Received: by 10.223.164.202 with SMTP id h10csp580027wrb; Thu, 30 Nov 2017 04:19:06 -0800 (PST) X-Google-Smtp-Source: AGs4zMbYyVwO60UVPn5JfGWpaGJGnM256GZRL7g0EfP4t9KHjM9wShJ7eKLe411h+6Xy+TTZj/6L X-Received: by 10.84.133.1 with SMTP id 1mr2427741plf.203.1512044346108; Thu, 30 Nov 2017 04:19:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1512044346; cv=none; d=google.com; s=arc-20160816; b=hg8MC701lOPjpgqQq0CLIdlON0PlJ4uAjAgHWStfojjqxGHi9PawuiOKQ/YqVMYnjg yU+/KTxmyO+snSQOGj2GzQt1LPUcHYwj9tbdbh7EEIr5kSEpFqsxwqvQPlfJR5QhZ6+j 8PYfT3M6y1dxOBVsnAU2XOb0uKWEXkSIiuzQmGJB9fXlNl2jPF4e69MUHzV0LHqIr/5z /Y99y7Rk54l/VvxiyzBdzYhoBOVVXq6JvtHDBegt0fwSIhaMbVLlzD6gjQ6RCmdaxv1n VdaObLt93m5s+Ej0Qw2Qk7YQlhlUyAOpt6hdFFI0XIfNVqplqBZ9MnhPWExnwjvRFBK2 l6AA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=muJOcFUvVM2GveKTS1bOPCo6tVMcFOqofB0iEbziowc=; b=UwOpCMaKUCv6W9rjAe5C4unep7C3rX/e+dD3oA895taOOvjVSPayHf3fct7nwz6Tef 6cVVefwgBmgjs4YE6Q6pxeSLYRUhe6yT2bfBl52rwQ3UK9vpFKlhAyiuRy0OmRPI7Ql9 rl1kW8uJ/9p1051WY+/0sn635LlEOjSJ5FlfdkwI0V0b5nE6nGAsUNvTAnUl9VCGC+Al kCZrowZ1cKG/xBx5p1xhPj5aa1yykfCjhHRTggzpKJZc+9wbRttABNy2pt/QyPVSrA6w pBy3vFUsWOJyE18zqLYA3D/7NTK9D+Q4YBKgKnfMYqdGXPM0u7zeNAvWgeGikTlFW0k+ 2sjA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=BqfBcBE7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j4si3009642plb.812.2017.11.30.04.18.52; Thu, 30 Nov 2017 04:19:06 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=BqfBcBE7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752577AbdK3MSZ (ORCPT + 99 others); Thu, 30 Nov 2017 07:18:25 -0500 Received: from mail-pg0-f66.google.com ([74.125.83.66]:35157 "EHLO mail-pg0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751065AbdK3MSX (ORCPT ); Thu, 30 Nov 2017 07:18:23 -0500 Received: by mail-pg0-f66.google.com with SMTP id q20so2927415pgv.2; Thu, 30 Nov 2017 04:18:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=muJOcFUvVM2GveKTS1bOPCo6tVMcFOqofB0iEbziowc=; b=BqfBcBE7YYQzoSHWr84Se9qE6VKnsaGqz5BexGsfx/8g7ds6gzia60jmih0UD11X4J Trs+JXz2c2W6HgzjQ5V14RAaYg7tlzQjrmMVHzrPdR2VJCLUyqhHdTEWeHCeso6SSKiQ Xro9aeVJ4Exa/TTwwp0L1c/KQueSUcBZkqk6Hv1IrzxQtCSUXmUaz4YMufHSnoUxDYl9 FyZafs4l9TEVcLT+Bl/65kbAibZfqnSpqEVRaldtIK2GPntaNsovhoSFW0TeaJnOr+jA PnEeHHCkIByMpVYMRm99Z4/yeDZ7wn5zg6fBCfpcci249+9lGbk+vo7Jue/kZSJ2FUHG WunQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=muJOcFUvVM2GveKTS1bOPCo6tVMcFOqofB0iEbziowc=; b=IDvAzeKVqMh9ON0R75OGKEX84Z2ep/UafgXRe2WfenKFMs6PvkM10f4jCNfUckFuPZ rnQ3V1xnjiir6eVucbrDPZDO6m3v68Z1X5jU//6C79810dIW6hsi356GGK5+ifzMhViP Gmq06QfiACzhaCq5fdxZrGShMTnb0cMowe9SNZVsK7WVvYEprPNP7v3mYj3Hs6mHN/A0 Nbrt6io/R7JBj0mviBgfjEo+Vpcg7TkOLkot7HXDT7Gi2cJ0y4efMf1o4dbuVB958tPz zjp9Dg50x3ufWXg6udhEOJgJVRyTOJv0EQlZVOEZOboFYat3r+FUY6VVTMOonfd7RZ0s TYeg== X-Gm-Message-State: AJaThX4JZYjSX38wfjaybMJQTPpzMmxmod/pjs0Ket8cokRuMBGemU6+ w5xUXO1l5K6bhNfkqJVEceQ= X-Received: by 10.98.15.212 with SMTP id 81mr6545457pfp.106.1512044303372; Thu, 30 Nov 2017 04:18:23 -0800 (PST) Received: from [192.168.43.210] (mobile-166-170-39-52.mycingular.net. [166.170.39.52]) by smtp.gmail.com with ESMTPSA id v25sm7002517pgc.78.2017.11.30.04.18.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 30 Nov 2017 04:18:22 -0800 (PST) Subject: Re: [RFC 0/2] of: Add whitelist To: Rob Herring Cc: Alan Tull , Pantelis Antoniou , Moritz Fischer , "devicetree@vger.kernel.org" , "linux-kernel@vger.kernel.org" , linux-fpga@vger.kernel.org References: <1511816284-12145-1-git-send-email-atull@kernel.org> From: Frank Rowand Message-ID: <157eebaf-89a9-a230-e56b-d98a8e1e26bf@gmail.com> Date: Thu, 30 Nov 2017 07:18:09 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 11/29/17 08:31, Rob Herring wrote: > On Wed, Nov 29, 2017 at 3:20 AM, Frank Rowand wrote: >> On 11/27/17 15:58, Alan Tull wrote: >>> Here's a proposal for a whitelist to lock down the dynamic device tree. >>> >>> For an overlay to be accepted, all of its targets are required to be >>> on a target node whitelist. >>> >>> Currently the only way I have to get on the whitelist is calling a >>> function to add a node. That works for fpga regions, but I think >>> other uses will need a way of having adding specific nodes from the >>> base device tree, such as by adding a property like 'allow-overlay;' >>> or 'allow-overlay = "okay";' If that is acceptable, I could use some >>> advice on where that particular code should go. >>> >>> Alan >>> >>> Alan Tull (2): >>> of: overlay: add whitelist >>> fpga: of region: add of-fpga-region to whitelist >>> >>> drivers/fpga/of-fpga-region.c | 9 ++++++ >>> drivers/of/overlay.c | 73 +++++++++++++++++++++++++++++++++++++++++++ >>> include/linux/of.h | 12 +++++++ >>> 3 files changed, 94 insertions(+) >>> >> >> The plan was to use connectors to restrict where an overlay could be applied. >> I would prefer not to have multiple methods for accomplishing the same thing >> unless there is a compelling reason to do so. > > Connector nodes need a mechanism to enable themselves, too. I don't > think connector nodes are going to solve every usecase. > > Rob > The overlay code related to connectors does not exist yet, so my comment is going to be theoretical. I would expect the overlay code to check that the target of the overlay fragment is a connector node, so there is no need to explicitly "enable" applying an overlay to a connector node. -Frank From 1585450677584065838@xxx Thu Nov 30 00:59:51 +0000 2017 X-GM-THRID: 1585254667994231857 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread