RE: [EXT] Re: [PATCH 1/4] dt-bindings: firmware: secvio: Add device tree bindings

From: Vabhav Sharma
Date: Fri Jun 07 2024 - 01:00:52 EST




> -----Original Message-----
> From: Krzysztof Kozlowski <krzk@xxxxxxxxxx>
> Sent: Thursday, May 9, 2024 11:24 AM
> To: Frank Li <frank.li@xxxxxxx>; Vabhav Sharma <vabhav.sharma@xxxxxxx>
> Cc: Rob Herring <robh@xxxxxxxxxx>; Krzysztof Kozlowski
> <krzk+dt@xxxxxxxxxx>; Conor Dooley <conor+dt@xxxxxxxxxx>; Franck
> Lenormand <franck.lenormand@xxxxxxx>; Aisheng Dong
> <aisheng.dong@xxxxxxx>; Shawn Guo <shawnguo@xxxxxxxxxx>; Sascha
> Hauer <s.hauer@xxxxxxxxxxxxxx>; Pengutronix Kernel Team
> <kernel@xxxxxxxxxxxxxx>; Fabio Estevam <festevam@xxxxxxxxx>; Peng Fan
> <peng.fan@xxxxxxx>; devicetree@xxxxxxxxxxxxxxx; linux-
> kernel@xxxxxxxxxxxxxxx; imx@xxxxxxxxxxxxxxx; linux-arm-
> kernel@xxxxxxxxxxxxxxxxxxx; Varun Sethi <V.Sethi@xxxxxxx>; Silvano Di Ninno
> <silvano.dininno@xxxxxxx>; Pankaj Gupta <pankaj.gupta@xxxxxxx>; Daniel
> Baluta <daniel.baluta@xxxxxxx>
> Subject: [EXT] Re: [PATCH 1/4] dt-bindings: firmware: secvio: Add device tree
> bindings
>
> Caution: This is an external email. Please take care when clicking links or
> opening attachments. When in doubt, report the message using the 'Report
> this email' button
>
>
> On 09/05/2024 05:06, Frank Li wrote:
> > On Thu, May 09, 2024 at 02:45:32AM +0200, Vabhav Sharma wrote:
> >> Document the secvio device tree bindings.
> >
> > reduntant sentence.
> >>
> >> The tampers are security feature available on i.MX products and
> >> managed by SNVS block.The tamper goal is to detect the variation
> > ^^ space here
> >
> >> of hardware or physical parameters, which can indicate an attack.
> >>
> >> The SNVS, which provides secure non-volatile storage, allows to
> >> detect some hardware attacks against the SoC.They are connected
> > ^^ space here
> >> to the security-violation ports, which send an alert when an
> >> out-of-range value is detected.
> >>
> >> The "imx-secvio-sc" module is designed to report security violations
> >> and tamper triggering via SCU firmware to the user.
> >>
> >> Add the imx-scu secvio sub node and secvio sub node description.
> >>
> >> Signed-off-by: Franck LENORMAND <franck.lenormand@xxxxxxx>
> >> Signed-off-by: Vabhav Sharma <vabhav.sharma@xxxxxxx>
> >> ---
> >> .../bindings/arm/freescale/fsl,scu-secvio.yaml | 35
> ++++++++++++++++++++++
> >> .../devicetree/bindings/firmware/fsl,scu.yaml | 10 +++++++
> >> 2 files changed, 45 insertions(+)
> >>
> >> diff --git
> >> a/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml
> >> b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.yaml
> >> new file mode 100644
> >> index 000000000000..30dc1e21f903
> >> --- /dev/null
> >> +++ b/Documentation/devicetree/bindings/arm/freescale/fsl,scu-secvio.
> >> +++ yaml
> >> @@ -0,0 +1,35 @@
> >> +# SPDX-License-Identifier: (GPL-2.0 OR BSD-2-Clause) %YAML 1.2
> >> +---
> >> +$id:
> >> +https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdev
> >> +icetree.org%2Fschemas%2Farm%2Ffreescale%2Ffsl%2Cscu-
> secvio.yaml%23&d
> >>
> +ata=05%7C02%7Cvabhav.sharma%40nxp.com%7C16a07379ee384ddc18f908
> dc6fec
> >>
> +75e7%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C63850830857
> 3434788
> >>
> +%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIi
> LCJBTiI
> >>
> +6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=MBhqXwhXIQjDb3A
> RdYJ4U5EXM
> >> +ryEy%2F9m5X6jGuNhHxo%3D&reserved=0
> >> +$schema:
> >> +https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdev
> >> +icetree.org%2Fmeta-
> schemas%2Fcore.yaml%23&data=05%7C02%7Cvabhav.shar
> >>
> +ma%40nxp.com%7C16a07379ee384ddc18f908dc6fec75e7%7C686ea1d3bc2
> b4c6fa9
> >>
> +2cd99c5c301635%7C0%7C0%7C638508308573446476%7CUnknown%7CTWF
> pbGZsb3d8
> >>
> +eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3
> D%7
> >>
> +C0%7C%7C%7C&sdata=m0RzUoVfr%2F2HkLlSOjhTq%2FQX3EM6ZAW7h5hQ
> Eidnc1g%3D
> >> +&reserved=0
> >> +
> >> +title: NXP i.MX Security Violation driver
> >
> > Violation detect driver
>
> Bindings are not for drivers.
This is security violation detection hardware exported through SCU firmware. I will detail the HW in the binding
>
> Best regards,
> Krzysztof