2015-10-21 16:34 GMT+02:00 James Morris jmorris@namei.org:
On Wed, 21 Oct 2015, Benjamin Gaignard wrote:
The outcome of the previous RFC about how do secure data path was the need of a secure memory allocator (https://lkml.org/lkml/2015/5/5/551)
Have you addressed all the questions raised by Alan here:
SMAF create /dev/smaf where all allocations could be done and is the owner of the dmabuf. Secure module is called to check permissions before that the CPU could access to the memory.
I hope this cover what Alan expected but I can't speak form him.
Also, is there any application of this beyond DRM?
If you don't use the secure part you can consider that SMAF is a central allocator with helpers to select the best allocator for your hardware devices. While SMAF doesn't rely on DRM concepts (crypto, CENC, keys etc...) we can use it outside this context but obviously it that been first designed for DRM uses cases.
- James
-- James Morris jmorris@namei.org