tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

dt-bindings: reserved-memory: Open Profile for DICE

Add DeviceTree bindings for Open Profile for DICE, an open protocol for
measured boot. Firmware uses DICE to measure the hardware/software
combination and generates Compound Device Identifier (CDI) certificates.
These are stored in memory and the buffer is described in the DT as
a reserved memory region compatible with 'google,open-dice'.

'no-map' is required to ensure the memory region is never treated by
the kernel as system memory.

Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: David Brazdil <dbrazdil@google.com>
Link: https://lore.kernel.org/r/20220126231237.529308-2-dbrazdil@google.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

authored by

David Brazdil and committed by
Greg Kroah-Hartman c194a386 ad10ab11

+46
+46
Documentation/devicetree/bindings/reserved-memory/google,open-dice.yaml
··· 1 + # SPDX-License-Identifier: GPL-2.0-only OR BSD-2-Clause 2 + %YAML 1.2 3 + --- 4 + $id: http://devicetree.org/schemas/reserved-memory/google,open-dice.yaml# 5 + $schema: http://devicetree.org/meta-schemas/core.yaml# 6 + 7 + title: Open Profile for DICE Device Tree Bindings 8 + 9 + description: | 10 + This binding represents a reserved memory region containing data 11 + generated by the Open Profile for DICE protocol. 12 + 13 + See https://pigweed.googlesource.com/open-dice/ 14 + 15 + maintainers: 16 + - David Brazdil <dbrazdil@google.com> 17 + 18 + allOf: 19 + - $ref: "reserved-memory.yaml" 20 + 21 + properties: 22 + compatible: 23 + const: google,open-dice 24 + 25 + reg: 26 + description: page-aligned region of memory containing DICE data 27 + 28 + required: 29 + - compatible 30 + - reg 31 + - no-map 32 + 33 + unevaluatedProperties: false 34 + 35 + examples: 36 + - | 37 + reserved-memory { 38 + #address-cells = <2>; 39 + #size-cells = <1>; 40 + 41 + dice: dice@12340000 { 42 + compatible = "google,open-dice"; 43 + reg = <0x00 0x12340000 0x2000>; 44 + no-map; 45 + }; 46 + };