diff mbox series

[v1,1/3] dt-bindings: soc: qcom: eud: Update compatible strings for eud

Message ID 20240807183205.803847-2-quic_molvera@quicinc.com
State New
Headers show
Series [v1,1/3] dt-bindings: soc: qcom: eud: Update compatible strings for eud | expand

Commit Message

Melody Olvera Aug. 7, 2024, 6:32 p.m. UTC
The EUD can more accurately be divided into two types; a secure type
which requires that certain registers be updated via scm call and a
nonsecure type which must access registers nonsecurely. Thus, change
the compatible strings to reflect secure and nonsecure eud usage.

Signed-off-by: Melody Olvera <quic_molvera@quicinc.com>
---
 Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

Comments

Krzysztof Kozlowski Aug. 8, 2024, 11 a.m. UTC | #1
On 07/08/2024 20:32, Melody Olvera wrote:
> The EUD can more accurately be divided into two types; a secure type
> which requires that certain registers be updated via scm call and a
> nonsecure type which must access registers nonsecurely. Thus, change
> the compatible strings to reflect secure and nonsecure eud usage.
> 
> Signed-off-by: Melody Olvera <quic_molvera@quicinc.com>
> ---
>  Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
> index f2c5ec7e6437..476f92768610 100644
> --- a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
> +++ b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
> @@ -17,8 +17,8 @@ properties:
>    compatible:
>      items:
>        - enum:
> -          - qcom,sc7280-eud
> -      - const: qcom,eud
> +          - qcom,secure-eud
> +          - qcom,eud

Commit msg did not explain me why DT bindings rules are avoided here and
you drop existing SoC specific compatible.

This really does not look like having any sense at all, I cannot come up
with logic behind dropping existing users. You could deprecate it, but
then why exactly this device should have exception from generic bindings
rule?


Best regards,
Krzysztof
Melody Olvera Aug. 13, 2024, 8:03 p.m. UTC | #2
On 8/8/2024 4:00 AM, Krzysztof Kozlowski wrote:
> On 07/08/2024 20:32, Melody Olvera wrote:
>> The EUD can more accurately be divided into two types; a secure type
>> which requires that certain registers be updated via scm call and a
>> nonsecure type which must access registers nonsecurely. Thus, change
>> the compatible strings to reflect secure and nonsecure eud usage.
>>
>> Signed-off-by: Melody Olvera <quic_molvera@quicinc.com>
>> ---
>>   Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml | 6 +++---
>>   1 file changed, 3 insertions(+), 3 deletions(-)
>>
>> diff --git a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>> index f2c5ec7e6437..476f92768610 100644
>> --- a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>> +++ b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>> @@ -17,8 +17,8 @@ properties:
>>     compatible:
>>       items:
>>         - enum:
>> -          - qcom,sc7280-eud
>> -      - const: qcom,eud
>> +          - qcom,secure-eud
>> +          - qcom,eud
> Commit msg did not explain me why DT bindings rules are avoided here and
> you drop existing SoC specific compatible.
>
> This really does not look like having any sense at all, I cannot come up
> with logic behind dropping existing users. You could deprecate it, but
> then why exactly this device should have exception from generic bindings
> rule?

Understood. I won't drop this compatible string. Is alright to add the 
additional compatible as is?

Thanks,
Melody
>
> Best regards,
> Krzysztof
>
Krzysztof Kozlowski Aug. 14, 2024, 6:15 a.m. UTC | #3
On 13/08/2024 22:03, Melody Olvera wrote:
> 
> 
> On 8/8/2024 4:00 AM, Krzysztof Kozlowski wrote:
>> On 07/08/2024 20:32, Melody Olvera wrote:
>>> The EUD can more accurately be divided into two types; a secure type
>>> which requires that certain registers be updated via scm call and a
>>> nonsecure type which must access registers nonsecurely. Thus, change
>>> the compatible strings to reflect secure and nonsecure eud usage.
>>>
>>> Signed-off-by: Melody Olvera <quic_molvera@quicinc.com>
>>> ---
>>>   Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml | 6 +++---
>>>   1 file changed, 3 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>> index f2c5ec7e6437..476f92768610 100644
>>> --- a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>> +++ b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>> @@ -17,8 +17,8 @@ properties:
>>>     compatible:
>>>       items:
>>>         - enum:
>>> -          - qcom,sc7280-eud
>>> -      - const: qcom,eud
>>> +          - qcom,secure-eud
>>> +          - qcom,eud
>> Commit msg did not explain me why DT bindings rules are avoided here and
>> you drop existing SoC specific compatible.
>>
>> This really does not look like having any sense at all, I cannot come up
>> with logic behind dropping existing users. You could deprecate it, but
>> then why exactly this device should have exception from generic bindings
>> rule?
> 
> Understood. I won't drop this compatible string. Is alright to add the 
> additional compatible as is?

You always need SoC specific compatible.

Best regards,
Krzysztof
Konrad Dybcio Aug. 14, 2024, 10:30 a.m. UTC | #4
On 14.08.2024 8:15 AM, Krzysztof Kozlowski wrote:
> On 13/08/2024 22:03, Melody Olvera wrote:
>>
>>
>> On 8/8/2024 4:00 AM, Krzysztof Kozlowski wrote:
>>> On 07/08/2024 20:32, Melody Olvera wrote:
>>>> The EUD can more accurately be divided into two types; a secure type
>>>> which requires that certain registers be updated via scm call and a
>>>> nonsecure type which must access registers nonsecurely. Thus, change
>>>> the compatible strings to reflect secure and nonsecure eud usage.
>>>>
>>>> Signed-off-by: Melody Olvera <quic_molvera@quicinc.com>
>>>> ---
>>>>   Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml | 6 +++---
>>>>   1 file changed, 3 insertions(+), 3 deletions(-)
>>>>
>>>> diff --git a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>> index f2c5ec7e6437..476f92768610 100644
>>>> --- a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>> +++ b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>> @@ -17,8 +17,8 @@ properties:
>>>>     compatible:
>>>>       items:
>>>>         - enum:
>>>> -          - qcom,sc7280-eud
>>>> -      - const: qcom,eud
>>>> +          - qcom,secure-eud
>>>> +          - qcom,eud
>>> Commit msg did not explain me why DT bindings rules are avoided here and
>>> you drop existing SoC specific compatible.
>>>
>>> This really does not look like having any sense at all, I cannot come up
>>> with logic behind dropping existing users. You could deprecate it, but
>>> then why exactly this device should have exception from generic bindings
>>> rule?
>>
>> Understood. I won't drop this compatible string. Is alright to add the 
>> additional compatible as is?
> 
> You always need SoC specific compatible.

Melody, is there any way to discover (that won't crash the board if we
guess wrong) whether secure accessors are needed?

Konrad
Melody Olvera Aug. 14, 2024, 5:20 p.m. UTC | #5
On 8/13/2024 11:15 PM, Krzysztof Kozlowski wrote:
> On 13/08/2024 22:03, Melody Olvera wrote:
>>
>> On 8/8/2024 4:00 AM, Krzysztof Kozlowski wrote:
>>> On 07/08/2024 20:32, Melody Olvera wrote:
>>>> The EUD can more accurately be divided into two types; a secure type
>>>> which requires that certain registers be updated via scm call and a
>>>> nonsecure type which must access registers nonsecurely. Thus, change
>>>> the compatible strings to reflect secure and nonsecure eud usage.
>>>>
>>>> Signed-off-by: Melody Olvera <quic_molvera@quicinc.com>
>>>> ---
>>>>    Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml | 6 +++---
>>>>    1 file changed, 3 insertions(+), 3 deletions(-)
>>>>
>>>> diff --git a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>> index f2c5ec7e6437..476f92768610 100644
>>>> --- a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>> +++ b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>> @@ -17,8 +17,8 @@ properties:
>>>>      compatible:
>>>>        items:
>>>>          - enum:
>>>> -          - qcom,sc7280-eud
>>>> -      - const: qcom,eud
>>>> +          - qcom,secure-eud
>>>> +          - qcom,eud
>>> Commit msg did not explain me why DT bindings rules are avoided here and
>>> you drop existing SoC specific compatible.
>>>
>>> This really does not look like having any sense at all, I cannot come up
>>> with logic behind dropping existing users. You could deprecate it, but
>>> then why exactly this device should have exception from generic bindings
>>> rule?
>> Understood. I won't drop this compatible string. Is alright to add the
>> additional compatible as is?
> You always need SoC specific compatible.

Got it. Will change to SoC specific then.


Thanks,
Melody
Melody Olvera Aug. 14, 2024, 5:33 p.m. UTC | #6
On 8/14/2024 3:30 AM, Konrad Dybcio wrote:
> On 14.08.2024 8:15 AM, Krzysztof Kozlowski wrote:
>> On 13/08/2024 22:03, Melody Olvera wrote:
>>>
>>> On 8/8/2024 4:00 AM, Krzysztof Kozlowski wrote:
>>>> On 07/08/2024 20:32, Melody Olvera wrote:
>>>>> The EUD can more accurately be divided into two types; a secure type
>>>>> which requires that certain registers be updated via scm call and a
>>>>> nonsecure type which must access registers nonsecurely. Thus, change
>>>>> the compatible strings to reflect secure and nonsecure eud usage.
>>>>>
>>>>> Signed-off-by: Melody Olvera <quic_molvera@quicinc.com>
>>>>> ---
>>>>>    Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml | 6 +++---
>>>>>    1 file changed, 3 insertions(+), 3 deletions(-)
>>>>>
>>>>> diff --git a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>>> index f2c5ec7e6437..476f92768610 100644
>>>>> --- a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>>> +++ b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>>> @@ -17,8 +17,8 @@ properties:
>>>>>      compatible:
>>>>>        items:
>>>>>          - enum:
>>>>> -          - qcom,sc7280-eud
>>>>> -      - const: qcom,eud
>>>>> +          - qcom,secure-eud
>>>>> +          - qcom,eud
>>>> Commit msg did not explain me why DT bindings rules are avoided here and
>>>> you drop existing SoC specific compatible.
>>>>
>>>> This really does not look like having any sense at all, I cannot come up
>>>> with logic behind dropping existing users. You could deprecate it, but
>>>> then why exactly this device should have exception from generic bindings
>>>> rule?
>>> Understood. I won't drop this compatible string. Is alright to add the
>>> additional compatible as is?
>> You always need SoC specific compatible.
> Melody, is there any way to discover (that won't crash the board if we
> guess wrong) whether secure accessors are needed?
>

Unfortunately, no. We considered several options, but none guarantee 
that we will avoid
a crash if we try non-securely. The secure call also won't give a 
specific error if it fails either
(for security reasons) so we can't know if a secure access failed 
because it's supposed to be
accessed non-securely or for another reason; hence this approach. If there's
another way to achieve this functionality that might be better, I'm all 
ears.

Thanks,
Melody
Konrad Dybcio Aug. 14, 2024, 8:25 p.m. UTC | #7
On 14.08.2024 7:33 PM, Melody Olvera wrote:
> 
> 
> On 8/14/2024 3:30 AM, Konrad Dybcio wrote:
>> On 14.08.2024 8:15 AM, Krzysztof Kozlowski wrote:
>>> On 13/08/2024 22:03, Melody Olvera wrote:
>>>>
>>>> On 8/8/2024 4:00 AM, Krzysztof Kozlowski wrote:
>>>>> On 07/08/2024 20:32, Melody Olvera wrote:
>>>>>> The EUD can more accurately be divided into two types; a secure type
>>>>>> which requires that certain registers be updated via scm call and a
>>>>>> nonsecure type which must access registers nonsecurely. Thus, change
>>>>>> the compatible strings to reflect secure and nonsecure eud usage.
>>>>>>
>>>>>> Signed-off-by: Melody Olvera <quic_molvera@quicinc.com>
>>>>>> ---
>>>>>>    Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml | 6 +++---
>>>>>>    1 file changed, 3 insertions(+), 3 deletions(-)
>>>>>>
>>>>>> diff --git a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>>>> index f2c5ec7e6437..476f92768610 100644
>>>>>> --- a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>>>> +++ b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
>>>>>> @@ -17,8 +17,8 @@ properties:
>>>>>>      compatible:
>>>>>>        items:
>>>>>>          - enum:
>>>>>> -          - qcom,sc7280-eud
>>>>>> -      - const: qcom,eud
>>>>>> +          - qcom,secure-eud
>>>>>> +          - qcom,eud
>>>>> Commit msg did not explain me why DT bindings rules are avoided here and
>>>>> you drop existing SoC specific compatible.
>>>>>
>>>>> This really does not look like having any sense at all, I cannot come up
>>>>> with logic behind dropping existing users. You could deprecate it, but
>>>>> then why exactly this device should have exception from generic bindings
>>>>> rule?
>>>> Understood. I won't drop this compatible string. Is alright to add the
>>>> additional compatible as is?
>>> You always need SoC specific compatible.
>> Melody, is there any way to discover (that won't crash the board if we
>> guess wrong) whether secure accessors are needed?
>>
> 
> Unfortunately, no. We considered several options, but none guarantee that we will avoid
> a crash if we try non-securely. The secure call also won't give a specific error if it fails either
> (for security reasons) so we can't know if a secure access failed because it's supposed to be
> accessed non-securely or for another reason; hence this approach. If there's
> another way to achieve this functionality that might be better, I'm all ears.

Can we read some fuse values and decide based on that?

Konrad
Trilok Soni Aug. 14, 2024, 10:09 p.m. UTC | #8
On 8/14/2024 1:25 PM, Konrad Dybcio wrote:
>> Unfortunately, no. We considered several options, but none guarantee that we will avoid
>> a crash if we try non-securely. The secure call also won't give a specific error if it fails either
>> (for security reasons) so we can't know if a secure access failed because it's supposed to be
>> accessed non-securely or for another reason; hence this approach. If there's
>> another way to achieve this functionality that might be better, I'm all ears.
> Can we read some fuse values and decide based on that?

In most of the cases, these fuse values are not allowed to be read
from the Linux, so that will be another problem. Melody can check
if there is any fuse values around here and possible to read them
through Linux.
Melody Olvera Aug. 20, 2024, 6:21 p.m. UTC | #9
On 8/14/2024 3:09 PM, Trilok Soni wrote:
> On 8/14/2024 1:25 PM, Konrad Dybcio wrote:
>>> Unfortunately, no. We considered several options, but none guarantee that we will avoid
>>> a crash if we try non-securely. The secure call also won't give a specific error if it fails either
>>> (for security reasons) so we can't know if a secure access failed because it's supposed to be
>>> accessed non-securely or for another reason; hence this approach. If there's
>>> another way to achieve this functionality that might be better, I'm all ears.
>> Can we read some fuse values and decide based on that?
> In most of the cases, these fuse values are not allowed to be read
> from the Linux, so that will be another problem. Melody can check
> if there is any fuse values around here and possible to read them
> through Linux.
>

I double-checked, but there really isn't any kind of fuse or anything we 
can read to determine
how we need to access these registers. I remembered checking before 
authoring these patches,
but I wanted to just make sure before responding here.

Thanks,
Melody
Konrad Dybcio Aug. 20, 2024, 7:19 p.m. UTC | #10
On 20.08.2024 8:21 PM, Melody Olvera wrote:
> 
> 
> On 8/14/2024 3:09 PM, Trilok Soni wrote:
>> On 8/14/2024 1:25 PM, Konrad Dybcio wrote:
>>>> Unfortunately, no. We considered several options, but none guarantee that we will avoid
>>>> a crash if we try non-securely. The secure call also won't give a specific error if it fails either
>>>> (for security reasons) so we can't know if a secure access failed because it's supposed to be
>>>> accessed non-securely or for another reason; hence this approach. If there's
>>>> another way to achieve this functionality that might be better, I'm all ears.
>>> Can we read some fuse values and decide based on that?
>> In most of the cases, these fuse values are not allowed to be read
>> from the Linux, so that will be another problem. Melody can check
>> if there is any fuse values around here and possible to read them
>> through Linux.
>>
> 
> I double-checked, but there really isn't any kind of fuse or anything we can read to determine
> how we need to access these registers. I remembered checking before authoring these patches,
> but I wanted to just make sure before responding here.

Well in that case I suppose a new compatible / property (please voice
your opinion Krzysztof) is necessary after all.. Thanks for making sure

Konrad
Krzysztof Kozlowski Aug. 21, 2024, 6:48 a.m. UTC | #11
On 20/08/2024 21:19, Konrad Dybcio wrote:
> On 20.08.2024 8:21 PM, Melody Olvera wrote:
>>
>>
>> On 8/14/2024 3:09 PM, Trilok Soni wrote:
>>> On 8/14/2024 1:25 PM, Konrad Dybcio wrote:
>>>>> Unfortunately, no. We considered several options, but none guarantee that we will avoid
>>>>> a crash if we try non-securely. The secure call also won't give a specific error if it fails either
>>>>> (for security reasons) so we can't know if a secure access failed because it's supposed to be
>>>>> accessed non-securely or for another reason; hence this approach. If there's
>>>>> another way to achieve this functionality that might be better, I'm all ears.
>>>> Can we read some fuse values and decide based on that?
>>> In most of the cases, these fuse values are not allowed to be read
>>> from the Linux, so that will be another problem. Melody can check
>>> if there is any fuse values around here and possible to read them
>>> through Linux.
>>>
>>
>> I double-checked, but there really isn't any kind of fuse or anything we can read to determine
>> how we need to access these registers. I remembered checking before authoring these patches,
>> but I wanted to just make sure before responding here.
> 
> Well in that case I suppose a new compatible / property (please voice
> your opinion Krzysztof) is necessary after all.. Thanks for making sure

You mean the "secure" part? Sure, I don't object that, although
(repeating as usual) I am not in favor of it in the first place, be
cause you should use only SoC compatibles.

The objection here was for dropping specific front compatible, without
any relevant explanation.

Best regards,
Krzysztof
Konrad Dybcio Aug. 21, 2024, 5:27 p.m. UTC | #12
On 21.08.2024 8:48 AM, Krzysztof Kozlowski wrote:
> On 20/08/2024 21:19, Konrad Dybcio wrote:
>> On 20.08.2024 8:21 PM, Melody Olvera wrote:
>>>
>>>
>>> On 8/14/2024 3:09 PM, Trilok Soni wrote:
>>>> On 8/14/2024 1:25 PM, Konrad Dybcio wrote:
>>>>>> Unfortunately, no. We considered several options, but none guarantee that we will avoid
>>>>>> a crash if we try non-securely. The secure call also won't give a specific error if it fails either
>>>>>> (for security reasons) so we can't know if a secure access failed because it's supposed to be
>>>>>> accessed non-securely or for another reason; hence this approach. If there's
>>>>>> another way to achieve this functionality that might be better, I'm all ears.
>>>>> Can we read some fuse values and decide based on that?
>>>> In most of the cases, these fuse values are not allowed to be read
>>>> from the Linux, so that will be another problem. Melody can check
>>>> if there is any fuse values around here and possible to read them
>>>> through Linux.
>>>>
>>>
>>> I double-checked, but there really isn't any kind of fuse or anything we can read to determine
>>> how we need to access these registers. I remembered checking before authoring these patches,
>>> but I wanted to just make sure before responding here.
>>
>> Well in that case I suppose a new compatible / property (please voice
>> your opinion Krzysztof) is necessary after all.. Thanks for making sure
> 
> You mean the "secure" part? Sure, I don't object that, although
> (repeating as usual) I am not in favor of it in the first place, be
> cause you should use only SoC compatibles.
> 
> The objection here was for dropping specific front compatible, without
> any relevant explanation.

Is EUD-non-secure in use on both Chrome and LA firmwares on 7280?

Konrad
diff mbox series

Patch

diff --git a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
index f2c5ec7e6437..476f92768610 100644
--- a/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
+++ b/Documentation/devicetree/bindings/soc/qcom/qcom,eud.yaml
@@ -17,8 +17,8 @@  properties:
   compatible:
     items:
       - enum:
-          - qcom,sc7280-eud
-      - const: qcom,eud
+          - qcom,secure-eud
+          - qcom,eud
 
   reg:
     items:
@@ -55,7 +55,7 @@  additionalProperties: false
 examples:
   - |
     eud@88e0000 {
-           compatible = "qcom,sc7280-eud", "qcom,eud";
+           compatible = "qcom,eud";
            reg = <0x88e0000 0x2000>,
                  <0x88e2000 0x1000>;