| Message ID | 20230305022119.1331495-4-luzmaximilian@gmail.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp1180684wrd;
Sat, 4 Mar 2023 18:22:18 -0800 (PST)
X-Google-Smtp-Source:
AK7set/eiCMw5Rz0Egm4i0IOdQPL8GbYxixFo+RBNjSsm92smFg7ivfT3OOXnaKjbSLM1TGhTCQr
X-Received: by 2002:a17:90b:4d8e:b0:231:10da:59fc with SMTP id
oj14-20020a17090b4d8e00b0023110da59fcmr6961288pjb.2.1677982937753;
Sat, 04 Mar 2023 18:22:17 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1677982937; cv=none;
d=google.com; s=arc-20160816;
b=IOIX9Jxt+TZxomy+qzkyfXQnz8VkECHUms/TWEVrXEfsQsnmbOYEwGv6FEYM1Yx9PE
V0sw+WeoN1D3/3Ocgul5b08gVO8D0NCDXnqmpIKhWNHivJUydrNx73whwwwv77u/6eL/
4z8uzN5o3oVQPWUGuntyuNe1fqmtOL2AGnAawSuNmOFXt95Na93VlvobkQiNS81BNjzJ
0YNUR2q2s8ZR6XEqGMD7iZ+iE4Nf1bPy6REmXq8MmfQMDuUT7DGrTulF0ABcHzjvJI49
pTqy5RcZHGzrFlguMz5VjWNk2YHtJSU30cF77Md8ro9wRrOfSPJ0g9ZCYMZ82lHiZWIe
aUeA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from
:dkim-signature;
bh=rhdfqbejCXAA/EEgTgeDfAkdEQU7utw6cEIkt9BYRg0=;
b=ASloAqodFBY6aMNHvSWFAAw6TWI8nKXmZ5ez5/Jk1wrbjwmv7IpFoN1GLbANovma3W
j5p9jIByXGTBQ+2KAIV/1SXZEBm6N1rUqRmijanuwX4zZ0bq1e66CapSMi8dCiCwKRiB
Pl46JEStA+N3KlGp+uaChJJtpqkKZGzCllazEmODhBg09W6zuyMwYUT65g95kMF9WxYn
kn3TIbqapeXjr+QAfk2W5JY7iGrRX0DplDKMNuiK+WYejMDUuweh3BSXe3k2nkiWbW06
ZOTrBsmAB6/C5Y2cBdDTG1/Bx18+upx77/+H4zcPse9mUaL6Ey2KxTYNsTAFppCfccjL
5vyA==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@gmail.com header.s=20210112 header.b=pLZx111x;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
mq11-20020a17090b380b00b002311ef542bdsi10031186pjb.103.2023.03.04.18.22.04;
Sat, 04 Mar 2023 18:22:17 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@gmail.com header.s=20210112 header.b=pLZx111x;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S229604AbjCECVi (ORCPT <rfc822;carlos.wei.hk@gmail.com>
+ 99 others); Sat, 4 Mar 2023 21:21:38 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57300 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S229567AbjCECVe (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Sat, 4 Mar 2023 21:21:34 -0500
Received: from mail-wm1-x32e.google.com (mail-wm1-x32e.google.com
[IPv6:2a00:1450:4864:20::32e])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E31B015550;
Sat, 4 Mar 2023 18:21:32 -0800 (PST)
Received: by mail-wm1-x32e.google.com with SMTP id k37so3744608wms.0;
Sat, 04 Mar 2023 18:21:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112; t=1677982891;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:from:to:cc:subject:date
:message-id:reply-to;
bh=rhdfqbejCXAA/EEgTgeDfAkdEQU7utw6cEIkt9BYRg0=;
b=pLZx111xGFqaYchgmdt+S5lOjPXQmmhMDMNtsSxR/FXBEIk4DhQK1uGKoEYlI9sbJs
FmD+9LolgrUt0Wjenln4mdxnuHP3a88ZtrPF02kjgfUpG9DyqKx3qk3437rN5zO2db2F
hvmHZm34diT0qSqjUFPxdW1qOnQ5TGXCUQ+8LrZUaXGBPRf8Txv5wrTFle+5paYURWrY
WpduxEdavR/3MxjDNxJSO0mSCoXRO6MIlSumkVXcv+cONTOAZgaj7ZqiYuOXrgm/0XpD
vXCJu6rMcuUxcx8jXA9Mnlwmljbx/Zyd+WWlabmpFc/PpR1yvG2yLUah/XlWZRwBw3uR
lwww==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112; t=1677982891;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
:subject:date:message-id:reply-to;
bh=rhdfqbejCXAA/EEgTgeDfAkdEQU7utw6cEIkt9BYRg0=;
b=x5zNGUmuZlzBofQrRbSjbx4gG0QKMgmhgvvrIlQ6ELgglGDc6qqiYj0JWjbWhLWB7Q
NoCjIi31B6m9NziKrrx/1bSl0ZpSrj0aowTcUX+cSKbzVw6YwoGxXvtvMiIUjqVLwm/p
U3AXHxS+2HMWGJB2iy/LU/YrVBOezNEb7fpVJdHBWlSO1oCPOL5ZytwggZT6o749dwtO
ZzER8lODP3QCQbqRR8/q5jUSYp5daNn+nFjEbYITy5uDBwB3wc69hPVrzogbUO0H5mQ4
4KkeojZYAiEl6Gw+ZsvVj+AFujxmcbFwIZvB9kGhDKQeYx109s+pEKMZ8CoR8GdFPeHU
qkEA==
X-Gm-Message-State: AO0yUKVz0LDh0hJ16+hJnrd9cS2ne0vEO7MPWqZEZ4nJlaOkBDoEQZYv
xbGSrGX2yJDt6eccCtEIg0Q=
X-Received: by 2002:a05:600c:524b:b0:3df:de28:f819 with SMTP id
fc11-20020a05600c524b00b003dfde28f819mr5654488wmb.15.1677982891256;
Sat, 04 Mar 2023 18:21:31 -0800 (PST)
Received: from xws.localdomain ([217.138.207.232])
by smtp.gmail.com with ESMTPSA id
k4-20020adfd844000000b002c57384dfe0sm6356451wrl.113.2023.03.04.18.21.30
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sat, 04 Mar 2023 18:21:30 -0800 (PST)
From: Maximilian Luz <luzmaximilian@gmail.com>
To: Bjorn Andersson <andersson@kernel.org>
Cc: Maximilian Luz <luzmaximilian@gmail.com>,
Andy Gross <agross@kernel.org>,
Konrad Dybcio <konrad.dybcio@linaro.org>,
Ard Biesheuvel <ardb@kernel.org>,
Rob Herring <robh+dt@kernel.org>,
Krzysztof Kozlowski <krzysztof.kozlowski+dt@linaro.org>,
Johan Hovold <johan@kernel.org>,
Sudeep Holla <sudeep.holla@arm.com>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Srinivas Kandagatla <srinivas.kandagatla@linaro.org>,
Sumit Garg <sumit.garg@linaro.org>,
Steev Klimaszewski <steev@kali.org>,
linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org,
devicetree@vger.kernel.org
Subject: [PATCH v3 3/4] dt-bindings: firmware: Add Qualcomm QSEECOM interface
Date: Sun, 5 Mar 2023 03:21:18 +0100
Message-Id: <20230305022119.1331495-4-luzmaximilian@gmail.com>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20230305022119.1331495-1-luzmaximilian@gmail.com>
References: <20230305022119.1331495-1-luzmaximilian@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,
RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1759492637156512693?=
X-GMAIL-MSGID: =?utf-8?q?1759492637156512693?=
|
| Series |
firmware: Add support for Qualcomm UEFI Secure Application
|
|
Commit Message
Maximilian Luz
March 5, 2023, 2:21 a.m. UTC
Add bindings for the Qualcomm Secure Execution Environment interface
(QSEECOM).
Signed-off-by: Maximilian Luz <luzmaximilian@gmail.com>
---
Changes in v3:
- None.
Changes in v2:
- Replaces uefisecapp bindings.
- Fix various dt-checker complaints.
---
.../bindings/firmware/qcom,qseecom.yaml | 49 +++++++++++++++++++
MAINTAINERS | 1 +
2 files changed, 50 insertions(+)
create mode 100644 Documentation/devicetree/bindings/firmware/qcom,qseecom.yaml
Comments
On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote: > Add bindings for the Qualcomm Secure Execution Environment interface > (QSEECOM). Pretty sure I already asked, but no answer in the commit message. Why do we need this? You've already declared the platform supports SCM calls with "qcom,scm". Why can't you probe whether you have QSEECOM or not? DT is for non-discoverable h/w we are stuck with. Why is software made non-discoverable too? Nodes with only a compatible string are usually just an abuse of DT to instantiate some driver. Rob
On 3/8/23 23:16, Rob Herring wrote: > On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote: >> Add bindings for the Qualcomm Secure Execution Environment interface >> (QSEECOM). > > Pretty sure I already asked, but no answer in the commit message. Why do > we need this? You've already declared the platform supports SCM calls > with "qcom,scm". Why can't you probe whether you have QSEECOM or not? DT > is for non-discoverable h/w we are stuck with. Yes, you've asked this before but I can only repeat what I've written in my last response to your question: I am not aware of any way to properly discover the interface at runtime from software. If it makes you happy, I can put this in the commit message as well... > Why is software made non-discoverable too? Please direct that question at the Qualcomm guys who actually designed that interface. I can't give you an answer to that, and I'm not all that happy about this either. To reiterate: I've reverse engineered this based on the Windows driver. The Windows driver loads on an ACPI HID and it doesn't use any function to check/verify whether the interface is actually present. Adding a DT entry is the straight-forward adaption to having a HID in ACPI. > Nodes with only a compatible string are usually just an abuse of DT to > instantiate some driver. If you or anyone here has any idea on how to discover the presence of this, please feel free to let me know and I'd be happy to implement that. Until then, I unfortunately don't see any other way of dealing with this. Regards, Max
On 09/03/2023 00:44, Maximilian Luz wrote: > On 3/8/23 23:16, Rob Herring wrote: >> On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote: >>> Add bindings for the Qualcomm Secure Execution Environment interface >>> (QSEECOM). >> >> Pretty sure I already asked, but no answer in the commit message. Why do >> we need this? You've already declared the platform supports SCM calls >> with "qcom,scm". Why can't you probe whether you have QSEECOM or not? DT >> is for non-discoverable h/w we are stuck with. > > Yes, you've asked this before but I can only repeat what I've written in > my last response to your question: I am not aware of any way to properly > discover the interface at runtime from software. > > If it makes you happy, I can put this in the commit message as well... > >> Why is software made non-discoverable too? > > Please direct that question at the Qualcomm guys who actually designed > that interface. I can't give you an answer to that, and I'm not all that > happy about this either. > > To reiterate: I've reverse engineered this based on the Windows driver. > The Windows driver loads on an ACPI HID and it doesn't use any function > to check/verify whether the interface is actually present. Adding a DT > entry is the straight-forward adaption to having a HID in ACPI. > >> Nodes with only a compatible string are usually just an abuse of DT to >> instantiate some driver. > > If you or anyone here has any idea on how to discover the presence of > this, please feel free to let me know and I'd be happy to implement > that. Until then, I unfortunately don't see any other way of dealing > with this. You can probably try requesting QSEECOM version. According to msm-3.18: uint32_t feature = 10; rc = qseecom_scm_call(6, 3, &feature, sizeof(feature), &resp, sizeof(resp)); pr_info("qseecom.qsee_version = 0x%x\n", resp.result); if (rc) { pr_err("Failed to get QSEE version info %d\n", rc); goto exit_del_cdev; }
On 3/9/23 02:33, Dmitry Baryshkov wrote: > On 09/03/2023 00:44, Maximilian Luz wrote: >> On 3/8/23 23:16, Rob Herring wrote: >>> On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote: >>>> Add bindings for the Qualcomm Secure Execution Environment interface >>>> (QSEECOM). >>> >>> Pretty sure I already asked, but no answer in the commit message. Why do >>> we need this? You've already declared the platform supports SCM calls >>> with "qcom,scm". Why can't you probe whether you have QSEECOM or not? DT >>> is for non-discoverable h/w we are stuck with. >> >> Yes, you've asked this before but I can only repeat what I've written in >> my last response to your question: I am not aware of any way to properly >> discover the interface at runtime from software. >> >> If it makes you happy, I can put this in the commit message as well... >> >>> Why is software made non-discoverable too? >> >> Please direct that question at the Qualcomm guys who actually designed >> that interface. I can't give you an answer to that, and I'm not all that >> happy about this either. >> >> To reiterate: I've reverse engineered this based on the Windows driver. >> The Windows driver loads on an ACPI HID and it doesn't use any function >> to check/verify whether the interface is actually present. Adding a DT >> entry is the straight-forward adaption to having a HID in ACPI. >> >>> Nodes with only a compatible string are usually just an abuse of DT to >>> instantiate some driver. >> >> If you or anyone here has any idea on how to discover the presence of >> this, please feel free to let me know and I'd be happy to implement >> that. Until then, I unfortunately don't see any other way of dealing >> with this. > > You can probably try requesting QSEECOM version. According to msm-3.18: > > uint32_t feature = 10; > > rc = qseecom_scm_call(6, 3, &feature, sizeof(feature), > &resp, sizeof(resp)); > pr_info("qseecom.qsee_version = 0x%x\n", resp.result); > if (rc) { > pr_err("Failed to get QSEE version info %d\n", rc); > goto exit_del_cdev; > } > Thanks! I'll give that a try. As I can't test this on a device that doesn't have qseecom, it would probably be a good idea if someone could test this on a device that has qcom_scm but no qseecom (if those even exist) to make sure this doesn't misbehave. Regards, Max
On 09/03/2023 04:27, Maximilian Luz wrote: > On 3/9/23 02:33, Dmitry Baryshkov wrote: >> On 09/03/2023 00:44, Maximilian Luz wrote: >>> On 3/8/23 23:16, Rob Herring wrote: >>>> On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote: >>>>> Add bindings for the Qualcomm Secure Execution Environment interface >>>>> (QSEECOM). >>>> >>>> Pretty sure I already asked, but no answer in the commit message. >>>> Why do >>>> we need this? You've already declared the platform supports SCM calls >>>> with "qcom,scm". Why can't you probe whether you have QSEECOM or >>>> not? DT >>>> is for non-discoverable h/w we are stuck with. >>> >>> Yes, you've asked this before but I can only repeat what I've written in >>> my last response to your question: I am not aware of any way to properly >>> discover the interface at runtime from software. >>> >>> If it makes you happy, I can put this in the commit message as well... >>> >>>> Why is software made non-discoverable too? >>> >>> Please direct that question at the Qualcomm guys who actually designed >>> that interface. I can't give you an answer to that, and I'm not all that >>> happy about this either. >>> >>> To reiterate: I've reverse engineered this based on the Windows driver. >>> The Windows driver loads on an ACPI HID and it doesn't use any function >>> to check/verify whether the interface is actually present. Adding a DT >>> entry is the straight-forward adaption to having a HID in ACPI. >>> >>>> Nodes with only a compatible string are usually just an abuse of DT to >>>> instantiate some driver. >>> >>> If you or anyone here has any idea on how to discover the presence of >>> this, please feel free to let me know and I'd be happy to implement >>> that. Until then, I unfortunately don't see any other way of dealing >>> with this. >> >> You can probably try requesting QSEECOM version. According to msm-3.18: >> >> uint32_t feature = 10; >> >> rc = qseecom_scm_call(6, 3, &feature, sizeof(feature), >> &resp, sizeof(resp)); >> pr_info("qseecom.qsee_version = 0x%x\n", resp.result); >> if (rc) { >> pr_err("Failed to get QSEE version info %d\n", rc); >> goto exit_del_cdev; >> } >> > > Thanks! I'll give that a try. > > As I can't test this on a device that doesn't have qseecom, it would > probably be a good idea if someone could test this on a device that has > qcom_scm but no qseecom (if those even exist) to make sure this doesn't > misbehave. I could not find a vendor dts which doesn't have the qseecom device (checked the source trees from 3.4 to the latest revisions).
On 3/9/23 09:19, Dmitry Baryshkov wrote: > On 09/03/2023 04:27, Maximilian Luz wrote: >> On 3/9/23 02:33, Dmitry Baryshkov wrote: >>> On 09/03/2023 00:44, Maximilian Luz wrote: >>>> On 3/8/23 23:16, Rob Herring wrote: >>>>> On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote: >>>>>> Add bindings for the Qualcomm Secure Execution Environment interface >>>>>> (QSEECOM). >>>>> >>>>> Pretty sure I already asked, but no answer in the commit message. Why do >>>>> we need this? You've already declared the platform supports SCM calls >>>>> with "qcom,scm". Why can't you probe whether you have QSEECOM or not? DT >>>>> is for non-discoverable h/w we are stuck with. >>>> >>>> Yes, you've asked this before but I can only repeat what I've written in >>>> my last response to your question: I am not aware of any way to properly >>>> discover the interface at runtime from software. >>>> >>>> If it makes you happy, I can put this in the commit message as well... >>>> >>>>> Why is software made non-discoverable too? >>>> >>>> Please direct that question at the Qualcomm guys who actually designed >>>> that interface. I can't give you an answer to that, and I'm not all that >>>> happy about this either. >>>> >>>> To reiterate: I've reverse engineered this based on the Windows driver. >>>> The Windows driver loads on an ACPI HID and it doesn't use any function >>>> to check/verify whether the interface is actually present. Adding a DT >>>> entry is the straight-forward adaption to having a HID in ACPI. >>>> >>>>> Nodes with only a compatible string are usually just an abuse of DT to >>>>> instantiate some driver. >>>> >>>> If you or anyone here has any idea on how to discover the presence of >>>> this, please feel free to let me know and I'd be happy to implement >>>> that. Until then, I unfortunately don't see any other way of dealing >>>> with this. >>> >>> You can probably try requesting QSEECOM version. According to msm-3.18: >>> >>> uint32_t feature = 10; >>> >>> rc = qseecom_scm_call(6, 3, &feature, sizeof(feature), >>> &resp, sizeof(resp)); >>> pr_info("qseecom.qsee_version = 0x%x\n", resp.result); >>> if (rc) { >>> pr_err("Failed to get QSEE version info %d\n", rc); >>> goto exit_del_cdev; >>> } >>> >> >> Thanks! I'll give that a try. >> >> As I can't test this on a device that doesn't have qseecom, it would >> probably be a good idea if someone could test this on a device that has >> qcom_scm but no qseecom (if those even exist) to make sure this doesn't >> misbehave. > > I could not find a vendor dts which doesn't have the qseecom device (checked the source trees from 3.4 to the latest revisions). > Thanks for checking! So that only leaves one potential issue: The re-entrant/blocking calls not being handled at the moment. If we detect qseecom based on the version and then try to query the app ID, we could get some devices that use those. I'm not sure what the consequences there are, i.e. if we're potentially blocking something else if one of those calls blocks on such devices. Is there any way we can detect this beforehand? The current proposal isn't very good at handling that either as it assumes that this depends on the SoC generation (which it probably doesn't). So I guess one possibility is to make the list of app-names to be checked SoC specific as well. That at least limits the scope somewhat. Maybe you have some other ideas? Regards, Max
On Thu, 9 Mar 2023 at 22:34, Maximilian Luz <luzmaximilian@gmail.com> wrote: > > On 3/9/23 09:19, Dmitry Baryshkov wrote: > > On 09/03/2023 04:27, Maximilian Luz wrote: > >> On 3/9/23 02:33, Dmitry Baryshkov wrote: > >>> On 09/03/2023 00:44, Maximilian Luz wrote: > >>>> On 3/8/23 23:16, Rob Herring wrote: > >>>>> On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote: > >>>>>> Add bindings for the Qualcomm Secure Execution Environment interface > >>>>>> (QSEECOM). > >>>>> > >>>>> Pretty sure I already asked, but no answer in the commit message. Why do > >>>>> we need this? You've already declared the platform supports SCM calls > >>>>> with "qcom,scm". Why can't you probe whether you have QSEECOM or not? DT > >>>>> is for non-discoverable h/w we are stuck with. > >>>> > >>>> Yes, you've asked this before but I can only repeat what I've written in > >>>> my last response to your question: I am not aware of any way to properly > >>>> discover the interface at runtime from software. > >>>> > >>>> If it makes you happy, I can put this in the commit message as well... > >>>> > >>>>> Why is software made non-discoverable too? > >>>> > >>>> Please direct that question at the Qualcomm guys who actually designed > >>>> that interface. I can't give you an answer to that, and I'm not all that > >>>> happy about this either. > >>>> > >>>> To reiterate: I've reverse engineered this based on the Windows driver. > >>>> The Windows driver loads on an ACPI HID and it doesn't use any function > >>>> to check/verify whether the interface is actually present. Adding a DT > >>>> entry is the straight-forward adaption to having a HID in ACPI. > >>>> > >>>>> Nodes with only a compatible string are usually just an abuse of DT to > >>>>> instantiate some driver. > >>>> > >>>> If you or anyone here has any idea on how to discover the presence of > >>>> this, please feel free to let me know and I'd be happy to implement > >>>> that. Until then, I unfortunately don't see any other way of dealing > >>>> with this. > >>> > >>> You can probably try requesting QSEECOM version. According to msm-3.18: > >>> > >>> uint32_t feature = 10; > >>> > >>> rc = qseecom_scm_call(6, 3, &feature, sizeof(feature), > >>> &resp, sizeof(resp)); > >>> pr_info("qseecom.qsee_version = 0x%x\n", resp.result); > >>> if (rc) { > >>> pr_err("Failed to get QSEE version info %d\n", rc); > >>> goto exit_del_cdev; > >>> } > >>> > >> > >> Thanks! I'll give that a try. > >> > >> As I can't test this on a device that doesn't have qseecom, it would > >> probably be a good idea if someone could test this on a device that has > >> qcom_scm but no qseecom (if those even exist) to make sure this doesn't > >> misbehave. > > > > I could not find a vendor dts which doesn't have the qseecom device (checked the source trees from 3.4 to the latest revisions). > > > > Thanks for checking! > > So that only leaves one potential issue: The re-entrant/blocking calls > not being handled at the moment. If we detect qseecom based on the > version and then try to query the app ID, we could get some devices that > use those. > > I'm not sure what the consequences there are, i.e. if we're potentially > blocking something else if one of those calls blocks on such devices. Is > there any way we can detect this beforehand? Unfortunately I don't know. > > The current proposal isn't very good at handling that either as it > assumes that this depends on the SoC generation (which it probably > doesn't). So I guess one possibility is to make the list of app-names to > be checked SoC specific as well. That at least limits the scope > somewhat. Maybe you have some other ideas? As long as it doesn't concern the external interfaces, it sounds fine with me. Let's get the first implementation in, then we can expand and extend the details/implementation.
On 08/03/2023 23:44, Maximilian Luz wrote: > On 3/8/23 23:16, Rob Herring wrote: >> On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote: >>> Add bindings for the Qualcomm Secure Execution Environment interface >>> (QSEECOM). >> >> Pretty sure I already asked, but no answer in the commit message. Why do >> we need this? You've already declared the platform supports SCM calls >> with "qcom,scm". Why can't you probe whether you have QSEECOM or not? DT >> is for non-discoverable h/w we are stuck with. > > Yes, you've asked this before but I can only repeat what I've written in > my last response to your question: I am not aware of any way to properly > discover the interface at runtime from software. > > If it makes you happy, I can put this in the commit message as well... Yes, please, because commit msg should answer to "why we are doing this", when this is not obvious. If the reviewer asks the same twice it means it is not obvious. > >> Why is software made non-discoverable too? > > Please direct that question at the Qualcomm guys who actually designed > that interface. I can't give you an answer to that, and I'm not all that > happy about this either. > > To reiterate: I've reverse engineered this based on the Windows driver. > The Windows driver loads on an ACPI HID and it doesn't use any function > to check/verify whether the interface is actually present. Adding a DT > entry is the straight-forward adaption to having a HID in ACPI. Best regards, Krzysztof
On Thu, Mar 09, 2023 at 03:27:01AM +0100, Maximilian Luz wrote: > On 3/9/23 02:33, Dmitry Baryshkov wrote: > > On 09/03/2023 00:44, Maximilian Luz wrote: > > > On 3/8/23 23:16, Rob Herring wrote: > > > > On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote: > > > > > Add bindings for the Qualcomm Secure Execution Environment interface > > > > > (QSEECOM). > > > > > > > > Pretty sure I already asked, but no answer in the commit message. Why do > > > > we need this? You've already declared the platform supports SCM calls > > > > with "qcom,scm". Why can't you probe whether you have QSEECOM or not? DT > > > > is for non-discoverable h/w we are stuck with. > > > > > > Yes, you've asked this before but I can only repeat what I've written in > > > my last response to your question: I am not aware of any way to properly > > > discover the interface at runtime from software. > > > > > > If it makes you happy, I can put this in the commit message as well... > > > > > > > Why is software made non-discoverable too? > > > > > > Please direct that question at the Qualcomm guys who actually designed > > > that interface. I can't give you an answer to that, and I'm not all that > > > happy about this either. > > > > > > To reiterate: I've reverse engineered this based on the Windows driver. > > > The Windows driver loads on an ACPI HID and it doesn't use any function > > > to check/verify whether the interface is actually present. Adding a DT > > > entry is the straight-forward adaption to having a HID in ACPI. > > > > > > > Nodes with only a compatible string are usually just an abuse of DT to > > > > instantiate some driver. > > > > > > If you or anyone here has any idea on how to discover the presence of > > > this, please feel free to let me know and I'd be happy to implement > > > that. Until then, I unfortunately don't see any other way of dealing > > > with this. > > > > You can probably try requesting QSEECOM version. According to msm-3.18: > > > > uint32_t feature = 10; > > > > rc = qseecom_scm_call(6, 3, &feature, sizeof(feature), > > &resp, sizeof(resp)); > > pr_info("qseecom.qsee_version = 0x%x\n", resp.result); > > if (rc) { > > pr_err("Failed to get QSEE version info %d\n", rc); > > goto exit_del_cdev; > > } > > > > Thanks! I'll give that a try. > > As I can't test this on a device that doesn't have qseecom, it would > probably be a good idea if someone could test this on a device that has > qcom_scm but no qseecom (if those even exist) to make sure this doesn't > misbehave. > TBH, this has been going in round for quite sometime. We have been asking you to depend on existing platform compatible + a query or a check on the version. Since you do have a platform that is working, we can start making it min "qseecom.qsee_version" supported and then adjust the version based on the testing or the requirement. What do you think ?
On 5/2/23 10:38, Sudeep Holla wrote: > On Thu, Mar 09, 2023 at 03:27:01AM +0100, Maximilian Luz wrote: >> On 3/9/23 02:33, Dmitry Baryshkov wrote: >>> On 09/03/2023 00:44, Maximilian Luz wrote: >>>> On 3/8/23 23:16, Rob Herring wrote: >>>>> On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote: >>>>>> Add bindings for the Qualcomm Secure Execution Environment interface >>>>>> (QSEECOM). >>>>> >>>>> Pretty sure I already asked, but no answer in the commit message. Why do >>>>> we need this? You've already declared the platform supports SCM calls >>>>> with "qcom,scm". Why can't you probe whether you have QSEECOM or not? DT >>>>> is for non-discoverable h/w we are stuck with. >>>> >>>> Yes, you've asked this before but I can only repeat what I've written in >>>> my last response to your question: I am not aware of any way to properly >>>> discover the interface at runtime from software. >>>> >>>> If it makes you happy, I can put this in the commit message as well... >>>> >>>>> Why is software made non-discoverable too? >>>> >>>> Please direct that question at the Qualcomm guys who actually designed >>>> that interface. I can't give you an answer to that, and I'm not all that >>>> happy about this either. >>>> >>>> To reiterate: I've reverse engineered this based on the Windows driver. >>>> The Windows driver loads on an ACPI HID and it doesn't use any function >>>> to check/verify whether the interface is actually present. Adding a DT >>>> entry is the straight-forward adaption to having a HID in ACPI. >>>> >>>>> Nodes with only a compatible string are usually just an abuse of DT to >>>>> instantiate some driver. >>>> >>>> If you or anyone here has any idea on how to discover the presence of >>>> this, please feel free to let me know and I'd be happy to implement >>>> that. Until then, I unfortunately don't see any other way of dealing >>>> with this. >>> >>> You can probably try requesting QSEECOM version. According to msm-3.18: >>> >>> uint32_t feature = 10; >>> >>> rc = qseecom_scm_call(6, 3, &feature, sizeof(feature), >>> &resp, sizeof(resp)); >>> pr_info("qseecom.qsee_version = 0x%x\n", resp.result); >>> if (rc) { >>> pr_err("Failed to get QSEE version info %d\n", rc); >>> goto exit_del_cdev; >>> } >>> >> >> Thanks! I'll give that a try. >> >> As I can't test this on a device that doesn't have qseecom, it would >> probably be a good idea if someone could test this on a device that has >> qcom_scm but no qseecom (if those even exist) to make sure this doesn't >> misbehave. >> > > TBH, this has been going in round for quite sometime. We have been asking > you to depend on existing platform compatible + a query or a check on the > version. Since you do have a platform that is working, we can start making > it min "qseecom.qsee_version" supported and then adjust the version based > on the testing or the requirement. What do you think ? Sure, I will add a minimum version check to that. Regards, Max
On 5/2/23 10:31, Krzysztof Kozlowski wrote: > On 08/03/2023 23:44, Maximilian Luz wrote: >> On 3/8/23 23:16, Rob Herring wrote: >>> On Sun, Mar 05, 2023 at 03:21:18AM +0100, Maximilian Luz wrote: >>>> Add bindings for the Qualcomm Secure Execution Environment interface >>>> (QSEECOM). >>> >>> Pretty sure I already asked, but no answer in the commit message. Why do >>> we need this? You've already declared the platform supports SCM calls >>> with "qcom,scm". Why can't you probe whether you have QSEECOM or not? DT >>> is for non-discoverable h/w we are stuck with. >> >> Yes, you've asked this before but I can only repeat what I've written in >> my last response to your question: I am not aware of any way to properly >> discover the interface at runtime from software. >> >> If it makes you happy, I can put this in the commit message as well... > > Yes, please, because commit msg should answer to "why we are doing > this", when this is not obvious. If the reviewer asks the same twice it > means it is not obvious. Thanks. Hopefully I can manage to tie that (reliably) to qcom,scm and we don't need the specific compatible for v4 any more. I will try to be more descriptive for the next set of patches though. Regards, Max
diff --git a/Documentation/devicetree/bindings/firmware/qcom,qseecom.yaml b/Documentation/devicetree/bindings/firmware/qcom,qseecom.yaml new file mode 100644 index 000000000000..540a604f81bc --- /dev/null +++ b/Documentation/devicetree/bindings/firmware/qcom,qseecom.yaml @@ -0,0 +1,49 @@ +# SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) +%YAML 1.2 +--- +$id: http://devicetree.org/schemas/firmware/qcom,qseecom.yaml# +$schema: http://devicetree.org/meta-schemas/core.yaml# + +title: Qualcomm Secure Execution Environment Communication Interface + +maintainers: + - Maximilian Luz <luzmaximilian@gmail.com> + +description: | + QSEECOM provides an interface to Qualcomm's Secure Execution Environment + (SEE) running in the Trust Zone via SCM calls. In particular, it allows + communication with secure applications running therein. + + Applications running in this environment can, for example, include + 'uefisecapp', which is required for accessing UEFI variables on certain + systems as these cannot be accessed directly. + +properties: + compatible: + items: + - enum: + - qcom,qseecom-sc8280xp + - const: qcom,qseecom + + qcom,scm: + $ref: '/schemas/types.yaml#/definitions/phandle' + description: + A phandle pointing to the QCOM SCM device (see ./qcom,scm.yaml). + +required: + - compatible + - qcom,scm + +additionalProperties: false + +examples: + - | + firmware { + scm { + compatible = "qcom,scm-sc8280xp", "qcom,scm"; + }; + qseecom { + compatible = "qcom,qseecom-sc8280xp", "qcom,qseecom"; + qcom,scm = <&scm>; + }; + }; diff --git a/MAINTAINERS b/MAINTAINERS index 1545914a592c..ef1f806986e9 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -17384,6 +17384,7 @@ QUALCOMM SECURE EXECUTION ENVIRONMENT COMMUNICATION DRIVER M: Maximilian Luz <luzmaximilian@gmail.com> L: linux-arm-msm@vger.kernel.org S: Maintained +F: Documentation/devicetree/bindings/firmware/qcom,qseecom.yaml F: drivers/firmware/qcom_qseecom.c F: include/linux/firmware/qcom/qcom_qseecom.h