Message ID | 20240509-secvio-v1-1-90fbe2baeda2@nxp.com |
---|---|
State | Changes Requested |
Headers | show |
Series | soc: imx: secvio: Add secvio support | expand |
Context | Check | Description |
---|---|---|
robh/checkpatch | success | |
robh/patch-applied | success | |
robh/dtbs-check | warning | build log |
robh/dt-meta-schema | success |
On Thu, May 09, 2024 at 02:45:32AM +0200, Vabhav Sharma wrote: > Document the secvio device tree bindings. reduntant sentence. > > The tampers are security feature available on i.MX products and > managed by SNVS block.The tamper goal is to detect the variation ^^ space here > of hardware or physical parameters, which can indicate an attack. > > The SNVS, which provides secure non-volatile storage, allows to > detect some hardware attacks against the SoC.They are connected ^^ space here > to the security-violation ports, which send an alert when an > out-of-range value is detected. > > The "imx-secvio-sc" module is designed to report security violations > and tamper triggering via SCU firmware to the user. > > Add the imx-scu secvio sub node and secvio sub node description. > > Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com> > Signed-off-by: Vabhav Sharma <vabhav.sharma@nxp.com> > --- > .../bindings/arm/freescale/fsl,scu-secvio.yaml | 35 ++++++++++++++++++++++ > .../devicetree/bindings/firmware/fsl,scu.yaml | 10 +++++++ > 2 files changed, 45 insertions(+) > > diff --git a/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml > new file mode 100644 > index 000000000000..30dc1e21f903 > --- /dev/null > +++ b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml > @@ -0,0 +1,35 @@ > +# SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) > +%YAML 1.2 > +--- > +$id: http://devicetree.org/schemas/arm/freescale/fsl,scu-secvio.yaml# > +$schema: http://devicetree.org/meta-schemas/core.yaml# > + > +title: NXP i.MX Security Violation driver Violation detect driver > + > +maintainers: > + - Franck LENORMAND <franck.lenormand@nxp.com> > + > +description: | Needn't "|" > + Receive security violation from the SNVS via the SCU firmware. Allow to > + register notifier for additional processing > + > +properties: > + compatible: > + enum: > + - fsl,imx-sc-secvio > + > + nvmem: > + maxItems: 1 > + any interrupt defined? how do you notify such violation event? > +required: > + - compatible > + - nvmem > + > +additionalProperties: false > + > +examples: > + - | > + secvio { > + compatible = "fsl,imx-sc-secvio"; > + nvmem = <&ocotp>; > + }; > diff --git a/Documentation/devicetree/bindings/firmware/fsl,scu.yaml b/Documentation/devicetree/bindings/firmware/fsl,scu.yaml > index 557e524786c2..b40e127fdc88 100644 > --- a/Documentation/devicetree/bindings/firmware/fsl,scu.yaml > +++ b/Documentation/devicetree/bindings/firmware/fsl,scu.yaml > @@ -129,6 +129,11 @@ properties: > RTC controller provided by the SCU > $ref: /schemas/rtc/fsl,scu-rtc.yaml > > + secvio: > + description: > + Receive security violation from the SNVS via the SCU firmware > + $ref: /schemas/arm/freescale/fsl,scu-secvio.yaml > + > thermal-sensor: > description: > Thermal sensor provided by the SCU > @@ -197,6 +202,11 @@ examples: > compatible = "fsl,imx8qxp-sc-rtc"; > }; > > + secvio { > + compatible = "fsl,imx-sc-secvio"; > + nvmem = <&ocotp>; > + }; > + > keys { > compatible = "fsl,imx8qxp-sc-key", "fsl,imx-sc-key"; > linux,keycodes = <KEY_POWER>; > > -- > 2.25.1 >
On 09/05/2024 02:45, Vabhav Sharma wrote: > Document the secvio device tree bindings. > > The tampers are security feature available on i.MX products and > managed by SNVS block.The tamper goal is to detect the variation > of hardware or physical parameters, which can indicate an attack. > > The SNVS, which provides secure non-volatile storage, allows to > detect some hardware attacks against the SoC.They are connected > to the security-violation ports, which send an alert when an > out-of-range value is detected. > > The "imx-secvio-sc" module is designed to report security violations > and tamper triggering via SCU firmware to the user. > > Add the imx-scu secvio sub node and secvio sub node description. > > Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com> > Signed-off-by: Vabhav Sharma <vabhav.sharma@nxp.com> > --- That's not v1, right? What changed? Why do we have to guess this? This is thoroughly documented in kernel process so read the documentation before posting. > .../bindings/arm/freescale/fsl,scu-secvio.yaml | 35 ++++++++++++++++++++++ > .../devicetree/bindings/firmware/fsl,scu.yaml | 10 +++++++ > 2 files changed, 45 insertions(+) > > diff --git a/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml > new file mode 100644 > index 000000000000..30dc1e21f903 > --- /dev/null > +++ b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml > @@ -0,0 +1,35 @@ > +# SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) > +%YAML 1.2 > +--- > +$id: http://devicetree.org/schemas/arm/freescale/fsl,scu-secvio.yaml# > +$schema: http://devicetree.org/meta-schemas/core.yaml# > + > +title: NXP i.MX Security Violation driver Bindings are for hardware, not drivers. Describe hardware. > + > +maintainers: > + - Franck LENORMAND <franck.lenormand@nxp.com> > + > +description: | Do not need '|' unless you need to preserve formatting. > + Receive security violation from the SNVS via the SCU firmware. Allow to > + register notifier for additional processing Notifier? That's a Linux thing, how does it relate to the hardware? > + > +properties: > + compatible: > + enum: > + - fsl,imx-sc-secvio Missing SoC compatibles. So no, that's just abuse of DT to instantiate driver. NAK. Drop the binding. Best regards, Krzysztof
On 09/05/2024 05:06, Frank Li wrote: > On Thu, May 09, 2024 at 02:45:32AM +0200, Vabhav Sharma wrote: >> Document the secvio device tree bindings. > > reduntant sentence. >> >> The tampers are security feature available on i.MX products and >> managed by SNVS block.The tamper goal is to detect the variation > ^^ space here > >> of hardware or physical parameters, which can indicate an attack. >> >> The SNVS, which provides secure non-volatile storage, allows to >> detect some hardware attacks against the SoC.They are connected > ^^ space here >> to the security-violation ports, which send an alert when an >> out-of-range value is detected. >> >> The "imx-secvio-sc" module is designed to report security violations >> and tamper triggering via SCU firmware to the user. >> >> Add the imx-scu secvio sub node and secvio sub node description. >> >> Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com> >> Signed-off-by: Vabhav Sharma <vabhav.sharma@nxp.com> >> --- >> .../bindings/arm/freescale/fsl,scu-secvio.yaml | 35 ++++++++++++++++++++++ >> .../devicetree/bindings/firmware/fsl,scu.yaml | 10 +++++++ >> 2 files changed, 45 insertions(+) >> >> diff --git a/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml >> new file mode 100644 >> index 000000000000..30dc1e21f903 >> --- /dev/null >> +++ b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml >> @@ -0,0 +1,35 @@ >> +# SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) >> +%YAML 1.2 >> +--- >> +$id: http://devicetree.org/schemas/arm/freescale/fsl,scu-secvio.yaml# >> +$schema: http://devicetree.org/meta-schemas/core.yaml# >> + >> +title: NXP i.MX Security Violation driver > > Violation detect driver Bindings are not for drivers. Best regards, Krzysztof
diff --git a/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml new file mode 100644 index 000000000000..30dc1e21f903 --- /dev/null +++ b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml @@ -0,0 +1,35 @@ +# SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) +%YAML 1.2 +--- +$id: http://devicetree.org/schemas/arm/freescale/fsl,scu-secvio.yaml# +$schema: http://devicetree.org/meta-schemas/core.yaml# + +title: NXP i.MX Security Violation driver + +maintainers: + - Franck LENORMAND <franck.lenormand@nxp.com> + +description: | + Receive security violation from the SNVS via the SCU firmware. Allow to + register notifier for additional processing + +properties: + compatible: + enum: + - fsl,imx-sc-secvio + + nvmem: + maxItems: 1 + +required: + - compatible + - nvmem + +additionalProperties: false + +examples: + - | + secvio { + compatible = "fsl,imx-sc-secvio"; + nvmem = <&ocotp>; + }; diff --git a/Documentation/devicetree/bindings/firmware/fsl,scu.yaml b/Documentation/devicetree/bindings/firmware/fsl,scu.yaml index 557e524786c2..b40e127fdc88 100644 --- a/Documentation/devicetree/bindings/firmware/fsl,scu.yaml +++ b/Documentation/devicetree/bindings/firmware/fsl,scu.yaml @@ -129,6 +129,11 @@ properties: RTC controller provided by the SCU $ref: /schemas/rtc/fsl,scu-rtc.yaml + secvio: + description: + Receive security violation from the SNVS via the SCU firmware + $ref: /schemas/arm/freescale/fsl,scu-secvio.yaml + thermal-sensor: description: Thermal sensor provided by the SCU @@ -197,6 +202,11 @@ examples: compatible = "fsl,imx8qxp-sc-rtc"; }; + secvio { + compatible = "fsl,imx-sc-secvio"; + nvmem = <&ocotp>; + }; + keys { compatible = "fsl,imx8qxp-sc-key", "fsl,imx-sc-key"; linux,keycodes = <KEY_POWER>;