drivers: firmware: tisci: Add secure path support#101338
drivers: firmware: tisci: Add secure path support#101338aescolar merged 4 commits intozephyrproject-rtos:mainfrom
Conversation
zephyrbot
added
area: Devicetree Bindings
area: Firmware
area: Boards/SoCs
platform: TI SimpleLink
zephyrbot
requested review from
LaurentiuM1234,
bogdanovs,
jpanisbl,
vaishnavachath and
yongxu-wang15
Kronosblaster
force-pushed
the
tisci_fix
branch
from
35f700d to
e408c96
Compare
Kronosblaster
force-pushed
the
tisci_fix
branch
from
e408c96 to
1eaa1de
Compare
| struct tisci_data *data = dev->data; | ||
| const struct tisci_config *config = dev->config; | ||
|
|
||
| if (!config->is_secure && tisci_msg_requires_secure_path(msg_type)) { |
There was a problem hiding this comment.
Why are we having a block here, not to send a message on a non-secure path, its job of server to nack it. isn't it? Client driver should be dumb enough to send the message, if that so, then all the messages should go as its is there shouldn't be a need to differentiate secure and non-secure messages. If we are differentiating we are building a intelligence, that can be added to support both secure and non-secure pathways on the same driver. Isn't it?
There was a problem hiding this comment.
Resolving this comment, from a host perspective it can be either secure or non-secure, if non-secure we should not have secure messages sent out. The block seems okay in that perspective
There was a problem hiding this comment.
I agree with your original assessment, a host can either be secure or non-secure. If secure then all messages go over the secure channel, non-secure -> all over non-secure. The TI-SCI client should not have to know details about which messages are "secure" messages, if they are and the host is not, then TI-SCI firmware will simply reject the message and we will return the appropriate error.
Suggest removing patch 2 from this series.
There was a problem hiding this comment.
TISCI firmware doesnt reject the message. It silently drops it. This might lead to confusion if not blocked at send
There was a problem hiding this comment.
TISCI firmware not responding will result in a timeout waiting for the result which is treated as an error the same as a reject message.
Kronosblaster
force-pushed
the
tisci_fix
branch
2 times, most recently
from
c7c2809 to
af7060b
Compare
Kronosblaster
force-pushed
the
tisci_fix
branch
from
af7060b to
1eaad0d
Compare
zephyrbot
added
the
area: Devicetree Binding
|
| #define TISCI_MSG_ENTER_SLEEP 0x0301 | ||
|
|
||
| /* Clock requests */ | ||
| /* Security Messages */ |
There was a problem hiding this comment.
Why are these message ID's put up here, why not down below with other high numbered messages (0x9000 messages should go almost at the bottom of the list)
There was a problem hiding this comment.
These are still all out of order, why keep updating this series without first addressing my simple request to keep the definitions in numerical order?
| case TISCI_MSG_READ_KEYCNT_KEYREV: | ||
| case TISCI_MSG_KEY_WRITER: | ||
| case TISCI_MSG_WRITE_KEYREV: | ||
| case TISCI_MSG_ENTER_SLEEP: |
There was a problem hiding this comment.
If a message is secure the core should not have any reason to use that message to begin with. This list is info that shouldn't need to be stored over here in applications using TI-SCI. I'd suggest just dropping this check for now as it is holding up this series that otherwise would almost ready.
Kronosblaster
force-pushed
the
tisci_fix
branch
from
1eaad0d to
16cdcac
Compare
|
FYI got my eyes on this one but would like to see an ACK from TI before giving my +1 as everything here is TI-specific |
Kronosblaster
force-pushed
the
tisci_fix
branch
from
16cdcac to
57bdb00
Compare
Kronosblaster
force-pushed
the
tisci_fix
branch
from
57bdb00 to
fa8c0c1
Compare
| /* Skip secure header (if present) and copy tisci_msg_hdr + payload */ | ||
| memcpy(xfer->rx_message.buf, | ||
| (uint8_t *)data->rx_message.buf + rx_offset, | ||
| xfer->rx_message.size); |
There was a problem hiding this comment.
Why not just do this data move/shift up inside the if (config->is_secure) block, then you don't need to keep track of rx_offset. You could also just subtract out the secure header bytes from the xfer->rx_message.size at that point too so you can keep the old size check as it was (less churn).
Kronosblaster
force-pushed
the
tisci_fix
branch
2 times, most recently
from
6fb7ff4 to
8b9057f
Compare
- Add missing TISCI message type macros in tisci.h - Clean macro organisation - Add Secure indicator for message that require secure thread Signed-off-by: Dave Joseph <d-joseph@ti.com>
- Add ti,is-secure device tree property to indicate secure host entities - Add is_secure field in device config Signed-off-by: Dave Joseph <d-joseph@ti.com>
Add support for secure TISCI communication paths to enable message exchange with secure contexts on TI SoCs. - Add secure header wrapping for outbound messages on secure path - Add secure header parsing for inbound messages on secure path Signed-off-by: Dave Joseph <d-joseph@ti.com>
- Add proper semaphore cleanup in error paths where it was missing Signed-off-by: Dave Joseph <d-joseph@ti.com>
Kronosblaster
force-pushed
the
tisci_fix
branch
from
8b9057f to
3a1f337
Compare
|
6 participants
Summary
Add support for secure TISCI communication paths to enable usage of secure threads for communication.
Changes:
Testing
Change the host-id and thread ids in the core specific dt file and run the /tests/drivers/tisci