<pre> Hi, Jason: On Tue, 2023-09-19 at 03:21 +0800, Jason-JH.Lin wrote: > For the Secure Video Path (SVP) feature, inculding the memory stored > secure video content, the registers of display HW pipeline and the > HW configure operations are required to execute in the secure world. > > So using a CMDQ secure driver to make all display HW registers > configuration secure DRAM access permision settings execute by GCE > secure thread in the secure world. > > We are landing this feature on mt8188 and mt8195 currently. I'm doubt that GCE could be secure enough. Hacker would try any way to hack TEE. If the interface is simple, it's easy to check in the interface entry. But GCE command has enormous combination, how to check it's not hacked? One example is that hacker could use cmdq_pkt_read_s() and cmdq_pkt_write_s() to do memory copy and send this packet to secure GCE. Could this memory copy touch secure memory? Or don't worry about this, once hacker find a way to break this, just find a way to fix it? > > Jason-JH.Lin (15): > dt-bindings: mailbox: Add property for CMDQ secure driver > dt-bindings: gce: mt8195: Add CMDQ_SYNC_TOKEN_SECURE_THR_EOF event > id > soc: mailbox: Add SPR definition for GCE > soc: mailbox: Add cmdq_pkt_logic_command to support math operation > mailbox: mediatek: Add cmdq_pkt_write_s_reg_value to CMDQ driver > mailbox: mediatek: Add cmdq_mbox_stop to disable GCE thread > mailbox: mediatek: Add loop pkt flag and irq handling for loop > command > soc: mediatek: Add cmdq_pkt_finalize_loop to CMDQ driver > mailbox: mediatek: Add secure CMDQ driver support for CMDQ driver > mailbox: mediatek: Add CMDQ secure mailbox driver > soc: mediatek: Add cmdq_insert_backup_cookie before EOC for secure > pkt > mailbox: mediatek: Add CMDQ driver support for mt8188 > mailbox: mediatek: Add mt8188 support for CMDQ secure driver > mailbox: mediatek: Add mt8195 support for CMDQ secure driver > arm64: dts: mediatek: mt8195: Add CMDQ secure driver support for > gce0 > > .../mailbox/mediatek,gce-mailbox.yaml | 30 +- > arch/arm64/boot/dts/mediatek/mt8195.dtsi | 2 + > drivers/mailbox/Makefile | 2 +- > drivers/mailbox/mtk-cmdq-mailbox.c | 67 +- > drivers/mailbox/mtk-cmdq-sec-mailbox.c | 1103 > +++++++++++++++++ > drivers/mailbox/mtk-cmdq-sec-tee.c | 202 +++ > drivers/soc/mediatek/mtk-cmdq-helper.c | 81 ++ > include/dt-bindings/gce/mt8195-gce.h | 6 + > include/linux/mailbox/mtk-cmdq-mailbox.h | 15 + > .../linux/mailbox/mtk-cmdq-sec-iwc-common.h | 293 +++++ > include/linux/mailbox/mtk-cmdq-sec-mailbox.h | 83 ++ > include/linux/mailbox/mtk-cmdq-sec-tee.h | 31 + > include/linux/soc/mediatek/mtk-cmdq.h | 65 + > 13 files changed, 1971 insertions(+), 9 deletions(-) > create mode 100644 drivers/mailbox/mtk-cmdq-sec-mailbox.c > create mode 100644 drivers/mailbox/mtk-cmdq-sec-tee.c > create mode 100644 include/linux/mailbox/mtk-cmdq-sec-iwc-common.h > create mode 100644 include/linux/mailbox/mtk-cmdq-sec-mailbox.h > create mode 100644 include/linux/mailbox/mtk-cmdq-sec-tee.h > </pre><pre>************* MEDIATEK Confidentiality Notice ******************** The information contained in this e-mail message (including any attachments) may be confidential, proprietary, privileged, or otherwise exempt from disclosure under applicable laws. It is intended to be conveyed only to the designated recipient(s). Any use, dissemination, distribution, printing, retaining or copying of this e-mail (including its attachments) by unintended recipient(s) is strictly prohibited and may be unlawful. If you are not an intended recipient of this e-mail, or believe that you have received this e-mail in error, please notify the sender immediately (by replying to this e-mail), delete any and all copies of this e-mail (including any attachments) from your system, and do not disclose the content of this e-mail to any other person. Thank you! </pre>