Re: [PATCH v2 2/4] dt-bindings: remoteproc: Add compatibility for TEE support
Hello Rob,
On 1/30/24 18:51, Rob Herring wrote:
> On Thu, Jan 18, 2024 at 11:04:31AM +0100, Arnaud Pouliquen wrote:
>> The "st,stm32mp1-m4-tee" compatible is utilized in a system configuration
>> where the Cortex-M4 firmware is loaded by the Trusted execution Environment
>> (TEE).
>> For instance, this compatible is used in both the Linux and OP-TEE
>> device-tree:
>> - In OP-TEE, a node is defined in the device tree with the
>> st,stm32mp1-m4-tee to support signed remoteproc firmware.
>> Based on DT properties, OP-TEE authenticates, loads, starts, and stops
>> the firmware.
>> - On Linux, when the compatibility is set, the Cortex-M resets should not
>> be declared in the device tree.
>>
>> Signed-off-by: Arnaud Pouliquen
>> ---
>> V1 to V2 updates
>> - update "st,stm32mp1-m4" compatible description to generalize
>> - remove the 'reset-names' requirement in one conditional branch, as the
>> property is already part of the condition test.
>> ---
>> .../bindings/remoteproc/st,stm32-rproc.yaml | 52 +++
>> 1 file changed, 43 insertions(+), 9 deletions(-)
>>
>> diff --git
>> a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml
>> b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml
>> index 370af61d8f28..6af821b15736 100644
>> --- a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml
>> +++ b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml
>> @@ -16,7 +16,12 @@ maintainers:
>>
>> properties:
>>compatible:
>> -const: st,stm32mp1-m4
>> +enum:
>> + - st,stm32mp1-m4
>> + - st,stm32mp1-m4-tee
>> +description:
>> + Use "st,stm32mp1-m4" for the Cortex-M4 coprocessor management by
>> non-secure context
>> + Use "st,stm32mp1-m4-tee" for the Cortex-M4 coprocessor management by
>> secure context
>>
>>reg:
>> description:
>> @@ -142,21 +147,40 @@ properties:
>> required:
>>- compatible
>>- reg
>> - - resets
>>
>> allOf:
>>- if:
>>properties:
>> -reset-names:
>> - not:
>> -contains:
>> - const: hold_boot
>> +compatible:
>> + contains:
>> +const: st,stm32mp1-m4
>> +then:
>> + if:
>> +properties:
>> + reset-names:
>> +not:
>> + contains:
>> +const: hold_boot
>
> Note that this is true when 'reset-names' is not present. If that is not
> desired, then you need 'required: [reset-names]'. Not really a new issue
> though.
>
Yes that corresponds to my expectation, for compatibility with legacy DT.
If the hold_boot reset was not used, reset-names was not mandatory
I will add the 'required: [reset-names]' in the else
Thanks,
Arnaud
>> + then:
>> +required:
>> + - st,syscfg-holdboot
>> + - resets
>> + else:
>> +properties:
>> + st,syscfg-holdboot: false
>> +required:
>> + - resets
>
> 'resets' is always required within the outer 'then' schema, so you can
> move this up a level.
>
>> +
>> + - if:
>> + properties:
>> +compatible:
>> + contains:
>> +const: st,stm32mp1-m4-tee
>> then:
>> - required:
>> -- st,syscfg-holdboot
>> -else:
>>properties:
>> st,syscfg-holdboot: false
>> +reset-names: false
>> +resets: false
>>
>> additionalProperties: false
>>
>> @@ -188,5 +212,15 @@ examples:
>>st,syscfg-rsc-tbl = < 0x144 0x>;
>>st,syscfg-m4-state = < 0x148 0x>;
>> };
>> + - |
>> +#include
>> +m4@1000 {
>> + compatible = "st,stm32mp1-m4-tee";
>> + reg = <0x1000 0x4>,
>> +<0x3000 0x4>,
>> +<0x3800 0x1>;
>> + st,syscfg-rsc-tbl = < 0x144 0x>;
>> + st,syscfg-m4-state = < 0x148 0x>;
>> +};
>>
>> ...
>> --
>> 2.25.1
>>
Re: [PATCH v2 2/4] dt-bindings: remoteproc: Add compatibility for TEE support
On Thu, Jan 18, 2024 at 11:04:31AM +0100, Arnaud Pouliquen wrote:
> The "st,stm32mp1-m4-tee" compatible is utilized in a system configuration
> where the Cortex-M4 firmware is loaded by the Trusted execution Environment
> (TEE).
> For instance, this compatible is used in both the Linux and OP-TEE
> device-tree:
> - In OP-TEE, a node is defined in the device tree with the
> st,stm32mp1-m4-tee to support signed remoteproc firmware.
> Based on DT properties, OP-TEE authenticates, loads, starts, and stops
> the firmware.
> - On Linux, when the compatibility is set, the Cortex-M resets should not
> be declared in the device tree.
>
> Signed-off-by: Arnaud Pouliquen
> ---
> V1 to V2 updates
> - update "st,stm32mp1-m4" compatible description to generalize
> - remove the 'reset-names' requirement in one conditional branch, as the
> property is already part of the condition test.
> ---
> .../bindings/remoteproc/st,stm32-rproc.yaml | 52 +++
> 1 file changed, 43 insertions(+), 9 deletions(-)
>
> diff --git a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml
> b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml
> index 370af61d8f28..6af821b15736 100644
> --- a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml
> +++ b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml
> @@ -16,7 +16,12 @@ maintainers:
>
> properties:
>compatible:
> -const: st,stm32mp1-m4
> +enum:
> + - st,stm32mp1-m4
> + - st,stm32mp1-m4-tee
> +description:
> + Use "st,stm32mp1-m4" for the Cortex-M4 coprocessor management by
> non-secure context
> + Use "st,stm32mp1-m4-tee" for the Cortex-M4 coprocessor management by
> secure context
>
>reg:
> description:
> @@ -142,21 +147,40 @@ properties:
> required:
>- compatible
>- reg
> - - resets
>
> allOf:
>- if:
>properties:
> -reset-names:
> - not:
> -contains:
> - const: hold_boot
> +compatible:
> + contains:
> +const: st,stm32mp1-m4
> +then:
> + if:
> +properties:
> + reset-names:
> +not:
> + contains:
> +const: hold_boot
Note that this is true when 'reset-names' is not present. If that is not
desired, then you need 'required: [reset-names]'. Not really a new issue
though.
> + then:
> +required:
> + - st,syscfg-holdboot
> + - resets
> + else:
> +properties:
> + st,syscfg-holdboot: false
> +required:
> + - resets
'resets' is always required within the outer 'then' schema, so you can
move this up a level.
> +
> + - if:
> + properties:
> +compatible:
> + contains:
> +const: st,stm32mp1-m4-tee
> then:
> - required:
> -- st,syscfg-holdboot
> -else:
>properties:
> st,syscfg-holdboot: false
> +reset-names: false
> +resets: false
>
> additionalProperties: false
>
> @@ -188,5 +212,15 @@ examples:
>st,syscfg-rsc-tbl = < 0x144 0x>;
>st,syscfg-m4-state = < 0x148 0x>;
> };
> + - |
> +#include
> +m4@1000 {
> + compatible = "st,stm32mp1-m4-tee";
> + reg = <0x1000 0x4>,
> +<0x3000 0x4>,
> +<0x3800 0x1>;
> + st,syscfg-rsc-tbl = < 0x144 0x>;
> + st,syscfg-m4-state = < 0x148 0x>;
> +};
>
> ...
> --
> 2.25.1
>
Re: [PATCH v2 2/4] dt-bindings: remoteproc: Add compatibility for TEE support
On Fri, Jan 26, 2024 at 12:03:25PM +0100, Krzysztof Kozlowski wrote: > On 18/01/2024 11:04, Arnaud Pouliquen wrote: > > The "st,stm32mp1-m4-tee" compatible is utilized in a system configuration > > where the Cortex-M4 firmware is loaded by the Trusted execution Environment > > (TEE). > > For instance, this compatible is used in both the Linux and OP-TEE > > device-tree: > > - In OP-TEE, a node is defined in the device tree with the > > st,stm32mp1-m4-tee to support signed remoteproc firmware. > > Based on DT properties, OP-TEE authenticates, loads, starts, and stops > > the firmware. > > - On Linux, when the compatibility is set, the Cortex-M resets should not > > be declared in the device tree. > > > > Signed-off-by: Arnaud Pouliquen > > --- > > V1 to V2 updates > > - update "st,stm32mp1-m4" compatible description to generalize > > - remove the 'reset-names' requirement in one conditional branch, as the > > property is already part of the condition test. > > --- > > .../bindings/remoteproc/st,stm32-rproc.yaml | 52 +++ > > 1 file changed, 43 insertions(+), 9 deletions(-) > > > > diff --git > > a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml > > b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml > > index 370af61d8f28..6af821b15736 100644 > > --- a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml > > +++ b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml > > @@ -16,7 +16,12 @@ maintainers: > > > > properties: > >compatible: > > -const: st,stm32mp1-m4 > > +enum: > > + - st,stm32mp1-m4 > > + - st,stm32mp1-m4-tee > > The patch looks good to me, but I wonder about this choice of two > compatibles. > > Basically this is the same hardware with the same interface, but two > compatibles to differentiate a bit different firmware setup. We have > already such cases for Qualcomm [1] [2] and new ones will be coming. [3] > > I wonder whether this should be rather the same compatible with > additional property, e.g. "st,tee-control" or "remote-control". > > [1] > https://elixir.bootlin.com/linux/v6.7.1/source/Documentation/devicetree/bindings/dma/qcom,bam-dma.yaml#L54 > > [2] > https://elixir.bootlin.com/linux/v6.7.1/source/Documentation/devicetree/bindings/net/qcom,ipa.yaml#L129 > (that's a bit different) > > [3] https://lore.kernel.org/linux-devicetree/20240124103623.GJ4906@thinkpad/ > > @Rob, > Any general guidance for this and Qualcomm? I think we have cases using compatible already as well. Either way is fine with me. Rob
Re: [PATCH v2 2/4] dt-bindings: remoteproc: Add compatibility for TEE support
Hello Krzysztof, On 1/26/24 12:03, Krzysztof Kozlowski wrote: > On 18/01/2024 11:04, Arnaud Pouliquen wrote: >> The "st,stm32mp1-m4-tee" compatible is utilized in a system configuration >> where the Cortex-M4 firmware is loaded by the Trusted execution Environment >> (TEE). >> For instance, this compatible is used in both the Linux and OP-TEE >> device-tree: >> - In OP-TEE, a node is defined in the device tree with the >> st,stm32mp1-m4-tee to support signed remoteproc firmware. >> Based on DT properties, OP-TEE authenticates, loads, starts, and stops >> the firmware. >> - On Linux, when the compatibility is set, the Cortex-M resets should not >> be declared in the device tree. >> >> Signed-off-by: Arnaud Pouliquen >> --- >> V1 to V2 updates >> - update "st,stm32mp1-m4" compatible description to generalize >> - remove the 'reset-names' requirement in one conditional branch, as the >> property is already part of the condition test. >> --- >> .../bindings/remoteproc/st,stm32-rproc.yaml | 52 +++ >> 1 file changed, 43 insertions(+), 9 deletions(-) >> >> diff --git >> a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml >> b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml >> index 370af61d8f28..6af821b15736 100644 >> --- a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml >> +++ b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml >> @@ -16,7 +16,12 @@ maintainers: >> >> properties: >>compatible: >> -const: st,stm32mp1-m4 >> +enum: >> + - st,stm32mp1-m4 >> + - st,stm32mp1-m4-tee > > The patch looks good to me, but I wonder about this choice of two > compatibles. > > Basically this is the same hardware with the same interface, but two > compatibles to differentiate a bit different firmware setup. We have > already such cases for Qualcomm [1] [2] and new ones will be coming. [3] > > I wonder whether this should be rather the same compatible with > additional property, e.g. "st,tee-control" or "remote-control". Yes the point is valid, I asked myself the question. I proposed a compatibility solution for one main reason. On the STM32MP15, if the firmware is loaded by Linux, no driver is probed in OP-TEE. But if the firmware is authenticated and loaded by OP-TEE, a Op-TEE driver is probed to manage memory access rights. The drawback of a property is that we would need to probe the OP-TEE driver for the STM32MP1 platform even if it is not used, just to check this property. Thanks, Arnaud > > [1] > https://elixir.bootlin.com/linux/v6.7.1/source/Documentation/devicetree/bindings/dma/qcom,bam-dma.yaml#L54 > > [2] > https://elixir.bootlin.com/linux/v6.7.1/source/Documentation/devicetree/bindings/net/qcom,ipa.yaml#L129 > (that's a bit different) > > [3] https://lore.kernel.org/linux-devicetree/20240124103623.GJ4906@thinkpad/ > > @Rob, > Any general guidance for this and Qualcomm? > > Best regards, > Krzysztof >
Re: [PATCH v2 2/4] dt-bindings: remoteproc: Add compatibility for TEE support
On 18/01/2024 11:04, Arnaud Pouliquen wrote: > The "st,stm32mp1-m4-tee" compatible is utilized in a system configuration > where the Cortex-M4 firmware is loaded by the Trusted execution Environment > (TEE). > For instance, this compatible is used in both the Linux and OP-TEE > device-tree: > - In OP-TEE, a node is defined in the device tree with the > st,stm32mp1-m4-tee to support signed remoteproc firmware. > Based on DT properties, OP-TEE authenticates, loads, starts, and stops > the firmware. > - On Linux, when the compatibility is set, the Cortex-M resets should not > be declared in the device tree. > > Signed-off-by: Arnaud Pouliquen > --- > V1 to V2 updates > - update "st,stm32mp1-m4" compatible description to generalize > - remove the 'reset-names' requirement in one conditional branch, as the > property is already part of the condition test. > --- > .../bindings/remoteproc/st,stm32-rproc.yaml | 52 +++ > 1 file changed, 43 insertions(+), 9 deletions(-) > > diff --git a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml > b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml > index 370af61d8f28..6af821b15736 100644 > --- a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml > +++ b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml > @@ -16,7 +16,12 @@ maintainers: > > properties: >compatible: > -const: st,stm32mp1-m4 > +enum: > + - st,stm32mp1-m4 > + - st,stm32mp1-m4-tee The patch looks good to me, but I wonder about this choice of two compatibles. Basically this is the same hardware with the same interface, but two compatibles to differentiate a bit different firmware setup. We have already such cases for Qualcomm [1] [2] and new ones will be coming. [3] I wonder whether this should be rather the same compatible with additional property, e.g. "st,tee-control" or "remote-control". [1] https://elixir.bootlin.com/linux/v6.7.1/source/Documentation/devicetree/bindings/dma/qcom,bam-dma.yaml#L54 [2] https://elixir.bootlin.com/linux/v6.7.1/source/Documentation/devicetree/bindings/net/qcom,ipa.yaml#L129 (that's a bit different) [3] https://lore.kernel.org/linux-devicetree/20240124103623.GJ4906@thinkpad/ @Rob, Any general guidance for this and Qualcomm? Best regards, Krzysztof
