Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp635941ybi; Wed, 19 Jun 2019 05:28:30 -0700 (PDT) X-Google-Smtp-Source: APXvYqy2fuEc6K/2ub7QNyReZJsgb1SNTQ6FknFpuz6qOtWLV/9zmdQWxXzivB+sHmER6BUGv9XL X-Received: by 2002:a62:4c5:: with SMTP id 188mr125327203pfe.19.1560947310701; Wed, 19 Jun 2019 05:28:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560947310; cv=none; d=google.com; s=arc-20160816; b=YMHJSMs1/cglPdYBlLkusL0BIMop9Q3DrCDQKvNeuiRfy1poJ4xpGRSa3+mvLh4iiz yZdEgjpFv9734VGIwdwWcwMuqACEGrPfhs6CLEAffIrZiiPhUp321nca2Qfm/WnPvkAI WcJyEwgLasbIi0mFsw/rdJI8zZ1Zk0+IUUHhYPWqPAi6fledXAV5YwkO2ecJf60PzIA0 6nvyC5sBlBhqquX38BW86enl9I/DWcOzOAilv0ip8e5X+ZkHwYpDJtKdRfiVPQol20gN FcJAD8QEa8lxMF41hC6dNZMv0XeLSzO612q1nIk08tZUWMXx0mUjb5ApKAsgbPGNfuFd yrIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=/36+lJff0fMrDdy8R35kvZNEMFq1PiuoJ1aoI1zI0Hw=; b=Y05+tTUu4gzn33AVUhHYu4O3Vfj04xp4pIZQPaPV6csmMa2ClgpGWAUalW2oD0yDWH 6WJSVxLfBDT6Y4+CI056eNY9DlnKmNKPLWATv91ZBgfKnYfMdSffbWY0yFh1pxEhq+Cf l5v0NIhWJEjVv7m2XfjVZUqQKmG04BmAtMMXsYxKvqf+N/pOI2Cg+ZT6D/dtcnZQZhPD joc/hZa7o1HGVjtEm8s5tLZ4SnNpxAU4U25tcpvFr8bsvI71/GR2ceTt1+YUF1ivfp+8 tI5/nlrsf2WK4jJwXW/qWJfvRY6yYkRPVrSnGDWsTNg0eq+6/4FcI6/tU9/26maGlDEJ dEXQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t11si528417pgn.369.2019.06.19.05.28.13; Wed, 19 Jun 2019 05:28:30 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731178AbfFSM1m (ORCPT + 99 others); Wed, 19 Jun 2019 08:27:42 -0400 Received: from relay2-d.mail.gandi.net ([217.70.183.194]:57079 "EHLO relay2-d.mail.gandi.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727068AbfFSM1m (ORCPT ); Wed, 19 Jun 2019 08:27:42 -0400 X-Originating-IP: 90.88.23.150 Received: from localhost (aaubervilliers-681-1-81-150.w90-88.abo.wanadoo.fr [90.88.23.150]) (Authenticated sender: antoine.tenart@bootlin.com) by relay2-d.mail.gandi.net (Postfix) with ESMTPSA id 1C88940003; Wed, 19 Jun 2019 12:27:37 +0000 (UTC) Date: Wed, 19 Jun 2019 14:27:37 +0200 From: Antoine Tenart To: Pascal van Leeuwen Cc: linux-crypto@vger.kernel.org, antoine.tenart@bootlin.com, herbert@gondor.apana.org.au, davem@davemloft.net, Pascal van Leeuwen Subject: Re: [PATCH 3/3] crypto: inside-secure - add support for using the EIP197 without firmware images Message-ID: <20190619122737.GB3254@kwain> References: <1560837384-29814-1-git-send-email-pvanleeuwen@insidesecure.com> <1560837384-29814-4-git-send-email-pvanleeuwen@insidesecure.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1560837384-29814-4-git-send-email-pvanleeuwen@insidesecure.com> User-Agent: Mutt/1.11.4 (2019-03-13) Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi Pascal, On Tue, Jun 18, 2019 at 07:56:24AM +0200, Pascal van Leeuwen wrote: > > static int eip197_load_firmwares(struct safexcel_crypto_priv *priv) > { > + /* > + * The embedded one-size-fits-all MiniFW is just for handling TR > + * prefetch & invalidate. It does not support any FW flows, effectively > + * turning the EIP197 into a glorified EIP97 > + */ > + const u32 ipue_minifw[] = { > + 0x24808200, 0x2D008204, 0x2680E208, 0x2780E20C, > + 0x2200F7FF, 0x38347000, 0x2300F000, 0x15200A80, > + 0x01699003, 0x60038011, 0x38B57000, 0x0119F04C, > + 0x01198548, 0x20E64000, 0x20E75000, 0x1E200000, > + 0x30E11000, 0x103A93FF, 0x60830014, 0x5B8B0000, > + 0xC0389000, 0x600B0018, 0x2300F000, 0x60800011, > + 0x90800000, 0x10000000, 0x10000000}; > + const u32 ifpp_minifw[] = { > + 0x21008000, 0x260087FC, 0xF01CE4C0, 0x60830006, > + 0x530E0000, 0x90800000, 0x23008004, 0x24808008, > + 0x2580800C, 0x0D300000, 0x205577FC, 0x30D42000, > + 0x20DAA7FC, 0x43107000, 0x42220004, 0x00000000, > + 0x00000000, 0x00000000, 0x00000000, 0x00000000, > + 0x00060004, 0x20337004, 0x90800000, 0x10000000, > + 0x10000000}; What is the license of this firmware? With this patch, it would be shipped with Linux kernel images and this question is then very important. In addition to this, the direction the kernel has taken was to *remove* binary firmwares from its source code. I'm afraid adding this is a no-go. The proper solution I believe would be to support loading this "MiniFW", which (depending on the license) could be either distributed in the rootfs and loaded (like what's done currently), or through CONFIG_EXTRA_FIRMWARE. This should be discussed first before discussing the implementation of this particular patch. Thanks! Antoine -- Antoine T?nart, Bootlin Embedded Linux and Kernel engineering https://bootlin.com