| Message ID | 20220126231237.529308-2-dbrazdil@google.com |
|---|---|
| State | Not Applicable, archived |
| Headers | show |
| Series | Driver for Open Profile for DICE | expand |
| Context | Check | Description |
|---|---|---|
| robh/checkpatch | success | |
| robh/dtbs-check | success | |
| robh/dt-meta-schema | success |
Hi Rob, On Wed, Jan 26, 2022 at 11:12:36PM +0000, David Brazdil wrote: > Add DeviceTree bindings for Open Profile for DICE, an open protocol for > measured boot. Firmware uses DICE to measure the hardware/software > combination and generates Compound Device Identifier (CDI) certificates. > These are stored in memory and the buffer is described in the DT as > a reserved memory region compatible with 'google,open-dice'. > > 'no-map' is required to ensure the memory region is never treated by > the kernel as system memory. > > Signed-off-by: David Brazdil <dbrazdil@google.com> > --- > .../reserved-memory/google,open-dice.yaml | 46 +++++++++++++++++++ > 1 file changed, 46 insertions(+) > create mode 100644 Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml > > diff --git a/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml b/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml > new file mode 100644 > index 000000000000..257a0b51994a > --- /dev/null > +++ b/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml > @@ -0,0 +1,46 @@ > +# SPDX-License-Identifier: GPL-2.0-only OR BSD-2-Clause > +%YAML 1.2 > +--- > +$id: http://devicetree.org/schemas/reserved-memory/google,open-dice.yaml# > +$schema: http://devicetree.org/meta-schemas/core.yaml# > + > +title: Open Profile for DICE Device Tree Bindings > + > +description: | > + This binding represents a reserved memory region containing data > + generated by the Open Profile for DICE protocol. > + > + See https://pigweed.googlesource.com/open-dice/ > + > +maintainers: > + - David Brazdil <dbrazdil@google.com> > + > +allOf: > + - $ref: "reserved-memory.yaml" > + > +properties: > + compatible: > + const: google,open-dice > + > + reg: > + description: page-aligned region of memory containing DICE data > + > +required: > + - compatible > + - reg > + - no-map You already gave this a Reviewed-by in v6. Just want to mention that I didn't pick it up because I added a required no-map here. It was always included in our DTs but I made it required because the kernel should never treat that region as system memory. The kernel will warn when the driver tries to wipe the memory otherwise. David
On Wed, Jan 26, 2022 at 11:19:08PM +0000, David Brazdil wrote: > Hi Rob, > > On Wed, Jan 26, 2022 at 11:12:36PM +0000, David Brazdil wrote: > > Add DeviceTree bindings for Open Profile for DICE, an open protocol for > > measured boot. Firmware uses DICE to measure the hardware/software > > combination and generates Compound Device Identifier (CDI) certificates. > > These are stored in memory and the buffer is described in the DT as > > a reserved memory region compatible with 'google,open-dice'. > > > > 'no-map' is required to ensure the memory region is never treated by > > the kernel as system memory. > > > > Signed-off-by: David Brazdil <dbrazdil@google.com> > > --- > > .../reserved-memory/google,open-dice.yaml | 46 +++++++++++++++++++ > > 1 file changed, 46 insertions(+) > > create mode 100644 Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml > > > > diff --git a/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml b/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml > > new file mode 100644 > > index 000000000000..257a0b51994a > > --- /dev/null > > +++ b/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml > > @@ -0,0 +1,46 @@ > > +# SPDX-License-Identifier: GPL-2.0-only OR BSD-2-Clause > > +%YAML 1.2 > > +--- > > +$id: http://devicetree.org/schemas/reserved-memory/google,open-dice.yaml# > > +$schema: http://devicetree.org/meta-schemas/core.yaml# > > + > > +title: Open Profile for DICE Device Tree Bindings > > + > > +description: | > > + This binding represents a reserved memory region containing data > > + generated by the Open Profile for DICE protocol. > > + > > + See https://pigweed.googlesource.com/open-dice/ > > + > > +maintainers: > > + - David Brazdil <dbrazdil@google.com> > > + > > +allOf: > > + - $ref: "reserved-memory.yaml" > > + > > +properties: > > + compatible: > > + const: google,open-dice > > + > > + reg: > > + description: page-aligned region of memory containing DICE data > > + > > +required: > > + - compatible > > + - reg > > + - no-map > > You already gave this a Reviewed-by in v6. Just want to mention that I > didn't pick it up because I added a required no-map here. It was always > included in our DTs but I made it required because the kernel should > never treat that region as system memory. The kernel will warn when the > driver tries to wipe the memory otherwise. That's small enough change to keep tags. Reviewed-by: Rob Herring <robh@kernel.org>
diff --git a/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml b/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml new file mode 100644 index 000000000000..257a0b51994a --- /dev/null +++ b/Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml @@ -0,0 +1,46 @@ +# SPDX-License-Identifier: GPL-2.0-only OR BSD-2-Clause +%YAML 1.2 +--- +$id: http://devicetree.org/schemas/reserved-memory/google,open-dice.yaml# +$schema: http://devicetree.org/meta-schemas/core.yaml# + +title: Open Profile for DICE Device Tree Bindings + +description: | + This binding represents a reserved memory region containing data + generated by the Open Profile for DICE protocol. + + See https://pigweed.googlesource.com/open-dice/ + +maintainers: + - David Brazdil <dbrazdil@google.com> + +allOf: + - $ref: "reserved-memory.yaml" + +properties: + compatible: + const: google,open-dice + + reg: + description: page-aligned region of memory containing DICE data + +required: + - compatible + - reg + - no-map + +unevaluatedProperties: false + +examples: + - | + reserved-memory { + #address-cells = <2>; + #size-cells = <1>; + + dice: dice@12340000 { + compatible = "google,open-dice"; + reg = <0x00 0x12340000 0x2000>; + no-map; + }; + };
Add DeviceTree bindings for Open Profile for DICE, an open protocol for measured boot. Firmware uses DICE to measure the hardware/software combination and generates Compound Device Identifier (CDI) certificates. These are stored in memory and the buffer is described in the DT as a reserved memory region compatible with 'google,open-dice'. 'no-map' is required to ensure the memory region is never treated by the kernel as system memory. Signed-off-by: David Brazdil <dbrazdil@google.com> --- .../reserved-memory/google,open-dice.yaml | 46 +++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml