +config QCOM_TZMEM_MODE_SHMBRIDGE > > + bool "SHM Bridge" > > + help > > + Use Qualcomm Shared Memory Bridge. The memory has the same alig= nment as > > + in the 'Default' allocator but is also explicitly marked as an = SHM Bridge > > + buffer. > > + > > + With this selected, all buffers passed to the TrustZone must be= allocated > > + using the TZMem allocator or else the TrustZone will refuse to = use them. > > It's funny how this is the only place in the whole series I can find > this mentioned. One could from this statement guess that the eluding > scminvoke requires shmbridge and that this patch series exists solely > to facilitate the requirement stated in this paragraph. > Yes, scminvoke *requires* SHM bridge. So does the wrapped key support. No, this is not the only reason as - as stated by Srini - it improves overall safety of the system for all users. > Either this guess is correct and this should have been made clear in > the commit messages, or I'm guessing wrong here, in which case I need > some help to figure out why this series exists. > This series exists and IMO should get upstream soon to facilitate adding new security features (in addition to improving existing ones). As there are at least two such features in development (mentioned above) pushing this series upstream will make it easier to develop them independently. Bart [snip]