Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp2075038ybi; Thu, 20 Jun 2019 08:43:22 -0700 (PDT) X-Google-Smtp-Source: APXvYqxNC6teRqcj6ixnLyqz7ObZWjjNAGyxS+U1QFXdq5Q7j97gvUT4N6jsfaRvA5hjp5ZwK5wP X-Received: by 2002:a17:902:2ac1:: with SMTP id j59mr52912585plb.156.1561045402716; Thu, 20 Jun 2019 08:43:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1561045402; cv=none; d=google.com; s=arc-20160816; b=t+QJoTNM5HN6MGw4dUELIqAj+6Q0tHWwwWE+sYNk2RUhcoo+2uKnO+FJRSJPXx3wMN o2bnYgkR+Vj2TpQugMCgXCulNKb3lE/n3fNrb6WZ7mzkmiSzb0ahSHFBQHh60N5BS+xS I6XZfjCCXzEz5MX7ppP0Zt3Q51SFkq0kA8LMSz/3JZ6rKXoswXrbtDMOIjbtJy9Om1AU 63p+4+vsFi0tBN9Q3xi9cLlblK5IJR0xx0soszcgbjziiaildNGJlh5R0lNcQJLBtdTd fIZhB6Si+JFk5u46tmurJ43ROY/eS/hm6qyti3adFT1o3KY25M3m9NcYpv+ime2flgcE rHDg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=E+o6l3p7jwQcAmM7XDWFD74CjGbtiuctP57rjmTx5sU=; b=JKX4U7/3SjK1ir6qzj3OaN4N+fc0BaopfiXSfuRaNGZlHeRddGyjUiMK2XvK2GIZsg jwzDChISSzR9bMYYFB+jYLZDU5+8A1HISb1YfxmkHc65SecXjYZt7vlEV2vHAMsHATxr 9MkqIuJqRj7gvddnPWHrcft6VBbrKVBR5FQtiAQmNoiAevKwQAZU2G6daMV1wn7NLkhh Sr61Huewpe4S18Btac1n0MkBxyQo/e9WBLX9pf97CaGfn+o4nYGI88j0RaI12cC6o3XD BPDLs+1SCx1IBkXM10e68bPMw/tKf6/LNHN56tlLr9NiGoEmdcqa0MZQ/gNIqUHTQyDL BIAg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i10si5819335pgs.231.2019.06.20.08.43.08; Thu, 20 Jun 2019 08:43:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726740AbfFTPnH (ORCPT + 99 others); Thu, 20 Jun 2019 11:43:07 -0400 Received: from relay4-d.mail.gandi.net ([217.70.183.196]:32943 "EHLO relay4-d.mail.gandi.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726530AbfFTPnH (ORCPT ); Thu, 20 Jun 2019 11:43:07 -0400 X-Originating-IP: 90.88.23.150 Received: from localhost (aaubervilliers-681-1-81-150.w90-88.abo.wanadoo.fr [90.88.23.150]) (Authenticated sender: antoine.tenart@bootlin.com) by relay4-d.mail.gandi.net (Postfix) with ESMTPSA id DBFBEE0004; Thu, 20 Jun 2019 15:42:59 +0000 (UTC) Date: Thu, 20 Jun 2019 17:42:59 +0200 From: Antoine Tenart To: Pascal Van Leeuwen Cc: Antoine Tenart , Pascal van Leeuwen , "linux-crypto@vger.kernel.org" , "herbert@gondor.apana.org.au" , "davem@davemloft.net" Subject: Re: [PATCH 3/3] crypto: inside-secure - add support for using the EIP197 without firmware images Message-ID: <20190620154259.GE4642@kwain> References: <1560837384-29814-1-git-send-email-pvanleeuwen@insidesecure.com> <1560837384-29814-4-git-send-email-pvanleeuwen@insidesecure.com> <20190619122737.GB3254@kwain> <20190620131512.GB4642@kwain> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.11.4 (2019-03-13) Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi Pascal, On Thu, Jun 20, 2019 at 02:59:20PM +0000, Pascal Van Leeuwen wrote: > > From: Antoine Tenart > > On Wed, Jun 19, 2019 at 02:37:44PM +0000, Pascal Van Leeuwen wrote: > > > > From: Antoine Tenart > > > > On Tue, Jun 18, 2019 at 07:56:24AM +0200, Pascal van Leeuwen wrote: > > > > > > > In addition to this, the direction the kernel has taken was to *remove* > > > > binary firmwares from its source code. I'm afraid adding this is a > > > > no-go. > > > > > > For a HW engineer, there really is no fundamental difference between > > > control register contents or an instruction word. They can both have > > > the exact same effects internal to the HW. > > > If I had disguised this as a handful of config reg writes writing > > > some #define'd magic values, probably no one would have even noticed. > > > > I do not fully agree. If this is comparable to configuring h/w > > registers, then you could probably have defines explaining why each bit > > is set and what it's doing. Which would be fine. > > > Strictly speaking, we (and probably most other HW vendors as well) don't do > that for every register bit either, not even in the official Programmer Manual. > Some bits are just "you don't need to know, just write this" :-) That's right... :-( > > > By that same definition, the tokens the driver generates for > > > processing could be considered "firmware" as well (as they are used by > > > the hardware in a very similar way) ... > > > > Right. The main difference here is we do have a clear definition of what > > the tokens are doing. Thanks to your explanation, if this firmware is > > really looking like the token we're using, the words have a defined > > structure and the magic values could be generated with proper defines > > and macros. And I think it's the main issue here: it's not acceptable to > > have an array of magic values. If you can give a meaning to those bits, > > I see no reason why it couldn't be added to the driver. > > > > (And I'm all for what you're trying to achieve here :)). > > > Now we're reaching a tricky subject. Because I think if some people here > find out those token bits are explicitly documented in the driver, they > will not be so happy ... (don't worry, I won't wake any sleeping dogs :-) > We provide this information to our customers under NDA, but it's > obviously quite sensitive information as it reveals a lot about the > inner workings of our HW design. > > The encoding of the microengine control words is considered even > more sensitive, so we don't even provide that under NDA. > Adding that to the driver will probably get me in trouble. I fully understand this. This is not perfect, but at least it's the way it is right now. > So maybe putting these images in /lib/firmware is unavoidable, but > I'd really like to hear some more opinions on that subject. Yes, you either have to choice to put it in /lib/firmware (and in the linux-firmwares project!) or to convince people to allow releasing this. We can wait for others to hop in on the discussion, of course. Thanks! Antoine -- Antoine T?nart, Bootlin Embedded Linux and Kernel engineering https://bootlin.com