From patchwork Wed Jan 26 23:12:35 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Brazdil X-Patchwork-Id: 1584708 Return-Path: X-Original-To: incoming-dt@patchwork.ozlabs.org Delivered-To: patchwork-incoming-dt@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.a=rsa-sha256 header.s=20210112 header.b=hsahS5MW; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=devicetree-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by bilbo.ozlabs.org (Postfix) with ESMTP id 4Jkfdd3vmJz9tT8 for ; Thu, 27 Jan 2022 10:12:53 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232698AbiAZXMw (ORCPT ); Wed, 26 Jan 2022 18:12:52 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39616 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232663AbiAZXMw (ORCPT ); Wed, 26 Jan 2022 18:12:52 -0500 Received: from mail-wm1-x34a.google.com (mail-wm1-x34a.google.com [IPv6:2a00:1450:4864:20::34a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A4F7BC06161C for ; Wed, 26 Jan 2022 15:12:51 -0800 (PST) Received: by mail-wm1-x34a.google.com with SMTP id z2-20020a05600c220200b0034d2eb95f27so620448wml.1 for ; Wed, 26 Jan 2022 15:12:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:message-id:mime-version:subject:from:to:cc; bh=afub0EKWar+O2rT5NV08msMQ7IULuTGawHMp/Eu85tE=; b=hsahS5MWP6ZfA+JAyGe1bUPWod8iHigb6InikUwozT7PtWvIgun8vHXH/GgrP0O/x+ UR0R7g9TQY3Xfpi0LdobYKyggOLAtnz4h6WAGX0eLtgOCehrLp1gfN/VAsJP8D9zNdWB G4LtUfz19VvgCVb1FuQ5px90e4l8JIirmyXEjviHq1QA5VQ7I5NqPgjuJTWJdh9nfKgX UtBcNQTKRTsYr7hEbb6gHpUPqO3PH7U7yUEr6ES04nfut1vpKs+/Qcf+7ZbLAa3Pa3UJ EmVGSSkAeFveLnnlpWUrugqHy7F2sooKa6j/ojMJlG7JFRkl3hFHGs+C9KGGKN2+Hb1N 1H0A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=afub0EKWar+O2rT5NV08msMQ7IULuTGawHMp/Eu85tE=; b=gea2e7YGqXisM4FivM+cKbYPg9HI9XtSEHVhlzGoH3qiK9yHwvhd0ivz5odwZ2+9u1 M46u7VnL5Xee6BX7/j4JL/eZ2VliNzHk0uVIqWL9s/P9W85C7ZXm0rfJVPFgApp343Q6 MmUp2gE3w8/z+Kued8i5sb0UpreTVRsdFZrFpt5XWt3f4BWXvNi0aifSqftEmcZM7ndm abeDbQd8rllSlCDiIBnKt0gXInMUxZNb/XqxnMzHMONDJzFROqUSKXcT1MsNYwWRYLBR qRSxCbX8ECWJu8B71NwI/RVZPwI6OqV7gCfFYyKJkaFP5OTlHiDNsMuZFtT3HL0vMCVl P9vQ== X-Gm-Message-State: AOAM531cEjTIiIc0TnETLDE0lPSDdU3d9NdcdrL1RAhZ8rF5xdkHQ2tV vyEF7qSYjHqNmcun7HIHmGZzTAIKxuNtUQ== X-Google-Smtp-Source: ABdhPJxnDtZBiuCtftlONEZOLUnkhNFDLji1bJlcK6soxOnHkC5B6Jr3BIEr6nv3uwlBp08PWvPuOp+kgZqyqA== X-Received: from dbrazdil.lon.corp.google.com ([2a00:79e0:d:209:bd2e:4d3b:b065:fa46]) (user=dbrazdil job=sendgmr) by 2002:a05:600c:68b:: with SMTP id a11mr451590wmn.1.1643238769937; Wed, 26 Jan 2022 15:12:49 -0800 (PST) Date: Wed, 26 Jan 2022 23:12:35 +0000 Message-Id: <20220126231237.529308-1-dbrazdil@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.35.0.rc0.227.g00780c9af4-goog Subject: [PATCH v7 0/2] Driver for Open Profile for DICE From: David Brazdil To: Greg Kroah-Hartman Cc: Rob Herring , Arnd Bergmann , Frank Rowand , David Brazdil , Will Deacon , Andrew Scull , Wedson Almeida Filho , devicetree@vger.kernel.org, linux-kernel@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: devicetree@vger.kernel.org Open Profile for DICE is an open protocol for measured boot compatible with the Trusted Computing Group's Device Identifier Composition Engine (DICE) specification. The generated Compound Device Identifier (CDI) certificates represent the measured hardware/software combination and can be used by userspace for remote attestation and sealing. This patchset adds DeviceTree bindings for the DICE device referencing a reserved memory region containing the CDIs, and a driver that exposes the memory region to userspace via a misc device. See https://pigweed.googlesource.com/open-dice for more details. The patches are based on top of v5.17-rc1 and can also be found here: https://android-kvm.googlesource.com/linux topic/dice_v7 Changes since v6: * replace spinlock with mutex because devm_memremap can sleep * prevent write+shared mapping via mprotect/mremap * fail gracefully when no instances found * no-map required in DT bindings to ensure mem region not treated as RAM Changes since v5: * replaced 'additionalProperties' with 'unevaluatedProperties' in DT YAML Changes since v4: * registered compatible in 'reserved_mem_matches' * removed unnecessary DT node, only reserved-memory * fixed typos in comments Changes since v3: * align with semantics of read/write * fix kerneldoc warnings * fix printf format warnings Changes since v2: * renamed from 'dice' to 'open-dice' * replaced ioctls with read/write * replaced memzero_explicit with memset * allowed multiple instances * expanded Kconfig description Changes since v1: * converted to miscdevice * all mappings now write-combine to simplify semantics * removed atomic state, any attempt at exclusive access * simplified wipe, applied on ioctl, not on release * fixed ioctl return value David Brazdil (2): dt-bindings: reserved-memory: Open Profile for DICE misc: open-dice: Add driver to expose DICE data to userspace .../reserved-memory/google,open-dice.yaml | 46 ++++ drivers/misc/Kconfig | 12 + drivers/misc/Makefile | 1 + drivers/misc/open-dice.c | 208 ++++++++++++++++++ drivers/of/platform.c | 1 + 5 files changed, 268 insertions(+) create mode 100644 Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml create mode 100644 drivers/misc/open-dice.c --- 2.35.0.rc0.227.g00780c9af4-goog