- TF-A - lists.trustedfirmware.org

by François Ozog

On Thu, 11 Jun 2020 at 23:42, Varun Wadekar via TF-A < tf-a(a)lists.trustedfirmware.org> wrote: > Hello Matteo, > > Apologies for still using an outdated term. I have trained myself to get > used to "TF-A" - looks like I am still not there. > > >> The idea has also been just raised to the Trusted Firmware project > Board for initial consideration and we will be all very keen to understand > how much interest there is from the wider TF-A community of adopters and > external (non-Arm) maintainers > > That is good to hear. For the exact scope, I think we can assume the usual > expectations from any LTS software stack - stability, performance, > security, bug fixes along with maintenance support. We are open to > discussing the cadence and any other operational commitments. > > @Francois, from the description of Trusted Substrate looks like you also > expect the sub-projects to provide LTS versions for the project as a whole > to succeed (?) > > Yes. I assume relevant tf.org projects decide to branch LTSes so that we can extend the scope to selected OP-TEE TAs for the Trusted Substrate LTS and may be extend duration of support for the tf.org LTSes. (just to make sure: this is just early open thinking to understand what it would mean to build such a service on the Linaro side should there be tf.org LTSes). -Varun > > > -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Matteo > Carlini via TF-A > Sent: Thursday, June 11, 2020 4:25 AM > To: tf-a(a)lists.trustedfirmware.org > Subject: Re: [TF-A] ATF LTS version > > External email: Use caution opening links or attachments > > > Hi Francois, > > > I'd be happy to know more about what you see as TFA LTS: exact scope, > number of versions, duration, operational commitments (zero-day...). > > Do you have other firmware LTS needs? > > Agree. That’s precisely what I was hinting to Varun, when mentioning > concrete requirements for the LTS scheme. > > > Trusted Substrate is the aggregation of { TFA, OP-TEE, some TEE apps > such as firmwareTPM, U-Boot }. > > Trusted Substrate effort is led by Linaro members and is going to be set > up as a more open project. > > First time I heard about it. Good to know, but I guess we'll need to > discuss the intersection and collaboration with the Trusted Firmware > project at some point. > Having a LTS versioning scheme for the Trusted Firmware hosted projects > should be theoretically either in the scope of the Project itself or, if > the Board agrees, appointed to some other project/entity. > > > Our end goal is to enable unified, transactional, robust (anti-bricking, > anti rollback) UEFI OTA on both U-Boot and EDK2. > > Fair, but IMHO this has little to do with Arm Secure world software LTS > releases (TF-A/Hafnium/OP-TEE/TAs, TF-M)...probably best to discuss aside, > this is not in scope of what Varun is raising. > > Thanks > Matteo > > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > -- François-Frédéric Ozog | *Director Linaro Edge & Fog Computing Group* T: +33.67221.6485 francois.ozog(a)linaro.org | Skype: ffozog

4 years, 9 months

2
2
0 0

Test message please ignore

by Bill Fletcher

.

4 years, 9 months

1
0
0 0

TF-A Tech Forum Agenda @ Thr 10th September 2020 16:00-1700 BST

by Joanna Farley

Hi All, The next TF-A Tech Forum is scheduled for Thu 10th September 2020 16:00 – 17:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. Agenda: * Proposal for a LTS (Long Term Support) Release Option for TF-A * Presented by Varun Wadekar * Long-term support is a lifecycle management policy in which a stable release is maintained for a period of time * Optional TF-A Mailing List Topic Discussions If TF-A contributors have anything they wish to present at any future TF-A tech forum please contact me to have that scheduled. Previous sessions, both recording and presentation material can be found on the trustedfirmware.org TF-A Technical meeting webpage: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/ A scheduling tracking page is also available to help track sessions suggested and being prepared: https://developer.trustedfirmware.org/w/tf_a/tf-a-tech-forum-scheduling/ Final decisions on what will be presented will be shared a few days before the next meeting and shared on the TF-A mailing list. Thanks Joanna

4 years, 9 months

1
0
0 0

Re: [TF-A] GCC compiler option to support "xpaci" instruction

by Olivier Deprez

Hi again, After further check, it looks gcc 9.2 already supports the appropriate option. Maybe you missed ARM_ARCH_MINOR on the build command line depending on whether you need PAuth (Armv8.3) and/or BTI (Armv8.5). BRANCH_PROTECTION=2 or 3 => need ARM_ARCH_MINOR=3 (at least) BRANCH_PROTECTION=1 or 4 => need ARM_ARCH_MINOR=5 Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Olivier Deprez via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 03 September 2020 09:47 To: Kalyani Chidambaram Vaidyanathan; tf-a(a)lists.trustedfirmware.org; Varun Wadekar Subject: Re: [TF-A] GCC compiler option to support "xpaci" instruction Hi Kalyani, According to https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/build-op… you need a compiler supporting the -mbranch-protection option. This seems to be the case from gcc 9.3 onwards: https://gcc.gnu.org/onlinedocs/gcc-9.3.0/gcc/AArch64-Options.html#AArch64-O… Notice a GCC10.2 cross-compiler release is planned by end of this year according to this page: https://community.arm.com/developer/tools-software/tools/b/tools-software-i… Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Varun Wadekar via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 03 September 2020 04:08 To: Kalyani Chidambaram Vaidyanathan; tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] GCC compiler option to support "xpaci" instruction <Dummy response to get the email through to the mailing list> From: Kalyani Chidambaram Vaidyanathan <kalyanic(a)nvidia.com> Sent: Wednesday, September 2, 2020 3:43 PM To: tf-a(a)lists.trustedfirmware.org Cc: Varun Wadekar <vwadekar(a)nvidia.com> Subject: GCC compiler option to support "xpaci" instruction Hi, We are using gcc-arm-9.2 toolchain and see that this is not supporting the “xpaci” instruction. Is there any compiler flag that has to be included to support this? Reference code that uses “xpaci” when PAUTH is enabled - https://github.com/ARM-software/arm-trusted-firmware/blob/master/bl31/aarch… Thanks, Kalyani -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 9 months

1
0
0 0

Re: [TF-A] GCC compiler option to support "xpaci" instruction

by Olivier Deprez

Hi Kalyani, According to https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/build-op… you need a compiler supporting the -mbranch-protection option. This seems to be the case from gcc 9.3 onwards: https://gcc.gnu.org/onlinedocs/gcc-9.3.0/gcc/AArch64-Options.html#AArch64-O… Notice a GCC10.2 cross-compiler release is planned by end of this year according to this page: https://community.arm.com/developer/tools-software/tools/b/tools-software-i… Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Varun Wadekar via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 03 September 2020 04:08 To: Kalyani Chidambaram Vaidyanathan; tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] GCC compiler option to support "xpaci" instruction <Dummy response to get the email through to the mailing list> From: Kalyani Chidambaram Vaidyanathan <kalyanic(a)nvidia.com> Sent: Wednesday, September 2, 2020 3:43 PM To: tf-a(a)lists.trustedfirmware.org Cc: Varun Wadekar <vwadekar(a)nvidia.com> Subject: GCC compiler option to support "xpaci" instruction Hi, We are using gcc-arm-9.2 toolchain and see that this is not supporting the “xpaci” instruction. Is there any compiler flag that has to be included to support this? Reference code that uses “xpaci” when PAUTH is enabled - https://github.com/ARM-software/arm-trusted-firmware/blob/master/bl31/aarch… Thanks, Kalyani

4 years, 9 months

1
0
0 0

Re: [TF-A] GCC compiler option to support "xpaci" instruction

by Varun Wadekar

<Dummy response to get the email through to the mailing list> From: Kalyani Chidambaram Vaidyanathan <kalyanic(a)nvidia.com> Sent: Wednesday, September 2, 2020 3:43 PM To: tf-a(a)lists.trustedfirmware.org Cc: Varun Wadekar <vwadekar(a)nvidia.com> Subject: GCC compiler option to support "xpaci" instruction Hi, We are using gcc-arm-9.2 toolchain and see that this is not supporting the "xpaci" instruction. Is there any compiler flag that has to be included to support this? Reference code that uses "xpaci" when PAUTH is enabled - https://github.com/ARM-software/arm-trusted-firmware/blob/master/bl31/aarch… Thanks, Kalyani

4 years, 9 months

1
0
0 0

List of issues with Cactus as SPMC on pre-8.4 CPUs

by Varun Wadekar

Hi @Olivier<mailto:Olivier.Deprez@arm.com>, We have been trying to use Cactus as SPMC on Tegra194 (pre 8.4) platforms and have faced the following issues. 1. Cactus_main.c - During cold boot, Cactus checks if the ffa-id for the instance of Cactus == SPM_VM_ID_FIRST. It issues FFA_ID_GET SMC to TF-A which returns the spmc_id in return. But on pre-8.4 platforms the value does not match SPM_VM_ID_FIRST and so the system assumes that the device is running on a post-8.4 CPU. The problem is that TF-A returns the spmc_id for this SMC, which seems incorrect. I don't understand why Cactus needs to know its own VM_ID on pre-8.4 CPUs. Can we assume that only one SPMC can run on pre-8.4? 2. Cactus_ffa_tests.c - The ` ffa_partition_info_get_test` incorrectly queries the partition info for secondary and tertiary VMs on pre-8.4 CPUs. 3. In general the boot tests that execute within Cactus seem incorrect to me. Some tests expect the presence of a non-secure world payload, which is not available at this point in the boot. This leads to numerous crashes and asserts during boot. 4. Cactus incorrectly uses a hard-coded address 0x7300000 as the RX/TX memory base. It should be using a platform defined value instead. We do not support this memory address on Tegra194. 5. The debug UART in Cactus needs rework too. Right now, it only supports PL011 as the UART driver. 6. TF-A SPMD forwards some SMCs to the non-secure world without checking if a non-secure world payload exists. This causes crashes during cold boot. Please let me know if you have commits for any or all of these issues. We have some WIP commits that we can push to gerrit for review, if required. Thoughts? -Varun

4 years, 9 months

2
2
0 0

question about tf-a spec

by chen feng

Hello arm expects, While reading the tf-a spec about the section "3.5.1 Register state". It described that "The MMU must be disabled for a partition that does not run in S-EL0". Does this mean that the S-EL1 SP need to create their own page table and enable the MMU itself. I wonder in this way, it is not very friendly to a SP developer. Since the SP can be a verify simple binary, maybe a single driver which can benefited from the isolation from other partitions. So in the pointer of developing a single driver. I think it do not need to care about the MMU configuration. It will be more friendly to be as easy as developing a user-land binary. The SPMC(SEL2) can do this configure for the SEL1's page-tables and enable MMU for SEL1 before jump into the SP. So I want to discuss here to understand the meaning behind it. Cheers, Feng

4 years, 9 months

3
8
0 0

Re: [TF-A] [query] sbsa level 3 spec: non secure watchdog WS1 handling at EL3

by Sandeep Tripathy

Hi Dan, On Thu, Aug 27, 2020 at 8:31 PM Dan Handley via TF-A <tf-a(a)lists.trustedfirmware.org> wrote: > > Hi Sandeep > > > > Arm development platforms that have an SBSA secure watchdog like N1SDP do not register an interrupt handler for the WS0 signal. They simply wait for the WS1 signal, which is fed to a higher agent (in this case the System Control Processor), which resets the platform. > There is no explicit watchdog interrupt handling functionality in TF-A. > what happens to non secure sbsa WS1 ? That is the case for Secure sbsa WS1. NS WS0 ----> EL1 X (optional) but linux already implements it . NS WS1 ----> EL3 X TF-A Do not handle it. Hence the patch. Not handling it altogether is not an option I guess. S WS0 -------> EL3 X (optional) . Platform might want to log this condition. S WS1 ----------------------------------------> handled by a higher agent. > > > If your platform does not have a higher agent that handles WS1 then I guess you could add a handler in TF-A as you suggest in your code snippet, though I'm not sure if the maintainers would want this in generic SBSA code. Also, I don't see why you need both callback(s) and the explicit call to psci_systrem_reset2(), when presumably the callback(s) would do the latter. > Platform callback can optionally do more things like some logging. Ultimately 'system_reset2' seems to be the thing everyone would like to do as part of action. Then to reduce duplicate code we can have at one place. > > > > Q1- What happens if core is stuck and interrupts are not taken. > > It's rare for EL3 interrupts not to be taken when the core is stuck, unless an EL3 exception handler itself is stuck, in which case I'm not sure there's much you can do. That's why it's good to have a higher agent. > The rare lockup of core where it's not able to respond (not the software ones) requires some other agent to detect and reset/recover the system. Linux watchdog (ns sbsa WS1) will go unnoticed in such cases. ie. even if the watchdog hardware detected the lockup and indicated by WS0 then WS1 .. both were not acted upon. If it were the secure watchdog then no issues. > > > > Or it has to be registered as a RAS priority exception. > > I don't think that would help, unless the system was flooded with higher priority exceptions that prevented the watchdog handler from running. > > > > Regards > > > Dan. > > > > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Sandeep Tripathy via TF-A > Sent: 27 August 2020 12:14 > To: tf-a(a)lists.trustedfirmware.org > Subject: [TF-A] [query] sbsa level 3 spec: non secure watchdog WS1 handling at EL3 > > > > Hi, > > Based on sbsa spec for level-3 firmware specification watchdog signals NS WS1 and S WS0 to be handled at EL3 firmware. > > I have some query on how TF-A plans to implement this. > > > > Ref: Excerpt DEN0029D_SBSA_6.0 https://developer.arm.com/documentation/den0029/d/?lang=en > > 3.2.3 Watchdogs The required behavior of watchdog signal 1 of the Non-secure watchdog is modified in level 3– firmware and is required to be routed as an SPI to the GIC. It is expected that this SPI be configured as an EL3 interrupt, directly targeting a single PE. A system compatible with level 3- firmware must implement a second watchdog, and is referred to as the Secure watchdog. It must have both its register frames mapped in the Secure memory address space and must not be aliased to the Non-secure address space. Watchdog Signal 0 of the Secure watchdog must be routed as an SPI to the GIC and it is expected this will be configured as an EL3 interrupt, directly targeting a single PE. > > > > Q1- What happens if core is stuck and interrupts are not taken. Non-secure watchdog will expire and ultimately results in a WS1 which is also not taken as the core is not responding. > > If WS1 were to another subsystem (eg: SCP) then it would take action. > > In current scheme is it the secure sbsa wdg expected to detect such hang ? > > > > Q2- How to handle sbsa watchdog interrupt at EL3. Please suggest if I should make a patch in following approach to start with. Or it has to be registered as a RAS priority exception. > > > > diff --git a/drivers/arm/sbsa/sbsa.c b/drivers/arm/sbsa/sbsa.c > > index 79c6f26..9683ef8 100644 > > --- a/drivers/arm/sbsa/sbsa.c > > +++ b/drivers/arm/sbsa/sbsa.c > > @@ -40,3 +40,26 @@ > > + > > +#define weak plat_sbsa_nt_wdog_ws1_handle > > +#define weak plat_sbsa_t_wdog_ws0_handle > > +void sbsa_wdog_handler(int id) > > +{ > > + if (id == SBSA_NT_WDG_WS1_INT) { > > + /* PUBLISH_EVENT */ > > + plat_sbsa_nt_wdog_ws1_handle(); > > + } else if (id == SBSA_T_WDG_WS0_INT) { > > + /* PUBLISH_EVENT */ > > + plat_sbsa_t_wdog_ws0_handle(); > > + } > > + /* EOI and reset , log what else */ > > + psci_systrem_reset2(); > > +} > > + > > +void sbsa_wdog_hander_init(void) > > +{ > > +#if EXCEPTION_HANDLING_FRAMEWORK > > + ehf_register_priority_handler(SBSA_WDG_PRI, sbsa_wdog_handler); > > +#endif > > +} > > > > Thanks > > Sandeep > > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a Thanks Sandeep

4 years, 9 months

2
1
0 0

Re: [TF-A] [query] sbsa level 3 spec: non secure watchdog WS1 handling at EL3

by Dan Handley

Hi Sandeep Arm development platforms that have an SBSA secure watchdog like N1SDP do not register an interrupt handler for the WS0 signal. They simply wait for the WS1 signal, which is fed to a higher agent (in this case the System Control Processor), which resets the platform. There is no explicit watchdog interrupt handling functionality in TF-A. If your platform does not have a higher agent that handles WS1 then I guess you could add a handler in TF-A as you suggest in your code snippet, though I'm not sure if the maintainers would want this in generic SBSA code. Also, I don't see why you need both callback(s) and the explicit call to psci_systrem_reset2(), when presumably the callback(s) would do the latter. > Q1- What happens if core is stuck and interrupts are not taken. It's rare for EL3 interrupts not to be taken when the core is stuck, unless an EL3 exception handler itself is stuck, in which case I'm not sure there's much you can do. That's why it's good to have a higher agent. > Or it has to be registered as a RAS priority exception. I don't think that would help, unless the system was flooded with higher priority exceptions that prevented the watchdog handler from running. Regards Dan. From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Sandeep Tripathy via TF-A Sent: 27 August 2020 12:14 To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] [query] sbsa level 3 spec: non secure watchdog WS1 handling at EL3 Hi, Based on sbsa spec for level-3 firmware specification watchdog signals NS WS1 and S WS0 to be handled at EL3 firmware. I have some query on how TF-A plans to implement this. Ref: Excerpt DEN0029D_SBSA_6.0 https://developer.arm.com/documentation/den0029/d/?lang=en 3.2.3 Watchdogs The required behavior of watchdog signal 1 of the Non-secure watchdog is modified in level 3– firmware and is required to be routed as an SPI to the GIC. It is expected that this SPI be configured as an EL3 interrupt, directly targeting a single PE. A system compatible with level 3- firmware must implement a second watchdog, and is referred to as the Secure watchdog. It must have both its register frames mapped in the Secure memory address space and must not be aliased to the Non-secure address space. Watchdog Signal 0 of the Secure watchdog must be routed as an SPI to the GIC and it is expected this will be configured as an EL3 interrupt, directly targeting a single PE. Q1- What happens if core is stuck and interrupts are not taken. Non-secure watchdog will expire and ultimately results in a WS1 which is also not taken as the core is not responding. If WS1 were to another subsystem (eg: SCP) then it would take action. In current scheme is it the secure sbsa wdg expected to detect such hang ? Q2- How to handle sbsa watchdog interrupt at EL3. Please suggest if I should make a patch in following approach to start with. Or it has to be registered as a RAS priority exception. diff --git a/drivers/arm/sbsa/sbsa.c b/drivers/arm/sbsa/sbsa.c index 79c6f26..9683ef8 100644 --- a/drivers/arm/sbsa/sbsa.c +++ b/drivers/arm/sbsa/sbsa.c @@ -40,3 +40,26 @@ + +#define weak plat_sbsa_nt_wdog_ws1_handle +#define weak plat_sbsa_t_wdog_ws0_handle +void sbsa_wdog_handler(int id) +{ + if (id == SBSA_NT_WDG_WS1_INT) { + /* PUBLISH_EVENT */ + plat_sbsa_nt_wdog_ws1_handle(); + } else if (id == SBSA_T_WDG_WS0_INT) { + /* PUBLISH_EVENT */ + plat_sbsa_t_wdog_ws0_handle(); + } + /* EOI and reset , log what else */ + psci_systrem_reset2(); +} + +void sbsa_wdog_hander_init(void) +{ +#if EXCEPTION_HANDLING_FRAMEWORK + ehf_register_priority_handler(SBSA_WDG_PRI, sbsa_wdog_handler); +#endif +} Thanks Sandeep

4 years, 9 months

1
0
0 0

[query] sbsa level 3 spec: non secure watchdog WS1 handling at EL3

by Sandeep Tripathy

Hi, Based on sbsa spec for level-3 firmware specification watchdog signals NS WS1 and S WS0 to be handled at EL3 firmware. I have some query on how TF-A plans to implement this. Ref: Excerpt DEN0029D_SBSA_6.0 https://developer.arm.com/documentation/den0029/d/?lang=en 3.2.3 Watchdogs The required behavior of watchdog signal 1 of the Non-secure watchdog is modified in level 3– firmware and is required to be routed as an SPI to the GIC. It is expected that this SPI be configured as an EL3 interrupt, directly targeting a single PE. A system compatible with level 3- firmware must implement a second watchdog, and is referred to as the Secure watchdog. It must have both its register frames mapped in the Secure memory address space and must not be aliased to the Non-secure address space. Watchdog Signal 0 of the Secure watchdog must be routed as an SPI to the GIC and it is expected this will be configured as an EL3 interrupt, directly targeting a single PE. Q1- What happens if core is stuck and interrupts are not taken. Non-secure watchdog will expire and ultimately results in a WS1 which is also not taken as the core is not responding. If WS1 were to another subsystem (eg: SCP) then it would take action. In current scheme is it the secure sbsa wdg expected to detect such hang ? Q2- How to handle sbsa watchdog interrupt at EL3. Please suggest if I should make a patch in following approach to start with. Or it has to be registered as a RAS priority exception. diff --git a/drivers/arm/sbsa/sbsa.c b/drivers/arm/sbsa/sbsa.c index 79c6f26..9683ef8 100644 --- a/drivers/arm/sbsa/sbsa.c +++ b/drivers/arm/sbsa/sbsa.c @@ -40,3 +40,26 @@ + +#define weak plat_sbsa_nt_wdog_ws1_handle +#define weak plat_sbsa_t_wdog_ws0_handle +void sbsa_wdog_handler(int id) +{ + if (id == SBSA_NT_WDG_WS1_INT) { + /* PUBLISH_EVENT */ + plat_sbsa_nt_wdog_ws1_handle(); + } else if (id == SBSA_T_WDG_WS0_INT) { + /* PUBLISH_EVENT */ + plat_sbsa_t_wdog_ws0_handle(); + } + /* EOI and reset , log what else */ + psci_systrem_reset2(); +} + +void sbsa_wdog_hander_init(void) +{ +#if EXCEPTION_HANDLING_FRAMEWORK + ehf_register_priority_handler(SBSA_WDG_PRI, sbsa_wdog_handler); +#endif +} Thanks Sandeep

4 years, 9 months

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 2 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) ** CID 361485: Integer handling issues (SIGN_EXTENSION) /plat/qti/common/src/spmi_arb.c: 54 in wait_for_done() ________________________________________________________________________________________________________ *** CID 361485: Integer handling issues (SIGN_EXTENSION) /plat/qti/common/src/spmi_arb.c: 54 in wait_for_done() 48 49 static int wait_for_done(uint16_t apid) 50 { 51 unsigned int timeout = 100; 52 53 while (timeout-- != 0U) { >>> CID 361485: Integer handling issues (SIGN_EXTENSION) >>> Suspicious implicit sign extension: "apid" with type "uint16_t" (16 bits, unsigned) is promoted in "207618056 + 65536 * apid" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "207618056 + 65536 * apid" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1. 54 uint32_t status = mmio_read_32(REG_ARB_STATUS(apid)); 55 if ((status & ARB_STATUS_DONE) != 0U) { 56 if ((status & ARB_STATUS_FAILURE) != 0U || 57 (status & ARB_STATUS_DENIED) != 0U || 58 (status & ARB_STATUS_DROPPED) != 0U) { 59 return status & 0xff; ** CID 361484: Integer handling issues (SIGN_EXTENSION) /plat/qti/common/src/spmi_arb.c: 72 in arb_command() ________________________________________________________________________________________________________ *** CID 361484: Integer handling issues (SIGN_EXTENSION) /plat/qti/common/src/spmi_arb.c: 72 in arb_command() 66 return ARB_FAKE_STATUS_TIMEOUT; 67 } 68 69 static void arb_command(uint16_t apid, uint8_t opcode, uint32_t addr, 70 uint8_t bytes) 71 { >>> CID 361484: Integer handling issues (SIGN_EXTENSION) >>> Suspicious implicit sign extension: "apid" with type "uint16_t" (16 bits, unsigned) is promoted in "207618048 + 65536 * apid" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "207618048 + 65536 * apid" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1. 72 mmio_write_32(REG_ARB_CMD(apid), (uint32_t)opcode << 27 | 73 (addr & 0xff) << 4 | (bytes - 1)); 74 } 75 76 int spmi_arb_read8(uint32_t addr) 77 { ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

4 years, 9 months

1
0
0 0

Re: [TF-A] TF-A Gerrit access permissions currently broken.

by Joanna Farley

Things should be back to normal. Joanna From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Joanna Farley via TF-A <tf-a(a)lists.trustedfirmware.org> Reply to: Joanna Farley <Joanna.Farley(a)arm.com> Date: Wednesday, 26 August 2020 at 12:51 To: "tf-a(a)lists.trustedfirmware.org" <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] TF-A Gerrit access permissions currently broken. Just to inform project contributors that people may find their gerrit access rights may be broken at this time. I have raised a support request with the trustedfirmware.org support team. Joanna

4 years, 9 months

1
0
0 0

TF-A Gerrit access permissions currently broken.

by Joanna Farley

Just to inform project contributors that people may find their gerrit access rights may be broken at this time. I have raised a support request with the trustedfirmware.org support team. Joanna

4 years, 9 months

1
0
0 0

TF-A Tech Forum Agenda @ Thr 27th August 2020 16:00-1700 BST

by Joanna Farley

Hi All, The next TF-A Tech Forum is scheduled for Thu 27th August 2020 16:00 – 17:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. Agenda: * TF-A Errata Process – Presented by Bipin Ravi * Bug Review Committee (BRC) & Categorization of Errata * Software Developers Errata Notice (SDEN) & Product Errata Notice (PEN) * What TF-A Implements * How TF-A Implements * Testing If TF-A contributors have anything they wish to present at any future TF-A tech forum please contact me to have that scheduled. Previous sessions, both recording and presentation material can be found on the trustedfirmware.org TF-A Technical meeting webpage: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/ A scheduling tracking page is also available to help track sessions suggested and being prepared: https://developer.trustedfirmware.org/w/tf_a/tf-a-tech-forum-scheduling/ Final decisions on what will be presented will be shared a few days before the next meeting and shared on the TF-A mailing list. Thanks Joanna

4 years, 9 months

1
0
0 0

Re: [TF-A] [RFC] Api to power down all cores

by Varun Wadekar

<Cc alias> -----Original Message----- From: Sandeep Tripathy <sandeep.tripathy(a)broadcom.com> Sent: Tuesday, August 25, 2020 8:59 AM To: Varun Wadekar <vwadekar(a)nvidia.com>; Soby Mathew <Soby.Mathew(a)arm.com> Subject: RE: [TF-A] [RFC] Api to power down all cores Thanks, I will use callback as param to get rid of the 'plat*'. 'void psci_stop_other_cores(void (*stop_func)(uregister_t mpidr))' Platform can call like .. psci_stop_other_cores(ipi_send_stop); I will update the patch tomorrow. This api is not invoked by psci generic functions. So I think that should suffice your concern. Anyways I will take care any other suggestions. IPI implementation is under flag 'IPI_SUPPORT'. https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5323/ Thanks Sandeep > -----Original Message----- > From: Varun Wadekar [mailto:vwadekar@nvidia.com] > Sent: Tuesday, August 25, 2020 9:11 AM > To: Soby Mathew; Sandeep Tripathy > Subject: RE: [TF-A] [RFC] Api to power down all cores > > Hi, > > In addition to the suggestions already posted, we should provide a > build flag or dynamic knob to allow platforms to disable this feature. > > -Varun > > -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Soby > Mathew via TF-A > Sent: Friday, August 21, 2020 3:57 AM > To: Sandeep Tripathy <sandeep.tripathy(a)broadcom.com> > Cc: tf-a(a)lists.trustedfirmware.org > Subject: Re: [TF-A] [RFC] Api to power down all cores > > External email: Use caution opening links or attachments > > > Hi Sandeep, > Thanks for the clarification. I too think this has general utility and > since you need access to internal PSCI data to perform the > functionality , exporting a utility function from PSCI for platforms > to invoke seems the right thing to do. > The small concern I have is using the `plat_*` namespace as this is a > utility function invoked by the platform and another porting layer > beneath it seems out of place. > > I would suggest to add a parameter to stop_other_cores(), this could > be either the IPI number or a callback function to trigger the IPI. > This allows to provide the platform specific details without `plat_*` > API. > > Best Regards > Soby Mathew > > > -----Original Message----- > > From: Sandeep Tripathy <sandeep.tripathy(a)broadcom.com> > > Sent: 21 August 2020 07:17 > > To: Soby Mathew <Soby.Mathew(a)arm.com> > > Cc: tf-a(a)lists.trustedfirmware.org > > Subject: RE: [TF-A] [RFC] Api to power down all cores > > > > Hi Soby, > > I realize using term 'PSCI API' in rfc tag is misleading like Achin > > mentioned in gerrit. > > > > Here I wanted to have a generic API to 'stop_other_cores' in > > secure world. > > The usage is platform firmware specific. > > Implementation of 'stop_other_cores' depends on a generic 'IPI' > > support > (1). > > It leverages the existing EHF. So I feel it is not adding and > > complexity or overhead in normal execution path. > > > > 'stop_other_cores' API implementation depends on some psci private > > functions to traverse the pd nodes and extract MPIDRs for target pe > > list. That was the reason to put the function within psci lib. So > > there are > two things. > > 1- Does this idea of 'stop_other_core' api qualify to be generic > > 2- Does a generic IPI layer make sense > > > > Thanks > > Sandeep > > > -----Original Message----- > > > From: Soby Mathew [mailto:Soby.Mathew@arm.com] > > > Sent: Thursday, August 20, 2020 8:54 PM > > > To: Sandeep Tripathy > > > Cc: tf-a(a)lists.trustedfirmware.org > > > Subject: RE: [TF-A] [RFC] psci: api to power down all cores > > > > > > Hi Sandeep, > > > Just to understand better, if there is a secure side > > > panic/watchdog interrupt, then the secure side is already able to > > > do such an intervention without the availability of a PSCI API to the NS side. > > > > > > In case the NS world has crashed, then PSCI_SYSTEM_RESET and > > > PSCI_SYSTEM_OFF APIs can be invoked which then does the > > > appropriate actions. From my reading, the PSCI specification > > > doesn't prevent firmware implementation of the reset and off API's > > > from doing the kind of implementation as per your proposal. > > > > I intend to do 'stop_other_cores' in platform extension of > > 'plat_system_resetx()', secure side watchdog expiry/ > > plat_panic_handler(). > > > > > > > > Best Regards > > > Soby Mathew > > > > > > > -----Original Message----- > > > > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of > > > Sandeep > > > > Tripathy via TF-A > > > > Sent: 19 August 2020 16:42 > > > > To: tf-a(a)lists.trustedfirmware.org > > > > Subject: [TF-A] [RFC] psci: api to power down all cores > > > > > > > > Hi, > > > > I am proposing to have a generic api in psci lib which can be > > > > used to > > > force > > > > power down all other cores from any initiating core analogous to > > > > 'smp_cpu_stop' in linux. It is immune to interrupt lock by > > > > EL1/EL2 software. > > > > > > > > Platforms may use this api in case of secure side panic, secure > > > > watchdog interrupt handling or if required in certain types of > > > > warm resets. The usage > > > is > > > > platform dependent. > > > > > > > > This depends on a generic implementation of secure IPI (1) which > > > > uses EHF > > > to > > > > handle IPI at platform defined priority. We probably require > > > > more types of secure IPIs. > > > > > > > > Please review the series > > > > Ref: > > > > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5 > > > > 32 > > > > 4 > > > > > > > > diff --git a/lib/psci/psci_system_off.c > > > > b/lib/psci/psci_system_off.c index > > > > 141d69e..011aaa6 100644 > > > > --- a/lib/psci/psci_system_off.c > > > > +++ b/lib/psci/psci_system_off.c > > > > @@ -10,10 +10,44 @@ > > > > #include <arch_helpers.h> > > > > #include <common/debug.h> > > > > #include <drivers/console.h> > > > > +#include <drivers/delay_timer.h> > > > > #include <plat/common/platform.h> > > > > > > > > #include "psci_private.h" > > > > > > > > +#ifndef PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS #define > > > > +PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS 1000 #endif > > > > + > > > > +#if IMAGE_BL31 > > > > +void psci_stop_other_cores(void) { #define > > > > +PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS 1000 #endif > > > > + > > > > +#if IMAGE_BL31 > > > > +void psci_stop_other_cores(void) { > > > > + int idx, this_cpu_idx, cnt; > > > > + > > > > + this_cpu_idx = plat_my_core_pos(); > > > > + > > > > + /* Raise G0 IPI cpustop to all cores but self */ > > > > + for (idx = 0; idx < psci_plat_core_count; idx++) { > > > > + if ((idx != this_cpu_idx) && > > > > + (psci_get_aff_info_state_by_idx(idx) == > > > > AFF_STATE_ON)) { > > > > + > > > > plat_ipi_send_cpu_stop(psci_cpu_pd_nodes[idx].mpidr); > > > > + } > > > > + } > > > > + > > > > + /* Wait for others cores to shutdown */ > > > > + for (cnt = 0; cnt < PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS; > > > > + cnt++) > > > { > > > > + if (psci_is_last_on_cpu()) > > > > + break; > > > > + mdelay(1); > > > > + } > > > > + > > > > + if (!psci_is_last_on_cpu()) { > > > > + WARN("Failed to stop all cores!\n"); > > > > + psci_print_power_domain_map(); > > > > + } > > > > +} > > > > +#endif > > > > + > > > > > > > > (1) > > > > RFC: ipi: add ipi feature > > > > Ref: > > > > https://review.trustedfirmware.org/c/TF-A/trusted-firmware- > > > a/+/5323/1 > > > > > > > > Thanks > > > > Sandeep > > > > -- > > > > TF-A mailing list > > > > TF-A(a)lists.trustedfirmware.org > > > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 9 months

1
0
0 0

[Request for review] Downstream patches from Tegra repos

by Varun Wadekar

Hello team, Requesting reviews for the latest patches [1] form our internal repos for Tegra platforms. I have updated the verification steps for each patch in the comments to help answer some questions. Thanks in advance. -Varun [1] https://review.trustedfirmware.org/q/topic:%22tegra-downstream-08252020%22+…

4 years, 9 months

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 361456: Memory - illegal accesses (NEGATIVE_RETURNS) /services/std_svc/spmd/spmd_main.c: 49 in spmd_get_context_by_mpidr() ________________________________________________________________________________________________________ *** CID 361456: Memory - illegal accesses (NEGATIVE_RETURNS) /services/std_svc/spmd/spmd_main.c: 49 in spmd_get_context_by_mpidr() 43 44 /******************************************************************************* 45 * SPM Core context on CPU based on mpidr. 46 ******************************************************************************/ 47 spmd_spm_core_context_t *spmd_get_context_by_mpidr(uint64_t mpidr) 48 { >>> CID 361456: Memory - illegal accesses (NEGATIVE_RETURNS) >>> Using variable "plat_core_pos_by_mpidr(mpidr)" as an index to array "spm_core_context". 49 return &spm_core_context[plat_core_pos_by_mpidr(mpidr)]; 50 } 51 52 /******************************************************************************* 53 * SPM Core context on current CPU get helper. 54 ******************************************************************************/ ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

4 years, 9 months

1
0
0 0

Re: [TF-A] [RFC] Api to power down all cores

by Sandeep Tripathy

Hi Soby, I realize using term 'PSCI API' in rfc tag is misleading like Achin mentioned in gerrit. Here I wanted to have a generic API to 'stop_other_cores' in secure world. The usage is platform firmware specific. Implementation of 'stop_other_cores' depends on a generic 'IPI' support (1). It leverages the existing EHF. So I feel it is not adding and complexity or overhead in normal execution path. 'stop_other_cores' API implementation depends on some psci private functions to traverse the pd nodes and extract MPIDRs for target pe list. That was the reason to put the function within psci lib. So there are two things. 1- Does this idea of 'stop_other_core' api qualify to be generic 2- Does a generic IPI layer make sense Thanks Sandeep > -----Original Message----- > From: Soby Mathew [mailto:Soby.Mathew@arm.com] > Sent: Thursday, August 20, 2020 8:54 PM > To: Sandeep Tripathy > Cc: tf-a(a)lists.trustedfirmware.org > Subject: RE: [TF-A] [RFC] psci: api to power down all cores > > Hi Sandeep, > Just to understand better, if there is a secure side panic/watchdog > interrupt, > then the secure side is already able to do such an intervention without > the > availability of a PSCI API to the NS side. > > In case the NS world has crashed, then PSCI_SYSTEM_RESET and > PSCI_SYSTEM_OFF APIs can be invoked which then does the appropriate > actions. From my reading, the PSCI specification doesn't prevent firmware > implementation of the reset and off API's from doing the kind of > implementation as per your proposal. I intend to do 'stop_other_cores' in platform extension of 'plat_system_resetx()', secure side watchdog expiry/ plat_panic_handler(). > > Best Regards > Soby Mathew > > > -----Original Message----- > > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of > Sandeep > > Tripathy via TF-A > > Sent: 19 August 2020 16:42 > > To: tf-a(a)lists.trustedfirmware.org > > Subject: [TF-A] [RFC] psci: api to power down all cores > > > > Hi, > > I am proposing to have a generic api in psci lib which can be used to > force > > power down all other cores from any initiating core analogous to > > 'smp_cpu_stop' in linux. It is immune to interrupt lock by EL1/EL2 > > software. > > > > Platforms may use this api in case of secure side panic, secure watchdog > > interrupt handling or if required in certain types of warm resets. The > > usage > is > > platform dependent. > > > > This depends on a generic implementation of secure IPI (1) which uses > > EHF > to > > handle IPI at platform defined priority. We probably require more types > > of > > secure IPIs. > > > > Please review the series > > Ref: > > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5324 > > > > diff --git a/lib/psci/psci_system_off.c b/lib/psci/psci_system_off.c > > index > > 141d69e..011aaa6 100644 > > --- a/lib/psci/psci_system_off.c > > +++ b/lib/psci/psci_system_off.c > > @@ -10,10 +10,44 @@ > > #include <arch_helpers.h> > > #include <common/debug.h> > > #include <drivers/console.h> > > +#include <drivers/delay_timer.h> > > #include <plat/common/platform.h> > > > > #include "psci_private.h" > > > > +#ifndef PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS #define > > +PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS 1000 #endif > > + > > +#if IMAGE_BL31 > > +void psci_stop_other_cores(void) > > +{ > > +#define PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS 1000 #endif > > + > > +#if IMAGE_BL31 > > +void psci_stop_other_cores(void) > > +{ > > + int idx, this_cpu_idx, cnt; > > + > > + this_cpu_idx = plat_my_core_pos(); > > + > > + /* Raise G0 IPI cpustop to all cores but self */ > > + for (idx = 0; idx < psci_plat_core_count; idx++) { > > + if ((idx != this_cpu_idx) && > > + (psci_get_aff_info_state_by_idx(idx) == > > AFF_STATE_ON)) { > > + > > plat_ipi_send_cpu_stop(psci_cpu_pd_nodes[idx].mpidr); > > + } > > + } > > + > > + /* Wait for others cores to shutdown */ > > + for (cnt = 0; cnt < PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS; cnt++) > { > > + if (psci_is_last_on_cpu()) > > + break; > > + mdelay(1); > > + } > > + > > + if (!psci_is_last_on_cpu()) { > > + WARN("Failed to stop all cores!\n"); > > + psci_print_power_domain_map(); > > + } > > +} > > +#endif > > + > > > > (1) > > RFC: ipi: add ipi feature > > Ref: https://review.trustedfirmware.org/c/TF-A/trusted-firmware- > a/+/5323/1 > > > > Thanks > > Sandeep > > -- > > TF-A mailing list > > TF-A(a)lists.trustedfirmware.org > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 9 months

2
1
0 0

Re: [TF-A] [RFC] psci: api to power down all cores

by Soby Mathew

Hi Sandeep, Just to understand better, if there is a secure side panic/watchdog interrupt, then the secure side is already able to do such an intervention without the availability of a PSCI API to the NS side. In case the NS world has crashed, then PSCI_SYSTEM_RESET and PSCI_SYSTEM_OFF APIs can be invoked which then does the appropriate actions. From my reading, the PSCI specification doesn't prevent firmware implementation of the reset and off API's from doing the kind of implementation as per your proposal. Best Regards Soby Mathew > -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Sandeep > Tripathy via TF-A > Sent: 19 August 2020 16:42 > To: tf-a(a)lists.trustedfirmware.org > Subject: [TF-A] [RFC] psci: api to power down all cores > > Hi, > I am proposing to have a generic api in psci lib which can be used to force > power down all other cores from any initiating core analogous to > 'smp_cpu_stop' in linux. It is immune to interrupt lock by EL1/EL2 software. > > Platforms may use this api in case of secure side panic, secure watchdog > interrupt handling or if required in certain types of warm resets. The usage is > platform dependent. > > This depends on a generic implementation of secure IPI (1) which uses EHF to > handle IPI at platform defined priority. We probably require more types of > secure IPIs. > > Please review the series > Ref: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5324 > > diff --git a/lib/psci/psci_system_off.c b/lib/psci/psci_system_off.c index > 141d69e..011aaa6 100644 > --- a/lib/psci/psci_system_off.c > +++ b/lib/psci/psci_system_off.c > @@ -10,10 +10,44 @@ > #include <arch_helpers.h> > #include <common/debug.h> > #include <drivers/console.h> > +#include <drivers/delay_timer.h> > #include <plat/common/platform.h> > > #include "psci_private.h" > > +#ifndef PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS #define > +PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS 1000 #endif > + > +#if IMAGE_BL31 > +void psci_stop_other_cores(void) > +{ > +#define PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS 1000 #endif > + > +#if IMAGE_BL31 > +void psci_stop_other_cores(void) > +{ > + int idx, this_cpu_idx, cnt; > + > + this_cpu_idx = plat_my_core_pos(); > + > + /* Raise G0 IPI cpustop to all cores but self */ > + for (idx = 0; idx < psci_plat_core_count; idx++) { > + if ((idx != this_cpu_idx) && > + (psci_get_aff_info_state_by_idx(idx) == AFF_STATE_ON)) { > + plat_ipi_send_cpu_stop(psci_cpu_pd_nodes[idx].mpidr); > + } > + } > + > + /* Wait for others cores to shutdown */ > + for (cnt = 0; cnt < PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS; cnt++) { > + if (psci_is_last_on_cpu()) > + break; > + mdelay(1); > + } > + > + if (!psci_is_last_on_cpu()) { > + WARN("Failed to stop all cores!\n"); > + psci_print_power_domain_map(); > + } > +} > +#endif > + > > (1) > RFC: ipi: add ipi feature > Ref: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5323/1 > > Thanks > Sandeep > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 9 months

1
0
0 0

[RFC] psci: api to power down all cores

by Sandeep Tripathy

Hi, I am proposing to have a generic api in psci lib which can be used to force power down all other cores from any initiating core analogous to 'smp_cpu_stop' in linux. It is immune to interrupt lock by EL1/EL2 software. Platforms may use this api in case of secure side panic, secure watchdog interrupt handling or if required in certain types of warm resets. The usage is platform dependent. This depends on a generic implementation of secure IPI (1) which uses EHF to handle IPI at platform defined priority. We probably require more types of secure IPIs. Please review the series Ref: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5324 diff --git a/lib/psci/psci_system_off.c b/lib/psci/psci_system_off.c index 141d69e..011aaa6 100644 --- a/lib/psci/psci_system_off.c +++ b/lib/psci/psci_system_off.c @@ -10,10 +10,44 @@ #include <arch_helpers.h> #include <common/debug.h> #include <drivers/console.h> +#include <drivers/delay_timer.h> #include <plat/common/platform.h> #include "psci_private.h" +#ifndef PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS +#define PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS 1000 +#endif + +#if IMAGE_BL31 +void psci_stop_other_cores(void) +{ +#define PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS 1000 +#endif + +#if IMAGE_BL31 +void psci_stop_other_cores(void) +{ + int idx, this_cpu_idx, cnt; + + this_cpu_idx = plat_my_core_pos(); + + /* Raise G0 IPI cpustop to all cores but self */ + for (idx = 0; idx < psci_plat_core_count; idx++) { + if ((idx != this_cpu_idx) && + (psci_get_aff_info_state_by_idx(idx) == AFF_STATE_ON)) { + plat_ipi_send_cpu_stop(psci_cpu_pd_nodes[idx].mpidr); + } + } + + /* Wait for others cores to shutdown */ + for (cnt = 0; cnt < PLAT_CORES_PWRDWN_WAIT_TIMEOUT_MS; cnt++) { + if (psci_is_last_on_cpu()) + break; + mdelay(1); + } + + if (!psci_is_last_on_cpu()) { + WARN("Failed to stop all cores!\n"); + psci_print_power_domain_map(); + } +} +#endif + (1) RFC: ipi: add ipi feature Ref: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5323/1 Thanks Sandeep

4 years, 9 months

1
0
0 0

Re: [TF-A] [Hafnium] Fw: Automate generation of Partition's specific configuration

by Joao Alves

Hi Raghu, Thank you very much for your feedback! It seems like a good idea to automate it and the approach looks fine to me. Is my understanding correct that the generated *dtsi* files will need to be included in the *dts* files once and the hope is if there is a change, the dts files need not change since the dtsi files will be regenerated every time during build? Yes, your understanding is correct. The other way this could be done is that the tool can generate dts files which have nodes that change at build time, which can then be compiled and added as dtb files, added to the FIP. That way fvp_tb_fw_config.dts and fvp_spmc_manifest.dts will remain the same and not have any dependency on a changing dtsi file. I’d prefer that dts files that change frequently like in this case be autogenerated entirely and as separate files. That _seems_ cleaner but may not work out so in practice. I agree with you that the approach you described above would make the whole process a bit cleaner. One way this could be done is by passing the *.pre.dts files (generated after the initial processing from dtc) to the script that are part of the patch. Last time I worked on this, I added the possibility to generate the nodes structure to an already existing dts file. Thus, expanding the previous configuration with the values of the new nodes. However, this work needs further testing. Alternatively, the python package I am using in the script can parse and generate dtb instead of dts. I was thinking to add the option to the dts_gen.py script (maybe rename it as well) to operate over the dtb format. So, making sure that "in-place" changes are working , and adding the option to operate over dtb files should allow for the cleaner approach that you referred. As is and making the referred changes, most of the script's logic should be preserved, so I don't think there will be a lot of changes to the current implementation, which is good. Please let me know if I was not very clear, or if you have any other comments. Also thanks @Gyorgy Szing<mailto:Gyorgy.Szing@arm.com> for the feedback on the current state of the patch, I appreciate it. Let me know if anyone has questions, or any other comments to the scripts and/or current discussion. I will notify once the work progresses. Best regards, João Alves ________________________________ From: Hafnium <hafnium-bounces(a)lists.trustedfirmware.org> on behalf of Raghu Krishnamurthy via Hafnium <hafnium(a)lists.trustedfirmware.org> Sent: Friday, August 7, 2020 5:54 PM To: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org>; hafnium(a)lists.trustedfirmware.org <hafnium(a)lists.trustedfirmware.org> Subject: Re: [Hafnium] [TF-A] Fw: Automate generation of Partition's specific configuration Hi, It seems like a good idea to automate it and the approach looks fine to me. Is my understanding correct that the generated *dtsi* files will need to be included in the *dts* files once and the hope is if there is a change, the dts files need not change since the dtsi files will be regenerated every time during build? The other way this could be done is that the tool can generate dts files which have nodes that change at build time, which can then be compiled and added as dtb files, added to the FIP. That way fvp_tb_fw_config.dts and fvp_spmc_manifest.dts will remain the same and not have any dependency on a changing dtsi file. I’d prefer that dts files that change frequently like in this case be autogenerated entirely and as separate files. That _seems_ cleaner but may not work out so in practice. Thanks Raghu From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Joao Alves via TF-A Sent: Monday, August 3, 2020 10:08 AM To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] Fw: Automate generation of Partition's specific configuration Hi all, Forwarding email below as the referred work may be useful/relevant for other parts of the TF-A project as well. Best regards, João Alves _____ From: Hafnium <hafnium-bounces(a)lists.trustedfirmware.org <mailto:hafnium-bounces@lists.trustedfirmware.org> > on behalf of Joao Alves via Hafnium <hafnium(a)lists.trustedfirmware.org <mailto:hafnium@lists.trustedfirmware.org> > Sent: Monday, August 3, 2020 5:59 PM To: hafnium(a)lists.trustedfirmware.org <mailto:hafnium@lists.trustedfirmware.org> <hafnium(a)lists.trustedfirmware.org <mailto:hafnium@lists.trustedfirmware.org> > Subject: [Hafnium] Automate generation of Partition's specific configuration Hello all, I have been trying to ease the process of adding a Secure Partition to a system using Secure Hafnium. There is no way to automatically generate SP's specific configuration into TF-A's code-base. Considering FVP as the target platform, we need to manually add partition's specific configuration to files "fvp_tb_fw_config.dts" and "fvp_spmc_manifest.dts" (files held in FVP platform specific folder of TF-A codebase). The following snippet shows the hypervisor node from "fvp_spmc_manifest.dts", for the simple case of having in the system two Cactus Secure Partitions: hypervisor { compatible = "hafnium,hafnium"; vm1 { is_ffa_partition; debug_name = "cactus-primary"; load_address = <0x7000000>; }; vm2 { is_ffa_partition; debug_name = "cactus-secondary"; load_address = <0x7100000>; vcpu_count = <2>; mem_size = <1048576>; }; }; Some of the above properties are available in the partition's manifest, for example "debug_name" and "load_address". If changing one of these values in the partition's manifest or adding another SP, we also need to update the referred files. In order to avoid the burden of having to manually update partition's specific configuration and to make whole system more scalable, I started to write a script that is able to generate a specific node structure and fetch any property value from a any dts file. Then, applied it to fetch/generate SPs specific configuration and include it in aforementioned configuration files. Although it is still a Work In Progress, the work can be found in the patch: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5150. The implementation is divided between two scripts: * "dts_gen.py" - This is a generic solution for the problem. It can fetch/generate/alter any configuration using dts files. * "sp_dts_gen.py" - Uses the previous command to solve the specific problem regarding SPs specific configuration. Although is still Work In Progress, I am looking to obtain feedback/reviews from anyone that could be interested in using this implementation. The above files contain a lot of comments on how to use them, and also describing the implementation. If the obtained feedback is good, I can work on integrating this in TF-A's build-system. Let me know if anyone has questions. Best regards, João Alves -- Hafnium mailing list Hafnium(a)lists.trustedfirmware.org <mailto:Hafnium@lists.trustedfirmware.org> https://lists.trustedfirmware.org/mailman/listinfo/hafnium -- Hafnium mailing list Hafnium(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/hafnium

4 years, 10 months

1
0
0 0

Cancelled event with note: TF-A Tech Forum @ Thu 13 Aug 2020 16:00 - 17:00 (BST) (tf-a@lists.trustedfirmware.org)

by Bill Fletcher

This event has been cancelled with this note: " Next TF-A Tech Forum is now scheduled for 26th August" Title: TF-A Tech Forum We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   When: Thu 13 Aug 2020 16:00 – 17:00 United Kingdom Time Calendar: tf-a(a)lists.trustedfirmware.org Who: * Bill Fletcher- creator * marek.bykowski(a)gmail.com * okash.khawaja(a)gmail.com * tf-a(a)lists.trustedfirmware.org Invitation from Google Calendar: https://www.google.com/calendar/ You are receiving this courtesy email at the account tf-a(a)lists.trustedfirmware.org because you are an attendee of this event. To stop receiving future updates for this event, decline this event. Alternatively, you can sign up for a Google Account at https://www.google.com/calendar/ and control your notification settings for your entire calendar. Forwarding this invitation could allow any recipient to send a response to the organiser and be added to the guest list, invite others regardless of their own invitation status or to modify your RSVP. Learn more at https://support.google.com/calendar/answer/37135#forwarding

4 years, 10 months

1
0
0 0

TF-A Tech Forum CANCELLED @ Thr 13th August 2020 16:00-1700 BST

by Joanna Farley

Apologies everyone, I need to cancel this week’s TF-A Tech Forum as presenters for our next subjects are all on vacation or have yet to complete preparation of the necessary material. As a reminder we have a scheduling page https://developer.trustedfirmware.org/w/tf_a/tf-a-tech-forum-scheduling/ If anybody has subjects they are willing to present please reach out to me so we can find you an appropriate slot. Next TF-A Tech Forum is now scheduled for 26th August. Thanks Joanna

4 years, 10 months

1
0
0 0

Missing properties from cactus dts

by Varun Wadekar

Hello Olivier, Hope you are doing well. As you already know, we are trying to test FF-A, using Cactus, on pre-8.4 Tegra platforms. While doing so, we saw that cactus.dts was missing the following properties 1. maj_ver 2. min_ver 3. spmc_id plat_spm_core_manifest_load() expects these values in the core manifest file. i.e. cactus.dts. What would be the right path forward? Do we add these fields to the dts file? Or modify plat_spmd_manifest.c file? -Varun

4 years, 10 months

2
1
0 0

Re: [TF-A] Fw: Automate generation of Partition's specific configuration

by raghu.ncstate＠icloud.com

Hi, It seems like a good idea to automate it and the approach looks fine to me. Is my understanding correct that the generated *dtsi* files will need to be included in the *dts* files once and the hope is if there is a change, the dts files need not change since the dtsi files will be regenerated every time during build? The other way this could be done is that the tool can generate dts files which have nodes that change at build time, which can then be compiled and added as dtb files, added to the FIP. That way fvp_tb_fw_config.dts and fvp_spmc_manifest.dts will remain the same and not have any dependency on a changing dtsi file. I’d prefer that dts files that change frequently like in this case be autogenerated entirely and as separate files. That _seems_ cleaner but may not work out so in practice. Thanks Raghu From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Joao Alves via TF-A Sent: Monday, August 3, 2020 10:08 AM To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] Fw: Automate generation of Partition's specific configuration Hi all, Forwarding email below as the referred work may be useful/relevant for other parts of the TF-A project as well. Best regards, João Alves _____ From: Hafnium <hafnium-bounces(a)lists.trustedfirmware.org <mailto:hafnium-bounces@lists.trustedfirmware.org> > on behalf of Joao Alves via Hafnium <hafnium(a)lists.trustedfirmware.org <mailto:hafnium@lists.trustedfirmware.org> > Sent: Monday, August 3, 2020 5:59 PM To: hafnium(a)lists.trustedfirmware.org <mailto:hafnium@lists.trustedfirmware.org> <hafnium(a)lists.trustedfirmware.org <mailto:hafnium@lists.trustedfirmware.org> > Subject: [Hafnium] Automate generation of Partition's specific configuration Hello all, I have been trying to ease the process of adding a Secure Partition to a system using Secure Hafnium. There is no way to automatically generate SP's specific configuration into TF-A's code-base. Considering FVP as the target platform, we need to manually add partition's specific configuration to files "fvp_tb_fw_config.dts" and "fvp_spmc_manifest.dts" (files held in FVP platform specific folder of TF-A codebase). The following snippet shows the hypervisor node from "fvp_spmc_manifest.dts", for the simple case of having in the system two Cactus Secure Partitions: hypervisor { compatible = "hafnium,hafnium"; vm1 { is_ffa_partition; debug_name = "cactus-primary"; load_address = <0x7000000>; }; vm2 { is_ffa_partition; debug_name = "cactus-secondary"; load_address = <0x7100000>; vcpu_count = <2>; mem_size = <1048576>; }; }; Some of the above properties are available in the partition's manifest, for example "debug_name" and "load_address". If changing one of these values in the partition's manifest or adding another SP, we also need to update the referred files. In order to avoid the burden of having to manually update partition's specific configuration and to make whole system more scalable, I started to write a script that is able to generate a specific node structure and fetch any property value from a any dts file. Then, applied it to fetch/generate SPs specific configuration and include it in aforementioned configuration files. Although it is still a Work In Progress, the work can be found in the patch: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5150. The implementation is divided between two scripts: * "dts_gen.py" - This is a generic solution for the problem. It can fetch/generate/alter any configuration using dts files. * "sp_dts_gen.py" - Uses the previous command to solve the specific problem regarding SPs specific configuration. Although is still Work In Progress, I am looking to obtain feedback/reviews from anyone that could be interested in using this implementation. The above files contain a lot of comments on how to use them, and also describing the implementation. If the obtained feedback is good, I can work on integrating this in TF-A's build-system. Let me know if anyone has questions. Best regards, João Alves -- Hafnium mailing list Hafnium(a)lists.trustedfirmware.org <mailto:Hafnium@lists.trustedfirmware.org> https://lists.trustedfirmware.org/mailman/listinfo/hafnium

4 years, 10 months

1
0
0 0

[Request for review] Tegra platform changes

by Varun Wadekar

Hi Team, Can you please help review the changes [1] posted for Tegra platforms? These were pushed on 07/09 and I would like to make progress. Several other changes are blocked on this merge. Thanks, Varun [1] https://review.trustedfirmware.org/q/topic:%22tegra-downstream-07092020%22+…

4 years, 10 months

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 361221: (TAINTED_SCALAR) ________________________________________________________________________________________________________ *** CID 361221: (TAINTED_SCALAR) /plat/arm/board/arm_fpga/fpga_bl31_setup.c: 196 in fpga_prepare_dtb() 190 if (err) { 191 ERROR("Could not set command line: %d\n", err); 192 } 193 } 194 } 195 >>> CID 361221: (TAINTED_SCALAR) >>> Passing tainted variable "fdt->size_dt_struct" to a tainted sink. 196 err = fdt_pack(fdt); 197 if (err < 0) { 198 ERROR("Failed to pack Device Tree at %p: error %d\n", fdt, err); 199 } 200 201 clean_dcache_range((uintptr_t)fdt, fdt_blob_size(fdt)); /plat/arm/board/arm_fpga/fpga_bl31_setup.c: 196 in fpga_prepare_dtb() 190 if (err) { 191 ERROR("Could not set command line: %d\n", err); 192 } 193 } 194 } 195 >>> CID 361221: (TAINTED_SCALAR) >>> Passing tainted variable "fdt->size_dt_struct" to a tainted sink. 196 err = fdt_pack(fdt); 197 if (err < 0) { 198 ERROR("Failed to pack Device Tree at %p: error %d\n", fdt, err); 199 } 200 201 clean_dcache_range((uintptr_t)fdt, fdt_blob_size(fdt)); /plat/arm/board/arm_fpga/fpga_bl31_setup.c: 196 in fpga_prepare_dtb() 190 if (err) { 191 ERROR("Could not set command line: %d\n", err); 192 } 193 } 194 } 195 >>> CID 361221: (TAINTED_SCALAR) >>> Passing tainted variable "fdt->size_dt_struct" to a tainted sink. 196 err = fdt_pack(fdt); 197 if (err < 0) { 198 ERROR("Failed to pack Device Tree at %p: error %d\n", fdt, err); 199 } 200 201 clean_dcache_range((uintptr_t)fdt, fdt_blob_size(fdt)); /plat/arm/board/arm_fpga/fpga_bl31_setup.c: 196 in fpga_prepare_dtb() 190 if (err) { 191 ERROR("Could not set command line: %d\n", err); 192 } 193 } 194 } 195 >>> CID 361221: (TAINTED_SCALAR) >>> Passing tainted variable "fdt->size_dt_struct" to a tainted sink. 196 err = fdt_pack(fdt); 197 if (err < 0) { 198 ERROR("Failed to pack Device Tree at %p: error %d\n", fdt, err); 199 } 200 201 clean_dcache_range((uintptr_t)fdt, fdt_blob_size(fdt)); ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

4 years, 10 months

1
0
0 0

Re: [TF-A] Erroneous speculative AT workaround

by Varun Wadekar

Hi, I guess I'm late for the party. But I have some questions. Looking at the initial email from Andrew, these two points stood out. --8<-- 1. Whilst looking at the speculative AT workaround in KVM, I compared it against the workaround in TF-A and noticed an inconsistency whereby TF-A **breaks** KVM's workaround. 2. TF-A will also have to be compatible with whatever workaround the EL2 software is using -->8-- Some questions about the unwanted dependency that this fix in TF-A creates. 1. Does KVM team always announce all the dependencies, along with their version numbers, that consumers should use? 2. With the fix in TF-A, are we forcing consumers to upgrade their TF-A blobs? Is this normal practice for consumers? 3. How do we plan to make the upgrade from TF-A side easier? Runtime detection of the feature (similar to the Spectre and Meltdown fixes) comes to mind. -Varun -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Manish Badarkhe via TF-A Sent: Thursday, July 30, 2020 10:48 PM To: tf-a(a)lists.trustedfirmware.org Cc: Will Deacon <willdeacon(a)google.com>; android-kvm(a)google.com; Marc Zyngier <mzyngier(a)google.com>; James Morse <James.Morse(a)arm.com>; Andrew Scull <ascull(a)google.com> Subject: Re: [TF-A] Erroneous speculative AT workaround External email: Use caution opening links or attachments Hi All As per discussion over mailing list, we implemented workaround for AT speculative behaviour. If anybody interested they can look into the changes posted here: https://review.trustedfirmware.org/q/topic:%22at_errata_fix%22+(status:open… These changes are currently under review. Thanks Manish Badarkhe On 03/07/2020, 14:43, "TF-A on behalf of Soby Mathew via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: > -----Original Message----- > From: Will Deacon <willdeacon(a)google.com> > Sent: 02 July 2020 15:47 > To: Soby Mathew <Soby.Mathew(a)arm.com> > Cc: Andrew Scull <ascull(a)google.com>; Raghu K > <raghu.ncstate(a)icloud.com>; android-kvm(a)google.com; Marc Zyngier > <mzyngier(a)google.com>; James Morse <James.Morse(a)arm.com>; tf- > a(a)lists.trustedfirmware.org > Subject: Re: [TF-A] Erroneous speculative AT workaround > > On Thu, Jul 02, 2020 at 02:15:47PM +0000, Soby Mathew wrote: > > So the fix as we currently understand would involve the following > > sequence > > : > > > > a. On Entry to EL3, save the incoming SCTLR_EL1.M and TCR_EL1.EPDx > bits and set them (ensure TCR_EL1.EPDx =1 prior to SCTLR_EL1.M =1 using > isb()) > > b. Prior to Exit from EL3, after the target context is restored, restore > the SCTLR_EL1.M and TCR_EL1.EPDx bits. > > > > The above sequence now means that any use of AT instruction targeted > > at lower EL from EL3 that require PTW will fault. So prior to use of > > AT, ensure the PTW are re-enabled and disabled back again after the AT > > instructions. > > > > If the above sequence is agreed upon to resolve the errata, then we > > can work on a patch for the same. I suspect current el1 register save > > and restore sequence in TF-A is a bit unwieldy and we may need to > > analyze all the entry points to EL3 to ensure we cover everything. > > Looks good to me, but there's still one niggle that I don't know how to solve. > If EL2 has been audited not to have any executable AT instructions, it may > not have a software workaround. However, if a secure interrupt is taken > from EL2 to EL3 while EL2 is the middle of a world switch, then there is a > small window where an AT instruction present at EL3 cold be speculatively > executed before you've had a chance to mess with SCTLR_EL1. > > Fun! Maybe it's worth documenting this somewhere? Hi Will, Good point, this effectively means every EL2 software must implement the fix similar to KVM for this workaround to be effective (or else EL3 should also be audited to not to have any executable AT instruction). This needs to be communicated. Since this is crossing TF-A boundary and need wider communication, I can initiate some internal discussion on how to communicate this properly. Best Regards Soby Mathew > > Will -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 10 months

3
4
0 0

Fw: Automate generation of Partition's specific configuration

by Joao Alves

Hi all, Forwarding email below as the referred work may be useful/relevant for other parts of the TF-A project as well. Best regards, João Alves ________________________________ From: Hafnium <hafnium-bounces(a)lists.trustedfirmware.org> on behalf of Joao Alves via Hafnium <hafnium(a)lists.trustedfirmware.org> Sent: Monday, August 3, 2020 5:59 PM To: hafnium(a)lists.trustedfirmware.org <hafnium(a)lists.trustedfirmware.org> Subject: [Hafnium] Automate generation of Partition's specific configuration Hello all, I have been trying to ease the process of adding a Secure Partition to a system using Secure Hafnium. There is no way to automatically generate SP's specific configuration into TF-A's code-base. Considering FVP as the target platform, we need to manually add partition's specific configuration to files "fvp_tb_fw_config.dts" and "fvp_spmc_manifest.dts" (files held in FVP platform specific folder of TF-A codebase). The following snippet shows the hypervisor node from "fvp_spmc_manifest.dts", for the simple case of having in the system two Cactus Secure Partitions: hypervisor { compatible = "hafnium,hafnium"; vm1 { is_ffa_partition; debug_name = "cactus-primary"; load_address = <0x7000000>; }; vm2 { is_ffa_partition; debug_name = "cactus-secondary"; load_address = <0x7100000>; vcpu_count = <2>; mem_size = <1048576>; }; }; Some of the above properties are available in the partition's manifest, for example "debug_name" and "load_address". If changing one of these values in the partition's manifest or adding another SP, we also need to update the referred files. In order to avoid the burden of having to manually update partition's specific configuration and to make whole system more scalable, I started to write a script that is able to generate a specific node structure and fetch any property value from a any dts file. Then, applied it to fetch/generate SPs specific configuration and include it in aforementioned configuration files. Although it is still a Work In Progress, the work can be found in the patch: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5150. The implementation is divided between two scripts: * "dts_gen.py" - This is a generic solution for the problem. It can fetch/generate/alter any configuration using dts files. * "sp_dts_gen.py" - Uses the previous command to solve the specific problem regarding SPs specific configuration. Although is still Work In Progress, I am looking to obtain feedback/reviews from anyone that could be interested in using this implementation. The above files contain a lot of comments on how to use them, and also describing the implementation. If the obtained feedback is good, I can work on integrating this in TF-A's build-system. Let me know if anyone has questions. Best regards, João Alves -- Hafnium mailing list Hafnium(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/hafnium

4 years, 10 months

1
0
0 0

Re: [TF-A] cactus and ivy on Tegra194

by Varun Wadekar

Hello Olivier, What are your thoughts on keeping Cactus alive for verifying FF-A tests on pre-8.4 Tegra platforms? -Varun -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Varun Wadekar via TF-A Sent: Tuesday, July 28, 2020 2:27 PM To: Olivier Deprez <Olivier.Deprez(a)arm.com>; Matteo Carlini <Matteo.Carlini(a)arm.com> Cc: tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] cactus and ivy on Tegra194 External email: Use caution opening links or attachments Hi, >> [OD] The scenario we have in TF-A for pre-Armv8.4, is booting OP-TEE as the SPMC (or in other words a colocated SP+SPMC)., but that's a bare SPMD/SPMC boot case without exercising full fledged FF-A (only few direct message exchanges at the moment). [VW] I think it makes sense to keep cactus alive for pre-8.4 in tfa-tests repo. Using cactus would help us verify the initial boot expectations without having to port OP-TEE. I guess, successful handling of the FFA_VERSION call would be a good milestone for us. >> There is another OSS team you may interact with for the pre-Armv8.4 + FF-A story. @Matteo may provide pointers? [VW] Good to know. -Varun -----Original Message----- From: Olivier Deprez <Olivier.Deprez(a)arm.com> Sent: Tuesday, July 28, 2020 9:09 AM To: Varun Wadekar <vwadekar(a)nvidia.com>; Matteo Carlini <Matteo.Carlini(a)arm.com> Cc: tf-a(a)lists.trustedfirmware.org Subject: Re: cactus and ivy on Tegra194 External email: Use caution opening links or attachments Hi Varun, See inline [OD] Regards, Olivier. ________________________________________ From: Varun Wadekar <vwadekar(a)nvidia.com> Sent: 27 July 2020 18:28 To: Olivier Deprez; tf-a(a)lists.trustedfirmware.org Subject: RE: cactus and ivy on Tegra194 Hi Olivier, Thanks for your response. Looks like Ivy is still getting built in the tree and the fixes I have made are for the UART console driver - so can still be pushed upstream. [OD] It is built although it has no usage in any of TF-A CI test AFAIK. It is still using the former SPCI Alpha SPRT which is now deprecated. I should have mentioned earlier - Tegra194 is based off Arm v8.2. So, we cannot run Hafnium on that platform. The intent is to test the SPMD/SPMC and FF-A interface, before Hafnium comes along. So, the question is, can you please post instructions for pre-8.4 platforms? [OD] The scenario we have in TF-A for pre-Armv8.4, is booting OP-TEE as the SPMC (or in other words a colocated SP+SPMC)., but that's a bare SPMD/SPMC boot case without exercising full fledged FF-A (only few direct message exchanges at the moment). There is another OSS team you may interact with for the pre-Armv8.4 + FF-A story. @Matteo may provide pointers? The dual-cactus use case is interesting. Can we try that on pre-8.4 platforms too? [OD] Cactus was re-purposed only for being used as S-EL1 partitions on top of SPMC/Hafnium. So unfortunately no, you cannot immediately re-use this without S-EL2. There is no plan to let Cactus run at secure physical FF-A instance, although maybe that may work with some adaptation. The dual cactus case, is about instantiating two SPs (or VMs...) on top of Hafnium in the secure side. This is eventually the same binary payload run in two different sandboxes (differentiated by their FF-A id), to which direct message request can be emitted from TFTF to the corresponding FF-A id. -Varun -----Original Message----- From: Olivier Deprez <Olivier.Deprez(a)arm.com> Sent: Monday, July 27, 2020 1:36 AM To: tf-a(a)lists.trustedfirmware.org; Varun Wadekar <vwadekar(a)nvidia.com> Subject: Re: cactus and ivy on Tegra194 External email: Use caution opening links or attachments Hi Varun, Please consider Ivy (and Quark) payloads are remnant from older SPCI specs and must be considered deprecated. We did not clean this in deep to remove the related test code but AFAIK it's just not used anywhere in the test suites (although it may still be built). We may have a plan to upgrade this later when working on S-EL0 partitions on top of Hafnium, but that's not an immediate priority. Considering Cactus, that's the bare-metal S-EL1 payload you can use in place of a real TOS on top of Hafnium. The intent is to test FF-A ABIs unitarily at secure virtual FF-A instance. TFTF at EL2 exercises the ABI at non-secure physical FF-A instance to communicate with the secure endpoint. See below the build commands we use for FVP. Hopefully this should help porting to your platform. Notice it needs as well building the SPMC (aka Hafnium in the secure side), which only supports FVP at this moment (and Rpi, qemu...) It's not described here but I can guide you through this as well. I think you can just use a dummy BL32 payload for now, at least to test the build/integration. If TFTF and TF-A reside in the same top level dir: TFTF: this builds TFTF and cactus secure partitions make CROSS_COMPILE=aarch64-none-elf- PLAT=fvp TESTS=spm -j8 TF-A: this uses TFTF, and assembles two cactus secure partitions within the FIP make \ CROSS_COMPILE=aarch64-none-elf- \ SPD=spmd \ CTX_INCLUDE_EL2_REGS=1 \ ARM_ARCH_MINOR=4 \ BL33=../tf-a-tests/build/fvp/debug/tftf.bin \ BL32=<path-to-secure-hafnium-bin>/hafnium.bin \ SP_LAYOUT_FILE=../tf-a-tests/build/fvp/debug/sp_layout.json \ PLAT=fvp \ all fip The tool last FIP tool entries are the two cactus instances: B4B5671E-4A90-4FE1-B81F-FB13DAE1DACB: offset=0x47DA3, size=0xC168, cmdline="--blob" D1582309-F023-47B9-827C-4464F5578FC8: offset=0x53F0B, size=0xC168, cmdline="--blob" Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Varun Wadekar via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 27 July 2020 06:46 To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] cactus and ivy on Tegra194 Hello, In order to test the SPM dispatcher from TF-A, we plan to enable 'cactus' and 'ivy' on Tegra194 platforms. I was able to muscle my way through all the compilation issues, but the final payload generation part is not that clear. Can someone please help me with the steps to generate the final FIP package with all the payloads - TF-A, Cactus, Ivy? Thanks. -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 10 months

2
7
0 0

Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE

by Alexei Fedorov

I've created https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5153 which should fix the issue. Please review and test. Regards. Alexei ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Alexei Fedorov via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 31 July 2020 10:22 To: raghu.ncstate(a)icloud.com <raghu.ncstate(a)icloud.com>; Olivier Deprez <Olivier.Deprez(a)arm.com>; Lauren Wehrmeister <Lauren.Wehrmeister(a)arm.com> Cc: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Hi, Could you replace .word platform_normal_stacks with .quad platform_normal_stacks in plat\common\aarch64\platform_mp_stack.S and check if it fixes the issue? Regards. Alexei ________________________________ From: raghu.ncstate(a)icloud.com <raghu.ncstate(a)icloud.com> Sent: 30 July 2020 23:55 To: Alexei Fedorov <Alexei.Fedorov(a)arm.com>; Olivier Deprez <Olivier.Deprez(a)arm.com> Cc: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: RE: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE +tf-a mailing list. Merging Lauren’s email. Hi Lauren, What command did you use to build TSP? I used the same command line from my original email and added SPD=tspd and I was able to get it to compile with Alexei’s fix. Thanks Raghu ________________________________ Hi, I also came across this issue as I'm trying to create test configurations for compiling BL31/TSP/BL2_AT_EL3 as PIEs, the fix suggested by Alexei worked for BL2_AT_EL3, but it did not work for TSP. I am getting the same error message as Raghu: "./build/fvp/debug/bl31/platform_mp_stack.o: relocation R_AARCH64_ABS32 against `a local symbol' can not be used when making a shared object". Any suggestions? Thanks, Lauren From: raghu.ncstate(a)icloud.com <raghu.ncstate(a)icloud.com> Sent: Thursday, July 30, 2020 9:15 AM To: 'Alexei Fedorov' <Alexei.Fedorov(a)arm.com>; 'Olivier Deprez' <Olivier.Deprez(a)arm.com> Subject: RE: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Thanks I’ll try with GCC 11.0. What happens when you run a build without platform_normal_stacks? Does it even boot for you or does it crash in linux?? Trying to understand how you figured this was an issue and what prompted you to fix this by adding the adrp/.word. -Raghu From: Alexei Fedorov <Alexei.Fedorov(a)arm.com<mailto:Alexei.Fedorov@arm.com>> Sent: Thursday, July 30, 2020 9:02 AM To: raghu.ncstate(a)icloud.com<mailto:raghu.ncstate@icloud.com>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com>> Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Yes. I'm using ENABLE_PIE=1, but the same behaviour will be observed with ENABLE_PIE=0 (except that the linker error won't be reported). I'm isning GCC 11.0.0. Regards. Alexei ________________________________ From: raghu.ncstate(a)icloud.com<mailto:raghu.ncstate@icloud.com> <raghu.ncstate(a)icloud.com<mailto:raghu.ncstate@icloud.com>> Sent: 30 July 2020 16:50 To: Alexei Fedorov <Alexei.Fedorov(a)arm.com<mailto:Alexei.Fedorov@arm.com>>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com>> Subject: RE: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Thanks. Are you using ENABLE_PIE=1? I’m using ENABLE_PIE=1 and I don’t see it in bl31.dump file with or without the “.word platform_normal_stacks” statement. However, when I do run FVP to linux without the statement, I see secondary a crash in EL3 with unhandled exception. So it is definitely required. Just trying to pin point what exactly is causing the crash. Thanks Raghu From: Alexei Fedorov <Alexei.Fedorov(a)arm.com<mailto:Alexei.Fedorov@arm.com>> Sent: Thursday, July 30, 2020 8:43 AM To: raghu.ncstate(a)icloud.com<mailto:raghu.ncstate@icloud.com>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com>> Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE With "platform_normal_stacks": bl31.dump 0000000004015280 l stacks 0000000000000000 platform_normal_stacks bl31.map: stacks 0x0000000004015280 0x4000 *(tzfw_normal_stacks) tzfw_normal_stacks 0x0000000004015280 0x4000 ./build/fvp/debug/bl31/platform_mp_stack.o 0x0000000004019280 __STACKS_END__ = . Without: platform_normal_stacks is missing from bl31.dump, bl31.map: stacks 0x0000000004015270 0x2d90 0x0000000004015270 __STACKS_START__ = . *(tzfw_normal_stacks) 0x0000000004018000 __STACKS_END__ = . Alexei ________________________________ From: raghu.ncstate(a)icloud.com<mailto:raghu.ncstate@icloud.com> <raghu.ncstate(a)icloud.com<mailto:raghu.ncstate@icloud.com>> Sent: 30 July 2020 15:58 To: Alexei Fedorov <Alexei.Fedorov(a)arm.com<mailto:Alexei.Fedorov@arm.com>>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com>> Subject: RE: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Makes sense. Thanks. I just tried both debug and release builds, but I don’t see it being _removed_ by the linker. In either case I don’t see symbol information for platform_normal_stacks and only see symbol information for __STACK_START__. So what exactly are you referring to when the linker removes “declare_stack …” ? Also what build configuration? -Raghu From: Alexei Fedorov <Alexei.Fedorov(a)arm.com<mailto:Alexei.Fedorov@arm.com>> Sent: Thursday, July 30, 2020 7:43 AM To: raghu.ncstate(a)icloud.com<mailto:raghu.ncstate@icloud.com>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com>> Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Having platform_normal_stacks referenced prevents linker from removal of declare_stack platform_normal_stacks, tzfw_normal_stacks, \ PLATFORM_STACK_SIZE, PLATFORM_CORE_COUNT, \ CACHE_WRITEBACK_GRANULE Regards. Alexei ________________________________ From: raghu.ncstate(a)icloud.com<mailto:raghu.ncstate@icloud.com> <raghu.ncstate(a)icloud.com<mailto:raghu.ncstate@icloud.com>> Sent: 30 July 2020 15:31 To: Alexei Fedorov <Alexei.Fedorov(a)arm.com<mailto:Alexei.Fedorov@arm.com>>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com>> Subject: RE: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Thanks Olivier, Alexei. >> Is it a copy/paste typo? [RK]Yes. >> Replace .word platform_normal_stacks with adrp x0, platform_normal_stacks [RK]Sure. I can do that. But why does “.word platform_normal_stacks” exist there in the first place? Not sure I understand that line’s purpose. What does replacing it with adrp x0, platform_normal_stacks do? The instruction is after a ret and looks like it will not be executed. I am using aarch64-non-elf- as the toolchain. Thanks Raghu From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org<mailto:tf-a-bounces@lists.trustedfirmware.org>> On Behalf Of Alexei Fedorov via TF-A Sent: Thursday, July 30, 2020 6:58 AM To: Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com>>; tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Replace .word platform_normal_stacks with adrp x0, platform_normal_stacks Regards. Alexei. ________________________________ From: Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com>> Sent: 30 July 2020 14:17 To: tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>>; Alexei Fedorov <Alexei.Fedorov(a)arm.com<mailto:Alexei.Fedorov@arm.com>> Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Hi Raghu, On the toolchain question you would normally use CROSS_COMPILE=aarch64-none-elf- as recommended here: https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/initial-… However this does not seem to be the root cause of the problem you report. I reproduce the build issue, however it's not yet clear to me if this platform_normal_stacks variable should be rather placed in a specific section (.data?), rather than embedded in the code. Tbc. Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org<mailto:tf-a-bounces@lists.trustedfirmware.org>> on behalf of Alexei Fedorov via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> Sent: 30 July 2020 14:53 To: tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Is it a copy/paste typo? CTX_INCLUDE_EL2)REGS Regards. Alexei ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org<mailto:tf-a-bounces@lists.trustedfirmware.org>> on behalf of Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> Sent: 30 July 2020 02:44 To: tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> Subject: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE When I compile TF-A code on the integration branch with the ENABLE_PIE=1 option for FVP, I get a linker error “./build/fvp/debug/bl31/platform_mp_stack.o: relocation R_AARCH64_ABS32 against `a local symbol' can not be used when making a shared object". It appears to be related to line 62(.word platform_normal_stack) of plat/common/aarch64/platform_mp_stack.S that was introduced by https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4301 . It looks like the linker is having trouble resolving this symbol for which I cant find a use for. If I remove line 62 or set ENABLE_PIE=0, the below command line to compile succeeds. What is the use of line 62 in the file? Seems like it may have some use in other configurations that are not obvious. Or is the issue due to the toolchain I’m using? See gcc version below. Command line I’m using: make CROSS_COMPILE=aarch64-none-linux-gnu- TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 DEBUG=1 LOG_LEVEL=40 MBEDTLS_DIR=../mbed-tls PLAT=fvp ARM_ROTPK_LOCATION=regs CTX_INCLUDE_PAUTH_REGS=1 CTX_INCLUDE_EL2)REGS=1 ARM_ARCH_MINOR=5 ENABLE_PIE=1 BRANCH_PROTECTION=1 FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts BL33=<path_to_bl33> all fip Compiler version: aarch64-none-linux-gnu-gcc (GNU Toolchain for the A-profile Architecture 9.2-2019.12 (arm-9.10)) 9.2.1 20191025 Thanks Raghu IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

4 years, 10 months

3
6
0 0

Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE

by raghu.ncstate＠icloud.com

+tf-a mailing list. Merging Lauren's email. Hi Lauren, What command did you use to build TSP? I used the same command line from my original email and added SPD=tspd and I was able to get it to compile with Alexei's fix. Thanks Raghu _____ Hi, I also came across this issue as I'm trying to create test configurations for compiling BL31/TSP/BL2_AT_EL3 as PIEs, the fix suggested by Alexei worked for BL2_AT_EL3, but it did not work for TSP. I am getting the same error message as Raghu: "./build/fvp/debug/bl31/platform_mp_stack.o: relocation R_AARCH64_ABS32 against `a local symbol' can not be used when making a shared object". Any suggestions? Thanks, Lauren From: raghu.ncstate(a)icloud.com <raghu.ncstate(a)icloud.com> Sent: Thursday, July 30, 2020 9:15 AM To: 'Alexei Fedorov' <Alexei.Fedorov(a)arm.com>; 'Olivier Deprez' <Olivier.Deprez(a)arm.com> Subject: RE: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Thanks I'll try with GCC 11.0. What happens when you run a build without platform_normal_stacks? Does it even boot for you or does it crash in linux?? Trying to understand how you figured this was an issue and what prompted you to fix this by adding the adrp/.word. -Raghu From: Alexei Fedorov <Alexei.Fedorov(a)arm.com <mailto:Alexei.Fedorov@arm.com> > Sent: Thursday, July 30, 2020 9:02 AM To: raghu.ncstate(a)icloud.com <mailto:raghu.ncstate@icloud.com> ; Olivier Deprez <Olivier.Deprez(a)arm.com <mailto:Olivier.Deprez@arm.com> > Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Yes. I'm using ENABLE_PIE=1, but the same behaviour will be observed with ENABLE_PIE=0 (except that the linker error won't be reported). I'm isning GCC 11.0.0. Regards. Alexei _____ From: raghu.ncstate(a)icloud.com <mailto:raghu.ncstate@icloud.com> <raghu.ncstate(a)icloud.com <mailto:raghu.ncstate@icloud.com> > Sent: 30 July 2020 16:50 To: Alexei Fedorov <Alexei.Fedorov(a)arm.com <mailto:Alexei.Fedorov@arm.com> >; Olivier Deprez <Olivier.Deprez(a)arm.com <mailto:Olivier.Deprez@arm.com> > Subject: RE: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Thanks. Are you using ENABLE_PIE=1? I'm using ENABLE_PIE=1 and I don't see it in bl31.dump file with or without the ".word platform_normal_stacks" statement. However, when I do run FVP to linux without the statement, I see secondary a crash in EL3 with unhandled exception. So it is definitely required. Just trying to pin point what exactly is causing the crash. Thanks Raghu From: Alexei Fedorov <Alexei.Fedorov(a)arm.com <mailto:Alexei.Fedorov@arm.com> > Sent: Thursday, July 30, 2020 8:43 AM To: raghu.ncstate(a)icloud.com <mailto:raghu.ncstate@icloud.com> ; Olivier Deprez <Olivier.Deprez(a)arm.com <mailto:Olivier.Deprez@arm.com> > Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE With "platform_normal_stacks": bl31.dump 0000000004015280 l stacks 0000000000000000 platform_normal_stacks bl31.map: stacks 0x0000000004015280 0x4000 *(tzfw_normal_stacks) tzfw_normal_stacks 0x0000000004015280 0x4000 ./build/fvp/debug/bl31/platform_mp_stack.o 0x0000000004019280 __STACKS_END__ = . Without: platform_normal_stacks is missing from bl31.dump, bl31.map: stacks 0x0000000004015270 0x2d90 0x0000000004015270 __STACKS_START__ = . *(tzfw_normal_stacks) 0x0000000004018000 __STACKS_END__ = . Alexei _____ From: raghu.ncstate(a)icloud.com <mailto:raghu.ncstate@icloud.com> <raghu.ncstate(a)icloud.com <mailto:raghu.ncstate@icloud.com> > Sent: 30 July 2020 15:58 To: Alexei Fedorov <Alexei.Fedorov(a)arm.com <mailto:Alexei.Fedorov@arm.com> >; Olivier Deprez <Olivier.Deprez(a)arm.com <mailto:Olivier.Deprez@arm.com> > Subject: RE: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Makes sense. Thanks. I just tried both debug and release builds, but I don't see it being _removed_ by the linker. In either case I don't see symbol information for platform_normal_stacks and only see symbol information for __STACK_START__. So what exactly are you referring to when the linker removes "declare_stack ." ? Also what build configuration? -Raghu From: Alexei Fedorov <Alexei.Fedorov(a)arm.com <mailto:Alexei.Fedorov@arm.com> > Sent: Thursday, July 30, 2020 7:43 AM To: raghu.ncstate(a)icloud.com <mailto:raghu.ncstate@icloud.com> ; Olivier Deprez <Olivier.Deprez(a)arm.com <mailto:Olivier.Deprez@arm.com> > Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Having platform_normal_stacks referenced prevents linker from removal of declare_stack platform_normal_stacks, tzfw_normal_stacks, \ PLATFORM_STACK_SIZE, PLATFORM_CORE_COUNT, \ CACHE_WRITEBACK_GRANULE Regards. Alexei _____ From: raghu.ncstate(a)icloud.com <mailto:raghu.ncstate@icloud.com> <raghu.ncstate(a)icloud.com <mailto:raghu.ncstate@icloud.com> > Sent: 30 July 2020 15:31 To: Alexei Fedorov <Alexei.Fedorov(a)arm.com <mailto:Alexei.Fedorov@arm.com> >; Olivier Deprez <Olivier.Deprez(a)arm.com <mailto:Olivier.Deprez@arm.com> > Subject: RE: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Thanks Olivier, Alexei. >> Is it a copy/paste typo? [RK]Yes. >> Replace .word platform_normal_stacks with adrp x0, platform_normal_stacks [RK]Sure. I can do that. But why does ".word platform_normal_stacks" exist there in the first place? Not sure I understand that line's purpose. What does replacing it with adrp x0, platform_normal_stacks do? The instruction is after a ret and looks like it will not be executed. I am using aarch64-non-elf- as the toolchain. Thanks Raghu From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org <mailto:tf-a-bounces@lists.trustedfirmware.org> > On Behalf Of Alexei Fedorov via TF-A Sent: Thursday, July 30, 2020 6:58 AM To: Olivier Deprez <Olivier.Deprez(a)arm.com <mailto:Olivier.Deprez@arm.com> >; tf-a(a)lists.trustedfirmware.org <mailto:tf-a@lists.trustedfirmware.org> Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Replace .word platform_normal_stacks with adrp x0, platform_normal_stacks Regards. Alexei. _____ From: Olivier Deprez <Olivier.Deprez(a)arm.com <mailto:Olivier.Deprez@arm.com> > Sent: 30 July 2020 14:17 To: tf-a(a)lists.trustedfirmware.org <mailto:tf-a@lists.trustedfirmware.org> <tf-a(a)lists.trustedfirmware.org <mailto:tf-a@lists.trustedfirmware.org> >; Alexei Fedorov <Alexei.Fedorov(a)arm.com <mailto:Alexei.Fedorov@arm.com> > Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Hi Raghu, On the toolchain question you would normally use CROSS_COMPILE=aarch64-none-elf- as recommended here: <https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/initial- build.html#performing-an-initial-build> https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/initial-b uild.html#performing-an-initial-build However this does not seem to be the root cause of the problem you report. I reproduce the build issue, however it's not yet clear to me if this platform_normal_stacks variable should be rather placed in a specific section (.data?), rather than embedded in the code. Tbc. Regards, Olivier. ________________________________________ From: TF-A < <mailto:tf-a-bounces@lists.trustedfirmware.org> tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Alexei Fedorov via TF-A < <mailto:tf-a@lists.trustedfirmware.org> tf-a(a)lists.trustedfirmware.org> Sent: 30 July 2020 14:53 To: <mailto:tf-a@lists.trustedfirmware.org> tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Is it a copy/paste typo? CTX_INCLUDE_EL2)REGS Regards. Alexei ________________________________ From: TF-A < <mailto:tf-a-bounces@lists.trustedfirmware.org> tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Raghu Krishnamurthy via TF-A < <mailto:tf-a@lists.trustedfirmware.org> tf-a(a)lists.trustedfirmware.org> Sent: 30 July 2020 02:44 To: <mailto:tf-a@lists.trustedfirmware.org> tf-a(a)lists.trustedfirmware.org < <mailto:tf-a@lists.trustedfirmware.org> tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE When I compile TF-A code on the integration branch with the ENABLE_PIE=1 option for FVP, I get a linker error "./build/fvp/debug/bl31/platform_mp_stack.o: relocation R_AARCH64_ABS32 against `a local symbol' can not be used when making a shared object". It appears to be related to line 62(.word platform_normal_stack) of plat/common/aarch64/platform_mp_stack.S that was introduced by <https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4301> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4301 . It looks like the linker is having trouble resolving this symbol for which I cant find a use for. If I remove line 62 or set ENABLE_PIE=0, the below command line to compile succeeds. What is the use of line 62 in the file? Seems like it may have some use in other configurations that are not obvious. Or is the issue due to the toolchain I'm using? See gcc version below. Command line I'm using: make CROSS_COMPILE=aarch64-none-linux-gnu- TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 DEBUG=1 LOG_LEVEL=40 MBEDTLS_DIR=../mbed-tls PLAT=fvp ARM_ROTPK_LOCATION=regs CTX_INCLUDE_PAUTH_REGS=1 CTX_INCLUDE_EL2)REGS=1 ARM_ARCH_MINOR=5 ENABLE_PIE=1 BRANCH_PROTECTION=1 FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts BL33=<path_to_bl33> all fip Compiler version: aarch64-none-linux-gnu-gcc (GNU Toolchain for the A-profile Architecture 9.2-2019.12 (arm-9.10)) 9.2.1 20191025 Thanks Raghu IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

4 years, 10 months

2
1
0 0

Re: [TF-A] Erroneous speculative AT workaround

by Manish Badarkhe

Hi All As per discussion over mailing list, we implemented workaround for AT speculative behaviour. If anybody interested they can look into the changes posted here: https://review.trustedfirmware.org/q/topic:%22at_errata_fix%22+(status:open… These changes are currently under review. Thanks Manish Badarkhe On 03/07/2020, 14:43, "TF-A on behalf of Soby Mathew via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: > -----Original Message----- > From: Will Deacon <willdeacon(a)google.com> > Sent: 02 July 2020 15:47 > To: Soby Mathew <Soby.Mathew(a)arm.com> > Cc: Andrew Scull <ascull(a)google.com>; Raghu K > <raghu.ncstate(a)icloud.com>; android-kvm(a)google.com; Marc Zyngier > <mzyngier(a)google.com>; James Morse <James.Morse(a)arm.com>; tf- > a(a)lists.trustedfirmware.org > Subject: Re: [TF-A] Erroneous speculative AT workaround > > On Thu, Jul 02, 2020 at 02:15:47PM +0000, Soby Mathew wrote: > > So the fix as we currently understand would involve the following > > sequence > > : > > > > a. On Entry to EL3, save the incoming SCTLR_EL1.M and TCR_EL1.EPDx > bits and set them (ensure TCR_EL1.EPDx =1 prior to SCTLR_EL1.M =1 using > isb()) > > b. Prior to Exit from EL3, after the target context is restored, restore > the SCTLR_EL1.M and TCR_EL1.EPDx bits. > > > > The above sequence now means that any use of AT instruction targeted > > at lower EL from EL3 that require PTW will fault. So prior to use of > > AT, ensure the PTW are re-enabled and disabled back again after the AT > > instructions. > > > > If the above sequence is agreed upon to resolve the errata, then we > > can work on a patch for the same. I suspect current el1 register save > > and restore sequence in TF-A is a bit unwieldy and we may need to > > analyze all the entry points to EL3 to ensure we cover everything. > > Looks good to me, but there's still one niggle that I don't know how to solve. > If EL2 has been audited not to have any executable AT instructions, it may > not have a software workaround. However, if a secure interrupt is taken > from EL2 to EL3 while EL2 is the middle of a world switch, then there is a > small window where an AT instruction present at EL3 cold be speculatively > executed before you've had a chance to mess with SCTLR_EL1. > > Fun! Maybe it's worth documenting this somewhere? Hi Will, Good point, this effectively means every EL2 software must implement the fix similar to KVM for this workaround to be effective (or else EL3 should also be audited to not to have any executable AT instruction). This needs to be communicated. Since this is crossing TF-A boundary and need wider communication, I can initiate some internal discussion on how to communicate this properly. Best Regards Soby Mathew > > Will -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 10 months

1
0
0 0

Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE

by Lauren Wehrmeister

Hi, I also came across this issue as I'm trying to create test configurations for compiling BL31/TSP/BL2_AT_EL3 as PIEs, the fix suggested by Alexei worked for BL2_AT_EL3, but it did not work for TSP. I am getting the same error message as Raghu: "./build/fvp/debug/bl31/platform_mp_stack.o: relocation R_AARCH64_ABS32 against `a local symbol' can not be used when making a shared object". Any suggestions? Thanks, Lauren

4 years, 10 months

1
0
0 0

Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE

by Olivier Deprez

Hi Raghu, On the toolchain question you would normally use CROSS_COMPILE=aarch64-none-elf- as recommended here: https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/initial-… However this does not seem to be the root cause of the problem you report. I reproduce the build issue, however it's not yet clear to me if this platform_normal_stacks variable should be rather placed in a specific section (.data?), rather than embedded in the code. Tbc. Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Alexei Fedorov via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 30 July 2020 14:53 To: tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE Is it a copy/paste typo? CTX_INCLUDE_EL2)REGS Regards. Alexei ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 30 July 2020 02:44 To: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE When I compile TF-A code on the integration branch with the ENABLE_PIE=1 option for FVP, I get a linker error “./build/fvp/debug/bl31/platform_mp_stack.o: relocation R_AARCH64_ABS32 against `a local symbol' can not be used when making a shared object". It appears to be related to line 62(.word platform_normal_stack) of plat/common/aarch64/platform_mp_stack.S that was introduced by https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4301 . It looks like the linker is having trouble resolving this symbol for which I cant find a use for. If I remove line 62 or set ENABLE_PIE=0, the below command line to compile succeeds. What is the use of line 62 in the file? Seems like it may have some use in other configurations that are not obvious. Or is the issue due to the toolchain I’m using? See gcc version below. Command line I’m using: make CROSS_COMPILE=aarch64-none-linux-gnu- TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 DEBUG=1 LOG_LEVEL=40 MBEDTLS_DIR=../mbed-tls PLAT=fvp ARM_ROTPK_LOCATION=regs CTX_INCLUDE_PAUTH_REGS=1 CTX_INCLUDE_EL2)REGS=1 ARM_ARCH_MINOR=5 ENABLE_PIE=1 BRANCH_PROTECTION=1 FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts BL33=<path_to_bl33> all fip Compiler version: aarch64-none-linux-gnu-gcc (GNU Toolchain for the A-profile Architecture 9.2-2019.12 (arm-9.10)) 9.2.1 20191025 Thanks Raghu

4 years, 10 months

2
1
0 0

Re: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE

by Alexei Fedorov

Is it a copy/paste typo? CTX_INCLUDE_EL2)REGS Regards. Alexei ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 30 July 2020 02:44 To: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] Linker error on integration branch for FVP with ENABLE_PIE When I compile TF-A code on the integration branch with the ENABLE_PIE=1 option for FVP, I get a linker error “./build/fvp/debug/bl31/platform_mp_stack.o: relocation R_AARCH64_ABS32 against `a local symbol' can not be used when making a shared object". It appears to be related to line 62(.word platform_normal_stack) of plat/common/aarch64/platform_mp_stack.S that was introduced by https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4301 . It looks like the linker is having trouble resolving this symbol for which I cant find a use for. If I remove line 62 or set ENABLE_PIE=0, the below command line to compile succeeds. What is the use of line 62 in the file? Seems like it may have some use in other configurations that are not obvious. Or is the issue due to the toolchain I’m using? See gcc version below. Command line I’m using: make CROSS_COMPILE=aarch64-none-linux-gnu- TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 DEBUG=1 LOG_LEVEL=40 MBEDTLS_DIR=../mbed-tls PLAT=fvp ARM_ROTPK_LOCATION=regs CTX_INCLUDE_PAUTH_REGS=1 CTX_INCLUDE_EL2)REGS=1 ARM_ARCH_MINOR=5 ENABLE_PIE=1 BRANCH_PROTECTION=1 FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts BL33=<path_to_bl33> all fip Compiler version: aarch64-none-linux-gnu-gcc (GNU Toolchain for the A-profile Architecture 9.2-2019.12 (arm-9.10)) 9.2.1 20191025 Thanks Raghu

4 years, 10 months

1
0
0 0

Linker error on integration branch for FVP with ENABLE_PIE

by raghu.ncstate＠icloud.com

When I compile TF-A code on the integration branch with the ENABLE_PIE=1 option for FVP, I get a linker error "./build/fvp/debug/bl31/platform_mp_stack.o: relocation R_AARCH64_ABS32 against `a local symbol' can not be used when making a shared object". It appears to be related to line 62(.word platform_normal_stack) of plat/common/aarch64/platform_mp_stack.S that was introduced by https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4301 . It looks like the linker is having trouble resolving this symbol for which I cant find a use for. If I remove line 62 or set ENABLE_PIE=0, the below command line to compile succeeds. What is the use of line 62 in the file? Seems like it may have some use in other configurations that are not obvious. Or is the issue due to the toolchain I'm using? See gcc version below. Command line I'm using: make CROSS_COMPILE=aarch64-none-linux-gnu- TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 DEBUG=1 LOG_LEVEL=40 MBEDTLS_DIR=../mbed-tls PLAT=fvp ARM_ROTPK_LOCATION=regs CTX_INCLUDE_PAUTH_REGS=1 CTX_INCLUDE_EL2)REGS=1 ARM_ARCH_MINOR=5 ENABLE_PIE=1 BRANCH_PROTECTION=1 FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts BL33=<path_to_bl33> all fip Compiler version: aarch64-none-linux-gnu-gcc (GNU Toolchain for the A-profile Architecture 9.2-2019.12 (arm-9.10)) 9.2.1 20191025 Thanks Raghu

4 years, 10 months

1
0
0 0

Re: [TF-A] cactus and ivy on Tegra194

by Olivier Deprez

Hi Varun, Please consider Ivy (and Quark) payloads are remnant from older SPCI specs and must be considered deprecated. We did not clean this in deep to remove the related test code but AFAIK it's just not used anywhere in the test suites (although it may still be built). We may have a plan to upgrade this later when working on S-EL0 partitions on top of Hafnium, but that's not an immediate priority. Considering Cactus, that's the bare-metal S-EL1 payload you can use in place of a real TOS on top of Hafnium. The intent is to test FF-A ABIs unitarily at secure virtual FF-A instance. TFTF at EL2 exercises the ABI at non-secure physical FF-A instance to communicate with the secure endpoint. See below the build commands we use for FVP. Hopefully this should help porting to your platform. Notice it needs as well building the SPMC (aka Hafnium in the secure side), which only supports FVP at this moment (and Rpi, qemu...) It's not described here but I can guide you through this as well. I think you can just use a dummy BL32 payload for now, at least to test the build/integration. If TFTF and TF-A reside in the same top level dir: TFTF: this builds TFTF and cactus secure partitions make CROSS_COMPILE=aarch64-none-elf- PLAT=fvp TESTS=spm -j8 TF-A: this uses TFTF, and assembles two cactus secure partitions within the FIP make \ CROSS_COMPILE=aarch64-none-elf- \ SPD=spmd \ CTX_INCLUDE_EL2_REGS=1 \ ARM_ARCH_MINOR=4 \ BL33=../tf-a-tests/build/fvp/debug/tftf.bin \ BL32=<path-to-secure-hafnium-bin>/hafnium.bin \ SP_LAYOUT_FILE=../tf-a-tests/build/fvp/debug/sp_layout.json \ PLAT=fvp \ all fip The tool last FIP tool entries are the two cactus instances: B4B5671E-4A90-4FE1-B81F-FB13DAE1DACB: offset=0x47DA3, size=0xC168, cmdline="--blob" D1582309-F023-47B9-827C-4464F5578FC8: offset=0x53F0B, size=0xC168, cmdline="--blob" Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Varun Wadekar via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 27 July 2020 06:46 To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] cactus and ivy on Tegra194 Hello, In order to test the SPM dispatcher from TF-A, we plan to enable ‘cactus’ and ‘ivy’ on Tegra194 platforms. I was able to muscle my way through all the compilation issues, but the final payload generation part is not that clear. Can someone please help me with the steps to generate the final FIP package with all the payloads – TF-A, Cactus, Ivy? Thanks.

4 years, 10 months

2
3
0 0

TF-A Tech Forum Agenda @ Thr 30th July 2020 16:00-1700 BST

by Joanna Farley

Hi All, The next TF-A Tech Forum is scheduled for Thu 30th July 2020 16:00 – 17:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. Agenda: * Detailed Investigation for support for TRNG (True Random Number Generator) * Presented by Jimmy Brisson * Initial Investigation for support for GIC600AE * Presented by Jimmy Brisson * Optional TF-A Mailing List Topic Discussions If TF-A contributors have anything they wish to present at any future TF-A tech forum please contact me to have that scheduled. Previous sessions, both recording and presentation material can be found on the trustedfirmware.org TF-A Technical meeting webpage: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/ A scheduling tracking page is also available to help track sessions suggested and being prepared: https://developer.trustedfirmware.org/w/tf_a/tf-a-tech-forum-scheduling/ Final decisions on what will be presented will be shared a few days before the next meeting and shared on the TF-A mailing list. Thanks Joanna

4 years, 10 months

1
0
0 0

Re: [TF-A] New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by Sandrine Bailleux

Hello Joanna, Varun, Regarding the idea of looping in Coverity Scan Online in the patch submission process, that is not possible because this free service from Synopsys only allows for a dozen of analyses to be requested per week per open-source project. If we were to request analyses for every patch submission, we would hit the limit very quickly. That is the reason why this is setup to run on the integration branch once per work week day at the moment. I appreciate this is not ideal (as pointed out by both of you) as we get defects reports after patches have been merged but I can't see another way out of this. Regards, Sandrine On 7/27/20 9:08 AM, Joanna Farley via TF-A wrote: > Hi Varun, > > At this time not that I know of which is why we have the solution we have. I'm sure with enough investment of effort something can be done. If we were going to do that though I would personally prefer investigating integrating this tighter into the patch review tooling and report there before patch submitting but there too lies challenges interfacing to the online Coverity server offered as a free service to opensource projects. > > Cheers > > Joanna > > > On 22/07/2020, 18:09, "TF-A on behalf of Varun Wadekar via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: > > Hi, > > Is there a way to create a ticket and assign Coverity flagged issues to the code owner automatically? > > -Varun > > -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of scan-admin--- via TF-A > Sent: Wednesday, July 22, 2020 8:17 AM > To: tf-a(a)lists.trustedfirmware.org > Subject: [TF-A] New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware > > External email: Use caution opening links or attachments > > > Hi, > > Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. > > 3 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. > > > New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) > > > ** CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) > /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() > > > ________________________________________________________________________________________________________ > *** CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) > /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() > 267 size_t n; > 268 > 269 ASSERT_SYM_PTR_ALIGN(out); > 270 > 271 for (n = 0U; n < nb_elt; n++) { > 272 out[2 * n] = (uint32_t)rates[n]; > >>> CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) > >>> "(uint64_t)rates[n] >> 32" is 0 regardless of the values of its operands. This occurs as the operand of assignment. > 273 out[2 * n + 1] = (uint32_t)((uint64_t)rates[n] >> 32); > 274 } > 275 } > 276 > 277 static void scmi_clock_describe_rates(struct scmi_msg *msg) > 278 { > > ** CID 360934: Integer handling issues (BAD_SHIFT) > /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() > > > ________________________________________________________________________________________________________ > *** CID 360934: Integer handling issues (BAD_SHIFT) > /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() > 267 size_t n; > 268 > 269 ASSERT_SYM_PTR_ALIGN(out); > 270 > 271 for (n = 0U; n < nb_elt; n++) { > 272 out[2 * n] = (uint32_t)rates[n]; > >>> CID 360934: Integer handling issues (BAD_SHIFT) > >>> In expression "(uint64_t)rates[n] >> 32", right shifting "rates[n]" by more than 31 bits always yields zero. The shift amount is 32. > 273 out[2 * n + 1] = (uint32_t)((uint64_t)rates[n] >> 32); > 274 } > 275 } > 276 > 277 static void scmi_clock_describe_rates(struct scmi_msg *msg) > 278 { > > ** CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) > /drivers/st/scmi-msg/clock.c: 191 in scmi_clock_rate_get() > > > ________________________________________________________________________________________________________ > *** CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) > /drivers/st/scmi-msg/clock.c: 191 in scmi_clock_rate_get() > 185 return; > 186 } > 187 > 188 rate = plat_scmi_clock_get_rate(msg->agent_id, clock_id); > 189 > 190 return_values.rate[0] = (uint32_t)rate; > >>> CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) > >>> "(uint64_t)rate >> 32" is 0 regardless of the values of its operands. This occurs as the operand of assignment. > 191 return_values.rate[1] = (uint32_t)((uint64_t)rate >> 32); > 192 > 193 scmi_write_response(msg, &return_values, sizeof(return_values)); > 194 } > 195 > 196 static void scmi_clock_rate_set(struct scmi_msg *msg) > > > ________________________________________________________________________________________________________ > To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P… > > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a >

4 years, 10 months

2
2
0 0

Re: [TF-A] New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by Joanna Farley

Hi Varun, At this time not that I know of which is why we have the solution we have. I'm sure with enough investment of effort something can be done. If we were going to do that though I would personally prefer investigating integrating this tighter into the patch review tooling and report there before patch submitting but there too lies challenges interfacing to the online Coverity server offered as a free service to opensource projects. Cheers Joanna On 22/07/2020, 18:09, "TF-A on behalf of Varun Wadekar via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi, Is there a way to create a ticket and assign Coverity flagged issues to the code owner automatically? -Varun -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of scan-admin--- via TF-A Sent: Wednesday, July 22, 2020 8:17 AM To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware External email: Use caution opening links or attachments Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 3 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() ________________________________________________________________________________________________________ *** CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() 267 size_t n; 268 269 ASSERT_SYM_PTR_ALIGN(out); 270 271 for (n = 0U; n < nb_elt; n++) { 272 out[2 * n] = (uint32_t)rates[n]; >>> CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) >>> "(uint64_t)rates[n] >> 32" is 0 regardless of the values of its operands. This occurs as the operand of assignment. 273 out[2 * n + 1] = (uint32_t)((uint64_t)rates[n] >> 32); 274 } 275 } 276 277 static void scmi_clock_describe_rates(struct scmi_msg *msg) 278 { ** CID 360934: Integer handling issues (BAD_SHIFT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() ________________________________________________________________________________________________________ *** CID 360934: Integer handling issues (BAD_SHIFT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() 267 size_t n; 268 269 ASSERT_SYM_PTR_ALIGN(out); 270 271 for (n = 0U; n < nb_elt; n++) { 272 out[2 * n] = (uint32_t)rates[n]; >>> CID 360934: Integer handling issues (BAD_SHIFT) >>> In expression "(uint64_t)rates[n] >> 32", right shifting "rates[n]" by more than 31 bits always yields zero. The shift amount is 32. 273 out[2 * n + 1] = (uint32_t)((uint64_t)rates[n] >> 32); 274 } 275 } 276 277 static void scmi_clock_describe_rates(struct scmi_msg *msg) 278 { ** CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 191 in scmi_clock_rate_get() ________________________________________________________________________________________________________ *** CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 191 in scmi_clock_rate_get() 185 return; 186 } 187 188 rate = plat_scmi_clock_get_rate(msg->agent_id, clock_id); 189 190 return_values.rate[0] = (uint32_t)rate; >>> CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) >>> "(uint64_t)rate >> 32" is 0 regardless of the values of its operands. This occurs as the operand of assignment. 191 return_values.rate[1] = (uint32_t)((uint64_t)rate >> 32); 192 193 scmi_write_response(msg, &return_values, sizeof(return_values)); 194 } 195 196 static void scmi_clock_rate_set(struct scmi_msg *msg) ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P… -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 10 months

1
0
0 0

cactus and ivy on Tegra194

by Varun Wadekar

Hello, In order to test the SPM dispatcher from TF-A, we plan to enable 'cactus' and 'ivy' on Tegra194 platforms. I was able to muscle my way through all the compilation issues, but the final payload generation part is not that clear. Can someone please help me with the steps to generate the final FIP package with all the payloads - TF-A, Cactus, Ivy? Thanks.

4 years, 10 months

1
0
0 0

Re: [TF-A] New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by Joanna Farley

Hi Varun, I agree things are less than ideal at the moment. We take advantage as an open source project to use the Synopsys online Coverity service and this points to the master branch (actually currently the mirror on github) which means these coverity tests are ran on changes after they have been submitted. Less than ideal I know but better than not being ran at all. Really we would like these to be ran as part of the OpenCI as part of patch reviews but we are not there yet. Not sure if the Synopsys online Coverity service can be setup to support this via Gerrit reviews or if this will have to be done after patch submittals. If it has to be done after then some clever CI scripting would need to be done to identify where the offending change came from. Would welcome other ideas to make this experience better, but for now this is better than nothing. Cheers Joanna On 22/07/2020, 18:09, "TF-A on behalf of Varun Wadekar via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi, Is there a way to create a ticket and assign Coverity flagged issues to the code owner automatically? -Varun -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of scan-admin--- via TF-A Sent: Wednesday, July 22, 2020 8:17 AM To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware External email: Use caution opening links or attachments Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 3 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() ________________________________________________________________________________________________________ *** CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() 267 size_t n; 268 269 ASSERT_SYM_PTR_ALIGN(out); 270 271 for (n = 0U; n < nb_elt; n++) { 272 out[2 * n] = (uint32_t)rates[n]; >>> CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) >>> "(uint64_t)rates[n] >> 32" is 0 regardless of the values of its operands. This occurs as the operand of assignment. 273 out[2 * n + 1] = (uint32_t)((uint64_t)rates[n] >> 32); 274 } 275 } 276 277 static void scmi_clock_describe_rates(struct scmi_msg *msg) 278 { ** CID 360934: Integer handling issues (BAD_SHIFT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() ________________________________________________________________________________________________________ *** CID 360934: Integer handling issues (BAD_SHIFT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() 267 size_t n; 268 269 ASSERT_SYM_PTR_ALIGN(out); 270 271 for (n = 0U; n < nb_elt; n++) { 272 out[2 * n] = (uint32_t)rates[n]; >>> CID 360934: Integer handling issues (BAD_SHIFT) >>> In expression "(uint64_t)rates[n] >> 32", right shifting "rates[n]" by more than 31 bits always yields zero. The shift amount is 32. 273 out[2 * n + 1] = (uint32_t)((uint64_t)rates[n] >> 32); 274 } 275 } 276 277 static void scmi_clock_describe_rates(struct scmi_msg *msg) 278 { ** CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 191 in scmi_clock_rate_get() ________________________________________________________________________________________________________ *** CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 191 in scmi_clock_rate_get() 185 return; 186 } 187 188 rate = plat_scmi_clock_get_rate(msg->agent_id, clock_id); 189 190 return_values.rate[0] = (uint32_t)rate; >>> CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) >>> "(uint64_t)rate >> 32" is 0 regardless of the values of its operands. This occurs as the operand of assignment. 191 return_values.rate[1] = (uint32_t)((uint64_t)rate >> 32); 192 193 scmi_write_response(msg, &return_values, sizeof(return_values)); 194 } 195 196 static void scmi_clock_rate_set(struct scmi_msg *msg) ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P… -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 10 months

2
3
0 0

Re: [TF-A] New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by Varun Wadekar

Hi, Is there a way to create a ticket and assign Coverity flagged issues to the code owner automatically? -Varun -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of scan-admin--- via TF-A Sent: Wednesday, July 22, 2020 8:17 AM To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware External email: Use caution opening links or attachments Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 3 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() ________________________________________________________________________________________________________ *** CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() 267 size_t n; 268 269 ASSERT_SYM_PTR_ALIGN(out); 270 271 for (n = 0U; n < nb_elt; n++) { 272 out[2 * n] = (uint32_t)rates[n]; >>> CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) >>> "(uint64_t)rates[n] >> 32" is 0 regardless of the values of its operands. This occurs as the operand of assignment. 273 out[2 * n + 1] = (uint32_t)((uint64_t)rates[n] >> 32); 274 } 275 } 276 277 static void scmi_clock_describe_rates(struct scmi_msg *msg) 278 { ** CID 360934: Integer handling issues (BAD_SHIFT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() ________________________________________________________________________________________________________ *** CID 360934: Integer handling issues (BAD_SHIFT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() 267 size_t n; 268 269 ASSERT_SYM_PTR_ALIGN(out); 270 271 for (n = 0U; n < nb_elt; n++) { 272 out[2 * n] = (uint32_t)rates[n]; >>> CID 360934: Integer handling issues (BAD_SHIFT) >>> In expression "(uint64_t)rates[n] >> 32", right shifting "rates[n]" by more than 31 bits always yields zero. The shift amount is 32. 273 out[2 * n + 1] = (uint32_t)((uint64_t)rates[n] >> 32); 274 } 275 } 276 277 static void scmi_clock_describe_rates(struct scmi_msg *msg) 278 { ** CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 191 in scmi_clock_rate_get() ________________________________________________________________________________________________________ *** CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 191 in scmi_clock_rate_get() 185 return; 186 } 187 188 rate = plat_scmi_clock_get_rate(msg->agent_id, clock_id); 189 190 return_values.rate[0] = (uint32_t)rate; >>> CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) >>> "(uint64_t)rate >> 32" is 0 regardless of the values of its operands. This occurs as the operand of assignment. 191 return_values.rate[1] = (uint32_t)((uint64_t)rate >> 32); 192 193 scmi_write_response(msg, &return_values, sizeof(return_values)); 194 } 195 196 static void scmi_clock_rate_set(struct scmi_msg *msg) ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P… -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 10 months

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 3 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() ________________________________________________________________________________________________________ *** CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() 267 size_t n; 268 269 ASSERT_SYM_PTR_ALIGN(out); 270 271 for (n = 0U; n < nb_elt; n++) { 272 out[2 * n] = (uint32_t)rates[n]; >>> CID 360935: Integer handling issues (CONSTANT_EXPRESSION_RESULT) >>> "(uint64_t)rates[n] >> 32" is 0 regardless of the values of its operands. This occurs as the operand of assignment. 273 out[2 * n + 1] = (uint32_t)((uint64_t)rates[n] >> 32); 274 } 275 } 276 277 static void scmi_clock_describe_rates(struct scmi_msg *msg) 278 { ** CID 360934: Integer handling issues (BAD_SHIFT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() ________________________________________________________________________________________________________ *** CID 360934: Integer handling issues (BAD_SHIFT) /drivers/st/scmi-msg/clock.c: 273 in write_rate_desc_array_in_buffer() 267 size_t n; 268 269 ASSERT_SYM_PTR_ALIGN(out); 270 271 for (n = 0U; n < nb_elt; n++) { 272 out[2 * n] = (uint32_t)rates[n]; >>> CID 360934: Integer handling issues (BAD_SHIFT) >>> In expression "(uint64_t)rates[n] >> 32", right shifting "rates[n]" by more than 31 bits always yields zero. The shift amount is 32. 273 out[2 * n + 1] = (uint32_t)((uint64_t)rates[n] >> 32); 274 } 275 } 276 277 static void scmi_clock_describe_rates(struct scmi_msg *msg) 278 { ** CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 191 in scmi_clock_rate_get() ________________________________________________________________________________________________________ *** CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/scmi-msg/clock.c: 191 in scmi_clock_rate_get() 185 return; 186 } 187 188 rate = plat_scmi_clock_get_rate(msg->agent_id, clock_id); 189 190 return_values.rate[0] = (uint32_t)rate; >>> CID 360933: Integer handling issues (CONSTANT_EXPRESSION_RESULT) >>> "(uint64_t)rate >> 32" is 0 regardless of the values of its operands. This occurs as the operand of assignment. 191 return_values.rate[1] = (uint32_t)((uint64_t)rate >> 32); 192 193 scmi_write_response(msg, &return_values, sizeof(return_values)); 194 } 195 196 static void scmi_clock_rate_set(struct scmi_msg *msg) ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

4 years, 10 months

1
0
0 0

Re: [TF-A] [PATCH] Add support for ARMv8.3-SPE

by Olivier Deprez

Hi Wei Li, Thanks for your change which looks correct. Can you possibly submit it to review.trustedfirmware.org? We can follow up with the review from the gerrit interface. Thanks, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Wei Li via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 22 July 2020 14:25 To: tf-a(a)lists.trustedfirmware.org Cc: huawei.libin(a)huawei.com; guohanjun(a)huawei.com Subject: [TF-A] [PATCH] Add support for ARMv8.3-SPE When ARMv8.3-SPE is implemented, ID_AA64DFR0_EL1.PMSVer is read as 0b0010, update the version check to support ARMv8.3-SPE or higher. Signed-off-by: Wei Li <liwei391(a)huawei.com> --- lib/extensions/spe/spe.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/extensions/spe/spe.c b/lib/extensions/spe/spe.c index 78876c66b..aa0bcd8ea 100644 --- a/lib/extensions/spe/spe.c +++ b/lib/extensions/spe/spe.c @@ -25,7 +25,7 @@ bool spe_supported(void) uint64_t features; features = read_id_aa64dfr0_el1() >> ID_AA64DFR0_PMS_SHIFT; - return (features & ID_AA64DFR0_PMS_MASK) == 1U; + return (features & ID_AA64DFR0_PMS_MASK) != 0U; } void spe_enable(bool el2_unused) -- 2.17.1 -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 10 months

1
0
0 0

[PATCH] Add support for ARMv8.3-SPE

by Wei Li

When ARMv8.3-SPE is implemented, ID_AA64DFR0_EL1.PMSVer is read as 0b0010, update the version check to support ARMv8.3-SPE or higher. Signed-off-by: Wei Li <liwei391(a)huawei.com> --- lib/extensions/spe/spe.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/extensions/spe/spe.c b/lib/extensions/spe/spe.c index 78876c66b..aa0bcd8ea 100644 --- a/lib/extensions/spe/spe.c +++ b/lib/extensions/spe/spe.c @@ -25,7 +25,7 @@ bool spe_supported(void) uint64_t features; features = read_id_aa64dfr0_el1() >> ID_AA64DFR0_PMS_SHIFT; - return (features & ID_AA64DFR0_PMS_MASK) == 1U; + return (features & ID_AA64DFR0_PMS_MASK) != 0U; } void spe_enable(bool el2_unused) -- 2.17.1

4 years, 10 months

1
0
0 0

Re: [TF-A] [Hafnium] Debugging page table creation in Hafnium

by Madhukar Pappireddy

Hi Raghu and Andrew, Thanks for the inputs. I have added the mm_vm_dump() call to the mm_init() function but nothing was dumped to uart log. I guess I am missing something trivial. It looks like mm_root_table_count() returns 0. Any suggestions? diff --git a/src/mm.c b/src/mm.c index 2e352e9..7c56a09 100644 --- a/src/mm.c +++ b/src/mm.c @@ -1041,5 +1041,7 @@ bool mm_init(struct mpool *ppool) mm_identity_map(stage1_locked, layout_data_begin(), layout_data_end(), MM_MODE_R | MM_MODE_W, ppool); + mm_vm_dump(&ptable); + return arch_mm_init(ptable.root); } Thanks, Madhukar -----Original Message----- From: Hafnium <hafnium-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrew Walbran via Hafnium Sent: Friday, July 17, 2020 6:10 AM To: Raghu K <raghu.ncstate(a)icloud.com> Cc: hafnium(a)lists.trustedfirmware.org Subject: Re: [Hafnium] Debugging page table creation in Hafnium Yep, mm_vm_dump sounds like what you're looking for. You can add a call where you like and it will go to the log UART. On Thu, 16 Jul 2020 at 19:14, Raghu K via Hafnium < hafnium(a)lists.trustedfirmware.org> wrote: > Quick search indicates mm_vm_dump() and the functions it calls in > src/mm.c should do what you want. i've not tried it or don't know the > format, but this may be what you are looking for. > > -Raghu > > On 7/16/20 11:03 AM, Madhukar Pappireddy via Hafnium wrote: > > Hi, > > > > I was wondering if there is support in Hafnium to dump page tables > > to a > log file. I am new to the Hafnium project and would appreciate any help. > Below is an example from TF-A which provides such provision. > > > > ......<snip> > > VERBOSE: Translation tables state: > > VERBOSE: Xlat regime: EL3 > > VERBOSE: Max allowed PA: 0xfffffffff > > VERBOSE: Max allowed VA: 0xfffffffff > > VERBOSE: Max mapped PA: 0x2f1fffff > > VERBOSE: Max mapped VA: 0x2f1fffff > > VERBOSE: Initial lookup level: 1 > > VERBOSE: Entries @initial lookup level: 64 > > VERBOSE: Used 3 sub-tables out of 5 (spare: 2) > > [LV1] VA:0x0 size:0x40000000 > > [LV2] VA:0x0 size:0x200000 > > [LV3] VA:0x0 PA:0x0 size:0x1000 MEM-RO-EXEC-S > > [LV3] VA:0x1000 PA:0x1000 size:0x1000 MEM-RO-EXEC-S > > [LV3] VA:0x2000 PA:0x2000 size:0x1000 MEM-RO-EXEC-S > > [LV3] VA:0x3000 PA:0x3000 size:0x1000 MEM-RO-EXEC-S > > [LV3] VA:0x4000 PA:0x4000 size:0x1000 MEM-RO-EXEC-S > > [LV3] VA:0x5000 PA:0x5000 size:0x1000 MEM-RO-EXEC-S > > [LV3] VA:0x6000 PA:0x6000 size:0x1000 MEM-RO-EXEC-S > > [LV3] VA:0x7000 PA:0x7000 size:0x1000 MEM-RO-EXEC-S > > [LV3] VA:0x8000 PA:0x8000 size:0x1000 MEM-RO-XN-S > > [LV3] VA:0x9000 PA:0x9000 size:0x1000 MEM-RO-XN-S > > [LV3] VA:0xa000 PA:0xa000 size:0x1000 MEM-RO-XN-S > > [LV3] VA:0xb000 size:0x1000 > > [LV3] (500 invalid descriptors omitted) > > [LV2] VA:0x200000 size:0x200000 > > [LV2] (30 invalid descriptors omitted) > > [LV2] VA:0x4000000 size:0x200000 ..... <snip> > > > > Thanks, > > Madhukar > > > > -- > Hafnium mailing list > Hafnium(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/hafnium >

4 years, 10 months

2
3
0 0

Re: [TF-A] Pointer Authentication keys

by Soby Mathew

Hi Varun, AIU, Usually 2 keys are used to protect 2 different software contexts for enforcing the security boundary between them. This is the case for kernel and userspace. In TF-A, every BL image is allowed to choose the IA key to use, hence every BL image can have a separate IA key. Each BL image is executing within a single security domain and hence there is less use create a boundary within the BL image by using the 2nd key registers. The Compiler by default selects either IA or IB instruction key register to use by default. It cannot automatically make use of both key registers and it doesn't support the use of DA or DB yet I think. There are some function attributes which allow to use a different key at a function level, but the functions need to be marked out manually. But the requirement for creating the sub-domain within a BL image by specifying a different key for certain functions has not yet been seen AFAIK. Best Regards Soby Mathew From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Varun Wadekar via TF-A Sent: 13 July 2020 22:20 To: tf-a(a)lists.trustedfirmware.org Cc: Kalyani Chidambaram Vaidyanathan <kalyanic(a)nvidia.com> Subject: [TF-A] Pointer Authentication keys Hi, >From the initial read of the Arm ARM, there are multiple keys (instruction, data) provided for authenticating pointers. But the current implementation only writes IA key [1]. I would like to understand the thought process behind programming only one key here. AFAIU, we should enable all keys - IA, IB, DA, DB. -Varun [1] https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/…

4 years, 11 months

2
1
0 0

Re: [TF-A] Announcing some changes around the code review label in Gerrit

by Joanna Farley

Hi Julius, Sandrine is away on vacation so I thought I would follow up as we had a chat in one of our team meetings about the point below. > On 07/07/2020, 23:05, "TF-A on behalf of Julius Werner via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: >> IOW, you're fine with both options but you'd prefer to have different >> people setting MR+1 and COR+1 (or CR+1 in the special cases mentioned >> above), right? Just want to double-check I understood your position. >Right. So when we had +1/+2 CR before these changes we endeavoured to ensure that these were done by different people and if a maintainer gave a +1 they resisted also giving a +2 as we recognise having multiple eyes is always advantageous. So the general feeling was that this should be the recommended best practice. However, the feeling was also that this specific recommendation should not be strictly enforced by gerrit checking as on occasions it is possible to give both on simple patches and maintainers and code owners in this case can be trusted to make the correct choice. The enforcing of them in Gerrit should be viewed as an aid to try and avoid mistakes rather than strict control for as you say we don't expect people to intentionally break the rules. Perhaps a warning in this case can be made to remind folks what's best practice here. For now though as mentioned as we practice the new rules and recommendations we will use an honour system rather than strict enforcement along with updating the documented rules and recomendations. Thanks Joanna

4 years, 11 months

2
1
0 0

Re: [TF-A] Deadlock in SGI RAS handling

by Soby Mathew

Hi Raghu, The Exception Handling framework (EHF) was designed to provide prioritization between the EL3 interrupts and EA although EA will always have highest priority since it cannot be blocked. In the case you describe, the driver in EL3 which is handling the RAS errors would need to ensure serialization of the events delivered to the S-EL0 payload somehow. This could be either via holding the event in a queue in EL3 till EL0 is done with processing the first event or the EL0 payload is capable of re-entry and can manage a queue internally. In case of MM, I suppose re-entry is not an option and hence a holding queue in EL3 driver needs to be implemented. The current implementation in sgi_ras.c doesn't do this currently as this was a PoC to showcase the RAS flow. Best Regards Soby Mathew > -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Raghu K > via TF-A > Sent: 13 July 2020 22:28 > To: tf-a(a)lists.trustedfirmware.org > Subject: [TF-A] Deadlock in SGI RAS handling > > Hi All, > > I was going through some code in sgi_ras.c and was wondering if the > situation mentioned below could cause a deadlock or if i'm missing > something. It seems like it is possible to deadlock if we enter MM in S- > EL0(say through an MM_COMMUNICATE SMC or perhaps an initial RAS > interrupt) followed by a SYNC EA or ASYNC EA on the same core. sgi_ras.c > seems like it registers the same handler for both interrupts and aborts. > While interrupts can be blocked/masked, SYNC EA's cannot be blocked(not > that i know of), and i don't see SErrors being blocked on the path to the EA > handler and entry to MM. If this situation does occur, it seems like we could > deadlock when the EA attempts to enter MM again in the interrupt handler. > Is there something that would prevent this situation from happening? > > > Thanks > Raghu > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

1
0
0 0

Deadlock in SGI RAS handling

by Raghu K

Hi All, I was going through some code in sgi_ras.c and was wondering if the situation mentioned below could cause a deadlock or if i'm missing something. It seems like it is possible to deadlock if we enter MM in S-EL0(say through an MM_COMMUNICATE SMC or perhaps an initial RAS interrupt) followed by a SYNC EA or ASYNC EA on the same core. sgi_ras.c seems like it registers the same handler for both interrupts and aborts. While interrupts can be blocked/masked, SYNC EA's cannot be blocked(not that i know of), and i don't see SErrors being blocked on the path to the EA handler and entry to MM. If this situation does occur, it seems like we could deadlock when the EA attempts to enter MM again in the interrupt handler. Is there something that would prevent this situation from happening? Thanks Raghu

4 years, 11 months

1
0
0 0

Pointer Authentication keys

by Varun Wadekar

Hi, >From the initial read of the Arm ARM, there are multiple keys (instruction, data) provided for authenticating pointers. But the current implementation only writes IA key [1]. I would like to understand the thought process behind programming only one key here. AFAIU, we should enable all keys - IA, IB, DA, DB. -Varun [1] https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/…

4 years, 11 months

1
0
0 0

TF-A Tech Forum Agenda @ Thr 16th July 2020 16:00-1700 BST

by Joanna Farley

Hi All, The next TF-A Tech Forum is scheduled for Thu 16th July 2020 16:00 – 17:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. Agenda: * Secure EL2 SPM (Secure Partition Manager) Hafnium-based * In this TF-A Tech Forum session we present the status and open roadmap for the Secure Partition Manager firmware development. The TF-A SPM is the reference open source implementation for the PSA FF-A (Platform Security Architecture Firmware Framework for A-class) specification in the Secure world. It leverages the Armv8.4-Secure EL2 extension bringing virtualization technology in the Secure world (S-EL2 exception level). The development derives originally from the Google Hafnium project, which has been recently transitioned to https://www.trustedfirmware.org/ under the BSD 3-Clause license. * Optional TF-A Mailing List Topic Discussions If TF-A contributors have anything they wish to present at any future TF-A tech forum please contact me to have that scheduled. Previous sessions, both recording and presentation material can be found on the trustedfirmware.org TF-A Technical meeting webpage: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/ A scheduling tracking page is also available to help track sessions suggested and being prepared: https://developer.trustedfirmware.org/w/tf_a/tf-a-tech-forum-scheduling/ Final decisions on what will be presented will be shared a few days before the next meeting and shared on the TF-A mailing list. Thanks Joanna

4 years, 11 months

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 4 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 360537: Insecure data handling (TAINTED_SCALAR) ________________________________________________________________________________________________________ *** CID 360537: Insecure data handling (TAINTED_SCALAR) /plat/qemu/common/qemu_bl2_setup.c: 72 in update_dt() 66 67 if (dt_add_psci_cpu_enable_methods(fdt)) { 68 ERROR("Failed to add PSCI cpu enable methods in Device Tree\n"); 69 return; 70 } 71 >>> CID 360537: Insecure data handling (TAINTED_SCALAR) >>> Passing tainted variable "fdt->size_dt_struct" to a tainted sink. 72 ret = fdt_pack(fdt); 73 if (ret < 0) 74 ERROR("Failed to pack Device Tree at %p: error %d\n", fdt, ret); 75 } 76 77 void bl2_platform_setup(void) ** CID 360536: (TAINTED_SCALAR) ________________________________________________________________________________________________________ *** CID 360536: (TAINTED_SCALAR) /plat/rpi/rpi4/rpi4_bl31_setup.c: 249 in rpi4_prepare_dtb() 243 gic_int_prop[2] = cpu_to_fdt32(0x0f04); // all cores, level high 244 fdt_setprop(dtb, offs, "interrupts", gic_int_prop, 12); 245 246 offs = fdt_path_offset(dtb, "/chosen"); 247 fdt_setprop_string(dtb, offs, "stdout-path", "serial0"); 248 >>> CID 360536: (TAINTED_SCALAR) >>> Passing tainted variable "dtb->size_dt_struct" to a tainted sink. 249 ret = fdt_pack(dtb); 250 if (ret < 0) 251 ERROR("Failed to pack Device Tree at %p: error %d\n", dtb, ret); 252 253 clean_dcache_range((uintptr_t)dtb, dtb_size(dtb)); 254 INFO("Changed device tree to advertise PSCI.\n"); /plat/rpi/rpi4/rpi4_bl31_setup.c: 220 in rpi4_prepare_dtb() 214 int ret, offs; 215 216 /* Return if no device tree is detected */ 217 if (fdt_check_header(dtb) != 0) 218 return; 219 >>> CID 360536: (TAINTED_SCALAR) >>> Passing tainted variable "dtb->totalsize" to a tainted sink. 220 ret = fdt_open_into(dtb, dtb, 0x100000); 221 if (ret < 0) { 222 ERROR("Invalid Device Tree at %p: error %d\n", dtb, ret); 223 return; 224 } 225 /plat/rpi/rpi4/rpi4_bl31_setup.c: 249 in rpi4_prepare_dtb() 243 gic_int_prop[2] = cpu_to_fdt32(0x0f04); // all cores, level high 244 fdt_setprop(dtb, offs, "interrupts", gic_int_prop, 12); 245 246 offs = fdt_path_offset(dtb, "/chosen"); 247 fdt_setprop_string(dtb, offs, "stdout-path", "serial0"); 248 >>> CID 360536: (TAINTED_SCALAR) >>> Passing tainted variable "dtb->size_dt_struct" to a tainted sink. 249 ret = fdt_pack(dtb); 250 if (ret < 0) 251 ERROR("Failed to pack Device Tree at %p: error %d\n", dtb, ret); 252 253 clean_dcache_range((uintptr_t)dtb, dtb_size(dtb)); 254 INFO("Changed device tree to advertise PSCI.\n"); /plat/rpi/rpi4/rpi4_bl31_setup.c: 249 in rpi4_prepare_dtb() 243 gic_int_prop[2] = cpu_to_fdt32(0x0f04); // all cores, level high 244 fdt_setprop(dtb, offs, "interrupts", gic_int_prop, 12); 245 246 offs = fdt_path_offset(dtb, "/chosen"); 247 fdt_setprop_string(dtb, offs, "stdout-path", "serial0"); 248 >>> CID 360536: (TAINTED_SCALAR) >>> Passing tainted variable "dtb->size_dt_struct" to a tainted sink. 249 ret = fdt_pack(dtb); 250 if (ret < 0) 251 ERROR("Failed to pack Device Tree at %p: error %d\n", dtb, ret); 252 253 clean_dcache_range((uintptr_t)dtb, dtb_size(dtb)); 254 INFO("Changed device tree to advertise PSCI.\n"); /plat/rpi/rpi4/rpi4_bl31_setup.c: 249 in rpi4_prepare_dtb() 243 gic_int_prop[2] = cpu_to_fdt32(0x0f04); // all cores, level high 244 fdt_setprop(dtb, offs, "interrupts", gic_int_prop, 12); 245 246 offs = fdt_path_offset(dtb, "/chosen"); 247 fdt_setprop_string(dtb, offs, "stdout-path", "serial0"); 248 >>> CID 360536: (TAINTED_SCALAR) >>> Passing tainted variable "dtb->size_dt_struct" to a tainted sink. 249 ret = fdt_pack(dtb); 250 if (ret < 0) 251 ERROR("Failed to pack Device Tree at %p: error %d\n", dtb, ret); 252 253 clean_dcache_range((uintptr_t)dtb, dtb_size(dtb)); 254 INFO("Changed device tree to advertise PSCI.\n"); /plat/rpi/rpi4/rpi4_bl31_setup.c: 220 in rpi4_prepare_dtb() 214 int ret, offs; 215 216 /* Return if no device tree is detected */ 217 if (fdt_check_header(dtb) != 0) 218 return; 219 >>> CID 360536: (TAINTED_SCALAR) >>> Passing tainted variable "dtb->size_dt_strings" to a tainted sink. 220 ret = fdt_open_into(dtb, dtb, 0x100000); 221 if (ret < 0) { 222 ERROR("Invalid Device Tree at %p: error %d\n", dtb, ret); 223 return; 224 } 225 ** CID 360535: Insecure data handling (TAINTED_SCALAR) ________________________________________________________________________________________________________ *** CID 360535: Insecure data handling (TAINTED_SCALAR) /plat/renesas/rcar/bl2_plat_setup.c: 1005 in bl2_el3_early_platform_setup() 999 bl2_lossy_setting(1, LOSSY_ST_ADDR1, LOSSY_END_ADDR1, 1000 LOSSY_FMT1, LOSSY_ENA_DIS1, fcnlnode); 1001 bl2_lossy_setting(2, LOSSY_ST_ADDR2, LOSSY_END_ADDR2, 1002 LOSSY_FMT2, LOSSY_ENA_DIS2, fcnlnode); 1003 #endif 1004 >>> CID 360535: Insecure data handling (TAINTED_SCALAR) >>> Passing tainted variable "fdt->size_dt_struct" to a tainted sink. 1005 fdt_pack(fdt); 1006 NOTICE("BL2: FDT at %p\n", fdt); 1007 1008 if (boot_dev == MODEMR_BOOT_DEV_EMMC_25X1 || 1009 boot_dev == MODEMR_BOOT_DEV_EMMC_50X8) 1010 rcar_io_emmc_setup(); ** CID 346762: (TAINTED_SCALAR) ________________________________________________________________________________________________________ *** CID 346762: (TAINTED_SCALAR) /lib/libfdt/fdt_empty_tree.c: 37 in fdt_create_empty_tree() 31 return err; 32 33 err = fdt_finish(buf); 34 if (err) 35 return err; 36 >>> CID 346762: (TAINTED_SCALAR) >>> Passing tainted variable "buf->size_dt_struct" to a tainted sink. 37 return fdt_open_into(buf, buf, bufsize); /lib/libfdt/fdt_empty_tree.c: 33 in fdt_create_empty_tree() 27 return err; 28 29 err = fdt_end_node(buf); 30 if (err) 31 return err; 32 >>> CID 346762: (TAINTED_SCALAR) >>> Passing tainted variable "buf->size_dt_strings" to a tainted sink. 33 err = fdt_finish(buf); 34 if (err) 35 return err; 36 37 return fdt_open_into(buf, buf, bufsize); /lib/libfdt/fdt_empty_tree.c: 37 in fdt_create_empty_tree() 31 return err; 32 33 err = fdt_finish(buf); 34 if (err) 35 return err; 36 >>> CID 346762: (TAINTED_SCALAR) >>> Passing tainted variable "buf->totalsize" to a tainted sink. 37 return fdt_open_into(buf, buf, bufsize); /lib/libfdt/fdt_empty_tree.c: 37 in fdt_create_empty_tree() 31 return err; 32 33 err = fdt_finish(buf); 34 if (err) 35 return err; 36 >>> CID 346762: (TAINTED_SCALAR) >>> Passing tainted variable "buf->size_dt_strings" to a tainted sink. 37 return fdt_open_into(buf, buf, bufsize); ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/ls/click?upn=nJaKvJSIH-2FPAfmty-2BK5tYpPkl…

4 years, 11 months

1
0
0 0

Re: [TF-A] Announcing some changes around the code review label in Gerrit

by Joanna Farley

+1 for re-introduction of 'Code-Review' label in addition to 'Code-Owner-Review' label. I would like to see the enforcement of authors of patches not being allowed to self review eventually for all labels. Hopefully we can enable maintainers who are not the author of deadlocked patches to allow the setting of all required +1's to labels is situations where this is necessary for admin purposes after due consideration. I agree though while this process is settling down an honour system is appropriate. Cheers Joanna On 01/07/2020, 08:56, "TF-A on behalf of Sandrine Bailleux via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi Julius, On 7/1/20 2:13 AM, Julius Werner wrote: > Hi Sandrine, > > Sounds like good changes in general! I'm curious what the ACLs are for > Code-Owner-Review? Is it tied to docs/about/maintainers.rst or just > based on the honor system? (I notice that I seem to be able to give a > +1 for code I'm not owning, but maybe that's because I am a > maintainer?) Right now, the ACLs are not tied to docs/about/maintainers.rst (any registered user could vote on this label) and it is just based on the honor system. However, I'd like this to be enforced in the future, we just haven't had the time to put the right tooling in place for that. Also we did not want to spend time on developing such scripts before we tried out these process changes in practice. If they proved too heavy or inconvenient, part of this work would have gone to waste. BTW, any help for the tooling is welcome! If you've got plugin configuration files or scripts we could reuse (with an appropriate license) or even tips on how to best set this up, please feel free to share these. > Also, are code owners allowed to +1 themselves (I think > we said we didn't want maintainers to do that, but for code owners I > could see how we might want to allow it since there are usually not > that many)? What do we do when someone uploads the first patch for a > new platform, do they just COR+1 themselves (since there is no code > owner yet)? That is indeed a grey area. As you say, many modules have a single code owner and we need to agree on how we would like such code reviews to be conducted. Thanks for starting this discussion! One option as you say would be to allow code owners to self-review their patches but I am not convinced we would gain anything out of this. It sounds like a tick-box exercise to me, an admin overhead just to get the patch through the system and I would like to avoid that as much as possible. It is likely that a patch submitter has already self-reviewed his code before posting a patch anyway. The alternative we've been discussing in the team is to call out another reviewer in these situations. I think that there is still value in having a second fresh pair of eyes on a patch. Even if the reviewer has no particular expertise on this specific module, they can still catch potential logic problems or structural issues in the code. The latter would be my preference. What do others think? > I think it might still be useful to retain the existing Code-Review as > a +1/-1 label next to the two new ones, just to allow other interested > parties to record their opinion (without it having any enforcing > effect on the merge). In other Gerrit instances I have used people > often like to give CR+1 as a "I'm not the one who needs to approve > this but I have looked at it and think it's fine" or a CR-1 as a "I > can't stop you from doing this but I still want to be clear that I > don't think it's a good idea". It allows people outside the official > approval process a clearer way to participate and can aid the official > approvers in their decisions (e.g. when I am reviewing a patch as a > maintainer that already has a CR-1 from someone else I know to pay > extra attention to their concerns, and it's more visible than just > some random comment further up in the list). What do you think? That's a very good idea, thanks! It also aligns with Javier's concerns, which sound perfectly valid to me. I think your proposal of having 3 distinct labels is better than having code owners and non-code owners voting on the same generic 'Code-Review' label, which is what Javier was suggesting. It clarifies further the intent of each label and as you say allows us to configure different rules for each (i.e. make the generic 'Code-Review' label informative/optional, while making the 'Code-Owner-Review' label mandatory for patch submission). I am gonna wait for others' opinions on this before changing the configuration in Gerrit again. I see Raghu agrees with this approach. If nobody disagrees by the end of the week, I'll do these changes on Monday. In the meantime, as discussed above, any registered user can vote on the new 'Code-Owner-Review' label so let's continue to use that for the rest of this week. Regards, Sandrine -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

3
5
0 0

Re: [TF-A] Announcing some changes around the code review label in Gerrit

by Varun Wadekar

Hello Sandrine, IMO, the code review process has now evolved from the previous version. I am not too clear on the final outcome. Does it make sense to add a "lifecycle of a review" section to the initial proposal? -Varun -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Sandrine Bailleux via TF-A Sent: Monday, July 6, 2020 1:53 AM To: Julius Werner <jwerner(a)chromium.org> Cc: tf-a <tf-a(a)lists.trustedfirmware.org> Subject: Re: [TF-A] Announcing some changes around the code review label in Gerrit External email: Use caution opening links or attachments Hi Julius and all, As agreed and announced last week, I've now reintroduced the Code-Review label in addition to the Code-Owner-Review and Maintainer-Review ones. The Code-Review label is purely informational and won't influence whether a patch is submittable in Gerrit. Anyone should be able to vote on this label, if you face any issue please let me know. On 7/1/20 11:12 PM, Julius Werner wrote: >> BTW, any help for the tooling is welcome! If you've got plugin >> configuration files or scripts we could reuse (with an appropriate >> license) or even tips on how to best set this up, please feel free to >> share these. > > The Chromium Gerrit has an owners-enforcement system but I'm not > familiar with how exactly they set it up. I think they're using this > plugin > https://gerrit.googlesource.com/plugins/find-owners/+/refs/heads/maste > r and this is where it's integrated into Gerrit submission rules: > https://chromium.googlesource.com/chromiumos/+/refs/meta/config/rules. > pl . It works by having a file called OWNERS in certain directories > which sets the owners for the subtree below it, so we would have to > rewrite the current code owner list in that format if we wanted to use > it. This "find-owners" plugin sounds promising! Thanks for the pointers. I notice the "reviewers" plugin [1] is installed on review.tf.org but it does not sound as configurable as "find-owners". Rewriting the current code owners list to use the OWNERS format does not sound like a big task to me (just a dull one... could be scripted, though) so this approach definitely sounds worth investigating to me. [1] https://review.trustedfirmware.org/plugins/reviewers/Documentation/index.ht… > There also seems to be this completely separate plugin that claims to > do roughly the same thing, I have no idea where the difference is > between the two: > https://gerrit.googlesource.com/plugins/owners/+/refs/heads/master I notice the "find-owners" plugin documentation mentions that "this plugin works with Gerrit projects that use Android or Chromium compatible OWNERS files" so maybe they started off from the generic "owners" plugin and customized it for Android/Chromium's needs? Just a guess. Anyway, worth a look as well, thanks! [2] https://gerrit.googlesource.com/plugins/find-owners/+/refs/heads/master/src… >> One option as you say would be to allow code owners to self-review their >> patches but I am not convinced we would gain anything out of this. It >> sounds like a tick-box exercise to me, an admin overhead just to get the >> patch through the system and I would like to avoid that as much as >> possible. It is likely that a patch submitter has already self-reviewed >> his code before posting a patch anyway. >> >> The alternative we've been discussing in the team is to call out another >> reviewer in these situations. I think that there is still value in >> having a second fresh pair of eyes on a patch. Even if the reviewer has >> no particular expertise on this specific module, they can still catch >> potential logic problems or structural issues in the code. > > I definitely did not mean to suggest that these patches should not be > reviewed at all -- I was just talking about the Code-Owner-Review > label. There would still be a maintainer review, of course, and it > seems like a good idea to get additional reviews from other people > too. They just couldn't set the COR+1 bit once we start ACLing it. Right, I see (and agree with you). > Basically, each of these bits have their own purpose, and I would see > the purpose of the COR+1 bit to be that the person most familiar with > that particular piece of code has made sure that it fits in and > doesn't cause unexpected problems with certain quirky configurations > or something like that. That's important when, say, I make a generic > refactoring that touches a platform I'm unfamiliar with, but if the > code owner adds to their own platform that's probably already a given > and they are likely still the best person to judge that, even for > their own code. Yes, that makes sense to me. > That all code gets reviewed by people other than the author I would > see as a somewhat orthogonal concern that should be checked > independently. So maybe the rule could be that if the code owner sets > COR+1 for themselves, there needs to be at least one Code-Review+1 (if > we reintroduce that label) from another person (who is also not the > one setting Maintainer-Review+1) to make sure the minimum amount of > reviews stays the same. Or maybe these should all be completely > independent checks so every patch needs a Code-Owner-Review+1 (can be > from the author), a Maintainer-Review+1 (not from the author) and at > least two Code-Review+1 from people other than the author -- with the > normal expectation that when a maintainer or code owner reviews a > patch, they would also set Code-Review+1 (as a general sign that they > reviewed the patch) in addition to their special meaning flag. I still don't see the benefit of code owners setting COR+1 for themselves. I would think that a patch owner already reviews his own patch before posting it for review so a self COR+1 is just reinstating the obvious in my eyes. Your first suggestion (i.e. having at least one CR+1 from another person when a patch author cannot find another code owner to review their patches) sounds aligned with what I proposed earlier. Your second suggestion sounds a bit too heavy to me. The fact that people would have to replay their vote on several labels sounds like an admin overhead to me. I guess this would simplify the ACL configuration but I would prefer to avoid this if we can. So I suggest the following. We could have 2 ways to get a patch approved. 1) For patches that have multiple code owners: * COR+1 (not from patch owner) * MR+1 (not from patch owner, not from the person setting COR+1) 2) For patches that a have single code owner: * CR+1 (not from patch owner) * MR+1 (not from patch owner, not from the person setting CR+1) In 2), I like your suggestion of mandating 2 CR+1 but I fear this might be difficult to achieve in practice (simply because we might not have enough reviewers for this). Note that in some cases, we would need to mix both policies. If a patch modifies several modules, some of them having multiple code owners and others having a single code owner, we would apply one or the other policy for each module. How does that sound? Also, 1) assumes we always want different individuals doing the code-owner review and the maintainer review. I personally don't feel strongly about this split and I would be fine with the same person doing both types of review, as they are typically looking at different criteria. What do others think? Regards, Sandrine -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

2
1
0 0

Re: [TF-A] Erroneous speculative AT workaround

by Soby Mathew

Thanks Andrew for raising the issue and Marc and Raghu for your inputs. The effect of stage 2 when Stage 1 is disabled is something that was overlooked in the workaround implementation. After some discussions this is what we currently understand regarding the problem. 1. EL3 does not modify the EL2 stage 1 translations and hence any speculative execution of AT execution in EL3 and resulting PTW and TLB caching should not be a problem as we always return to the same context in EL2. TF-A in EL3 need not worry about this. Also, we expect that future CPUs having v8.4 extensions for S-EL2 will have already corrected this errata. 2. Whenever the EL1/0 Stage 1 translations are switched in EL3 as part of switching the worlds, it should take Stage 2 into account. Hence disabling the Stage 1 MMU is not effective, as Marc pointed out, because speculative PTW can still take place using Stage 2 identity mapping. After discussion with James, we also realized that flipping the SCR_EL3.NS bit could take Stage 2 out of context (Stage 2 is not valid in secure world) leaving Stage 1 pointing to invalid translations. As discussed in previous emails, on Entry to EL3, if TCR_EL1.EPDx = 1 and SCTLR_EL3.M = 1, any speculative AT PTWs for EL1 context can be prevented (including Stage 2). So the fix as we currently understand would involve the following sequence : a. On Entry to EL3, save the incoming SCTLR_EL1.M and TCR_EL1.EPDx bits and set them (ensure TCR_EL1.EPDx =1 prior to SCTLR_EL1.M =1 using isb()) b. Prior to Exit from EL3, after the target context is restored, restore the SCTLR_EL1.M and TCR_EL1.EPDx bits. The above sequence now means that any use of AT instruction targeted at lower EL from EL3 that require PTW will fault. So prior to use of AT, ensure the PTW are re-enabled and disabled back again after the AT instructions. If the above sequence is agreed upon to resolve the errata, then we can work on a patch for the same. I suspect current el1 register save and restore sequence in TF-A is a bit unwieldy and we may need to analyze all the entry points to EL3 to ensure we cover everything. Best Regards Soby Mathew > -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Andrew > Scull via TF-A > Sent: 02 July 2020 09:20 > To: Raghu K <raghu.ncstate(a)icloud.com> > Cc: android-kvm(a)google.com; willdeacon(a)google.com; Marc Zyngier > <mzyngier(a)google.com>; tf-a(a)lists.trustedfirmware.org > Subject: Re: [TF-A] Erroneous speculative AT workaround > > On Wed, Jul 01, 2020 at 05:47:00PM -0700, Raghu K wrote: > > This is interesting. It appears that there is no way on entry to EL3 > > to guarantee that the out-of-context(el2 and el1) translation regimes > > are in a consistent state and on every entry into EL3, we have to > > conservatively assume that it is in an inconsistent state. This is > > because of the situation Andrew mentioned(interrupts to EL3 can occur at any > time). > > > > If this is the case, on EL3 entry: > > 1) For EL1, we will need to save SCTLR_EL1, set SCTLR_EL1.M = 1,.EPDx > > = 0 > > This would still be racing against any potential speculative execution of an AT > instruction upon the switch to EL3, IIUC. The window would be much smaller > but not entirely eliminated. > > For KVM, this would be enough as KVM will have already applied this > workaround (with Marc's corrections) whenever it is going to enter an > inconsistent state. However, other EL2 software may choose to handle the > errata differently, possibly going to the lengths of ensuring that no AT > instruction is ever mapped executable. > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

4
4
0 0

Re: [TF-A] Erroneous speculative AT workaround

by Raghu K

4 years, 11 months

1
0
0 0

Re: [TF-A] Erroneous speculative AT workaround

by Raghu K

4 years, 11 months

1
0
0 0

Re: [TF-A] Erroneous speculative AT workaround

by Raghu K

This is interesting. It appears that there is no way on entry to EL3 to guarantee that the out-of-context(el2 and el1) translation regimes are in a consistent state and on every entry into EL3, we have to conservatively assume that it is in an inconsistent state. This is because of the situation Andrew mentioned(interrupts to EL3 can occur at any time). If this is the case, on EL3 entry: 1) For EL1, we will need to save SCTLR_EL1, set SCTLR_EL1.M = 1,.EPDx = 0 2) Set whatever bits we need to for EL2 and S2 translations to not succeed(What are these?) 3) DSB, to ensure no speculative AT can be issued until completion of DSB, so any AT that occurs will not fill the TLB with bad translations. On exit(right before ERET), we need to restore the registers saved on entry, and have the ERET followed by a DSB so that there can be no speculative execution of AT instructions. Thanks Raghu On 7/1/20 5:54 AM, Marc Zyngier via TF-A wrote: > Hi Manish, > > On Wed, 1 Jul 2020 at 13:14, Manish Badarkhe <Manish.Badarkhe(a)arm.com> wrote: >> Hi Andrew, >> >> As per current implementation, in “el1_sysregs_context_restore” routine do below things: >> >> 1. TCR_EL1.EPD0 = 1 >> 2. TCR_EL1.EPD1 = 1 >> 3. SCTR_EL1.M = 0 >> 4. Isb >> Code snippet: >> mrs x9, tcr_el1 >> orr x9, x9, #TCR_EPD0_BIT >> orr x9, x9, #TCR_EPD1_BIT >> msr tcr_el1, x9 >> mrs x9, sctlr_el1 >> bic x9, x9, #SCTLR_M_BIT >> msr sctlr_el1, x9 >> isb >> This is to avoid PTW through while updating system registers at step 5 > Unfortunately, this doesn't prevent anything. > > If SCTLR_EL1.M is clear, TCR_EL1.EPDx don't mean much (S1 MMU is > disabled, no S1 page table walk), and you can still have S2 PTWs > (using an idmap for S1) and creating TLB corruption if these entry > alias with any S1 mapping that exists at EL1. > > Which is why KVM does *set* SCTLR_EL1.M, which prevents the use of a > 1:1 mapping at S1, and at which point the TCR_EL1.EPDx bits are > actually useful in preventing a PTW. > >> 5. Restore all system registers for El1 except SCTLR_EL1 and TCR_EL1 >> 6. isb() >> 7. restore SCTLR_EL1 and TCR_EL1 >> Code Snippet: >> ldr x9, [x0, #CTX_SCTLR_EL1] -> saved value from "el2_sysregs_context_save" >> msr sctlr_el1, x9 >> ldr x9, [x0, #CTX_TCR_EL1] >> msr tcr_el1, x9 >> >> As per above steps. SCTLR_EL1 get restored back with actual settings at step 7. >> Similar flow is present for “el2_sysregs_context_restore” to restore SCTLR_EL1 register. >> >> In conclusion, this routine temporarily clear M bit of SCTLR_EL1 to avoid speculation but restored it back >> to its original setting while leaving back to its caller. Please let us know whether this align with KVM >> workaround for speculative AT erratum. > It doesn't, unfortunately. I believe this code actively creates > problems on a system that is affected by speculative AT execution. > > I don't understand your rationale for touching SCTLR_EL2.M either if > you are not context-switching the EL2 S1 state: as far as I understand > no affected cores have S-EL2, so no switch should happen at this > stage. > > Thanks, > > M.

4 years, 11 months

3
2
0 0

Re: [TF-A] Erroneous speculative AT workaround

by Manish Badarkhe

Hi Andrew, As per current implementation, in “el1_sysregs_context_restore” routine do below things: 1. TCR_EL1.EPD0 = 1 2. TCR_EL1.EPD1 = 1 3. SCTR_EL1.M = 0 4. Isb Code snippet: mrs x9, tcr_el1 orr x9, x9, #TCR_EPD0_BIT orr x9, x9, #TCR_EPD1_BIT msr tcr_el1, x9 mrs x9, sctlr_el1 bic x9, x9, #SCTLR_M_BIT msr sctlr_el1, x9 isb This is to avoid PTW through while updating system registers at step 5 5. Restore all system registers for El1 except SCTLR_EL1 and TCR_EL1 6. isb() 7. restore SCTLR_EL1 and TCR_EL1 Code Snippet: ldr x9, [x0, #CTX_SCTLR_EL1] -> saved value from "el2_sysregs_context_save" msr sctlr_el1, x9 ldr x9, [x0, #CTX_TCR_EL1] msr tcr_el1, x9 As per above steps. SCTLR_EL1 get restored back with actual settings at step 7. Similar flow is present for “el2_sysregs_context_restore” to restore SCTLR_EL1 register. In conclusion, this routine temporarily clear M bit of SCTLR_EL1 to avoid speculation but restored it back to its original setting while leaving back to its caller. Please let us know whether this align with KVM workaround for speculative AT erratum. Thanks Manish Badarkhe On 01/07/2020, 17:02, "TF-A on behalf of Joanna Farley via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Thanks Andrew for the notification. We will look into it and get back to this thread. Thanks Joanna On 01/07/2020, 10:16, "TF-A on behalf of Andrew Scull via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Whilst looking at the speculative AT workaround in KVM, I compared it against the workaround in TF-A and noticed an inconsistency whereby TF-A **breaks** KVM's workaround. In `el1_sysregs_context_restore`, the M bit of SCTRL_EL1 is cleared however Linux requires this to be set for its workaround to be correct. If an exception is taken to EL3 partway through a VM context switch, e.g. a secure interrupt, causing a switch to the secure world, TF-A will reintroduce the possibility of TLB corruption. The above explains how it is broken for Linux's chosen workaround however TF-A will also have to be compatible with whatever workaround the EL2 software is using. Starting this thread with the issue identified and we can add more details as needed. Thanks Andrew -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

2
1
0 0

Re: [TF-A] Erroneous speculative AT workaround

by Manish Badarkhe

+Updated comment for SCTLR_EL2 register restoration. On 01/07/2020, 17:45, "TF-A on behalf of Manish Badarkhe via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi Andrew, As per current implementation, in “el1_sysregs_context_restore” routine do below things: 1. TCR_EL1.EPD0 = 1 2. TCR_EL1.EPD1 = 1 3. SCTR_EL1.M = 0 4. Isb Code snippet: mrs x9, tcr_el1 orr x9, x9, #TCR_EPD0_BIT orr x9, x9, #TCR_EPD1_BIT msr tcr_el1, x9 mrs x9, sctlr_el1 bic x9, x9, #SCTLR_M_BIT msr sctlr_el1, x9 isb This is to avoid PTW through while updating system registers at step 5 5. Restore all system registers for El1 except SCTLR_EL1 and TCR_EL1 6. isb() 7. restore SCTLR_EL1 and TCR_EL1 Code Snippet: ldr x9, [x0, #CTX_SCTLR_EL1] -> saved value from "el2_sysregs_context_save" msr sctlr_el1, x9 ldr x9, [x0, #CTX_TCR_EL1] msr tcr_el1, x9 As per above steps. SCTLR_EL1 get restored back with actual settings at step 7. Similar flow is present for “el2_sysregs_context_restore” to restore SCTLR_EL2 register. In conclusion, this routine temporarily clear M bit of SCTLR_EL1 to avoid speculation but restored it back to its original setting while leaving back to its caller. Please let us know whether this align with KVM workaround for speculative AT erratum. Thanks Manish Badarkhe On 01/07/2020, 17:02, "TF-A on behalf of Joanna Farley via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Thanks Andrew for the notification. We will look into it and get back to this thread. Thanks Joanna On 01/07/2020, 10:16, "TF-A on behalf of Andrew Scull via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Whilst looking at the speculative AT workaround in KVM, I compared it against the workaround in TF-A and noticed an inconsistency whereby TF-A **breaks** KVM's workaround. In `el1_sysregs_context_restore`, the M bit of SCTRL_EL1 is cleared however Linux requires this to be set for its workaround to be correct. If an exception is taken to EL3 partway through a VM context switch, e.g. a secure interrupt, causing a switch to the secure world, TF-A will reintroduce the possibility of TLB corruption. The above explains how it is broken for Linux's chosen workaround however TF-A will also have to be compatible with whatever workaround the EL2 software is using. Starting this thread with the issue identified and we can add more details as needed. Thanks Andrew -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

1
0
0 0

Re: [TF-A] Erroneous speculative AT workaround

by Joanna Farley

Thanks Andrew for the notification. We will look into it and get back to this thread. Thanks Joanna On 01/07/2020, 10:16, "TF-A on behalf of Andrew Scull via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Whilst looking at the speculative AT workaround in KVM, I compared it against the workaround in TF-A and noticed an inconsistency whereby TF-A **breaks** KVM's workaround. In `el1_sysregs_context_restore`, the M bit of SCTRL_EL1 is cleared however Linux requires this to be set for its workaround to be correct. If an exception is taken to EL3 partway through a VM context switch, e.g. a secure interrupt, causing a switch to the secure world, TF-A will reintroduce the possibility of TLB corruption. The above explains how it is broken for Linux's chosen workaround however TF-A will also have to be compatible with whatever workaround the EL2 software is using. Starting this thread with the issue identified and we can add more details as needed. Thanks Andrew -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

1
0
0 0

Erroneous speculative AT workaround

by Andrew Scull

Whilst looking at the speculative AT workaround in KVM, I compared it against the workaround in TF-A and noticed an inconsistency whereby TF-A **breaks** KVM's workaround. In `el1_sysregs_context_restore`, the M bit of SCTRL_EL1 is cleared however Linux requires this to be set for its workaround to be correct. If an exception is taken to EL3 partway through a VM context switch, e.g. a secure interrupt, causing a switch to the secure world, TF-A will reintroduce the possibility of TLB corruption. The above explains how it is broken for Linux's chosen workaround however TF-A will also have to be compatible with whatever workaround the EL2 software is using. Starting this thread with the issue identified and we can add more details as needed. Thanks Andrew

4 years, 11 months

1
0
0 0

Re: [TF-A] Announcing some changes around the code review label in Gerrit

by Julius Werner

Hi Sandrine, Sounds like good changes in general! I'm curious what the ACLs are for Code-Owner-Review? Is it tied to docs/about/maintainers.rst or just based on the honor system? (I notice that I seem to be able to give a +1 for code I'm not owning, but maybe that's because I am a maintainer?) Also, are code owners allowed to +1 themselves (I think we said we didn't want maintainers to do that, but for code owners I could see how we might want to allow it since there are usually not that many)? What do we do when someone uploads the first patch for a new platform, do they just COR+1 themselves (since there is no code owner yet)? I think it might still be useful to retain the existing Code-Review as a +1/-1 label next to the two new ones, just to allow other interested parties to record their opinion (without it having any enforcing effect on the merge). In other Gerrit instances I have used people often like to give CR+1 as a "I'm not the one who needs to approve this but I have looked at it and think it's fine" or a CR-1 as a "I can't stop you from doing this but I still want to be clear that I don't think it's a good idea". It allows people outside the official approval process a clearer way to participate and can aid the official approvers in their decisions (e.g. when I am reviewing a patch as a maintainer that already has a CR-1 from someone else I know to pay extra attention to their concerns, and it's more visible than just some random comment further up in the list). What do you think? Best regards, Julius

4 years, 11 months

2
1
0 0

Re: [TF-A] Announcing some changes around the code review label in Gerrit

by Javier Almansa Sobrino

Hi Sandrine, If my understanding is right, Code-Owner-Review is the equivalent to the old Code-Review+1 and therefore anyone can add a vote there, owner or not. If that is so, I think the current name might be misleading. Wouldn't it be better just "Code-Review", for instance? As an example, I am not code owner for Measure Boot, but sometimes I am requested to review the patches for it, so in that case it might lead to confusion if I give Code-Owner-Review score. What do you think? Best regards, Javier -----Original Message----- From: Sandrine Bailleux via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:Sandrine%20Bailleux%20via%20TF-A%20%3ctf-a@lists.trustedfirmware.org%3e>> Reply-To: Sandrine Bailleux <sandrine.bailleux(a)arm.com<mailto:Sandrine%20Bailleux%20%3csandrine.bailleux@arm.com%3e>> To: tf-a <tf-a(a)lists.trustedfirmware.org<mailto:tf-a%20%3ctf-a@lists.trustedfirmware.org%3e>> Subject: [TF-A] Announcing some changes around the code review label in Gerrit Date: Tue, 30 Jun 2020 13:29:00 +0000 Hello all, If you recall, the tf.org Project Maintenance Process [1] advocates a code review model where both code owners and maintainers need to review and approve a patch before it gets merged. Until now, the way we would record this in Gerrit was a bit cumbersome and ambiguous. * Code-Review+1 was for code owners to approve a patch. * Code-Review+2 was for maintainers to approve a patch. The submission rules in Gerrit were such that a patch needed a Code-Review+2 to be merged. This meant that if a maintainer was first to take a look at a patch and approved it (Code-Review+2), Gerrit would allow the patch to be merged without any code owners review. To align better with the Project Maintenance Process, I've done some changes in our Gerrit configuration. You will notice that the Code-Review label is gone and has been replaced by 2 new labels: * Code-Owner-Review * Maintainer-Review Stating the obvious but code owners are expected to vote on the Code-Owner-Review label and maintainers on the Maintainer-Review. Note that maintainers might also be code owners for some modules. If they are doing a "code owner" type of review on a patch, they would vote on the Code-Owner-Review label in this case. Any doubt, please ask. I hope I didn't break anything but if you notice any permissions problems (things you used to be able to do and cannot do anymore, or vice versa!) please let me know. One annoying consequence of this change is that if you've got some patches in review right now and got some votes on the former 'Code-Review' label, these have been partially lost. The history of review comments in Gerrit will still show that somebody had voted Code-Review -1/+1 on your patch but this will no longer appear in the labels summary frame and won't count towards the approvals required to get the patch merged. I could not think of a way to avoid this issue... This should only be temporary, while we transition all in-flight patches to the new code review model. Roughly: * Existing "Code-Review -1/+1" votes will have to be replayed as "Code-Owner-Review -1/+1". * Existing "Code-Review -2/+2" votes will have to be replayed as "Maintainer-Review -1/+1". Sorry for the inconvenience. I hope, once we've gone through the transition period, these changes will make the code review process clearer to everybody. I will update the TF-A documentation to explain all of this in the coming future. Best regards, Sandrine [1] https://developer.trustedfirmware.org/w/collaboration/project-maintenance-p…

4 years, 11 months

1
0
0 0

New TrustedFirmware.org security incident process is now live

by Dan Handley

Hi all The new TrustedFirmware.org security incident process is now live. This process is described here: https://developer.trustedfirmware.org/w/collaboration/security_center/repor… Initially the process will be used for the following projects: TF-A, TF-M, OP-TEE and Mbed TLS. The security documentation for each project will be updated soon to reflect this change. If you are part of an organization that believes it should receive security vulnerability information before it is made public then please ask your relevant colleagues to register as Trusted Stakeholders as described here: https://developer.trustedfirmware.org/w/collaboration/security_center/trust… Note we prefer individuals in each organization to coordinate their registration requests with each other and to provide us with an email alias managed by your organization instead of us managing a long list of individual addresses. Best regards Dan. (on behalf of the TrustedFirmware.org security team)

4 years, 11 months

1
0
0 0

Announcing some changes around the code review label in Gerrit

by Sandrine Bailleux

Hello all, If you recall, the tf.org Project Maintenance Process [1] advocates a code review model where both code owners and maintainers need to review and approve a patch before it gets merged. Until now, the way we would record this in Gerrit was a bit cumbersome and ambiguous. * Code-Review+1 was for code owners to approve a patch. * Code-Review+2 was for maintainers to approve a patch. The submission rules in Gerrit were such that a patch needed a Code-Review+2 to be merged. This meant that if a maintainer was first to take a look at a patch and approved it (Code-Review+2), Gerrit would allow the patch to be merged without any code owners review. To align better with the Project Maintenance Process, I've done some changes in our Gerrit configuration. You will notice that the Code-Review label is gone and has been replaced by 2 new labels: * Code-Owner-Review * Maintainer-Review Stating the obvious but code owners are expected to vote on the Code-Owner-Review label and maintainers on the Maintainer-Review. Note that maintainers might also be code owners for some modules. If they are doing a "code owner" type of review on a patch, they would vote on the Code-Owner-Review label in this case. Any doubt, please ask. I hope I didn't break anything but if you notice any permissions problems (things you used to be able to do and cannot do anymore, or vice versa!) please let me know. One annoying consequence of this change is that if you've got some patches in review right now and got some votes on the former 'Code-Review' label, these have been partially lost. The history of review comments in Gerrit will still show that somebody had voted Code-Review -1/+1 on your patch but this will no longer appear in the labels summary frame and won't count towards the approvals required to get the patch merged. I could not think of a way to avoid this issue... This should only be temporary, while we transition all in-flight patches to the new code review model. Roughly: * Existing "Code-Review -1/+1" votes will have to be replayed as "Code-Owner-Review -1/+1". * Existing "Code-Review -2/+2" votes will have to be replayed as "Maintainer-Review -1/+1". Sorry for the inconvenience. I hope, once we've gone through the transition period, these changes will make the code review process clearer to everybody. I will update the TF-A documentation to explain all of this in the coming future. Best regards, Sandrine [1] https://developer.trustedfirmware.org/w/collaboration/project-maintenance-p…

4 years, 11 months

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 360213: Null pointer dereferences (NULL_RETURNS) /plat/arm/common/arm_dyn_cfg.c: 96 in arm_bl1_set_mbedtls_heap() ________________________________________________________________________________________________________ *** CID 360213: Null pointer dereferences (NULL_RETURNS) /plat/arm/common/arm_dyn_cfg.c: 96 in arm_bl1_set_mbedtls_heap() 90 * In the latter case, if we still wanted to write in the DTB the heap 91 * information, we would need to call plat_get_mbedtls_heap to retrieve 92 * the default heap's address and size. 93 */ 94 95 tb_fw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, TB_FW_CONFIG_ID); >>> CID 360213: Null pointer dereferences (NULL_RETURNS) >>> Dereferencing "tb_fw_config_info", which is known to be "NULL". 96 tb_fw_cfg_dtb = tb_fw_config_info->config_addr; 97 98 if ((tb_fw_cfg_dtb != 0UL) && (mbedtls_heap_addr != NULL)) { 99 /* As libfdt use void *, we can't avoid this cast */ 100 void *dtb = (void *)tb_fw_cfg_dtb; 101 ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/ls/click?upn=nJaKvJSIH-2FPAfmty-2BK5tYpPkl…

4 years, 11 months

1
0
0 0

TF-A Tech Forum Agenda @ Thr 2nd July 2020 16:00-1700 BST

by Joanna Farley

Hi All, The next TF-A Tech Forum is scheduled for Thu 2nd July 2020 16:00 – 17:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. Agenda: * PSA Fuzz Testing - Presented by Gary Morrison * Originally developed for TF-M PSA API’s this is a different approach to Fuzz testing to that was previously presented in the TF-A SMC Fuzz testing session a few weeks back and provides a testing approach for a the different level of PSA API testing coming to TF-A. * Optional TF-A Mailing List Topic Discussions If TF-A contributors have anything they wish to present at any future TF-A tech forum please contact me to have that scheduled. Previous sessions, both recording and presentation material can be found on the trustedfirmware.org TF-A Technical meeting webpage: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/ A scheduling tracking page is also available to help track sessions suggested and being prepared: https://developer.trustedfirmware.org/w/tf_a/tf-a-tech-forum-scheduling/ Final decisions on what will be presented will be shared a few days before the next meeting and shared on the TF-A mailing list. Thanks Joanna

4 years, 11 months

1
0
0 0

Re: [TF-A] How should we manage patches affecting multiple users?

by Joanna Farley

My take on this is perhaps not unexpectantly fairly aligned with Sandrine's. We as a project have over 30 platforms now up-streamed and the expectations is these are managed by the identified platform owners. We look to them to decide on which of any new capabilities offered are supported in their platforms. We have a strategy not to break up-streamed platforms except where we have clearly announced deprecation and this is all documented here https://trustedfirmware-a.readthedocs.io/en/latest/process/platform-compati… and where interfaces have changed and the work is trivial the submitter is expected to attempt to make a good effort to migrate platforms. To support this the current CI system hosted by Arm can only verify the builds of most platforms which is one of the gerrit approvals needed to merge a patch. Of course that does not mean the executables produced will necessarily run correctly which is where platform owners would need to assist with their own approvals and own testing if possible. With the Arm Juno platform and various Arm FVP models we do have the capability to test but that misses out all the other platforms up-streamed. With the OpenCI coming, which we owe a Tech-Forum session on BTW, the Juno and Arm FVP models will also be made available and if platform owners want they will be able to add their platforms to be tested if they want to invest the effort. Sadly migrating to the OpenCI will take time and will have to be delivered in phases but the hope is this will be useful to platform owners as well as for core changes with the visibility of the CI results. The various Arm platforms are generally owned and managed by different teams and go through the same processes as other non Arm platforms on getting patched up-streamed. So when new core features are added for new Arm hardware IP support or new software features that change behaviour as previously we still look to the platform owners to decide if they want support for these in their platforms. For some trivial changes that may be in the form of reviewing changes prepared but for others that may be deciding if they want to invest the effort to implement themselves. For core changes as well as making patches available via Gerrit for review we have been making more use of the TF-A mailing list to announce the patches are available. Indeed we are trying to make use of the mailing list while work is still in design to discuss openly decisions that need to be made which may or may not effect platforms. The Tech-Forum is also being used to present and discuss ideas and ongoing work. This is all being done to be more open about upcoming changes. We would welcome discussions on the mailing list and tech-forum sessions from platform owners about any subjects. This could be around coordinated support across platforms of new capabilities vs each platform following its own path. That of course holds challenges in coordination of effort and who's effort. Hopefully the direction of travel here for the project helps with some of the suggestions but happy to discuss more here on the mailing list of in a tech-forum meeting. Thanks Joanna On 25/06/2020, 03:16, "TF-A on behalf of Varun Wadekar via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi, >> As you said, even a small change might break a platform and unfortunately we're not in a position to detect that with the CI yet. I agree that this is a limitation today. If you remember, I have been advocating for announcing on the email alias when in doubt. That way we minimize surprises for the platform owners. >> IMO we cannot reasonably announce all such changes and I would think that contributors are responsible for keeping an eye on patches and testing them if they think they might be affected. I understand. We should announce on the mailing list, when in doubt. I strongly disagree with the second part of the statement though. Asking platform owners to keep an eye on every change defeats the purpose of upstreaming. The burden must lie on the implementer of a change to try and upgrade consumers. >> But I think that the same change might be considered as an improvement by some, and a useless/undesirable change by others. Possible. And then we take call as a community. If it makes sense for some platforms to move ahead, then that should be OK too. >> We might be able to reduce the number of build options in some cases but there will always be a need to retain most of them IMO Thinking out loud - maybe moving to runtime checks makes sense in some cases instead of makefile variables e.g. CPU erratas. We should look at each case individually. I guess, the main problem seems to be low level of testing. So any implementer wont be confident making a change that affects other platforms. That's when sending an email to the community makes sense. We tackle the situation as a team, instead of one person doing all the work. -Varun -----Original Message----- From: Sandrine Bailleux <sandrine.bailleux(a)arm.com> Sent: Wednesday, June 24, 2020 4:54 AM To: Varun Wadekar <vwadekar(a)nvidia.com> Cc: tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] How should we manage patches affecting multiple users? External email: Use caution opening links or attachments Hi Varun, Thanks for sharing your opinion. On 6/20/20 1:55 AM, Varun Wadekar wrote: > Hello @Sandrine Bailleux, > > Thanks for starting the email chain. My response to the issues you flagged in the email below. > > 1. This seems to be a bit tricky. As a consumer of an API, one would expect that it works as advertised. If the behavior changes, thus affecting the expectations or assumptions surrounding the API, then they should be announced. With so many platforms in the tree, we should always assume that even a small change will break a platform. I agree. Whenever there is clear intention to change the expectations or assumptions of an API, this should be announced and discussed. However, there are cases where we might want to rework the implementation of an API (to clean the code for example), make some improvements or extend its functionality. All of that might be done with no intent to step outside of the API original scope but still subtly break some code. As you said, even a small change might break a platform and unfortunately we're not in a position to detect that with the CI yet. IMO we cannot reasonably announce all such changes and I would think that contributors are responsible for keeping an eye on patches and testing them if they think they might be affected. > 2. For improvements, we should strive to upgrade all consumers of the API/makefile/features. This will ensure that all platforms remain current and we reduce maintenance cost in the long run. I assume, that such improvements will give birth to additional configs/makefile settings/platform variables etc. We would be signing up for a lot of maintenance by allowing some platforms to lag. > > For straight forward changes (e.g. the change under discussion) I assume that the platforms will respond and we would get the changes merged relatively fast. For controversial features, this will spark a healthy discussion in the community. I agree with you in principle. But I think that the same change might be considered as an improvement by some, and a useless/undesirable change by others. For example, the change under discussion is an improvement from our point of view. It will lower the maintenance cost, as any new file added in the GIC driver in the future will be automatically pulled in by platforms that use the newly introduced GIC makefile, without the need to update all platforms makefiles. But this might not be what everyone wants, some platform owners might prefer continue cherry-picking specific GIC source files to retain control over what they include in their firmware. In this case, is it the right thing to do to "upgrade" them? I think this is debatable. Maybe a better alternative is to simply make people aware of the change, provide a link to how the migration was done for Arm platforms in this case, so that they've got an example to guide them if they wish to embrace the change for their own platform ports. > 3. For a case where the change breaks platforms, it makes sense to just upgrade all of them. > >>> Now the question we were pondering in Gerrit is, where does the responsibility of migrating all platforms/users lie for all these types of changes? Is the patch author responsible to do all the work? > > [VW] IMO, the author of such a patch is the best person to upgrade all affected platforms/users. The main reason being that he/she is already an expert for the patch. Agree that the patch author is an expert for his own patch but that does not mean he's also an expert on how his patch should be applied for another platform port he's not familiar with. > But, this might not be true in some cases where the author will need help from the community. For such cases, we should ask for help on the mailing list. Yes, I think such cases require collaboration indeed. > I also want to highlight the dangers of introducing make variables as a solution. The current situation is already unmanageable with so many build variables and weak handlers. We should try and avoid adding more. Not sure how this ties with the original discussions but I agree with you, we've got far too many build options in this project. This makes testing a lot harder, as it means we have hundreds of valid combinations of build options to verify. It also makes the code harder to read and understand because it is sprinkled with #ifdefs. Hopefully, switching to a KConfig-like configuration system in the future will help alleviate this issue, as at least it will allow us to express the valid combinations of build options in a more robust manner (today the build system tries to forbid invalid combinations but I am sure it's far from exhaustive in these types of checks) and also visualize what's been enabled/disabled more easily for a specific build. Even though I acknowledge this problem, I am not sure we can completely solve it. Firmware is not general-purpose software and it requires a lot more control over the features you include or not because of stricter memory and CPU constraints. I think people need a way to turn on/off features at a fine granularity. We might be able to reduce the number of build options in some cases but there will always be a need to retain most of them IMO. > Finally, I agree that there's no silver bullet and we have to deal with each situation differently. Communication is key, as you rightly said. As long we involve the community, we should be OK. > > -Varun > > -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of > Sandrine Bailleux via TF-A > Sent: Friday, June 19, 2020 2:57 AM > To: tf-a <tf-a(a)lists.trustedfirmware.org> > Subject: [TF-A] How should we manage patches affecting multiple users? > > External email: Use caution opening links or attachments > > > Hello everyone, > > I would like to start a discussion around the way we want to handle changes that affect all platforms/users. This subject came up in this code review [1]. > > I'll present my views on the subject and would like to know what others think. > > First of all, what do we mean by "changes that affect all platforms"? It would be any change that is not self-contained within a platform port. > IOW, a change in some file outside of the plat/ directory. It could be in a driver, in a library, in the build system, in the platform interfaces called by the generic code... the list goes on. > > 1. Some are just implementation changes, they leave the interfaces unchanged. These do not break other platforms builds since the call sites don't need to be updated. However, they potentially change the responsibilities of the interface, in which case this might introduce behavioral changes that all users of the interface need to be aware of and adapt their code to. > > 2. Some other changes might introduce optional improvements. They introduce a new way of doing things, perhaps a cleaner or more efficient one. Users can safely stay with the old way of doing things without fear of breakage but they would benefit from migrating. > > This is the case of Alexei's patch [1], which introduces an > intermediate > GICv2 makefile, that Arm platforms now include instead of pulling each individual file by themselves. At this point, it is just an improvement that introduces an indirection level in the build system. This is an improvement in terms of maintainability because if we add a new essential file to this driver in the future, we'll just need to add it in this new GICv2 makefile without having to update all platforms makefiles. However, platform makefiles can continue to pull in individual files if they wish to. > > 3. Some other changes might break backwards compatibility. This is something we should avoid as much as possible and we should always strive to provide a migration path. But there are cases where there might be no other way than to break things. In this case, all users have to be migrated. > > > Now the question we were pondering in Gerrit is, where does the responsibility of migrating all platforms/users lie for all these types of changes? Is the patch author responsible to do all the work? > > I think it's hard to come up with a one-size-fits-all answer. It really depends on the nature of changes, their consequences, the amount of work needed to do the migration, the ability for the patch author to test these changes, to name a few. > > I believe the patch author should migrate all users on a best-effort basis. If it's manageable then they should do the work and propose a patch to all affected users for them to review and test on their platforms. > > On the other hand, if it's too much work or impractical, then I think the best approach would be for the patch author to announce and discuss the changes on this mailing list. In some scenarios, the changes might be controversial and not all platform owners might agree that the patch brings enough benefit compared to the migration effort, in which case the changes might have to be withdrawn or re-thought. In any case, I believe communication is key here and no one should take any unilateral decision on their own if it affects other users. > > I realize this is a vast subject and that we probably won't come up with an answer/reach an agreement on all the aspects of the question. But I'd be interested in hearing other contributors' view and if they've got any experience managing these kinds of issues, perhaps in other open source project. > > Best regards, > Sandrine > > [1] > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4538 > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

1
0
0 0

Re: [TF-A] Question on authenticating FIP images

by Sandrine Bailleux

Hi, On 6/25/20 3:24 AM, Raghu K via TF-A wrote: > One option you can look at is in bl1_fwu.c if you already haven't, in > bl1_fwu_image_auth() function, that uses the auth_mod_verify_img, which > is provided an image id, address and size. You can repeatedly call this > function on the different image ID's that you have in your FIP. You will > likely need to calculate the address to pass to this function based on > reading the FIP header(maybe you can use the IO framework for this by > opening different image ID's). > Don't think there is a straight forward way but what you are trying to > do should be achievable using existing code, rearranged to fit your needs. Yes, Raghu's approach sounds right to me. As he pointed out, this is not something that's supported out of the box because the firmware update feature is normally invoked through an SMC into BL1 as part of the firmware update flow early during the boot. Things are different in your case as you're looking to provide this feature much later as a runtime service so this will surely require some amount of tweaking but sounds feasible to me. Best regards, Sandrine > > Thanks > Raghu > > On 6/24/20 12:42 PM, arm in-cloud via TF-A wrote: >> Hi Sandrine, >> >> Waiting for your suggestions on this query. >> >> Thanks >> >> On Mon, Jun 22, 2020 at 3:40 PM arm in-cloud via TF-A >> <tf-a(a)lists.trustedfirmware.org >> <mailto:tf-a@lists.trustedfirmware.org>> wrote: >> >> <Posting the question to tf-a mailing list from Maniphest and >> copied all previous conversation> >> >> Hi, >> >> On our boards I have an external security chip which communicates >> with AP (application processor) over a encrypted communication >> channel. I have a communication driver/PTA running in a Secure >> Playload (OPTEE) running in S-EL1. My firmware update workflow >> (FIP.BIN) is as below. >> >> In our design, we have QSPI from where AP boots up (regular TF-A >> workflow) this QSPI is also accessible from external Security chip >> (which is responsible for AP/SOC's firmware update) >> On software side, I have a Non-Secure application which receives >> the prebuilt binary (FIP.BIN) it chopps the binary in fixed sized >> buffers and send to OPTEE-PTA which internally sends the binary to >> Security chip (which then validates and writes to QSPI). >> >> Now in this firmware update flow, I want to do following things. >> >> 1. I want to validate/authenticate the FIP image before sending >> to security chip. If it authentication is successful only then >> send the image to security chip. >> >> This is what I am planning:- >> >> 1. Receive the whole FIP.BIN from NS-APP and store it in RAM (in >> OPTEE's RAM) >> 2. I am planning to implement a SIP service in TF-A which will >> receive the address and size of FIP.BIN in RAM. >> 3. Calls in to auth_mod driver for authentication of the image. >> >> I don't want to update the images immediately I just needs to >> authenticate the images within FIP.BIN >> >> To design this feature, I started looking in to BL1 & BL2 code but >> not sure how much piece if code I can reuse or use. >> Also I looked in to fwu test apps if I can mimic something but >> looks the fwu implementation is absolutely different. >> >> My question is how do I just use the authentication functionality >> available in TF-A for my purpose. >> >> Appreciate your help! >> >> >> >> >> sandrine-bailleux-arm >> <https://developer.trustedfirmware.org/p/sandrine-bailleux-arm/> added >> a subscriber: sandrine-bailleux-arm >> <https://developer.trustedfirmware.org/p/sandrine-bailleux-arm/>.Tue, >> Jun 16, 6:50 AM <https://developer.trustedfirmware.org/T763#9015> >> >> <https://developer.trustedfirmware.org/T763#> >> >> Hi, >> >> Apologies for the delay, I had missed this ticket... Generally >> speaking, it's better to post questions on the TF-A mailing list >> [1], it's got far better visibility than Maniphest (which few >> people monitor I believe) and you are more likely to get a quick >> answer there. >> >> First of all, I've got a few questions that would help me >> understand your design. >> >> 1. You say that OPTEE-PTA would store the FIP image in its RAM. I >> am assuming this is secure RAM, that only secure software can >> access, right? If not, this would not seem very secure to me, >> as the normal world software could easily change the FIP image >> after it has been authenticated and replace it with some >> malicious firmware. >> >> 2. You'd like to implement a SiP service in TF-A to authenticate >> the FIP image, given its base address and size. Now I am >> guessing this would be an address in OPTEE's RAM, right? >> >> 3. What cryptographic key would sign the FIP image? Would TF-A >> have access to this key to authenticate it? >> >> 4. What would need authentication? The FIP image as a monolithic >> blob, or each individual image within this FIP? And in the >> latter case, would all images be authenticated using the same >> key or would different images be signed with different keys? >> >> Now, coming back to where to look into TF-A source code. You're >> looking in the right place, all Trusted Boot code is indeed built >> into BL1 and BL2 in TF-A. The following two documents detail how >> the authentication framework and firmware update flow work in TF-A >> and are worth reading if you haven't done so already: >> >> https://trustedfirmware-a.readthedocs.io/en/latest/design/auth-framework.ht… >> https://trustedfirmware-a.readthedocs.io/en/latest/components/firmware-upda… >> >> I reckon you'd want to reuse the cryptographic module in your >> case. It provides a callback to verify the signature of some >> payload, see [2] and include/drivers/auth/crypto_mod.h. However, I >> expect it won't be straight forward to reuse this code outside of >> its context, as it expects DER-encoded data structures following a >> specific ASN.1 format. Typically when used in the TF-A trusted >> boot flow, these are coming from X.509 certificates, which already >> provide the data structures in the right format. >> >> Best regards, >> Sandrine Bailleux >> >> [1] https://lists.trustedfirmware.org/mailman/listinfo/tf-a >> [2] https://trustedfirmware-a.readthedocs.io/en/latest/design/auth-framework.ht… >> >> >> arm-in-cloud >> <https://developer.trustedfirmware.org/p/arm-in-cloud/> added a >> comment.Edited · Wed, Jun 17, 11:42 AM >> <https://developer.trustedfirmware.org/T763#9018> >> >> <https://developer.trustedfirmware.org/T763#> >> >> Thank you Sandrine for your feedback. >> >> Following are the answers to your questions: >> >> 1. Yes, the image will be stored in to OPTEEs secured memory. I >> am guessing TF-A gets access to this memory. >> 2. Yes, the OPTEE's secure memory address and Size will be passed >> to the SiP service running in TF-A. >> 3. These are RSA keys, in my case only TF-A has access to these >> keys. On a regular boot these are the same keys used to >> authenticate the images (BL31, BL32 & BL33) in the FIP stored >> in the QSPI. >> 4. Yes all images will be authenticated using same key. >> >> Thanks for the documentation links, from the firmware-update doc. >> I am mainly trying to use IMAGE_AUTH part. In my case COPY is >> already done just needs AUTH part and once AUTH is successful, >> optee will pass that payload the security chip for update. And >> after rebooting my device will boot with new firmware. (In my case >> we always reboot after firmware updates). >> >> Do you want me to post this query again on the TF-A mailing list? >> >> Thank you! >> >> >> >> sandrine-bailleux-arm >> <https://developer.trustedfirmware.org/p/sandrine-bailleux-arm/> added >> a comment.Fri, Jun 19, 3:09 AM >> <https://developer.trustedfirmware.org/T763#9032> >> >> <https://developer.trustedfirmware.org/T763#> >> >> Hi, >> >> OK I understand a bit better, thanks for the details. >> >> Do you want me to post this query again on the TF-A mailing list? >> >> If it's not too much hassle for you then yes, I think it'd be >> preferable to continue the discussion on the TF-A mailing list. I >> will withhold my comments until then. >> >> >> >> -- >> TF-A mailing list >> TF-A(a)lists.trustedfirmware.org <mailto:TF-A@lists.trustedfirmware.org> >> https://lists.trustedfirmware.org/mailman/listinfo/tf-a >> >> > >

4 years, 11 months

2
1
0 0

Re: [TF-A] Unit Test tech forum follow-up

by Varun Wadekar

Hello Lauren, Thanks for answering the open items from the tech forum. Just curious, do you know if CppUTest can also consider a set of C files as a unit instead of a single function? This is the policy we have adopted internally, but with an automated tool to generate the unit tests. Cheers, Varun From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Lauren Wehrmeister via TF-A Sent: Thursday, June 25, 2020 10:52 AM To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] Unit Test tech forum follow-up External email: Use caution opening links or attachments Following up about some questions from my presentation at the tech forum on the TF-A unit testing framework. In regards to the other tool that was investigated alongside CppUTest, it was Google Test<https://github.com/google/googletest>. The main reason for choosing CppUTest was that it is easily portable to new platforms and has a small footprint despite its feature set. This could be very useful if we want to use it on hardware (not on the host machine) in the future, even if it only has a small amount of memory. Google test is very good for testing user space applications, but most of its features require pthread, file system, and other services of the operating system which we usually don't have in an embedded environment. So we chose CppUTest because it fits for both host and target based testing so we won't end up using different frameworks in the same project. Something to note is that CppUTest has an option<https://cpputest.github.io/manual.html#gtest> for running Google Test based test cases too, but the intention is to keep the framework clean by using only CppUTest. Also c-picker can support parsing large data structures since the tool uses PyYAML for parsing the config files and clang for processing the source files. Thanks, Lauren

4 years, 11 months

2
1
0 0

Unit Test tech forum follow-up

by Lauren Wehrmeister

Following up about some questions from my presentation at the tech forum on the TF-A unit testing framework. In regards to the other tool that was investigated alongside CppUTest, it was Google Test<https://github.com/google/googletest>. The main reason for choosing CppUTest was that it is easily portable to new platforms and has a small footprint despite its feature set. This could be very useful if we want to use it on hardware (not on the host machine) in the future, even if it only has a small amount of memory. Google test is very good for testing user space applications, but most of its features require pthread, file system, and other services of the operating system which we usually don't have in an embedded environment. So we chose CppUTest because it fits for both host and target based testing so we won't end up using different frameworks in the same project. Something to note is that CppUTest has an option<https://cpputest.github.io/manual.html#gtest> for running Google Test based test cases too, but the intention is to keep the framework clean by using only CppUTest. Also c-picker can support parsing large data structures since the tool uses PyYAML for parsing the config files and clang for processing the source files. Thanks, Lauren

4 years, 11 months

1
0
0 0

Re: [TF-A] How should we manage patches affecting multiple users?

by Varun Wadekar

Hello @Sandrine Bailleux, Thanks for starting the email chain. My response to the issues you flagged in the email below. 1. This seems to be a bit tricky. As a consumer of an API, one would expect that it works as advertised. If the behavior changes, thus affecting the expectations or assumptions surrounding the API, then they should be announced. With so many platforms in the tree, we should always assume that even a small change will break a platform. 2. For improvements, we should strive to upgrade all consumers of the API/makefile/features. This will ensure that all platforms remain current and we reduce maintenance cost in the long run. I assume, that such improvements will give birth to additional configs/makefile settings/platform variables etc. We would be signing up for a lot of maintenance by allowing some platforms to lag. For straight forward changes (e.g. the change under discussion) I assume that the platforms will respond and we would get the changes merged relatively fast. For controversial features, this will spark a healthy discussion in the community. 3. For a case where the change breaks platforms, it makes sense to just upgrade all of them. >> Now the question we were pondering in Gerrit is, where does the responsibility of migrating all platforms/users lie for all these types of changes? Is the patch author responsible to do all the work? [VW] IMO, the author of such a patch is the best person to upgrade all affected platforms/users. The main reason being that he/she is already an expert for the patch. But, this might not be true in some cases where the author will need help from the community. For such cases, we should ask for help on the mailing list. I also want to highlight the dangers of introducing make variables as a solution. The current situation is already unmanageable with so many build variables and weak handlers. We should try and avoid adding more. Finally, I agree that there's no silver bullet and we have to deal with each situation differently. Communication is key, as you rightly said. As long we involve the community, we should be OK. -Varun -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Sandrine Bailleux via TF-A Sent: Friday, June 19, 2020 2:57 AM To: tf-a <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] How should we manage patches affecting multiple users? External email: Use caution opening links or attachments Hello everyone, I would like to start a discussion around the way we want to handle changes that affect all platforms/users. This subject came up in this code review [1]. I'll present my views on the subject and would like to know what others think. First of all, what do we mean by "changes that affect all platforms"? It would be any change that is not self-contained within a platform port. IOW, a change in some file outside of the plat/ directory. It could be in a driver, in a library, in the build system, in the platform interfaces called by the generic code... the list goes on. 1. Some are just implementation changes, they leave the interfaces unchanged. These do not break other platforms builds since the call sites don't need to be updated. However, they potentially change the responsibilities of the interface, in which case this might introduce behavioral changes that all users of the interface need to be aware of and adapt their code to. 2. Some other changes might introduce optional improvements. They introduce a new way of doing things, perhaps a cleaner or more efficient one. Users can safely stay with the old way of doing things without fear of breakage but they would benefit from migrating. This is the case of Alexei's patch [1], which introduces an intermediate GICv2 makefile, that Arm platforms now include instead of pulling each individual file by themselves. At this point, it is just an improvement that introduces an indirection level in the build system. This is an improvement in terms of maintainability because if we add a new essential file to this driver in the future, we'll just need to add it in this new GICv2 makefile without having to update all platforms makefiles. However, platform makefiles can continue to pull in individual files if they wish to. 3. Some other changes might break backwards compatibility. This is something we should avoid as much as possible and we should always strive to provide a migration path. But there are cases where there might be no other way than to break things. In this case, all users have to be migrated. Now the question we were pondering in Gerrit is, where does the responsibility of migrating all platforms/users lie for all these types of changes? Is the patch author responsible to do all the work? I think it's hard to come up with a one-size-fits-all answer. It really depends on the nature of changes, their consequences, the amount of work needed to do the migration, the ability for the patch author to test these changes, to name a few. I believe the patch author should migrate all users on a best-effort basis. If it's manageable then they should do the work and propose a patch to all affected users for them to review and test on their platforms. On the other hand, if it's too much work or impractical, then I think the best approach would be for the patch author to announce and discuss the changes on this mailing list. In some scenarios, the changes might be controversial and not all platform owners might agree that the patch brings enough benefit compared to the migration effort, in which case the changes might have to be withdrawn or re-thought. In any case, I believe communication is key here and no one should take any unilateral decision on their own if it affects other users. I realize this is a vast subject and that we probably won't come up with an answer/reach an agreement on all the aspects of the question. But I'd be interested in hearing other contributors' view and if they've got any experience managing these kinds of issues, perhaps in other open source project. Best regards, Sandrine [1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4538 -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

2
2
0 0

Re: [TF-A] Question on authenticating FIP images

by Raghu K

4 years, 11 months

1
0
0 0

Re: [TF-A] Question on authenticating FIP images

by arm in-cloud

Hi Sandrine, Waiting for your suggestions on this query. Thanks On Mon, Jun 22, 2020 at 3:40 PM arm in-cloud via TF-A < tf-a(a)lists.trustedfirmware.org> wrote: > <Posting the question to tf-a mailing list from Maniphest and copied all > previous conversation> > > Hi, > > On our boards I have an external security chip which communicates with AP > (application processor) over a encrypted communication channel. I have a > communication driver/PTA running in a Secure Playload (OPTEE) running in > S-EL1. My firmware update workflow (FIP.BIN) is as below. > > In our design, we have QSPI from where AP boots up (regular TF-A workflow) > this QSPI is also accessible from external Security chip (which is > responsible for AP/SOC's firmware update) > On software side, I have a Non-Secure application which receives the > prebuilt binary (FIP.BIN) it chopps the binary in fixed sized buffers and > send to OPTEE-PTA which internally sends the binary to Security chip (which > then validates and writes to QSPI). > > Now in this firmware update flow, I want to do following things. > > 1. I want to validate/authenticate the FIP image before sending to > security chip. If it authentication is successful only then send the image > to security chip. > > This is what I am planning:- > > 1. Receive the whole FIP.BIN from NS-APP and store it in RAM (in > OPTEE's RAM) > 2. I am planning to implement a SIP service in TF-A which will receive > the address and size of FIP.BIN in RAM. > 3. Calls in to auth_mod driver for authentication of the image. > > I don't want to update the images immediately I just needs to authenticate > the images within FIP.BIN > > To design this feature, I started looking in to BL1 & BL2 code but not > sure how much piece if code I can reuse or use. > Also I looked in to fwu test apps if I can mimic something but looks the > fwu implementation is absolutely different. > > My question is how do I just use the authentication functionality > available in TF-A for my purpose. > > Appreciate your help! > > > > > sandrine-bailleux-arm > <https://developer.trustedfirmware.org/p/sandrine-bailleux-arm/> added a > subscriber: sandrine-bailleux-arm > <https://developer.trustedfirmware.org/p/sandrine-bailleux-arm/>.Tue, Jun > 16, 6:50 AM <https://developer.trustedfirmware.org/T763#9015> > > <https://developer.trustedfirmware.org/T763#> > > Hi, > > Apologies for the delay, I had missed this ticket... Generally speaking, > it's better to post questions on the TF-A mailing list [1], it's got far > better visibility than Maniphest (which few people monitor I believe) and > you are more likely to get a quick answer there. > > First of all, I've got a few questions that would help me understand your > design. > > 1. You say that OPTEE-PTA would store the FIP image in its RAM. I am > assuming this is secure RAM, that only secure software can access, right? > If not, this would not seem very secure to me, as the normal world software > could easily change the FIP image after it has been authenticated and > replace it with some malicious firmware. > > > 1. You'd like to implement a SiP service in TF-A to authenticate the > FIP image, given its base address and size. Now I am guessing this would be > an address in OPTEE's RAM, right? > > > 1. What cryptographic key would sign the FIP image? Would TF-A have > access to this key to authenticate it? > > > 1. What would need authentication? The FIP image as a monolithic blob, > or each individual image within this FIP? And in the latter case, would all > images be authenticated using the same key or would different images be > signed with different keys? > > Now, coming back to where to look into TF-A source code. You're looking in > the right place, all Trusted Boot code is indeed built into BL1 and BL2 in > TF-A. The following two documents detail how the authentication framework > and firmware update flow work in TF-A and are worth reading if you haven't > done so already: > > > https://trustedfirmware-a.readthedocs.io/en/latest/design/auth-framework.ht… > > https://trustedfirmware-a.readthedocs.io/en/latest/components/firmware-upda… > > I reckon you'd want to reuse the cryptographic module in your case. It > provides a callback to verify the signature of some payload, see [2] and > include/drivers/auth/crypto_mod.h. However, I expect it won't be straight > forward to reuse this code outside of its context, as it expects > DER-encoded data structures following a specific ASN.1 format. Typically > when used in the TF-A trusted boot flow, these are coming from X.509 > certificates, which already provide the data structures in the right format. > > Best regards, > Sandrine Bailleux > > [1] https://lists.trustedfirmware.org/mailman/listinfo/tf-a > [2] > https://trustedfirmware-a.readthedocs.io/en/latest/design/auth-framework.ht… > > > arm-in-cloud <https://developer.trustedfirmware.org/p/arm-in-cloud/> added > a comment.Edited · Wed, Jun 17, 11:42 AM > <https://developer.trustedfirmware.org/T763#9018> > > <https://developer.trustedfirmware.org/T763#> > > Thank you Sandrine for your feedback. > > Following are the answers to your questions: > > 1. Yes, the image will be stored in to OPTEEs secured memory. I am > guessing TF-A gets access to this memory. > 2. Yes, the OPTEE's secure memory address and Size will be passed to > the SiP service running in TF-A. > 3. These are RSA keys, in my case only TF-A has access to these keys. > On a regular boot these are the same keys used to authenticate the images > (BL31, BL32 & BL33) in the FIP stored in the QSPI. > 4. Yes all images will be authenticated using same key. > > Thanks for the documentation links, from the firmware-update doc. I am > mainly trying to use IMAGE_AUTH part. In my case COPY is already done just > needs AUTH part and once AUTH is successful, optee will pass that payload > the security chip for update. And after rebooting my device will boot with > new firmware. (In my case we always reboot after firmware updates). > > Do you want me to post this query again on the TF-A mailing list? > > Thank you! > > > > sandrine-bailleux-arm > <https://developer.trustedfirmware.org/p/sandrine-bailleux-arm/> added a > comment.Fri, Jun 19, 3:09 AM > <https://developer.trustedfirmware.org/T763#9032> > > <https://developer.trustedfirmware.org/T763#> > > Hi, > > OK I understand a bit better, thanks for the details. > > Do you want me to post this query again on the TF-A mailing list? > > If it's not too much hassle for you then yes, I think it'd be preferable > to continue the discussion on the TF-A mailing list. I will withhold my > comments until then. > > > > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a >

4 years, 11 months

1
0
0 0

Re: [TF-A] Unhandled Exception at EL3 in BL31 for Neoverse N1 with direct connect of DSU

by Witkowski, Andrzej

Sorry for a delay. I didn't have a bandwidth for doing it. I asked my teammate Marcin Salnik for testing the fix https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3493 on our Veloce emulator. Now, I can confirm that this fix works. ACC BL31 booted. From: Varun Wadekar <vwadekar(a)nvidia.com> Sent: Monday, June 01, 2020 8:57 PM To: Witkowski, Andrzej <andrzej.witkowski(a)intel.com> Cc: Lessnau, Adam <adam.lessnau(a)intel.com>; tf-a(a)lists.trustedfirmware.org Subject: RE: Unhandled Exception at EL3 in BL31 for Neoverse N1 with direct connect of DSU Hi, I believe the fix for this issue is part of https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3493. Can you please try that change? -Varun From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org<mailto:tf-a-bounces@lists.trustedfirmware.org>> On Behalf Of Witkowski, Andrzej via TF-A Sent: Monday, June 1, 2020 7:08 AM To: tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> Cc: Witkowski, Andrzej <andrzej.witkowski(a)intel.com<mailto:andrzej.witkowski@intel.com>>; Lessnau, Adam <adam.lessnau(a)intel.com<mailto:adam.lessnau@intel.com>> Subject: [TF-A] Unhandled Exception at EL3 in BL31 for Neoverse N1 with direct connect of DSU External email: Use caution opening links or attachments Hi, I work on project which uses ARM CPU Neoverse N1 with direct connect of DSU. I noticed the following error "Unhandled Exception at EL3" in BL31 bootloader after switching from ATF 2.1 to 2.2. The root cause is that after invoking neoverse_n1_errata-report function in lib/cpus/aarch64/neoverse_n1.S file and reaching the line 525, the function check_errata_dsu_934 in lib/cpus/aarch64/dsu_helpers.S file is always invoked regardless of whether ERRATA_DSU_936184 is set to 0 or to 1. In our case, ERRATA_DSU_936184 := 0. [cid:image001.png@01D64A40.BBEF1AA0] [cid:image002.png@01D64A40.BBEF1AA0] Neoverse N1 with direct connect version of DSU doesn't contain SCU/L3 cache and CLUSTERCFR_EL1 register. The error "Unhandled Exception at EL3" appears in BL31 bootloader during attempt to read the CLUSTERCFR_EL1 register which doesn't exist in our RTL HW. Andrzej Witkowskie Intel Technology Poland --------------------------------------------------------------------- Intel Technology Poland sp. z o.o. ul. Słowackiego 173 | 80-298 Gdańsk | Sąd Rejonowy Gdańsk Północ | VII Wydział Gospodarczy Krajowego Rejestru Sądowego - KRS 101882 | NIP 957-07-52-316 | Kapitał zakładowy 200.000 PLN. Ta wiadomość wraz z załącznikami jest przeznaczona dla określonego adresata i może zawierać informacje poufne. W razie przypadkowego otrzymania tej wiadomości, prosimy o powiadomienie nadawcy oraz trwałe jej usunięcie; jakiekolwiek przeglądanie lub rozpowszechnianie jest zabronione. This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). If you are not the intended recipient, please contact the sender and delete all copies; any review or distribution by others is strictly prohibited. --------------------------------------------------------------------- Intel Technology Poland sp. z o.o. ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP 957-07-52-316 | Kapita zakadowy 200.000 PLN. Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata i moe zawiera informacje poufne. W razie przypadkowego otrzymania tej wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). If you are not the intended recipient, please contact the sender and delete all copies; any review or distribution by others is strictly prohibited.

4 years, 11 months

1
0
0 0

Question on authenticating FIP images

by arm in-cloud

<Posting the question to tf-a mailing list from Maniphest and copied all previous conversation> Hi, On our boards I have an external security chip which communicates with AP (application processor) over a encrypted communication channel. I have a communication driver/PTA running in a Secure Playload (OPTEE) running in S-EL1. My firmware update workflow (FIP.BIN) is as below. In our design, we have QSPI from where AP boots up (regular TF-A workflow) this QSPI is also accessible from external Security chip (which is responsible for AP/SOC's firmware update) On software side, I have a Non-Secure application which receives the prebuilt binary (FIP.BIN) it chopps the binary in fixed sized buffers and send to OPTEE-PTA which internally sends the binary to Security chip (which then validates and writes to QSPI). Now in this firmware update flow, I want to do following things. 1. I want to validate/authenticate the FIP image before sending to security chip. If it authentication is successful only then send the image to security chip. This is what I am planning:- 1. Receive the whole FIP.BIN from NS-APP and store it in RAM (in OPTEE's RAM) 2. I am planning to implement a SIP service in TF-A which will receive the address and size of FIP.BIN in RAM. 3. Calls in to auth_mod driver for authentication of the image. I don't want to update the images immediately I just needs to authenticate the images within FIP.BIN To design this feature, I started looking in to BL1 & BL2 code but not sure how much piece if code I can reuse or use. Also I looked in to fwu test apps if I can mimic something but looks the fwu implementation is absolutely different. My question is how do I just use the authentication functionality available in TF-A for my purpose. Appreciate your help! sandrine-bailleux-arm <https://developer.trustedfirmware.org/p/sandrine-bailleux-arm/> added a subscriber: sandrine-bailleux-arm <https://developer.trustedfirmware.org/p/sandrine-bailleux-arm/>.Tue, Jun 16, 6:50 AM <https://developer.trustedfirmware.org/T763#9015> <https://developer.trustedfirmware.org/T763#> Hi, Apologies for the delay, I had missed this ticket... Generally speaking, it's better to post questions on the TF-A mailing list [1], it's got far better visibility than Maniphest (which few people monitor I believe) and you are more likely to get a quick answer there. First of all, I've got a few questions that would help me understand your design. 1. You say that OPTEE-PTA would store the FIP image in its RAM. I am assuming this is secure RAM, that only secure software can access, right? If not, this would not seem very secure to me, as the normal world software could easily change the FIP image after it has been authenticated and replace it with some malicious firmware. 1. You'd like to implement a SiP service in TF-A to authenticate the FIP image, given its base address and size. Now I am guessing this would be an address in OPTEE's RAM, right? 1. What cryptographic key would sign the FIP image? Would TF-A have access to this key to authenticate it? 1. What would need authentication? The FIP image as a monolithic blob, or each individual image within this FIP? And in the latter case, would all images be authenticated using the same key or would different images be signed with different keys? Now, coming back to where to look into TF-A source code. You're looking in the right place, all Trusted Boot code is indeed built into BL1 and BL2 in TF-A. The following two documents detail how the authentication framework and firmware update flow work in TF-A and are worth reading if you haven't done so already: https://trustedfirmware-a.readthedocs.io/en/latest/design/auth-framework.ht… https://trustedfirmware-a.readthedocs.io/en/latest/components/firmware-upda… I reckon you'd want to reuse the cryptographic module in your case. It provides a callback to verify the signature of some payload, see [2] and include/drivers/auth/crypto_mod.h. However, I expect it won't be straight forward to reuse this code outside of its context, as it expects DER-encoded data structures following a specific ASN.1 format. Typically when used in the TF-A trusted boot flow, these are coming from X.509 certificates, which already provide the data structures in the right format. Best regards, Sandrine Bailleux [1] https://lists.trustedfirmware.org/mailman/listinfo/tf-a [2] https://trustedfirmware-a.readthedocs.io/en/latest/design/auth-framework.ht… arm-in-cloud <https://developer.trustedfirmware.org/p/arm-in-cloud/> added a comment.Edited · Wed, Jun 17, 11:42 AM <https://developer.trustedfirmware.org/T763#9018> <https://developer.trustedfirmware.org/T763#> Thank you Sandrine for your feedback. Following are the answers to your questions: 1. Yes, the image will be stored in to OPTEEs secured memory. I am guessing TF-A gets access to this memory. 2. Yes, the OPTEE's secure memory address and Size will be passed to the SiP service running in TF-A. 3. These are RSA keys, in my case only TF-A has access to these keys. On a regular boot these are the same keys used to authenticate the images (BL31, BL32 & BL33) in the FIP stored in the QSPI. 4. Yes all images will be authenticated using same key. Thanks for the documentation links, from the firmware-update doc. I am mainly trying to use IMAGE_AUTH part. In my case COPY is already done just needs AUTH part and once AUTH is successful, optee will pass that payload the security chip for update. And after rebooting my device will boot with new firmware. (In my case we always reboot after firmware updates). Do you want me to post this query again on the TF-A mailing list? Thank you! sandrine-bailleux-arm <https://developer.trustedfirmware.org/p/sandrine-bailleux-arm/> added a comment.Fri, Jun 19, 3:09 AM <https://developer.trustedfirmware.org/T763#9032> <https://developer.trustedfirmware.org/T763#> Hi, OK I understand a bit better, thanks for the details. Do you want me to post this query again on the TF-A mailing list? If it's not too much hassle for you then yes, I think it'd be preferable to continue the discussion on the TF-A mailing list. I will withhold my comments until then.

4 years, 11 months

1
0
0 0

Re: [TF-A] GICV3: system interface EOI ordering RFC

by Sandeep Tripathy

Hi Raghu, > -----Original Message----- > From: TF-A [mailto:tf-a-bounces@lists.trustedfirmware.org] On Behalf Of > Raghu Krishnamurthy via TF-A > Sent: Monday, June 08, 2020 7:09 PM > To: tf-a(a)lists.trustedfirmware.org > Subject: Re: [TF-A] GICV3: system interface EOI ordering RFC > > Hello, > > Sorry for chiming in late. Are we sure that the msr/mrs to the GICv3 EOI > register is not a context synchronizing event or ensures ordering itself > ? Also did the addition of DSB() fix the issue ? If yes, can you try > adding a delay or a few NOP's/dummy instructions or an ISB to see if the > issue goes away? Yes these experiments were done to observe the behavior which led to this change. A definitive confirmation of how core treats these accesses can be only be from arm core team or by actually probing the transfers. I had a response from arm support on the very same question which reads as follows: "In theory, the memory barrier should be placed between the clearing of the peripheral and the access to the EOI register". In a slightly unrelated case I had observed this with NVIC on axi probe and there is no feasibility to repeat this with GICv3 at the moment. > > We need to know the right thing to do architecturally and confirm that > the issue is really due to reordering at the core before adding the DSB. > Adding a DSB might be masking a timing issue. Is the above response and what Soby had confirmed sufficient ? or could someone from arm get this reconfirmed from core design unless it is obvious to them ? And this is equally applicable to linux as well. > > -Raghu > Thanks Sandeep > > > On 6/8/20 4:47 AM, Sandeep Tripathy via TF-A wrote: > >> -----Original Message----- > >> From: Soby Mathew [mailto:Soby.Mathew@arm.com] > >> Sent: Monday, June 08, 2020 3:36 PM > >> To: Sandeep Tripathy; Olivier Deprez; tf-a(a)lists.trustedfirmware.org > >> Cc: nd > >> Subject: RE: [TF-A] GICV3: system interface EOI ordering RFC > >> > >> Just some inputs from my side: > >> I agree we need at least a dsb() after the write to MMIO region to > >> silence > >> the > >> peripheral and before the EOI at GIC sysreg interface. Adding it to the > >> GIC EOI > > > > Thanks for the confirmation. Now it’s about choosing the right place. > > > >> API seems the logical thing to do but as Olivier mentions, there are > >> interrupt > >> handler which do not deal with MMIO (eg: the Systimer interrupt) so > >> adding > >> it > >> to GICv3 API might be arduous for such handlers. > >> > >> So there is a choice here to let the interrupt handlers to deal with > >> ensuring > >> completeness before EOI at sysreg interface or adding it to GICv3 EOI > >> API > >> and > >> take the overhead for interrupt handlers which do not have to deal with > >> MMIO. > >> > > > > Yes I feel either of these is a must to guarantee functionality > > architecturally though > > both approach end up with some unnecessary overhead. > > > > If GICv3 api takes care then it is an overhead for some ISRs dealing > > with > > non-MMIO. > > At present I do not see an active use case in reference implementation > > where > > sys timer > > ISR is in a performance intensive path where one additional DSB will be > > perceivable. > > But there may be some I could be totally wrong in this assumption > (pmu/debug > > or.. not sure). > > Whereas I can certainly imagine some MMIO ISRs in performance critical > > path > > where unnecessary > > DSB is not acceptable at all. > > > > If the interrupt handler needs to ensure then it will generically add > > 'DSB' > > as I think > > the driver cannot and should not make assumptions about how EOI is done > > afterwards. > > That will be overhead for the ISRs dealing with MMIO peripherals and non > > GIC-v3. > > If we consider only GICv3+ then good. Otherwise I would prefer the > > 'plat_ic_end_of_interrupt' > > like Olivier mentioned with a #if GICv3 instead of each ISRs dealing > > with > > it. > > > >> The GICv3 legacy MMIO CPU interface is deprecated for TF-A and the sys > >> interface is the only one GICv3 driver in TF-A supports. > > > > Right we can ignore the GICv3 legacy mode but GICv2 will still remain ? > > > >> > >> Best Regards > >> Soby Mathew > >> > > > > Thanks > > Sandeep > > > >>> -----Original Message----- > >>> From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of > Sandeep > >>> Tripathy via TF-A > >>> Sent: 08 June 2020 10:34 > >>> To: Olivier Deprez <Olivier.Deprez(a)arm.com>; tf- > >> a(a)lists.trustedfirmware.org > >>> Subject: Re: [TF-A] GICV3: system interface EOI ordering RFC > >>> > >>> Hi Olivier, > >>>> -----Original Message----- > >>>> From: Olivier Deprez [mailto:Olivier.Deprez@arm.com] > >>>> Sent: Monday, June 08, 2020 1:14 PM > >>>> To: tf-a(a)lists.trustedfirmware.org; Sandeep Tripathy > >>>> Subject: Re: [TF-A] GICV3: system interface EOI ordering RFC > >>>> > >>>> Hi Sandeep, > >>>> > >>>> gicv3_end_of_interrupt_sel1 is a static access helper macro. Its > >>>> naming precisely tells what it does at gicv3 module level. It is > >>>> called from > >>> the weak > >>>> plat_ic_end_of_interrupt function for BL32 image. > >>>> > >>>> I tend to think it is the driver responsibility to ensure the module > >>> interrupt > >>>> acknowledge register write is reaching HW in order (or "be visible to > >>> all > >>>> observers"). > >>> > >>> The driver should be agnostic of what interrupt controller is used and > >>> its > >>> behavior. > >>> And since 'all' writes were to mmio ranges mapped Device(nGnRE) > >>> /strongly-ordered(nGnRnE) > >>> there was no such need. This is a special case for GICv3 system > >>> interface only. > >>> Adding at driver level a DSB is unnecessary for other interrupt > >>> controllers. > >>> > >>>> Also I suspect adding a dsb might not be required generically for all > >>> kind of IP. > >>> > >>> Here are you referring to the peripheral IP or interrupt controller IP > >>> ? > >>> The issue is reordering at arm core itself (STR to device address Vs > >>> msr(sysreg > >>> write)). > >>> So I think Its applicable for all IP. > >>> > >>>> Adding a barrier in generic code might incur an unnecessary > >>>> bottleneck. > >>> > >>> But if there is a need to *ensure* presence of at least one DSB > >>> between > >>> the > >>> write transfer from core to device clear and gicv3 eoi icc register > >>> write in a > >>> generic way then what other option we have. > >>>> > >>>> Thus wouldn't it be better to add the barrier to the overridden > >>>> platform function rather than in generic gicv3 code? > >>> > >>> That can be done but I feel this is more to do with gicv3 system > >>> interface only. > >>> Inside plat_xxx one has to check #if GICV3 ...and system interface. > >>>> > >>>> I have a put a comment in the review, we can continue the discussion > >>> there. > >>>> > >>>> Regards, > >>>> Olivier. > >>>> > >>> Thanks > >>> Sandeep > >>>> ________________________________________ > >>>> From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of > >>>> Sandeep Tripathy via TF-A <tf-a(a)lists.trustedfirmware.org> > >>>> Sent: 05 June 2020 19:43 > >>>> To: tf-a(a)lists.trustedfirmware.org > >>>> Subject: [TF-A] GICV3: system interface EOI ordering RFC > >>>> > >>>> Hi, > >>>> In a typical interrupt handling sequence we do 1-Read IAR > >>>> 2-Do interrupt handling > >>>> 3-Clear the interrupt at source , so that the device de-asserts > >>>> IRQ > >>> request to > >>>> GIC > >>>> >> I am suggesting a need of DSB here in case of GICv3 +. > >>>> 4-Write to GIC cpu interface to do EOI. > >>>> > >>>> Till GICv2 and with GICv3 legacy interface ICC_EOI write is a write > >>>> over > >>> AMBA > >>>> interface. The > >>>> Addresses are mapped with (nR) attribute. Hence the write transfers > >>> from the > >>>> core will be > >>>> generated at step 3 and 4 in order. Please ignore the additional > >>> buffers/bridges > >>>> in path from > >>>> core till peripheral which has to be dealt separately as per SOC. > >>>> > >>>> Query: I understand GICv3 system interface accesses are not over > >>>> this > >>> protocol > >>>> and core will not > >>>> follow the ordering rule ? > >>>> > >>>> I have observed spurious interrupt issue/manifestation ( I don't have > >>> the > >>>> transfers probed) in > >>>> RTOS environment where I have a primitive GICv3 driver but I wonder > >>>> why things does not fail in Linux or tf-a. If it is working because > >>>> from step(3) to > >>> step(4) we have > >>>> barriers by chace > >>>> due to other device register writes then I would suggest to have one > >>>> in > >>> the EOI > >>>> clearing API itself. > >>>> > >>>> RFC: > >>> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4454 > >>>> > >>>> Thanks > >>>> Sandeep > >>> -- > >>> TF-A mailing list > >>> TF-A(a)lists.trustedfirmware.org > >>> https://lists.trustedfirmware.org/mailman/listinfo/tf-a > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

3
9
0 0

Re: [TF-A] Upgrading libfdt library

by Joanna Farley

I think it is clear Madhu has been applying due diligence here both in his own testing and notification to the project through the ML so that consumers can respond and also perform any testing they feel is necessary. In think its appropriate for us to pause while we wait for such feedback but it would be good to have some indication on who feels there might be an issue here and wants to provide feedback. I appreciate you are Varun and we need to analyse the risks and what mitigations need to be in place. As you may have picked up on from the various tech forums we take testing seriously and are looking to augment with different test strategies and tools however these will take time to deploy and spread their coverage through the project codebase. Until then we will have to analyse the level of risk and apply the appropriate level of mitigations which I think Madhu has but lets see if we have some specific issues needing further mitigations to give more confidence. Thanks Joanna On 19/06/2020, 23:35, "TF-A on behalf of Varun Wadekar via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi, Thanks for the information. Adding libfdt to the unit testing framework is a good idea. The verification should give us more confidence on the stability side. Let’s see if platform owners would like to include more tests. -Varun -----Original Message----- From: Madhukar Pappireddy <Madhukar.Pappireddy(a)arm.com> Sent: Friday, June 19, 2020 1:01 PM To: Varun Wadekar <vwadekar(a)nvidia.com> Cc: tf-a(a)lists.trustedfirmware.org Subject: RE: [TF-A] Upgrading libfdt library External email: Use caution opening links or attachments Hi Varun I tested the patch by running all applicable tf-a-tests suites [1] and Linux boot tests on FVP and Juno platforms. Since libfdt is platform agnostic, we are planning on adding it to the unit test framework as well(which was described in yesterday's tech forum). I need to admit that I am (over!) confident about libfdt since it is also used in U-boot and Linux projects. It seems the release tags don’t have much significance in the dtc project. Hence, I picked the latest commit at the time. In our internal CI, we also run Coverity MISRA and other static checks to find issues in TF-A and fix them as needed. However, we don’t fix issues reported in 3rd party libraries such as libfdt. I am waiting to hear feedback from various platform owners if they have any issues with this upgrade. [1] https://git.trustedfirmware.org/TF-A/tf-a-tests.git/tree/tftf/tests Thanks, Madhukar -----Original Message----- From: Varun Wadekar <vwadekar(a)nvidia.com> Sent: Thursday, June 18, 2020 1:30 PM To: Madhukar Pappireddy <Madhukar.Pappireddy(a)arm.com> Cc: tf-a(a)lists.trustedfirmware.org Subject: RE: [TF-A] Upgrading libfdt library Hi, I think there are some valid concerns raised in the thread. Since this is an external project I felt we needed to set a criteria for the upgrade. One day, when we start using the unit testing framework and have 100% coverage numbers and solid positive/negative testing, we would be more confident. Until then we just have to live with what have. @Madhukar is there any we can find out all the tests, static analysis checks, security checks that was run on the upgrade? Just trying to understand how confident we are that this does not introduce any regressions? -Varun -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Raghu K via TF-A Sent: Thursday, June 18, 2020 9:07 AM To: tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] Upgrading libfdt library External email: Use caution opening links or attachments One thing that might be worth considering is versioning the library like xlat_tables and xlat_tables_v2 for a few releases and deprecate the old one if/when there is broad agreement from platforms to move to the new one. Platforms can perform their independent testing like STM and can report back over time. Obviously, for those few releases if there are API changes in libfdt there will have to be support for both new and old api's which will cause temporary ugliness but this might ease concerns about testing, stability etc. -Raghu On 6/18/20 4:12 AM, Soby Mathew via TF-A wrote: >> -----Original Message----- >> From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of >> Sandrine Bailleux via TF-A >> Sent: 16 June 2020 13:09 >> To: Alexei Fedorov <Alexei.Fedorov(a)arm.com>; Madhukar Pappireddy >> <Madhukar.Pappireddy(a)arm.com>; Varun Wadekar <vwadekar(a)nvidia.com> >> Cc: tf-a(a)lists.trustedfirmware.org >> Subject: Re: [TF-A] Upgrading libfdt library >> >> Hi Alexei, >> >> On 6/16/20 1:51 PM, Alexei Fedorov wrote: >>> Thanks for your very detailed explanation of the reason behind this >>> solution. >>> This brings the question on how do we monitor libfdt bug fixes, code >>> cleanup, etc. (which Madhukar pointed out) and integrate these >>> changes in TF-A source tree. >> Right now, it is a manual process and not only for libfdt but for all >> projects TF-A depends on. We keep an eye on them and aim at updating >> them when necessary. Unfortunately, like any manual process, it is >> error-prone and things might slip through the cracks. The TF-A >> release tick is usually a good reminder to update all dependencies >> but unfortunately libfdt has been left behind for some time (about 2 years)... > As I recall, when we tried to update libfdt last time, there was significant code bloat in generated binary (feature creep?) and we abandoned the update. The policy was to stick to a stable version and only update if there are any bugfixes or new feature we would want to make use of. > > Generally speaking, we might have done several fixes in the imported 3rd party library by running static checks like for MISRA compliance etc and this has to be repeated when the library is updated. Also, for security audits, it is important to be sure of the "security status" of the imported library and hence we tended to not update for every release. > > But I agree that we do have to be on top of bug fixes and hence we need to update but not sure how we can balance this with concerns above. > > Regarding MbedTLS, being a security critical project, we would like to encourage platform integrators to take ownership of staying upto date rather than relying on update from TF-A repo. Hence the motivation to keep it separate. > > Best Regards > Soby Mathew > > > > >> Regards, >> Sandrine >> -- >> TF-A mailing list >> TF-A(a)lists.trustedfirmware.org >> https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

1
0
0 0

Re: [TF-A] Upgrading libfdt library

by Varun Wadekar

Hi, I think there are some valid concerns raised in the thread. Since this is an external project I felt we needed to set a criteria for the upgrade. One day, when we start using the unit testing framework and have 100% coverage numbers and solid positive/negative testing, we would be more confident. Until then we just have to live with what have. @Madhukar is there any we can find out all the tests, static analysis checks, security checks that was run on the upgrade? Just trying to understand how confident we are that this does not introduce any regressions? -Varun -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Raghu K via TF-A Sent: Thursday, June 18, 2020 9:07 AM To: tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] Upgrading libfdt library External email: Use caution opening links or attachments One thing that might be worth considering is versioning the library like xlat_tables and xlat_tables_v2 for a few releases and deprecate the old one if/when there is broad agreement from platforms to move to the new one. Platforms can perform their independent testing like STM and can report back over time. Obviously, for those few releases if there are API changes in libfdt there will have to be support for both new and old api's which will cause temporary ugliness but this might ease concerns about testing, stability etc. -Raghu On 6/18/20 4:12 AM, Soby Mathew via TF-A wrote: >> -----Original Message----- >> From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of >> Sandrine Bailleux via TF-A >> Sent: 16 June 2020 13:09 >> To: Alexei Fedorov <Alexei.Fedorov(a)arm.com>; Madhukar Pappireddy >> <Madhukar.Pappireddy(a)arm.com>; Varun Wadekar <vwadekar(a)nvidia.com> >> Cc: tf-a(a)lists.trustedfirmware.org >> Subject: Re: [TF-A] Upgrading libfdt library >> >> Hi Alexei, >> >> On 6/16/20 1:51 PM, Alexei Fedorov wrote: >>> Thanks for your very detailed explanation of the reason behind this >>> solution. >>> This brings the question on how do we monitor libfdt bug fixes, code >>> cleanup, etc. (which Madhukar pointed out) and integrate these >>> changes in TF-A source tree. >> Right now, it is a manual process and not only for libfdt but for all >> projects TF-A depends on. We keep an eye on them and aim at updating >> them when necessary. Unfortunately, like any manual process, it is >> error-prone and things might slip through the cracks. The TF-A >> release tick is usually a good reminder to update all dependencies >> but unfortunately libfdt has been left behind for some time (about 2 years)... > As I recall, when we tried to update libfdt last time, there was significant code bloat in generated binary (feature creep?) and we abandoned the update. The policy was to stick to a stable version and only update if there are any bugfixes or new feature we would want to make use of. > > Generally speaking, we might have done several fixes in the imported 3rd party library by running static checks like for MISRA compliance etc and this has to be repeated when the library is updated. Also, for security audits, it is important to be sure of the "security status" of the imported library and hence we tended to not update for every release. > > But I agree that we do have to be on top of bug fixes and hence we need to update but not sure how we can balance this with concerns above. > > Regarding MbedTLS, being a security critical project, we would like to encourage platform integrators to take ownership of staying upto date rather than relying on update from TF-A repo. Hence the motivation to keep it separate. > > Best Regards > Soby Mathew > > > > >> Regards, >> Sandrine >> -- >> TF-A mailing list >> TF-A(a)lists.trustedfirmware.org >> https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 11 months

2
2
0 0

How should we manage patches affecting multiple users?

by Sandrine Bailleux

Hello everyone, I would like to start a discussion around the way we want to handle changes that affect all platforms/users. This subject came up in this code review [1]. I'll present my views on the subject and would like to know what others think. First of all, what do we mean by "changes that affect all platforms"? It would be any change that is not self-contained within a platform port. IOW, a change in some file outside of the plat/ directory. It could be in a driver, in a library, in the build system, in the platform interfaces called by the generic code... the list goes on. 1. Some are just implementation changes, they leave the interfaces unchanged. These do not break other platforms builds since the call sites don't need to be updated. However, they potentially change the responsibilities of the interface, in which case this might introduce behavioral changes that all users of the interface need to be aware of and adapt their code to. 2. Some other changes might introduce optional improvements. They introduce a new way of doing things, perhaps a cleaner or more efficient one. Users can safely stay with the old way of doing things without fear of breakage but they would benefit from migrating. This is the case of Alexei's patch [1], which introduces an intermediate GICv2 makefile, that Arm platforms now include instead of pulling each individual file by themselves. At this point, it is just an improvement that introduces an indirection level in the build system. This is an improvement in terms of maintainability because if we add a new essential file to this driver in the future, we'll just need to add it in this new GICv2 makefile without having to update all platforms makefiles. However, platform makefiles can continue to pull in individual files if they wish to. 3. Some other changes might break backwards compatibility. This is something we should avoid as much as possible and we should always strive to provide a migration path. But there are cases where there might be no other way than to break things. In this case, all users have to be migrated. Now the question we were pondering in Gerrit is, where does the responsibility of migrating all platforms/users lie for all these types of changes? Is the patch author responsible to do all the work? I think it's hard to come up with a one-size-fits-all answer. It really depends on the nature of changes, their consequences, the amount of work needed to do the migration, the ability for the patch author to test these changes, to name a few. I believe the patch author should migrate all users on a best-effort basis. If it's manageable then they should do the work and propose a patch to all affected users for them to review and test on their platforms. On the other hand, if it's too much work or impractical, then I think the best approach would be for the patch author to announce and discuss the changes on this mailing list. In some scenarios, the changes might be controversial and not all platform owners might agree that the patch brings enough benefit compared to the migration effort, in which case the changes might have to be withdrawn or re-thought. In any case, I believe communication is key here and no one should take any unilateral decision on their own if it affects other users. I realize this is a vast subject and that we probably won't come up with an answer/reach an agreement on all the aspects of the question. But I'd be interested in hearing other contributors' view and if they've got any experience managing these kinds of issues, perhaps in other open source project. Best regards, Sandrine [1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4538

4 years, 11 months

1
0
0 0

Re: [TF-A] ATF LTS version

by Varun Wadekar

Hello Joanna, I had discussed the idea with Matteo in the past, but the discussion in the last tech forum prompted the email. >> I appreciate this CI is currently a little opaque to many contributors as this is still in the process of being transitioned to the OpenCI hosted by Trustedfirmware.org servers which will be visible to all I agree, it is hard to test all the use cases. The opaque nature of the CI is a bit annoying, but not a big issue. >> the additional testing done for a 6 monthly tagged release is quite minimal and the larger work is ensuring all documentation is up to date. Additionally all new features are generally behind their own build flags but I appreciate it is some work for a tagged release to be absorbed into product offerings. Interesting In one of our internal discussions we were exploring the possibility of using doxygen style comments and creating an API reference for a release without a lot of effort. We should try to explore this idea in the community. >> One thing that had been considered briefly was the production of a security bug only branch That is a good idea and can act as the base for the LTS version. But we should consider increasing the scope and include bug fixes, stability issues, performance issues, etc. I believe when the community widely adopts TFTF and starts upstreaming the test cases, we can expect more interest around a LTS release. For platform owners (e.g. NVIDIA) it makes sense to plan our release strategy around LTS versions. Right now, our releases lack direction as we don’t know which version to use. And then there is additional pain of rebasing recent fixes/improvements on older releases. -Varun -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Joanna Farley via TF-A Sent: Thursday, June 11, 2020 6:47 AM To: Matteo Carlini <Matteo.Carlini(a)arm.com>; tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] ATF LTS version External email: Use caution opening links or attachments Hi Varun, I guess this suggestion came in response to last weeks Tech Forum discussion from a question about experiences people had from migrating to different TF-A tagged releases. In general we try and keep the tip of Master at tagged release quality through an extensive CI system ran on each patch. I appreciate this CI is currently a little opaque to many contributors as this is still in the process of being transitioned to the OpenCI hosted by Trustedfirmware.org servers which will be visible to all. As mentioned in the recent "Overview of the TF-A v2.3 Release" presentation on https://www.trustedfirmware.org/meetings/tf-a-technical-forum/ the additional testing done for a 6 monthly tagged release is quite minimal and the larger work is ensuring all documentation is up to date. Additionally all new features are generally behind their own build flags but I appreciate it is some work for a tagged release to be absorbed into product offerings. I asked at the tech forum last week what more we could do to allow releases to be integrated more easily. On the call it was requested if we could disable weak bindings to symbols so it could be more easily seen where platform decisions may need to be made and we will look into this. If there are any more adjustments to the way tagged releases are produced please let us know. One thing that had been considered briefly was the production of a security bug only branch that was maintained only between 6 month tagged releases before being replaced by the next security bug only branch based on the next 6 month release but that has not progressed very far as a proposal as until your email here it was perceived to not be in demand. A LTS branch is a larger endeavour as it sounds like something that includes more than security fixes and I look forward to you elaborating more as Matteo requests. Thanks Joanna On 11/06/2020, 12:19, "Matteo Carlini via TF-A" <tf-a(a)lists.trustedfirmware.org> wrote: Hi Varun, Thanks for raising this topic (but please do embrace the official terminology “TF-A”…we never really promoted ATF and it's also absolutely outdated now 😉 ). Arm has received different queries over time on supporting Trusted Firmware LTS releases, but the effort to sustain them is something that the Arm engineering team alone cannot really afford and commit to (either in the TF-A or TF-M space). The idea has also been just raised to the Trusted Firmware project Board for initial consideration and we will be all very keen to understand how much interest there is from the wider TF-A community of adopters and external (non-Arm) maintainers, so to evaluate the possibility of a more concrete proposal to be carried on within the community Project. I guess it will also be good to start by elaborating more concretely on the requirements that you would like to see in an hypothetical LTS versioning scheme. Thanks Matteo > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Varun Wadekar via TF-A > Sent: 10 June 2020 22:47 > To: tf-a(a)lists.trustedfirmware.org > Subject: [TF-A] ATF LTS version > > Hello team, > > To extend the discussion around version upgrades from our last call, I would like to understand if there is enough interest around generating a LTS version of the TF-A to alleviate the pain. > > For NVIDIA, this would be helpful as it streamlines the upgrade path for our devices in the field. The LTS version will guarantee security fixes, bug fixes, stability fixes for the longer term and we won’t have to upgrade the entire firmware to get these goodies. > > It would be interesting to see what OEMs and maintainers think about this? Has this been discussed at tf.org or Arm internally? > > -Varun -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 12 months

2
3
0 0

Re: [TF-A] Upgrading libfdt library

by Raghu K

One thing that might be worth considering is versioning the library like xlat_tables and xlat_tables_v2 for a few releases and deprecate the old one if/when there is broad agreement from platforms to move to the new one. Platforms can perform their independent testing like STM and can report back over time. Obviously, for those few releases if there are API changes in libfdt there will have to be support for both new and old api's which will cause temporary ugliness but this might ease concerns about testing, stability etc. -Raghu On 6/18/20 4:12 AM, Soby Mathew via TF-A wrote: >> -----Original Message----- >> From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Sandrine >> Bailleux via TF-A >> Sent: 16 June 2020 13:09 >> To: Alexei Fedorov <Alexei.Fedorov(a)arm.com>; Madhukar Pappireddy >> <Madhukar.Pappireddy(a)arm.com>; Varun Wadekar <vwadekar(a)nvidia.com> >> Cc: tf-a(a)lists.trustedfirmware.org >> Subject: Re: [TF-A] Upgrading libfdt library >> >> Hi Alexei, >> >> On 6/16/20 1:51 PM, Alexei Fedorov wrote: >>> Thanks for your very detailed explanation of the reason behind this >>> solution. >>> This brings the question on how do we monitor libfdt bug fixes, code >>> cleanup, etc. (which Madhukar pointed out) and integrate these changes >>> in TF-A source tree. >> Right now, it is a manual process and not only for libfdt but for all projects TF-A >> depends on. We keep an eye on them and aim at updating them when >> necessary. Unfortunately, like any manual process, it is error-prone and things >> might slip through the cracks. The TF-A release tick is usually a good reminder >> to update all dependencies but unfortunately libfdt has been left behind for >> some time (about 2 years)... > As I recall, when we tried to update libfdt last time, there was significant code bloat in generated binary (feature creep?) and we abandoned the update. The policy was to stick to a stable version and only update if there are any bugfixes or new feature we would want to make use of. > > Generally speaking, we might have done several fixes in the imported 3rd party library by running static checks like for MISRA compliance etc and this has to be repeated when the library is updated. Also, for security audits, it is important to be sure of the "security status" of the imported library and hence we tended to not update for every release. > > But I agree that we do have to be on top of bug fixes and hence we need to update but not sure how we can balance this with concerns above. > > Regarding MbedTLS, being a security critical project, we would like to encourage platform integrators to take ownership of staying upto date rather than relying on update from TF-A repo. Hence the motivation to keep it separate. > > Best Regards > Soby Mathew > > > > >> Regards, >> Sandrine >> -- >> TF-A mailing list >> TF-A(a)lists.trustedfirmware.org >> https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 12 months

1
0
0 0

Re: [TF-A] Upgrading libfdt library

by Soby Mathew

> -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Sandrine > Bailleux via TF-A > Sent: 16 June 2020 13:09 > To: Alexei Fedorov <Alexei.Fedorov(a)arm.com>; Madhukar Pappireddy > <Madhukar.Pappireddy(a)arm.com>; Varun Wadekar <vwadekar(a)nvidia.com> > Cc: tf-a(a)lists.trustedfirmware.org > Subject: Re: [TF-A] Upgrading libfdt library > > Hi Alexei, > > On 6/16/20 1:51 PM, Alexei Fedorov wrote: > > Thanks for your very detailed explanation of the reason behind this > > solution. > > This brings the question on how do we monitor libfdt bug fixes, code > > cleanup, etc. (which Madhukar pointed out) and integrate these changes > > in TF-A source tree. > > Right now, it is a manual process and not only for libfdt but for all projects TF-A > depends on. We keep an eye on them and aim at updating them when > necessary. Unfortunately, like any manual process, it is error-prone and things > might slip through the cracks. The TF-A release tick is usually a good reminder > to update all dependencies but unfortunately libfdt has been left behind for > some time (about 2 years)... As I recall, when we tried to update libfdt last time, there was significant code bloat in generated binary (feature creep?) and we abandoned the update. The policy was to stick to a stable version and only update if there are any bugfixes or new feature we would want to make use of. Generally speaking, we might have done several fixes in the imported 3rd party library by running static checks like for MISRA compliance etc and this has to be repeated when the library is updated. Also, for security audits, it is important to be sure of the "security status" of the imported library and hence we tended to not update for every release. But I agree that we do have to be on top of bug fixes and hence we need to update but not sure how we can balance this with concerns above. Regarding MbedTLS, being a security critical project, we would like to encourage platform integrators to take ownership of staying upto date rather than relying on update from TF-A repo. Hence the motivation to keep it separate. Best Regards Soby Mathew > > Regards, > Sandrine > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 12 months

1
0
0 0

Re: [TF-A] Upgrading libfdt library

by Yann GAUTIER

Hi, I've tested the libfdt update on STM32MP1. I can see a boot time increase by ~6%, thanks to U-Boot 'bootstage report' command. But I don't think this should block the lib upgrade. I've some comments about the patch, I'll send that on gerrit. Regards, Yann On 6/17/20 1:03 AM, Madhukar Pappireddy via TF-A wrote: > Hi Varun, > > I have pushed the draft patch here [1] to upgrade the libfdt source > files. I have tested this patch by running all tests that we usually run > before merging a patch to TF-A repo. I am looking forward to receiving > feedback from platform owners. > > However, I am not convinced why this effort needs an exhaustive > evaluation with various criteria as you mentioned below. I am upgrading > source files and I am not introducing a new project to TF-A. Let me know > your thoughts. > > [1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4596 > > Thanks, > > Madhukar > > *From:* Varun Wadekar <vwadekar(a)nvidia.com> > *Sent:* Monday, June 15, 2020 2:12 PM > *To:* Madhukar Pappireddy <Madhukar.Pappireddy(a)arm.com> > *Cc:* tf-a(a)lists.trustedfirmware.org > *Subject:* RE: Upgrading libfdt library > > Thanks, Madhukar. > > I think this needs a broader discussion where we form a list evaluation > criteria of features, API, metrics, KPIs etc by pooling them from the > platform owners. > > If we don’t receive any inputs, then it makes sense to execute the > current tests and make sure that they work as expected. > > Thoughts? > > -Varun > > *From:* Madhukar Pappireddy <Madhukar.Pappireddy(a)arm.com > <mailto:Madhukar.Pappireddy@arm.com>> > *Sent:* Monday, June 15, 2020 8:30 AM > *To:* Varun Wadekar <vwadekar(a)nvidia.com <mailto:vwadekar@nvidia.com>> > *Cc:* tf-a(a)lists.trustedfirmware.org <mailto:tf-a@lists.trustedfirmware.org> > *Subject:* RE: Upgrading libfdt library > > *External email: Use caution opening links or attachments* > > Hi Varun, > > Please find my replies inline. > > Thanks, > > Madhu > > *From:* Varun Wadekar <vwadekar(a)nvidia.com <mailto:vwadekar@nvidia.com>> > *Sent:* Friday, June 12, 2020 7:04 PM > *To:* Madhukar Pappireddy <Madhukar.Pappireddy(a)arm.com > <mailto:Madhukar.Pappireddy@arm.com>> > *Cc:* tf-a(a)lists.trustedfirmware.org <mailto:tf-a@lists.trustedfirmware.org> > *Subject:* RE: Upgrading libfdt library > > Hi Madhukar, > > Before we merge this change, can you please explain how we arrived at > this specific version? Are we tracking the stable version of the library? > > >> I was told by Andre that the releases(tags) by themselves don’t mean > much in the libfdt project and it is better to upgrade directly to the > recent commit(the latest HEAD was 85e5d83 when I started this > investigation). > > What would be the testing criteria before merging the library? Does tftf > provide any tests that can act as a smoking gun? > > >> Given that we rely more on libfdt APIs now, I plan to run all the > existing tests in our CI (includes tftf and Linux boot tests) to verify > if the libfdt library has any issues when integrating with TF-A. I > believe these tests are thorough enough. > > Does it make sense to ask platform owners to test the specific version > you plan to merge? This way we would have more confidence in the library. > > >> Yes, I wanted to take the feedback from platform owners and hence I > sent this email before actually pushing the patch to tf.org for review. > There was a performance concern in the past when upgrading libfdt source > files [1]. > > [1] https://github.com/ARM-software/tf-issues/issues/643 > > -Varun > > *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org > <mailto:tf-a-bounces@lists.trustedfirmware.org>> *On Behalf Of *Madhukar > Pappireddy via TF-A > *Sent:* Friday, June 12, 2020 4:48 PM > *To:* tf-a(a)lists.trustedfirmware.org <mailto:tf-a@lists.trustedfirmware.org> > *Subject:* [TF-A] Upgrading libfdt library > > *External email: Use caution opening links or attachments* > > Hello, > > I am planning to upgrade libfdt library source files in TF-A. They > haven’t been updated for a while. As the project moves towards improving > the fconf framework and adding more properties in device tree source > files, we rely more on libfdt APIs. I have done some preliminary > investigation to check if there is any performance penalty in upgrading > the libfdt source files integrated into TF-A from the current > version(which corresponds to commit aadd0b6 in the dtc repo [1]) to > master commit (85e5d83). I have run some basics tests on both x86 and > aarch64 machines and I have not seen any performance degradation. I plan > to push a patch shortly to integrate the latest version of libfdt files > in TF-A. > > Please let me know if you are aware of any performance issues or have > other concerns. > > [1] https://git.kernel.org/pub/scm/utils/dtc/dtc.git > > Thanks, > > Madhu >

4 years, 12 months

1
0
0 0

Re: [TF-A] Upgrading libfdt library

by Varun Wadekar

Hi Madhukar, Before we merge this change, can you please explain how we arrived at this specific version? Are we tracking the stable version of the library? What would be the testing criteria before merging the library? Does tftf provide any tests that can act as a smoking gun? Does it make sense to ask platform owners to test the specific version you plan to merge? This way we would have more confidence in the library. -Varun From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Madhukar Pappireddy via TF-A Sent: Friday, June 12, 2020 4:48 PM To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] Upgrading libfdt library External email: Use caution opening links or attachments Hello, I am planning to upgrade libfdt library source files in TF-A. They haven't been updated for a while. As the project moves towards improving the fconf framework and adding more properties in device tree source files, we rely more on libfdt APIs. I have done some preliminary investigation to check if there is any performance penalty in upgrading the libfdt source files integrated into TF-A from the current version(which corresponds to commit aadd0b6 in the dtc repo [1]) to master commit (85e5d83). I have run some basics tests on both x86 and aarch64 machines and I have not seen any performance degradation. I plan to push a patch shortly to integrate the latest version of libfdt files in TF-A. Please let me know if you are aware of any performance issues or have other concerns. [1] https://git.kernel.org/pub/scm/utils/dtc/dtc.git Thanks, Madhu

4 years, 12 months

2
3
0 0

Re: [TF-A] Upgrading libfdt library

by Sandrine Bailleux

Hi Alexei, On 6/15/20 2:18 PM, Alexei Fedorov via TF-A wrote: > I'm wondering why we need to integrate libfdt sources in TF-A? Why > cannot we use the same option as for MbedTls when the build system gets > the path to the preloaded source tree? As far as I know, the question is the other way around: why is mbed TLS not integrated in the TF-A source tree? If you look at the other external libraries used by TF-A (not just libfdt, but also compiler-rt library, zlib, ...), they all are integrated. As far as I am aware, there are several reasons for keeping these projects in the TF-A tree: 1) It is more developer-friendly. Whenever you clone the TF-A repo, you get all required dependencies at the same time, no need to pull them yourself. 2) It allows us to keep local modifications on top of mainline. Such modifications are sometimes necessary or make our life easier to integrate/interface the project with the rest of the TF-A code base. 3) We don't depend on the library project infrastructure. For example if their git server is down, this would not affect us, as we've got our own copy hosted on tf.org. Not sure this third reason was actually considered at the time the decision was made but I see this as a tiny bonus. Now 1) could be achieved some other way, for example we could add the dependent projects as git submodules and have a setup script that pulls them in. We did not go for this option at the time and I don't recall exactly why. It might just be because of the infrastructure/setup required to work with git submodules. So having these projects integrated in the TF-A source tree is the common practice in our project. As far as I am aware, the reason why we treat mbed TLS differently is because it is very security sensitive, thus it's important that people keep up to date with the latest version to get all latest vulnerability fixes. If we had imported it in the TF-A project, this would have put the onus on us to monitor mbed TLS for security fixes and push updates as soon as they become available. This was deemed impractical and too much responsibility for us at the time. Regards, Sandrine

4 years, 12 months

2
2
0 0

Announcing one new maintainer for the TF-A project

by Sandrine Bailleux

Hello all, I am glad to announce that Raghu Krishnamurthy has been appointed maintainer for the TF-A project. The maintainers list has been updated accordingly in the following patch: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4582 Best regards, Sandrine

4 years, 12 months

1
0
0 0

Re: [TF-A] fconf: Validating config data

by Madhukar Pappireddy

Hi Raghu, We had a discussion internally about handling the mandatory and optional properties in fconf and we believe we can use the following approach. Please let us know if it is acceptable to you. As agreed over the mailing list, we treat the scenarios of a missing/incorrect mandatory property or a structurally bad dtb as an integration error and must lead to panic in runtime. It is the responsibility of the developer providing the populate callback to detect and return an error code in such scenarios. It will be treated as an unrecoverable error and further escalated to panic() by the fconf framework itself. An incorrect or missing optional property in a dtb should lead to a warning message and the boot loader should continue after assigning a default value to the specific property. Further, every property accessed by a populate callback should be clearly defined as either mandatory or optional in a fconf based binding document such as the one shown here [1]. This must be enforced in spirit as part of the code review process. We believe the callbacks can be categorized into two: Generic vs platform-specific. Generic callbacks are the ones that are required to support a standard component supported by platforms running TF-A such as TBBR, SDEI, IO Policy, GICv3, etc. Platform-specific callbacks are provided by platform developers to work with non-standard components such as a Proprietary Hardware IP. The binding document for generic populate callbacks should be provided by the TF-A project. The generic binding will become a contract for the platforms to implement the support for integrating standard components and hence, will be platform agnostic. Correspondingly, it is the responsibility of the platform developer to provide the binding for platform-specific populate callbacks. Any thoughts? [1] https://trustedfirmware-a.readthedocs.io/en/latest/components/fconf/fconf_p… Thanks, Madhukar -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Manish Badarkhe via TF-A Sent: Wednesday, May 20, 2020 6:00 AM To: Raghu K <raghu.ncstate(a)icloud.com>; Sandrine Bailleux <Sandrine.Bailleux(a)arm.com>; tf-a(a)lists.trustedfirmware.org; Louis Mayencourt <Louis.Mayencourt(a)arm.com> Cc: nd <nd(a)arm.com> Subject: Re: [TF-A] fconf: Validating config data Hi Raghu We have plan to work on this and come up with some design which handles mandatory/critical properties. On 13/05/2020, 22:18, "TF-A on behalf of Raghu K via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi All, Since the 2.3 release is done, can we revisit this topic? I think we left this with finalizing on how to handle bad/incorrect DTB's. Sandrine's latest proposal below: "A bad DTB seems more like an integration error than a programming error to me, and thus should be handled with runtime checks according to the current guidelines. Incorrect values for mandatory properties should probably be treated as unrecoverable errors (causing a panic) and incorrect/missing optional properties as recoverable errors (issuing a warning message)." I agree with this proposal and think we should follow this. This addresses my original concern of handling errors consistently and being safe by verifying mandatory/critical properties at run-time. Thoughts ? Thanks Raghu On 4/13/20 10:27 AM, Raghu Krishnamurthy wrote: > Thanks Sandrine. Revisiting after v2.3 is sounds fine. > > -Raghu > > On 4/10/20 2:25 AM, Sandrine Bailleux wrote: >> Hi Raghu, >> >> On 4/8/20 12:50 AM, Raghu Krishnamurthy wrote: >>> Thanks Sandrine, Louis, >>> >>> Agree with both of you. I'm fine with using asserts or panics, as >>> long as we uniformly use it. The change i sent out(review 3845) was >>> because i noticed inconsistency in handling errors. If we do use >>> asserts, all code that checks for mandatory properties, should be >>> changed to assert as opposed to return error code. For optional >>> properties, we can continue to return an error code or print >>> warnings etc. >> >> Yes, I too think consistency is key here. As you said, we need to >> settle on the expected behaviour and enforce it uniformly across the >> fconf code. Let's revisit this code after the v2.3 release. >> >>> I would like to point out that using asserts here is different from >>> what is documented in the coding guidelines. The guidelines >>> explicitly spells out using asserts for "programming errors". >>> Now, is having a bad DTB considered a programming error? ;) The DTB >>> is platform data as opposed to code. The guidelines might need to be >>> updated based on the conclusion here. >> >> Now that you point it out, and after taking a closer look at [1], I >> think I was wrong. A bad DTB seems more like an integration error >> than a programming error to me, and thus should be handled with >> runtime checks according to the current guidelines. Incorrect values >> for mandatory properties should probably be treated as unrecoverable >> errors (causing a panic) and incorrect/missing optional properties as >> recoverable errors (issuing a warning message). >> >> [1] >> https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guideline… >> >> >>> Also note the couple of scenarios i mentioned in an earlier email. >>> Platforms like RPI4 don't generally enable TBBR and the DTB image >>> could get corrupt or be modified on purpose. On a release build, >>> this could cause silent corruption. Panic() would avoid this. >>> >>> In any case, it would be good to settle on the expected behavior for >>> each of these abnormal cases. I don't have a strong preference for >>> asserts or panics here, since each has its pros and cons as both of >>> you called out. >>> >>> Thanks >>> Raghu > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 12 months

2
1
0 0

TF-A Tech Forum Agenda @ Thr 18th June 2020 16:00-1700 BST

by Joanna Farley

Hi All, The next TF-A Tech Forum is scheduled for Thu 18th June 2020 16:00 – 17:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. Note the new time that is an hour earlier then previous sessions. Agenda: * TF-A Unit Level Testing - Presented by Lauren Wehrmeister * General explanation of the new approach for Unit Testing in TF-A. * Optional TF-A Mailing List Topic Discussions If TF-A contributors have anything they wish to present at any future TF-A tech forum please contact me to have that scheduled. Thanks Joanna

4 years, 12 months

1
0
0 0

Re: [TF-A] Upgrading libfdt library

by Madhukar Pappireddy

Hi Alexei, To be clear, my current effort is to upgrade the libfdt source files in TF-A. I am not sure why the libfdt source was not integrated into TF-A as a preloaded source tree similar to MbedTLS. Perhaps, any TF-A veteran can help answer this question? Since there is an ongoing effort in the TF-A project to move to CMake build framework, I did not plan to integrate libfdt Makefile into TF-A. Hi Yann, Between commits aadd0b6 (the current version in TF-A for libfdt files) and 85e5d83, I have noticed bug fixes, code cleanups. I am not familiar with the dtc project. I can push a WIP patch with libfdt source files picked from commit 85e5d83. Please let me know if you see any issues with ST platforms. Thanks, Madhukar -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Yann GAUTIER via TF-A Sent: Monday, June 15, 2020 10:26 AM To: tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] Upgrading libfdt library Hi Madhukar, We had seen some issue on STM32MP1 with the previous libfdt rebase, that led to the ticket [1]. And then a partial revert [2]. I'll then try this new version to check if boot time doesn't increase too much. Do you expect other changes than the one changing __ASSEMBLY__ to __ASSEMBLER__? And maybe some updates in libfdt.mk file? If you push this new version to gerrit, it will be easier to fetch and test, as a WIP if it is better for you? Regards, Yann [1] https://github.com/ARM-software/tf-issues/issues/643 [2] https://github.com/ARM-software/arm-trusted-firmware/commit/00f588bf2cc5298… On 6/15/20 2:18 PM, Alexei Fedorov via TF-A wrote: > Hi Madhukar, > > I'm wondering why we need to integrate libfdt sources in TF-A? Why > cannot we use the same option as for MbedTls when the build system > gets the path to the preloaded source tree? > > Regards. > > Alexei > > ---------------------------------------------------------------------- > -- > *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of > Varun Wadekar via TF-A <tf-a(a)lists.trustedfirmware.org> > *Sent:* 13 June 2020 01:04 > *To:* Madhukar Pappireddy <Madhukar.Pappireddy(a)arm.com> > *Cc:* tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> > *Subject:* Re: [TF-A] Upgrading libfdt library > > Hi Madhukar, > > Before we merge this change, can you please explain how we arrived at > this specific version? Are we tracking the stable version of the library? > > What would be the testing criteria before merging the library? Does > tftf provide any tests that can act as a smoking gun? > > Does it make sense to ask platform owners to test the specific version > you plan to merge? This way we would have more confidence in the library. > > -Varun > > *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org> *On Behalf Of > *Madhukar Pappireddy via TF-A > *Sent:* Friday, June 12, 2020 4:48 PM > *To:* tf-a(a)lists.trustedfirmware.org > *Subject:* [TF-A] Upgrading libfdt library > > *External email: Use caution opening links or attachments* > > Hello, > > I am planning to upgrade libfdt library source files in TF-A. They > haven’t been updated for a while. As the project moves towards > improving the fconf framework and adding more properties in device > tree source files, we rely more on libfdt APIs. I have done some > preliminary investigation to check if there is any performance penalty > in upgrading the libfdt source files integrated into TF-A from the > current version(which corresponds to commit aadd0b6 in the dtc repo > [1]) to master commit (85e5d83). I have run some basics tests on both > x86 and > aarch64 machines and I have not seen any performance degradation. I > plan to push a patch shortly to integrate the latest version of libfdt > files in TF-A. > > Please let me know if you are aware of any performance issues or have > other concerns. > > [1] https://git.kernel.org/pub/scm/utils/dtc/dtc.git > > Thanks, > > Madhu > > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 12 months

1
0
0 0

Re: [TF-A] Upgrading libfdt library

by Yann GAUTIER

Hi Madhukar, We had seen some issue on STM32MP1 with the previous libfdt rebase, that led to the ticket [1]. And then a partial revert [2]. I'll then try this new version to check if boot time doesn't increase too much. Do you expect other changes than the one changing __ASSEMBLY__ to __ASSEMBLER__? And maybe some updates in libfdt.mk file? If you push this new version to gerrit, it will be easier to fetch and test, as a WIP if it is better for you? Regards, Yann [1] https://github.com/ARM-software/tf-issues/issues/643 [2] https://github.com/ARM-software/arm-trusted-firmware/commit/00f588bf2cc5298… On 6/15/20 2:18 PM, Alexei Fedorov via TF-A wrote: > Hi Madhukar, > > I'm wondering why we need to integrate libfdt sources in TF-A? Why > cannot we use the same option as for MbedTls when the build system gets > the path to the preloaded source tree? > > Regards. > > Alexei > > ------------------------------------------------------------------------ > *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Varun > Wadekar via TF-A <tf-a(a)lists.trustedfirmware.org> > *Sent:* 13 June 2020 01:04 > *To:* Madhukar Pappireddy <Madhukar.Pappireddy(a)arm.com> > *Cc:* tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> > *Subject:* Re: [TF-A] Upgrading libfdt library > > Hi Madhukar, > > Before we merge this change, can you please explain how we arrived at > this specific version? Are we tracking the stable version of the library? > > What would be the testing criteria before merging the library? Does tftf > provide any tests that can act as a smoking gun? > > Does it make sense to ask platform owners to test the specific version > you plan to merge? This way we would have more confidence in the library. > > -Varun > > *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org> *On Behalf Of > *Madhukar Pappireddy via TF-A > *Sent:* Friday, June 12, 2020 4:48 PM > *To:* tf-a(a)lists.trustedfirmware.org > *Subject:* [TF-A] Upgrading libfdt library > > *External email: Use caution opening links or attachments* > > Hello, > > I am planning to upgrade libfdt library source files in TF-A. They > haven’t been updated for a while. As the project moves towards improving > the fconf framework and adding more properties in device tree source > files, we rely more on libfdt APIs. I have done some preliminary > investigation to check if there is any performance penalty in upgrading > the libfdt source files integrated into TF-A from the current > version(which corresponds to commit aadd0b6 in the dtc repo [1]) to > master commit (85e5d83). I have run some basics tests on both x86 and > aarch64 machines and I have not seen any performance degradation. I plan > to push a patch shortly to integrate the latest version of libfdt files > in TF-A. > > Please let me know if you are aware of any performance issues or have > other concerns. > > [1] https://git.kernel.org/pub/scm/utils/dtc/dtc.git > > Thanks, > > Madhu > >

4 years, 12 months

1
0
0 0

Re: [TF-A] Upgrading libfdt library

by Alexei Fedorov

Hi Madhukar, I'm wondering why we need to integrate libfdt sources in TF-A? Why cannot we use the same option as for MbedTls when the build system gets the path to the preloaded source tree? Regards. Alexei ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Varun Wadekar via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 13 June 2020 01:04 To: Madhukar Pappireddy <Madhukar.Pappireddy(a)arm.com> Cc: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: Re: [TF-A] Upgrading libfdt library Hi Madhukar, Before we merge this change, can you please explain how we arrived at this specific version? Are we tracking the stable version of the library? What would be the testing criteria before merging the library? Does tftf provide any tests that can act as a smoking gun? Does it make sense to ask platform owners to test the specific version you plan to merge? This way we would have more confidence in the library. -Varun From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Madhukar Pappireddy via TF-A Sent: Friday, June 12, 2020 4:48 PM To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] Upgrading libfdt library External email: Use caution opening links or attachments Hello, I am planning to upgrade libfdt library source files in TF-A. They haven’t been updated for a while. As the project moves towards improving the fconf framework and adding more properties in device tree source files, we rely more on libfdt APIs. I have done some preliminary investigation to check if there is any performance penalty in upgrading the libfdt source files integrated into TF-A from the current version(which corresponds to commit aadd0b6 in the dtc repo [1]) to master commit (85e5d83). I have run some basics tests on both x86 and aarch64 machines and I have not seen any performance degradation. I plan to push a patch shortly to integrate the latest version of libfdt files in TF-A. Please let me know if you are aware of any performance issues or have other concerns. [1] https://git.kernel.org/pub/scm/utils/dtc/dtc.git Thanks, Madhu

4 years, 12 months

1
0
0 0

Re: [TF-A] Question on confine_index_array.h import in tf-a

by Sandrine Bailleux

Hello Etienne, On 6/10/20 1:19 PM, Etienne Carriere via TF-A wrote: > Dear all, > > As part of a patchset series review (topic scmi-msg), change [1] > imports confine_array_index.h header file from OP-TEE OS repository. > The file originates from the open source Fuschia project, see link in > commit message of [1]. > > As being imported for external packages, the header file inherits > Fushca and OP-TEE notices. > The helper function can protect some data structure from side channel > attacks leveraging index indirect access overflows during speculative > execution. > It is not Arm copyright. It is BSD-3-Clause license. > I'll add an entry in the docs/license.rst for the file. > > Where to locate the file? > It is ok to add such a file in include/common? > Does it deserve a specific lib path, like > include/lib/speculconfie_array_index.h? > Maybe add as include/lib/cpus/confine_array_index.h as it is CPU > speculative matters? Before we discuss the location of this header file, have we considered using the compiler support for speculative execution mitigations instead? I am referring to the __builtin_speculation_safe_value() macro, which I believe achieves the same goal as the code you propose to introduce here, i.e. protecting against Spectre v1 bounds-check bypass attacks. TF-A already uses this compiler builtin today and provides a wrapper macro around it, see SPECULATION_SAFE_VALUE() in include/lib/utils_def.f (although I would argue this is not the best location one could think of...). For reference, this was introduced by commit [1]. According to Arm's whitepaper [2], the support for this compiler builtin was added in GCC 9 and LLVM/Clang was to follow shortly. If these versions are too recent for you, then I believe the official location to get equivalent code is [3]. As stated there: The header file provided here allows a migration path to using the builtin function for users who are unable to immediately upgrade to a compiler which supports the builtin. So I would prefer we get the code from there rather than from the OP-TEE project, which got it from the Fuschia project ;) This is licensed under the Boost Software License 1.0, which we've never used in TF-A so I would need to check with our legal department whether this is OK, but I don't expect any issues there as this is described as a permissive license only requiring preservation of copyright and license notices. This is assuming that both header files (the one from OP-TEE and the one from the Arm software Github repo) are equivalent... Is this the case? Is the code provided in OP-TEE perhaps more optimized? Regards, Sandrine [1] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=9edd… [2] https://developer.arm.com/support/arm-security-updates/speculative-processo… [3] https://github.com/ARM-software/speculation-barrier

4 years, 12 months

2
1
0 0

Invitation: TF-A Tech Forum @ Every 2 weeks from 16:00 to 17:00 on Thursday (BST) (tf-a@lists.trustedfirmware.org)

by Bill Fletcher

You have been invited to the following event. Title: TF-A Tech Forum We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   When: Every 2 weeks from 16:00 to 17:00 on Thursday United Kingdom Time Calendar: tf-a(a)lists.trustedfirmware.org Who: * Bill Fletcher- creator * tf-a(a)lists.trustedfirmware.org Event details: https://www.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1cTJrM… Invitation from Google Calendar: https://www.google.com/calendar/ You are receiving this courtesy email at the account tf-a(a)lists.trustedfirmware.org because you are an attendee of this event. To stop receiving future updates for this event, decline this event. Alternatively, you can sign up for a Google Account at https://www.google.com/calendar/ and control your notification settings for your entire calendar. Forwarding this invitation could allow any recipient to send a response to the organiser and be added to the guest list, invite others regardless of their own invitation status or to modify your RSVP. Learn more at https://support.google.com/calendar/answer/37135#forwarding

4 years, 12 months

1
0
0 0

Upgrading libfdt library

by Madhukar Pappireddy

Hello, I am planning to upgrade libfdt library source files in TF-A. They haven't been updated for a while. As the project moves towards improving the fconf framework and adding more properties in device tree source files, we rely more on libfdt APIs. I have done some preliminary investigation to check if there is any performance penalty in upgrading the libfdt source files integrated into TF-A from the current version(which corresponds to commit aadd0b6 in the dtc repo [1]) to master commit (85e5d83). I have run some basics tests on both x86 and aarch64 machines and I have not seen any performance degradation. I plan to push a patch shortly to integrate the latest version of libfdt files in TF-A. Please let me know if you are aware of any performance issues or have other concerns. [1] https://git.kernel.org/pub/scm/utils/dtc/dtc.git Thanks, Madhu

5 years

1
0
0 0

Re: [TF-A] ATF LTS version

by Varun Wadekar

Hello Matteo, Apologies for still using an outdated term. I have trained myself to get used to "TF-A" - looks like I am still not there. >> The idea has also been just raised to the Trusted Firmware project Board for initial consideration and we will be all very keen to understand how much interest there is from the wider TF-A community of adopters and external (non-Arm) maintainers That is good to hear. For the exact scope, I think we can assume the usual expectations from any LTS software stack - stability, performance, security, bug fixes along with maintenance support. We are open to discussing the cadence and any other operational commitments. @Francois, from the description of Trusted Substrate looks like you also expect the sub-projects to provide LTS versions for the project as a whole to succeed (?) -Varun -----Original Message----- From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Matteo Carlini via TF-A Sent: Thursday, June 11, 2020 4:25 AM To: tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] ATF LTS version External email: Use caution opening links or attachments Hi Francois, > I'd be happy to know more about what you see as TFA LTS: exact scope, number of versions, duration, operational commitments (zero-day...). > Do you have other firmware LTS needs? Agree. That’s precisely what I was hinting to Varun, when mentioning concrete requirements for the LTS scheme. > Trusted Substrate is the aggregation of { TFA, OP-TEE, some TEE apps such as firmwareTPM, U-Boot }. > Trusted Substrate effort is led by Linaro members and is going to be set up as a more open project. First time I heard about it. Good to know, but I guess we'll need to discuss the intersection and collaboration with the Trusted Firmware project at some point. Having a LTS versioning scheme for the Trusted Firmware hosted projects should be theoretically either in the scope of the Project itself or, if the Board agrees, appointed to some other project/entity. > Our end goal is to enable unified, transactional, robust (anti-bricking, anti rollback) UEFI OTA on both U-Boot and EDK2. Fair, but IMHO this has little to do with Arm Secure world software LTS releases (TF-A/Hafnium/OP-TEE/TAs, TF-M)...probably best to discuss aside, this is not in scope of what Varun is raising. Thanks Matteo -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years

1
0
0 0

Re: [TF-A] ATF LTS version

by Joanna Farley

I should also mention the Release processes we follow and the attempt to indicated the deprecation of interfaces in advance in the effort to maintain compatibility https://trustedfirmware-a.readthedocs.io/en/latest/about/release-informatio… On 11/06/2020, 14:47, "TF-A on behalf of Joanna Farley via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi Varun, I guess this suggestion came in response to last weeks Tech Forum discussion from a question about experiences people had from migrating to different TF-A tagged releases. In general we try and keep the tip of Master at tagged release quality through an extensive CI system ran on each patch. I appreciate this CI is currently a little opaque to many contributors as this is still in the process of being transitioned to the OpenCI hosted by Trustedfirmware.org servers which will be visible to all. As mentioned in the recent "Overview of the TF-A v2.3 Release" presentation on https://www.trustedfirmware.org/meetings/tf-a-technical-forum/ the additional testing done for a 6 monthly tagged release is quite minimal and the larger work is ensuring all documentation is up to date. Additionally all new features are generally behind their own build flags but I appreciate it is some work for a tagged release to be absorbed into product offerings. I asked at the tech forum last week what more we could do to allow releases to be integrated more easily. On the call it was requested if we could disable weak bindings to symbols so it could be more easily seen where platform decisions may need to be made and we will look into this. If there are any more adjustments to the way tagged releases are produced please let us know. One thing that had been considered briefly was the production of a security bug only branch that was maintained only between 6 month tagged releases before being replaced by the next security bug only branch based on the next 6 month release but that has not progressed very far as a proposal as until your email here it was perceived to not be in demand. A LTS branch is a larger endeavour as it sounds like something that includes more than security fixes and I look forward to you elaborating more as Matteo requests. Thanks Joanna On 11/06/2020, 12:19, "Matteo Carlini via TF-A" <tf-a(a)lists.trustedfirmware.org> wrote: Hi Varun, Thanks for raising this topic (but please do embrace the official terminology “TF-A”…we never really promoted ATF and it's also absolutely outdated now 😉 ). Arm has received different queries over time on supporting Trusted Firmware LTS releases, but the effort to sustain them is something that the Arm engineering team alone cannot really afford and commit to (either in the TF-A or TF-M space). The idea has also been just raised to the Trusted Firmware project Board for initial consideration and we will be all very keen to understand how much interest there is from the wider TF-A community of adopters and external (non-Arm) maintainers, so to evaluate the possibility of a more concrete proposal to be carried on within the community Project. I guess it will also be good to start by elaborating more concretely on the requirements that you would like to see in an hypothetical LTS versioning scheme. Thanks Matteo > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Varun Wadekar via TF-A > Sent: 10 June 2020 22:47 > To: tf-a(a)lists.trustedfirmware.org > Subject: [TF-A] ATF LTS version > > Hello team, > > To extend the discussion around version upgrades from our last call, I would like to understand if there is enough interest around generating a LTS version of the TF-A to alleviate the pain. > > For NVIDIA, this would be helpful as it streamlines the upgrade path for our devices in the field. The LTS version will guarantee security fixes, bug fixes, stability fixes for the longer term and we won’t have to upgrade the entire firmware to get these goodies. > > It would be interesting to see what OEMs and maintainers think about this? Has this been discussed at tf.org or Arm internally? > > -Varun -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years

1
0
0 0

Re: [TF-A] ATF LTS version

by Joanna Farley

Hi Varun, I guess this suggestion came in response to last weeks Tech Forum discussion from a question about experiences people had from migrating to different TF-A tagged releases. In general we try and keep the tip of Master at tagged release quality through an extensive CI system ran on each patch. I appreciate this CI is currently a little opaque to many contributors as this is still in the process of being transitioned to the OpenCI hosted by Trustedfirmware.org servers which will be visible to all. As mentioned in the recent "Overview of the TF-A v2.3 Release" presentation on https://www.trustedfirmware.org/meetings/tf-a-technical-forum/ the additional testing done for a 6 monthly tagged release is quite minimal and the larger work is ensuring all documentation is up to date. Additionally all new features are generally behind their own build flags but I appreciate it is some work for a tagged release to be absorbed into product offerings. I asked at the tech forum last week what more we could do to allow releases to be integrated more easily. On the call it was requested if we could disable weak bindings to symbols so it could be more easily seen where platform decisions may need to be made and we will look into this. If there are any more adjustments to the way tagged releases are produced please let us know. One thing that had been considered briefly was the production of a security bug only branch that was maintained only between 6 month tagged releases before being replaced by the next security bug only branch based on the next 6 month release but that has not progressed very far as a proposal as until your email here it was perceived to not be in demand. A LTS branch is a larger endeavour as it sounds like something that includes more than security fixes and I look forward to you elaborating more as Matteo requests. Thanks Joanna On 11/06/2020, 12:19, "Matteo Carlini via TF-A" <tf-a(a)lists.trustedfirmware.org> wrote: Hi Varun, Thanks for raising this topic (but please do embrace the official terminology “TF-A”…we never really promoted ATF and it's also absolutely outdated now 😉 ). Arm has received different queries over time on supporting Trusted Firmware LTS releases, but the effort to sustain them is something that the Arm engineering team alone cannot really afford and commit to (either in the TF-A or TF-M space). The idea has also been just raised to the Trusted Firmware project Board for initial consideration and we will be all very keen to understand how much interest there is from the wider TF-A community of adopters and external (non-Arm) maintainers, so to evaluate the possibility of a more concrete proposal to be carried on within the community Project. I guess it will also be good to start by elaborating more concretely on the requirements that you would like to see in an hypothetical LTS versioning scheme. Thanks Matteo > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Varun Wadekar via TF-A > Sent: 10 June 2020 22:47 > To: tf-a(a)lists.trustedfirmware.org > Subject: [TF-A] ATF LTS version > > Hello team, > > To extend the discussion around version upgrades from our last call, I would like to understand if there is enough interest around generating a LTS version of the TF-A to alleviate the pain. > > For NVIDIA, this would be helpful as it streamlines the upgrade path for our devices in the field. The LTS version will guarantee security fixes, bug fixes, stability fixes for the longer term and we won’t have to upgrade the entire firmware to get these goodies. > > It would be interesting to see what OEMs and maintainers think about this? Has this been discussed at tf.org or Arm internally? > > -Varun -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years

1
0
0 0

Re: [TF-A] ATF LTS version

by Matteo Carlini

Hi Francois, > I'd be happy to know more about what you see as TFA LTS: exact scope, number of versions, duration, operational commitments (zero-day...). > Do you have other firmware LTS needs? Agree. That’s precisely what I was hinting to Varun, when mentioning concrete requirements for the LTS scheme. > Trusted Substrate is the aggregation of { TFA, OP-TEE, some TEE apps such as firmwareTPM, U-Boot }. > Trusted Substrate effort is led by Linaro members and is going to be set up as a more open project. First time I heard about it. Good to know, but I guess we'll need to discuss the intersection and collaboration with the Trusted Firmware project at some point. Having a LTS versioning scheme for the Trusted Firmware hosted projects should be theoretically either in the scope of the Project itself or, if the Board agrees, appointed to some other project/entity. > Our end goal is to enable unified, transactional, robust (anti-bricking, anti rollback) UEFI OTA on both U-Boot and EDK2. Fair, but IMHO this has little to do with Arm Secure world software LTS releases (TF-A/Hafnium/OP-TEE/TAs, TF-M)...probably best to discuss aside, this is not in scope of what Varun is raising. Thanks Matteo

5 years

1
0
0 0

Re: [TF-A] ATF LTS version

by Matteo Carlini

Hi Varun, Thanks for raising this topic (but please do embrace the official terminology “TF-A”…we never really promoted ATF and it's also absolutely outdated now 😉 ). Arm has received different queries over time on supporting Trusted Firmware LTS releases, but the effort to sustain them is something that the Arm engineering team alone cannot really afford and commit to (either in the TF-A or TF-M space). The idea has also been just raised to the Trusted Firmware project Board for initial consideration and we will be all very keen to understand how much interest there is from the wider TF-A community of adopters and external (non-Arm) maintainers, so to evaluate the possibility of a more concrete proposal to be carried on within the community Project. I guess it will also be good to start by elaborating more concretely on the requirements that you would like to see in an hypothetical LTS versioning scheme. Thanks Matteo > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Varun Wadekar via TF-A > Sent: 10 June 2020 22:47 > To: tf-a(a)lists.trustedfirmware.org > Subject: [TF-A] ATF LTS version > > Hello team, > > To extend the discussion around version upgrades from our last call, I would like to understand if there is enough interest around generating a LTS version of the TF-A to alleviate the pain. > > For NVIDIA, this would be helpful as it streamlines the upgrade path for our devices in the field. The LTS version will guarantee security fixes, bug fixes, stability fixes for the longer term and we won’t have to upgrade the entire firmware to get these goodies. > > It would be interesting to see what OEMs and maintainers think about this? Has this been discussed at tf.org or Arm internally? > > -Varun

5 years

1
0
0 0

Re: [TF-A] ATF LTS version

by François Ozog

Hi Varun, There are early discussions in Linaro on what would mean setting up "Collaborative LTS" for what we call Trusted Substrate (see below signature). I'd be happy to know more about what you see as TFA LTS: exact scope, number of versions, duration, operational commitments (zero-day...). Do you have other firmware LTS needs? Cheers François-Frédéric Ozog Linaro Trusted Substrate is the aggregation of { TFA, OP-TEE, some TEE apps such as firmwareTPM, U-Boot }. Trusted Substrate effort is led by Linaro members and is going to be set up as a more open project. Our end goal is to enable unified, transactional, robust (anti-bricking, anti rollback) UEFI OTA on both U-Boot and EDK2. On Wed, 10 Jun 2020 at 23:47, Varun Wadekar via TF-A < tf-a(a)lists.trustedfirmware.org> wrote: > Hello team, > > > > To extend the discussion around version upgrades from our last call, I > would like to understand if there is enough interest around generating a > LTS version of the TF-A to alleviate the pain. > > > > For NVIDIA, this would be helpful as it streamlines the upgrade path for > our devices in the field. The LTS version will guarantee security fixes, > bug fixes, stability fixes for the longer term and we won’t have to upgrade > the entire firmware to get these goodies. > > > > It would be interesting to see what OEMs and maintainers think about this? > Has this been discussed at tf.org or Arm internally? > > > > -Varun > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > -- François-Frédéric Ozog | *Director Linaro Edge & Fog Computing Group* T: +33.67221.6485 francois.ozog(a)linaro.org | Skype: ffozog

5 years

1
0
0 0

Updated invitation with note: TF-A Tech Forum @ Every 2 weeks from 17:00 to 18:00 on Thursday from Thu 7 May to Wed 17 Jun (BST) (tf-a@lists.trustedfirmware.org)

by Bill Fletcher

This event has been changed with this note: "Starting 18th June, the TF-A Tech Forum will be moved earlier by 1 hour to 1600 UK time (1500 UTC). This change is to avoid overlapping the TF Technical Steering Committee call. A new invite will be posted to the TF-A mailing list and on the trustedfirmware.org website." Title: TF-A Tech Forum We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   When: Every 2 weeks from 17:00 to 18:00 on Thursday from Thu 7 May to Wed 17 Jun United Kingdom Time (changed) Where: Zoom Calendar: tf-a(a)lists.trustedfirmware.org Who: (Guest list has been hidden at organiser's request) Event details: https://www.google.com/calendar/event?action=VIEW&eid=N3ZoNDBuZzZnM2k4cGszY… Invitation from Google Calendar: https://www.google.com/calendar/ You are receiving this courtesy email at the account tf-a(a)lists.trustedfirmware.org because you are an attendee of this event. To stop receiving future updates for this event, decline this event. Alternatively, you can sign up for a Google Account at https://www.google.com/calendar/ and control your notification settings for your entire calendar. Forwarding this invitation could allow any recipient to send a response to the organiser and be added to the guest list, invite others regardless of their own invitation status or to modify your RSVP. Learn more at https://support.google.com/calendar/answer/37135#forwarding

5 years

1
0
0 0

Updated invitation with note: TF-A Tech Forum @ Every 2 weeks from 17:00 to 18:00 on Thursday from Thu 26 Mar to Wed 17 Jun (GMT) (tf-a@lists.trustedfirmware.org)

by Bill Fletcher

This event has been changed with this note: "Starting 18th June, the TF-A Tech Forum will be moved earlier by 1 hour to 1600 UK time (1500 UTC). This change is to avoid overlapping the TF Technical Steering Committee call. A new invite will be posted to the TF-A mailing list and on the trustedfirmware.org website." Title: TF-A Tech Forum We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   When: Every 2 weeks from 17:00 to 18:00 on Thursday from Thu 26 Mar to Wed 17 Jun United Kingdom Time (changed) Where: Zoom Calendar: tf-a(a)lists.trustedfirmware.org Who: (Guest list has been hidden at organiser's request) Event details: https://www.google.com/calendar/event?action=VIEW&eid=N3ZoNDBuZzZnM2k4cGszY… Invitation from Google Calendar: https://www.google.com/calendar/ You are receiving this courtesy email at the account tf-a(a)lists.trustedfirmware.org because you are an attendee of this event. To stop receiving future updates for this event, decline this event. Alternatively, you can sign up for a Google Account at https://www.google.com/calendar/ and control your notification settings for your entire calendar. Forwarding this invitation could allow any recipient to send a response to the organiser and be added to the guest list, invite others regardless of their own invitation status or to modify your RSVP. Learn more at https://support.google.com/calendar/answer/37135#forwarding

5 years

1
0
0 0

Cancelled event: TF-A Tech Forum @ (BST) (tf-a@lists.trustedfirmware.org)

by Bill Fletcher

This event has been cancelled. Title: TF-A Tech Forum We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   When: United Kingdom Time Where: Zoom Calendar: tf-a(a)lists.trustedfirmware.org Who: (Guest list has been hidden at organiser's request) Invitation from Google Calendar: https://www.google.com/calendar/ You are receiving this courtesy email at the account tf-a(a)lists.trustedfirmware.org because you are an attendee of this event. To stop receiving future updates for this event, decline this event. Alternatively, you can sign up for a Google Account at https://www.google.com/calendar/ and control your notification settings for your entire calendar. Forwarding this invitation could allow any recipient to send a response to the organiser and be added to the guest list, invite others regardless of their own invitation status or to modify your RSVP. Learn more at https://support.google.com/calendar/answer/37135#forwarding

5 years

1
0
0 0

Re-scheduling TF-A Tech Forum earlier by 1 hour

by Bill Fletcher

Hi all, Starting 18th June, the TF-A Tech Forum will be moved earlier by 1 hour to 1600 UK time (1500 UTC). This change is to avoid overlapping with the TF Technical Steering Committee call. We'll delete the existing invite and send a new one to this list. Regards Bill -- [image: Linaro] <http://www.linaro.org/> *Bill Fletcher* | *Field Engineering* T: +44 7833 498336 <+44+7833+498336> bill.fletcher(a)linaro.org | Skype: billfletcher2020

5 years

1
0
0 0

ATF LTS version

by Varun Wadekar

Hello team, To extend the discussion around version upgrades from our last call, I would like to understand if there is enough interest around generating a LTS version of the TF-A to alleviate the pain. For NVIDIA, this would be helpful as it streamlines the upgrade path for our devices in the field. The LTS version will guarantee security fixes, bug fixes, stability fixes for the longer term and we won't have to upgrade the entire firmware to get these goodies. It would be interesting to see what OEMs and maintainers think about this? Has this been discussed at tf.org or Arm internally? -Varun

5 years

1
0
0 0

Measured Boot in TF-A

by Alexei Fedorov

Hello all, The initial patch for Measured Boot has been split into 5 separates buildable ones: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3806 https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4473 https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4508 https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4509 https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4510 and are ready for review/merge. The design follows "TF-A Design Notes for Measured Boot" document . The number of API changes and code modifications based on the received feedback were made, and the most important are: 1. TPM hash algorithm is now independent from the one used by Trusted Boot and can be set separately to a different value. 2. Size of Event Log is passed as a driver build option and can be tuned to meet platform specific requirements (debug/release, number of images loaded, etc.). 3. Driver accepts platform specific table of images to be loaded/measured. 4. PCR index to use for TMP records is passed in platform specific table (see above) and can be set individually for each image. Regards. Alexei

5 years

1
0
0 0

Question on confine_index_array.h import in tf-a

by Etienne Carriere

Dear all, As part of a patchset series review (topic scmi-msg), change [1] imports confine_array_index.h header file from OP-TEE OS repository. The file originates from the open source Fuschia project, see link in commit message of [1]. As being imported for external packages, the header file inherits Fushca and OP-TEE notices. The helper function can protect some data structure from side channel attacks leveraging index indirect access overflows during speculative execution. It is not Arm copyright. It is BSD-3-Clause license. I'll add an entry in the docs/license.rst for the file. Where to locate the file? It is ok to add such a file in include/common? Does it deserve a specific lib path, like include/lib/speculconfie_array_index.h? Maybe add as include/lib/cpus/confine_array_index.h as it is CPU speculative matters? Could you help [1] review to progress? [1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4055 Regards, Etienne

5 years

1
0
0 0

Re: [TF-A] RK3399_BAUDRATE default value

by Hugh Cole-Baker

> On 6 Jun 2020, at 17:52, Heiko Stübner via TF-A <tf-a(a)lists.trustedfirmware.org> wrote: > > Hi Walter, > > Am Freitag, 5. Juni 2020, 22:45:25 CEST schrieb Walter Lozano via TF-A: >> I have noticed that default baudrate for rk3399 board RK3399_BAUDRATE >> defined in plat/rockchip/rk3399/rk3399_def.h is 115200 while U-boot >> default value and most documentation points to a value of 1500000 for >> console. > > console baudrate on rk3399 differ a lot between boards. There are a > number using the 1.5MHz and another big number using 115200 > (including but not limited to the ChromeOS devices from the Gru line). > > Hence we have the code that selects the actual baudrate from the > devicetree attached by u-boot when calling TF-A. > > So I guess it should stay as it is right now. On the RK3399 there are currently a couple of roadblocks preventing this selection of the baudrate from the devicetree from working. Firstly in U-Boot, SPL_ATF_NO_PLATFORM_PARAM is forced on when selecting ROCKCHIP_RK3399 in Kconfig [1]. Secondly in TF-A the 64K buffer used to store the passed devicetree isn't large enough to fit some of the RK3399 device tree blobs, as I found when removing SPL_ATF_NO_PLATFORM_PARAM from U-Boot. I guess the issue in TF-A needs to be fixed first before passing the platform parameter can be enabled in U-Boot, I've submitted a TF-A patch to increase the buffer size [2]. [1]: https://gitlab.denx.de/u-boot/u-boot/-/blob/61853a7ac7e167d90899ec4e99d2e07… [2]: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4512 > Heiko > > >> This of course means that messages printed by ATF are not visible by >> default in this context. >> >> The change from 1500000 to 115200 was introduced in >> 0c05748bdebfad9fa43a80962186438bb8fbce62, >> >> https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=0c05… >> >> with the following message >> >> commit 0c05748bdebfad9fa43a80962186438bb8fbce62 >> Author: Caesar Wang <wxt(a)rock-chips.com> >> Date: Tue Apr 19 20:42:17 2016 +0800 >> >> rockchip: fixes for the required >> >> This patch has the following change for rk3399. >> >> * Set the uart to 115200 since the loader decide to set >> uart baud to 115200Hz. So the ATF also should set uart baud to 115200. >> [..] >> >> However, I'm not sure it this still applies. >> >> I'll be happy to submit a patch to update the value if it is OK. >> >> Regards, >> >> Walter >> >> > > > > > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years

2
1
0 0

Re: [TF-A] GICV3: system interface EOI ordering RFC

by Raghu Krishnamurthy

Hello, Sorry for chiming in late. Are we sure that the msr/mrs to the GICv3 EOI register is not a context synchronizing event or ensures ordering itself ? Also did the addition of DSB() fix the issue ? If yes, can you try adding a delay or a few NOP's/dummy instructions or an ISB to see if the issue goes away? We need to know the right thing to do architecturally and confirm that the issue is really due to reordering at the core before adding the DSB. Adding a DSB might be masking a timing issue. -Raghu On 6/8/20 4:47 AM, Sandeep Tripathy via TF-A wrote: >> -----Original Message----- >> From: Soby Mathew [mailto:Soby.Mathew@arm.com] >> Sent: Monday, June 08, 2020 3:36 PM >> To: Sandeep Tripathy; Olivier Deprez; tf-a(a)lists.trustedfirmware.org >> Cc: nd >> Subject: RE: [TF-A] GICV3: system interface EOI ordering RFC >> >> Just some inputs from my side: >> I agree we need at least a dsb() after the write to MMIO region to silence >> the >> peripheral and before the EOI at GIC sysreg interface. Adding it to the >> GIC EOI > > Thanks for the confirmation. Now it’s about choosing the right place. > >> API seems the logical thing to do but as Olivier mentions, there are >> interrupt >> handler which do not deal with MMIO (eg: the Systimer interrupt) so adding >> it >> to GICv3 API might be arduous for such handlers. >> >> So there is a choice here to let the interrupt handlers to deal with >> ensuring >> completeness before EOI at sysreg interface or adding it to GICv3 EOI API >> and >> take the overhead for interrupt handlers which do not have to deal with >> MMIO. >> > > Yes I feel either of these is a must to guarantee functionality > architecturally though > both approach end up with some unnecessary overhead. > > If GICv3 api takes care then it is an overhead for some ISRs dealing with > non-MMIO. > At present I do not see an active use case in reference implementation where > sys timer > ISR is in a performance intensive path where one additional DSB will be > perceivable. > But there may be some I could be totally wrong in this assumption (pmu/debug > or.. not sure). > Whereas I can certainly imagine some MMIO ISRs in performance critical path > where unnecessary > DSB is not acceptable at all. > > If the interrupt handler needs to ensure then it will generically add 'DSB' > as I think > the driver cannot and should not make assumptions about how EOI is done > afterwards. > That will be overhead for the ISRs dealing with MMIO peripherals and non > GIC-v3. > If we consider only GICv3+ then good. Otherwise I would prefer the > 'plat_ic_end_of_interrupt' > like Olivier mentioned with a #if GICv3 instead of each ISRs dealing with > it. > >> The GICv3 legacy MMIO CPU interface is deprecated for TF-A and the sys >> interface is the only one GICv3 driver in TF-A supports. > > Right we can ignore the GICv3 legacy mode but GICv2 will still remain ? > >> >> Best Regards >> Soby Mathew >> > > Thanks > Sandeep > >>> -----Original Message----- >>> From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Sandeep >>> Tripathy via TF-A >>> Sent: 08 June 2020 10:34 >>> To: Olivier Deprez <Olivier.Deprez(a)arm.com>; tf- >> a(a)lists.trustedfirmware.org >>> Subject: Re: [TF-A] GICV3: system interface EOI ordering RFC >>> >>> Hi Olivier, >>>> -----Original Message----- >>>> From: Olivier Deprez [mailto:Olivier.Deprez@arm.com] >>>> Sent: Monday, June 08, 2020 1:14 PM >>>> To: tf-a(a)lists.trustedfirmware.org; Sandeep Tripathy >>>> Subject: Re: [TF-A] GICV3: system interface EOI ordering RFC >>>> >>>> Hi Sandeep, >>>> >>>> gicv3_end_of_interrupt_sel1 is a static access helper macro. Its >>>> naming precisely tells what it does at gicv3 module level. It is >>>> called from >>> the weak >>>> plat_ic_end_of_interrupt function for BL32 image. >>>> >>>> I tend to think it is the driver responsibility to ensure the module >>> interrupt >>>> acknowledge register write is reaching HW in order (or "be visible to >>> all >>>> observers"). >>> >>> The driver should be agnostic of what interrupt controller is used and >>> its >>> behavior. >>> And since 'all' writes were to mmio ranges mapped Device(nGnRE) >>> /strongly-ordered(nGnRnE) >>> there was no such need. This is a special case for GICv3 system >>> interface only. >>> Adding at driver level a DSB is unnecessary for other interrupt >>> controllers. >>> >>>> Also I suspect adding a dsb might not be required generically for all >>> kind of IP. >>> >>> Here are you referring to the peripheral IP or interrupt controller IP ? >>> The issue is reordering at arm core itself (STR to device address Vs >>> msr(sysreg >>> write)). >>> So I think Its applicable for all IP. >>> >>>> Adding a barrier in generic code might incur an unnecessary >>>> bottleneck. >>> >>> But if there is a need to *ensure* presence of at least one DSB between >>> the >>> write transfer from core to device clear and gicv3 eoi icc register >>> write in a >>> generic way then what other option we have. >>>> >>>> Thus wouldn't it be better to add the barrier to the overridden >>>> platform function rather than in generic gicv3 code? >>> >>> That can be done but I feel this is more to do with gicv3 system >>> interface only. >>> Inside plat_xxx one has to check #if GICV3 ...and system interface. >>>> >>>> I have a put a comment in the review, we can continue the discussion >>> there. >>>> >>>> Regards, >>>> Olivier. >>>> >>> Thanks >>> Sandeep >>>> ________________________________________ >>>> From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of >>>> Sandeep Tripathy via TF-A <tf-a(a)lists.trustedfirmware.org> >>>> Sent: 05 June 2020 19:43 >>>> To: tf-a(a)lists.trustedfirmware.org >>>> Subject: [TF-A] GICV3: system interface EOI ordering RFC >>>> >>>> Hi, >>>> In a typical interrupt handling sequence we do 1-Read IAR >>>> 2-Do interrupt handling >>>> 3-Clear the interrupt at source , so that the device de-asserts IRQ >>> request to >>>> GIC >>>> >> I am suggesting a need of DSB here in case of GICv3 +. >>>> 4-Write to GIC cpu interface to do EOI. >>>> >>>> Till GICv2 and with GICv3 legacy interface ICC_EOI write is a write >>>> over >>> AMBA >>>> interface. The >>>> Addresses are mapped with (nR) attribute. Hence the write transfers >>> from the >>>> core will be >>>> generated at step 3 and 4 in order. Please ignore the additional >>> buffers/bridges >>>> in path from >>>> core till peripheral which has to be dealt separately as per SOC. >>>> >>>> Query: I understand GICv3 system interface accesses are not over this >>> protocol >>>> and core will not >>>> follow the ordering rule ? >>>> >>>> I have observed spurious interrupt issue/manifestation ( I don't have >>> the >>>> transfers probed) in >>>> RTOS environment where I have a primitive GICv3 driver but I wonder >>>> why things does not fail in Linux or tf-a. If it is working because >>>> from step(3) to >>> step(4) we have >>>> barriers by chace >>>> due to other device register writes then I would suggest to have one >>>> in >>> the EOI >>>> clearing API itself. >>>> >>>> RFC: >>> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4454 >>>> >>>> Thanks >>>> Sandeep >>> -- >>> TF-A mailing list >>> TF-A(a)lists.trustedfirmware.org >>> https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years

1
0
0 0

Re: [TF-A] GICV3: system interface EOI ordering RFC

by Sandeep Tripathy

> -----Original Message----- > From: Soby Mathew [mailto:Soby.Mathew@arm.com] > Sent: Monday, June 08, 2020 3:36 PM > To: Sandeep Tripathy; Olivier Deprez; tf-a(a)lists.trustedfirmware.org > Cc: nd > Subject: RE: [TF-A] GICV3: system interface EOI ordering RFC > > Just some inputs from my side: > I agree we need at least a dsb() after the write to MMIO region to silence > the > peripheral and before the EOI at GIC sysreg interface. Adding it to the > GIC EOI Thanks for the confirmation. Now it’s about choosing the right place. > API seems the logical thing to do but as Olivier mentions, there are > interrupt > handler which do not deal with MMIO (eg: the Systimer interrupt) so adding > it > to GICv3 API might be arduous for such handlers. > > So there is a choice here to let the interrupt handlers to deal with > ensuring > completeness before EOI at sysreg interface or adding it to GICv3 EOI API > and > take the overhead for interrupt handlers which do not have to deal with > MMIO. > Yes I feel either of these is a must to guarantee functionality architecturally though both approach end up with some unnecessary overhead. If GICv3 api takes care then it is an overhead for some ISRs dealing with non-MMIO. At present I do not see an active use case in reference implementation where sys timer ISR is in a performance intensive path where one additional DSB will be perceivable. But there may be some I could be totally wrong in this assumption (pmu/debug or.. not sure). Whereas I can certainly imagine some MMIO ISRs in performance critical path where unnecessary DSB is not acceptable at all. If the interrupt handler needs to ensure then it will generically add 'DSB' as I think the driver cannot and should not make assumptions about how EOI is done afterwards. That will be overhead for the ISRs dealing with MMIO peripherals and non GIC-v3. If we consider only GICv3+ then good. Otherwise I would prefer the 'plat_ic_end_of_interrupt' like Olivier mentioned with a #if GICv3 instead of each ISRs dealing with it. > The GICv3 legacy MMIO CPU interface is deprecated for TF-A and the sys > interface is the only one GICv3 driver in TF-A supports. Right we can ignore the GICv3 legacy mode but GICv2 will still remain ? > > Best Regards > Soby Mathew > Thanks Sandeep > > -----Original Message----- > > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Sandeep > > Tripathy via TF-A > > Sent: 08 June 2020 10:34 > > To: Olivier Deprez <Olivier.Deprez(a)arm.com>; tf- > a(a)lists.trustedfirmware.org > > Subject: Re: [TF-A] GICV3: system interface EOI ordering RFC > > > > Hi Olivier, > > > -----Original Message----- > > > From: Olivier Deprez [mailto:Olivier.Deprez@arm.com] > > > Sent: Monday, June 08, 2020 1:14 PM > > > To: tf-a(a)lists.trustedfirmware.org; Sandeep Tripathy > > > Subject: Re: [TF-A] GICV3: system interface EOI ordering RFC > > > > > > Hi Sandeep, > > > > > > gicv3_end_of_interrupt_sel1 is a static access helper macro. Its > > > naming precisely tells what it does at gicv3 module level. It is > > > called from > > the weak > > > plat_ic_end_of_interrupt function for BL32 image. > > > > > > I tend to think it is the driver responsibility to ensure the module > > interrupt > > > acknowledge register write is reaching HW in order (or "be visible to > > all > > > observers"). > > > > The driver should be agnostic of what interrupt controller is used and > > its > > behavior. > > And since 'all' writes were to mmio ranges mapped Device(nGnRE) > > /strongly-ordered(nGnRnE) > > there was no such need. This is a special case for GICv3 system > > interface only. > > Adding at driver level a DSB is unnecessary for other interrupt > > controllers. > > > > > Also I suspect adding a dsb might not be required generically for all > > kind of IP. > > > > Here are you referring to the peripheral IP or interrupt controller IP ? > > The issue is reordering at arm core itself (STR to device address Vs > > msr(sysreg > > write)). > > So I think Its applicable for all IP. > > > > > Adding a barrier in generic code might incur an unnecessary > > > bottleneck. > > > > But if there is a need to *ensure* presence of at least one DSB between > > the > > write transfer from core to device clear and gicv3 eoi icc register > > write in a > > generic way then what other option we have. > > > > > > Thus wouldn't it be better to add the barrier to the overridden > > > platform function rather than in generic gicv3 code? > > > > That can be done but I feel this is more to do with gicv3 system > > interface only. > > Inside plat_xxx one has to check #if GICV3 ...and system interface. > > > > > > I have a put a comment in the review, we can continue the discussion > > there. > > > > > > Regards, > > > Olivier. > > > > > Thanks > > Sandeep > > > ________________________________________ > > > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of > > > Sandeep Tripathy via TF-A <tf-a(a)lists.trustedfirmware.org> > > > Sent: 05 June 2020 19:43 > > > To: tf-a(a)lists.trustedfirmware.org > > > Subject: [TF-A] GICV3: system interface EOI ordering RFC > > > > > > Hi, > > > In a typical interrupt handling sequence we do 1-Read IAR > > > 2-Do interrupt handling > > > 3-Clear the interrupt at source , so that the device de-asserts IRQ > > request to > > > GIC > > > >> I am suggesting a need of DSB here in case of GICv3 +. > > > 4-Write to GIC cpu interface to do EOI. > > > > > > Till GICv2 and with GICv3 legacy interface ICC_EOI write is a write > > > over > > AMBA > > > interface. The > > > Addresses are mapped with (nR) attribute. Hence the write transfers > > from the > > > core will be > > > generated at step 3 and 4 in order. Please ignore the additional > > buffers/bridges > > > in path from > > > core till peripheral which has to be dealt separately as per SOC. > > > > > > Query: I understand GICv3 system interface accesses are not over this > > protocol > > > and core will not > > > follow the ordering rule ? > > > > > > I have observed spurious interrupt issue/manifestation ( I don't have > > the > > > transfers probed) in > > > RTOS environment where I have a primitive GICv3 driver but I wonder > > > why things does not fail in Linux or tf-a. If it is working because > > > from step(3) to > > step(4) we have > > > barriers by chace > > > due to other device register writes then I would suggest to have one > > > in > > the EOI > > > clearing API itself. > > > > > > RFC: > > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4454 > > > > > > Thanks > > > Sandeep > > -- > > TF-A mailing list > > TF-A(a)lists.trustedfirmware.org > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years

1
0
0 0

Re: [TF-A] GICV3: system interface EOI ordering RFC

by Soby Mathew

Just some inputs from my side: I agree we need atleast a dsb() after the write to MMIO region to silence the peripheral and before the EOI at GIC sysreg interface. Adding it to the GIC EOI API seems the logical thing to do but as Olivier mentions, there are interrupt handler which do not deal with MMIO (eg: the Systimer interrupt) so adding it to GICv3 API might be arduous for such handlers. So there is a choice here to let the interrupt handlers to deal with ensuring completeness before EOI at sysreg interface or adding it to GICv3 EOI API and take the overhead for interrupt handlers which do not have to deal with MMIO. The GICv3 legacy MMIO CPU interface is deprecated for TF-A and the sys interface is the only one GICv3 driver in TF-A supports. Best Regards Soby Mathew > -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Sandeep > Tripathy via TF-A > Sent: 08 June 2020 10:34 > To: Olivier Deprez <Olivier.Deprez(a)arm.com>; tf-a(a)lists.trustedfirmware.org > Subject: Re: [TF-A] GICV3: system interface EOI ordering RFC > > Hi Olivier, > > -----Original Message----- > > From: Olivier Deprez [mailto:Olivier.Deprez@arm.com] > > Sent: Monday, June 08, 2020 1:14 PM > > To: tf-a(a)lists.trustedfirmware.org; Sandeep Tripathy > > Subject: Re: [TF-A] GICV3: system interface EOI ordering RFC > > > > Hi Sandeep, > > > > gicv3_end_of_interrupt_sel1 is a static access helper macro. Its > > naming precisely tells what it does at gicv3 module level. It is > > called from > the weak > > plat_ic_end_of_interrupt function for BL32 image. > > > > I tend to think it is the driver responsibility to ensure the module > interrupt > > acknowledge register write is reaching HW in order (or "be visible to > all > > observers"). > > The driver should be agnostic of what interrupt controller is used and its > behavior. > And since 'all' writes were to mmio ranges mapped Device(nGnRE) > /strongly-ordered(nGnRnE) > there was no such need. This is a special case for GICv3 system interface only. > Adding at driver level a DSB is unnecessary for other interrupt controllers. > > > Also I suspect adding a dsb might not be required generically for all > kind of IP. > > Here are you referring to the peripheral IP or interrupt controller IP ? > The issue is reordering at arm core itself (STR to device address Vs msr(sysreg > write)). > So I think Its applicable for all IP. > > > Adding a barrier in generic code might incur an unnecessary bottleneck. > > But if there is a need to *ensure* presence of at least one DSB between the > write transfer from core to device clear and gicv3 eoi icc register write in a > generic way then what other option we have. > > > > Thus wouldn't it be better to add the barrier to the overridden > > platform function rather than in generic gicv3 code? > > That can be done but I feel this is more to do with gicv3 system interface only. > Inside plat_xxx one has to check #if GICV3 ...and system interface. > > > > I have a put a comment in the review, we can continue the discussion > there. > > > > Regards, > > Olivier. > > > Thanks > Sandeep > > ________________________________________ > > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of > > Sandeep Tripathy via TF-A <tf-a(a)lists.trustedfirmware.org> > > Sent: 05 June 2020 19:43 > > To: tf-a(a)lists.trustedfirmware.org > > Subject: [TF-A] GICV3: system interface EOI ordering RFC > > > > Hi, > > In a typical interrupt handling sequence we do 1-Read IAR > > 2-Do interrupt handling > > 3-Clear the interrupt at source , so that the device de-asserts IRQ > request to > > GIC > > >> I am suggesting a need of DSB here in case of GICv3 +. > > 4-Write to GIC cpu interface to do EOI. > > > > Till GICv2 and with GICv3 legacy interface ICC_EOI write is a write > > over > AMBA > > interface. The > > Addresses are mapped with (nR) attribute. Hence the write transfers > from the > > core will be > > generated at step 3 and 4 in order. Please ignore the additional > buffers/bridges > > in path from > > core till peripheral which has to be dealt separately as per SOC. > > > > Query: I understand GICv3 system interface accesses are not over this > protocol > > and core will not > > follow the ordering rule ? > > > > I have observed spurious interrupt issue/manifestation ( I don't have > the > > transfers probed) in > > RTOS environment where I have a primitive GICv3 driver but I wonder > > why things does not fail in Linux or tf-a. If it is working because > > from step(3) to > step(4) we have > > barriers by chace > > due to other device register writes then I would suggest to have one > > in > the EOI > > clearing API itself. > > > > RFC: > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4454 > > > > Thanks > > Sandeep > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years

1
0
0 0

Re: [TF-A] GICV3: system interface EOI ordering RFC

by Olivier Deprez

Hi Sandeep, gicv3_end_of_interrupt_sel1 is a static access helper macro. Its naming precisely tells what it does at gicv3 module level. It is called from the weak plat_ic_end_of_interrupt function for BL32 image. I tend to think it is the driver responsibility to ensure the module interrupt acknowledge register write is reaching HW in order (or "be visible to all observers"). Also I suspect adding a dsb might not be required generically for all kind of IP. Adding a barrier in generic code might incur an unnecessary bottleneck. Thus wouldn't it be better to add the barrier to the overridden platform function rather than in generic gicv3 code? I have a put a comment in the review, we can continue the discussion there. Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Sandeep Tripathy via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 05 June 2020 19:43 To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] GICV3: system interface EOI ordering RFC Hi, In a typical interrupt handling sequence we do 1-Read IAR 2-Do interrupt handling 3-Clear the interrupt at source , so that the device de-asserts IRQ request to GIC >> I am suggesting a need of DSB here in case of GICv3 +. 4-Write to GIC cpu interface to do EOI. Till GICv2 and with GICv3 legacy interface ICC_EOI write is a write over AMBA interface. The Addresses are mapped with (nR) attribute. Hence the write transfers from the core will be generated at step 3 and 4 in order. Please ignore the additional buffers/bridges in path from core till peripheral which has to be dealt separately as per SOC. Query: I understand GICv3 system interface accesses are not over this protocol and core will not follow the ordering rule ? I have observed spurious interrupt issue/manifestation ( I don’t have the transfers probed) in RTOS environment where I have a primitive GICv3 driver but I wonder why things does not fail in Linux or tf-a. If it is working because from step(3) to step(4) we have barriers by chace due to other device register writes then I would suggest to have one in the EOI clearing API itself. RFC: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4454 Thanks Sandeep

5 years

2
1
0 0

Re: [TF-A] RK3399_BAUDRATE default value

by Heiko Stübner

Hi Walter, Am Freitag, 5. Juni 2020, 22:45:25 CEST schrieb Walter Lozano via TF-A: > I have noticed that default baudrate for rk3399 board RK3399_BAUDRATE > defined in plat/rockchip/rk3399/rk3399_def.h is 115200 while U-boot > default value and most documentation points to a value of 1500000 for > console. console baudrate on rk3399 differ a lot between boards. There are a number using the 1.5MHz and another big number using 115200 (including but not limited to the ChromeOS devices from the Gru line). Hence we have the code that selects the actual baudrate from the devicetree attached by u-boot when calling TF-A. So I guess it should stay as it is right now. Heiko > This of course means that messages printed by ATF are not visible by > default in this context. > > The change from 1500000 to 115200 was introduced in > 0c05748bdebfad9fa43a80962186438bb8fbce62, > > https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=0c05… > > with the following message > > commit 0c05748bdebfad9fa43a80962186438bb8fbce62 > Author: Caesar Wang <wxt(a)rock-chips.com> > Date: Tue Apr 19 20:42:17 2016 +0800 > > rockchip: fixes for the required > > This patch has the following change for rk3399. > > * Set the uart to 115200 since the loader decide to set > uart baud to 115200Hz. So the ATF also should set uart baud to 115200. > [..] > > However, I'm not sure it this still applies. > > I'll be happy to submit a patch to update the value if it is OK. > > Regards, > > Walter > >

5 years

1
0
0 0

RK3399_BAUDRATE default value

by Walter Lozano

I have noticed that default baudrate for rk3399 board RK3399_BAUDRATE defined in plat/rockchip/rk3399/rk3399_def.h is 115200 while U-boot default value and most documentation points to a value of 1500000 for console. This of course means that messages printed by ATF are not visible by default in this context. The change from 1500000 to 115200 was introduced in 0c05748bdebfad9fa43a80962186438bb8fbce62, https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=0c05… with the following message commit 0c05748bdebfad9fa43a80962186438bb8fbce62 Author: Caesar Wang <wxt(a)rock-chips.com> Date: Tue Apr 19 20:42:17 2016 +0800 rockchip: fixes for the required This patch has the following change for rk3399. * Set the uart to 115200 since the loader decide to set uart baud to 115200Hz. So the ATF also should set uart baud to 115200. [..] However, I'm not sure it this still applies. I'll be happy to submit a patch to update the value if it is OK. Regards, Walter

5 years

1
0
0 0

GICV3: system interface EOI ordering RFC

by Sandeep Tripathy

Hi, In a typical interrupt handling sequence we do 1-Read IAR 2-Do interrupt handling 3-Clear the interrupt at source , so that the device de-asserts IRQ request to GIC >> I am suggesting a need of DSB here in case of GICv3 +. 4-Write to GIC cpu interface to do EOI. Till GICv2 and with GICv3 legacy interface ICC_EOI write is a write over AMBA interface. The Addresses are mapped with (nR) attribute. Hence the write transfers from the core will be generated at step 3 and 4 in order. Please ignore the additional buffers/bridges in path from core till peripheral which has to be dealt separately as per SOC. Query: I understand GICv3 system interface accesses are not over this protocol and core will not follow the ordering rule ? I have observed spurious interrupt issue/manifestation ( I don’t have the transfers probed) in RTOS environment where I have a primitive GICv3 driver but I wonder why things does not fail in Linux or tf-a. If it is working because from step(3) to step(4) we have barriers by chace due to other device register writes then I would suggest to have one in the EOI clearing API itself. RFC: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4454 Thanks Sandeep

5 years

1
0
0 0

Re: [TF-A] Slides for recent TF-A Forums

by Joanna Farley

Hi Okash, These are generally provided on https://www.trustedfirmware.org/meetings/tf-a-technical-forum/ however they are missing from 7th May onwards at the moment. I have an update pending approval on tf.org for adding the details of that session and then I need to add the information from the session on 21st May and the session yesterday. Joanna From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Okash Khawaja via TF-A <tf-a(a)lists.trustedfirmware.org> Reply to: Okash Khawaja <okash.khawaja(a)gmail.com> Date: Friday, 5 June 2020 at 11:29 To: "tf-a(a)lists.trustedfirmware.org" <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] Slides for recent TF-A Forums Hi, Where can I find slides for recent TF-A Forum presentations? Thanks, Okash

5 years

1
0
0 0

Slides for recent TF-A Forums

by Okash Khawaja

Hi, Where can I find slides for recent TF-A Forum presentations? Thanks, Okash

5 years

1
0
0 0

Re: [TF-A] Gerrit seems to be broken

by Madhukar Pappireddy

Hi Bill, I continue to the error while trying to invoke “Allow-CI” or other votes as part of gerrit review. I tried multiple browsers as well and logged out before attempting again. Thanks, Madhu From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Bill Fletcher via TF-A Sent: Tuesday, June 2, 2020 12:13 PM To: Varun Wadekar <vwadekar(a)nvidia.com> Cc: tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] Gerrit seems to be broken Hi Varun, Do you still see the problem? It has been reported before. Regards Bill On Tue, 2 Jun 2020 at 18:01, Varun Wadekar via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> wrote: Hello, The TF gerrit review dashboard seems to be broken this morning. I see “Server error” and it does not allow me to post scores or comments. Tried different browsers, but same issue persists. Anyone else seeing the same problem? Is this is a known issue? If yes, is anyone working on it? -Varun -- TF-A mailing list TF-A(a)lists.trustedfirmware.org<mailto:TF-A@lists.trustedfirmware.org> https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- [Image removed by sender. Linaro]<http://www.linaro.org/> Bill Fletcher | Field Engineering T: +44 7833 498336<tel:+44+7833+498336> bill.fletcher(a)linaro.org<mailto:bill.fletcher@linaro.org> | Skype: billfletcher2020

5 years

3
4
0 0

Re: [TF-A] Gerrit seems to be broken

by Bill Fletcher

Hi Varun, Do you still see the problem? It has been reported before. Regards Bill On Tue, 2 Jun 2020 at 18:01, Varun Wadekar via TF-A < tf-a(a)lists.trustedfirmware.org> wrote: > Hello, > > > > The TF gerrit review dashboard seems to be broken this morning. I see > “Server error” and it does not allow me to post scores or comments. Tried > different browsers, but same issue persists. > > > > Anyone else seeing the same problem? Is this is a known issue? If yes, is > anyone working on it? > > > > -Varun > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > -- [image: Linaro] <http://www.linaro.org/> *Bill Fletcher* | *Field Engineering* T: +44 7833 498336 <+44+7833+498336> bill.fletcher(a)linaro.org | Skype: billfletcher2020

5 years

1
0
0 0

Re: [TF-A] Gerrit seems to be broken

by Joanna Farley

Working for me, the main and additional dashboards. https://review.trustedfirmware.org/admin/repos/TF-A/trusted-firmware-a,dash… I posted comments earlier ok as well. Joanna From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Varun Wadekar via TF-A <tf-a(a)lists.trustedfirmware.org> Reply to: Varun Wadekar <vwadekar(a)nvidia.com> Date: Tuesday, 2 June 2020 at 18:02 To: "tf-a(a)lists.trustedfirmware.org" <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] Gerrit seems to be broken Hello, The TF gerrit review dashboard seems to be broken this morning. I see “Server error” and it does not allow me to post scores or comments. Tried different browsers, but same issue persists. Anyone else seeing the same problem? Is this is a known issue? If yes, is anyone working on it? -Varun

5 years

1
0
0 0

Gerrit seems to be broken

by Varun Wadekar

Hello, The TF gerrit review dashboard seems to be broken this morning. I see "Server error" and it does not allow me to post scores or comments. Tried different browsers, but same issue persists. Anyone else seeing the same problem? Is this is a known issue? If yes, is anyone working on it? -Varun

5 years

1
0
0 0

TF-A Tech Forum Agenda @ Thr 4th June 2020 17:00-1800 BST

by Joanna Farley

Hi All, The next TF-A Tech Forum is scheduled for Thu 4th June 2020 17:00 - 18:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. Agenda: * TF-A SMC fuzzing module overview - Presented by Mark Dykes * General explanation of the approach taken to randomize the type and timing of the SMC calls in TF-A to provide a Fuzz testing capability. * Optional TF-A Mailing List Topic Discussions Thanks Joanna

5 years

1
0
0 0

Re: [TF-A] Unhandled Exception at EL3 in BL31 for Neoverse N1 with direct connect of DSU

by Manish Badarkhe

Hi Andrzej I think recent patch: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3493 which is currently in review may be solution for your issue where SCU presence is being checked before accessing CLUSTERCFR_EL1 register. Thanks Manish Badarkhe From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of "Witkowski, Andrzej via TF-A" <tf-a(a)lists.trustedfirmware.org> Reply to: "Witkowski, Andrzej" <andrzej.witkowski(a)intel.com> Date: Monday, 1 June 2020 at 19:38 To: "tf-a(a)lists.trustedfirmware.org" <tf-a(a)lists.trustedfirmware.org> Cc: "Witkowski, Andrzej" <andrzej.witkowski(a)intel.com>, "Lessnau, Adam" <adam.lessnau(a)intel.com> Subject: [TF-A] Unhandled Exception at EL3 in BL31 for Neoverse N1 with direct connect of DSU Hi, I work on project which uses ARM CPU Neoverse N1 with direct connect of DSU. I noticed the following error “Unhandled Exception at EL3” in BL31 bootloader after switching from ATF 2.1 to 2.2. The root cause is that after invoking neoverse_n1_errata-report function in lib/cpus/aarch64/neoverse_n1.S file and reaching the line 525, the function check_errata_dsu_934 in lib/cpus/aarch64/dsu_helpers.S file is always invoked regardless of whether ERRATA_DSU_936184 is set to 0 or to 1. In our case, ERRATA_DSU_936184 := 0. [cid:image001.png@01D6384E.C183C050] [cid:image002.png@01D6384E.C183C050] Neoverse N1 with direct connect version of DSU doesn’t contain SCU/L3 cache and CLUSTERCFR_EL1 register. The error “Unhandled Exception at EL3” appears in BL31 bootloader during attempt to read the CLUSTERCFR_EL1 register which doesn’t exist in our RTL HW. Andrzej Witkowskie Intel Technology Poland --------------------------------------------------------------------- Intel Technology Poland sp. z o.o. ul. Słowackiego 173 | 80-298 Gdańsk | Sąd Rejonowy Gdańsk Północ | VII Wydział Gospodarczy Krajowego Rejestru Sądowego - KRS 101882 | NIP 957-07-52-316 | Kapitał zakładowy 200.000 PLN. Ta wiadomość wraz z załącznikami jest przeznaczona dla określonego adresata i może zawierać informacje poufne. W razie przypadkowego otrzymania tej wiadomości, prosimy o powiadomienie nadawcy oraz trwałe jej usunięcie; jakiekolwiek przeglądanie lub rozpowszechnianie jest zabronione. This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). If you are not the intended recipient, please contact the sender and delete all copies; any review or distribution by others is strictly prohibited.

5 years

1
0
0 0

Unhandled Exception at EL3 in BL31 for Neoverse N1 with direct connect of DSU

by Witkowski, Andrzej

Hi, I work on project which uses ARM CPU Neoverse N1 with direct connect of DSU. I noticed the following error "Unhandled Exception at EL3" in BL31 bootloader after switching from ATF 2.1 to 2.2. The root cause is that after invoking neoverse_n1_errata-report function in lib/cpus/aarch64/neoverse_n1.S file and reaching the line 525, the function check_errata_dsu_934 in lib/cpus/aarch64/dsu_helpers.S file is always invoked regardless of whether ERRATA_DSU_936184 is set to 0 or to 1. In our case, ERRATA_DSU_936184 := 0. [cid:image001.png@01D63828.FA4B1440] [cid:image002.png@01D6382A.B84A0950] Neoverse N1 with direct connect version of DSU doesn't contain SCU/L3 cache and CLUSTERCFR_EL1 register. The error "Unhandled Exception at EL3" appears in BL31 bootloader during attempt to read the CLUSTERCFR_EL1 register which doesn't exist in our RTL HW. Andrzej Witkowskie Intel Technology Poland --------------------------------------------------------------------- Intel Technology Poland sp. z o.o. ul. Sowackiego 173 | 80-298 Gdask | Sd Rejonowy Gdask Pnoc | VII Wydzia Gospodarczy Krajowego Rejestru Sdowego - KRS 101882 | NIP 957-07-52-316 | Kapita zakadowy 200.000 PLN. Ta wiadomo wraz z zacznikami jest przeznaczona dla okrelonego adresata i moe zawiera informacje poufne. W razie przypadkowego otrzymania tej wiadomoci, prosimy o powiadomienie nadawcy oraz trwae jej usunicie; jakiekolwiek przegldanie lub rozpowszechnianie jest zabronione. This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). If you are not the intended recipient, please contact the sender and delete all copies; any review or distribution by others is strictly prohibited.

5 years

1
0
0 0

Announcing new maintainers for the TF-A project

by Sandrine Bailleux

Hi all, Now that the tf.org project maintenance process [1] has been finalized, it is time to think about electing new maintainers for the project. We are delighted to announce that the following contributors have been appointed maintainers by their peers: - Julius Werner (Google) - Varun Wadekar (NVIDIA) - Andre Przywara (Arm) - Lauren Wehrmeister (Arm) - Madhukar Pappireddy (Arm) As outlined in [1], here is the definition and responsibilities of maintainers: ------------8<------------ There are a number of maintainers assigned to the project. The project keeps a list of them along with their contact information. Maintainers don't necessarily need a deep domain expertise of all areas of the project, instead they look at the project from a high level perspective. They are expected to ensure that changes adhere to the project's quality criteria, to its architectural direction, to its threat model and so on. Code owners and maintainers are complementary roles. Unlike code owners, maintainers can approve any patch, no matter what module it concerns. They are responsible for ensuring patches have had enough overall review and adding their own approval in a timely manner. They also have merge rights, i.e. the ability to merge a patch in the tree once it has received all required approvals. ------------8<------------ These people have been granted Code-Review -2/+2 rights in Gerrit and have been added in the maintainers.rst file as part of this patch: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4298 Congratulations to them! Best regards, Sandrine [1] https://developer.trustedfirmware.org/w/collaboration/project-maintenance-p…

5 years

1
0
0 0

Re: [TF-A] After migrating from TFA-1.5 to TFA2.3, parts of NOTICE messages are missed, which comes as part of boot-up logs.

by Manish Pandey2

Hi Pankaj, Can you please send the specific NOTICE messages which are missing, may be sending 1.5 and 2.3 logs will help. thanks Manish ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Pankaj Gupta via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 27 May 2020 09:36 To: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] After migrating from TFA-1.5 to TFA2.3, parts of NOTICE messages are missed, which comes as part of boot-up logs. Hi After migrating from TFA-1.5 to TFA2.3, parts of NOTICE messages are missed, which comes as part of boot-up logs. Any pointers on how to fix this issue. Thanks. Regards Pankaj

5 years

1
0
0 0

After migrating from TFA-1.5 to TFA2.3, parts of NOTICE messages are missed, which comes as part of boot-up logs.

by Pankaj Gupta

Hi After migrating from TFA-1.5 to TFA2.3, parts of NOTICE messages are missed, which comes as part of boot-up logs. Any pointers on how to fix this issue. Thanks. Regards Pankaj

5 years

1
0
0 0

Re: [TF-A] fconf: Validating config data

by Manish Badarkhe

Hi Raghu We have plan to work on this and come up with some design which handles mandatory/critical properties. On 13/05/2020, 22:18, "TF-A on behalf of Raghu K via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi All, Since the 2.3 release is done, can we revisit this topic? I think we left this with finalizing on how to handle bad/incorrect DTB's. Sandrine's latest proposal below: "A bad DTB seems more like an integration error than a programming error to me, and thus should be handled with runtime checks according to the current guidelines. Incorrect values for mandatory properties should probably be treated as unrecoverable errors (causing a panic) and incorrect/missing optional properties as recoverable errors (issuing a warning message)." I agree with this proposal and think we should follow this. This addresses my original concern of handling errors consistently and being safe by verifying mandatory/critical properties at run-time. Thoughts ? Thanks Raghu On 4/13/20 10:27 AM, Raghu Krishnamurthy wrote: > Thanks Sandrine. Revisiting after v2.3 is sounds fine. > > -Raghu > > On 4/10/20 2:25 AM, Sandrine Bailleux wrote: >> Hi Raghu, >> >> On 4/8/20 12:50 AM, Raghu Krishnamurthy wrote: >>> Thanks Sandrine, Louis, >>> >>> Agree with both of you. I'm fine with using asserts or panics, as >>> long as we uniformly use it. The change i sent out(review 3845) was >>> because i noticed inconsistency in handling errors. If we do use >>> asserts, all code that checks for mandatory properties, should be >>> changed to assert as opposed to return error code. For optional >>> properties, we can continue to return an error code or print >>> warnings etc. >> >> Yes, I too think consistency is key here. As you said, we need to >> settle on the expected behaviour and enforce it uniformly across the >> fconf code. Let's revisit this code after the v2.3 release. >> >>> I would like to point out that using asserts here is different from >>> what is documented in the coding guidelines. The guidelines >>> explicitly spells out using asserts for "programming errors". >>> Now, is having a bad DTB considered a programming error? ;) The DTB >>> is platform data as opposed to code. The guidelines might need to be >>> updated based on the conclusion here. >> >> Now that you point it out, and after taking a closer look at [1], I >> think I was wrong. A bad DTB seems more like an integration error >> than a programming error to me, and thus should be handled with >> runtime checks according to the current guidelines. Incorrect values >> for mandatory properties should probably be treated as unrecoverable >> errors (causing a panic) and incorrect/missing optional properties as >> recoverable errors (issuing a warning message). >> >> [1] >> https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guideline… >> >> >>> Also note the couple of scenarios i mentioned in an earlier email. >>> Platforms like RPI4 don't generally enable TBBR and the DTB image >>> could get corrupt or be modified on purpose. On a release build, >>> this could cause silent corruption. Panic() would avoid this. >>> >>> In any case, it would be good to settle on the expected behavior for >>> each of these abnormal cases. I don't have a strong preference for >>> asserts or panics here, since each has its pros and cons as both of >>> you called out. >>> >>> Thanks >>> Raghu > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years

1
0
0 0

TF-A Tech Forum Agenda @ Thr 21sth May 2020 17:00-1800 BST

by Joanna Farley

Hi All, The next TF-A Tech Forum is scheduled for Thu 21st May 2020 17:00 - 18:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. Agenda: * Firmware Configuration Framework (FConf) Update - Presented by Manish Badarkhe and Madhukar Pappireddy * Discussion on how we have leveraged FConf framework in making statically configured components of TF-A to be dynamic. A number of such components have already been identified which potentially use FConf framework. Patches for such components are either merged or in-review * Design discussion on CoT descriptors movement to device tree using FConf framework. * Optional TF-A Mailing List Topic Discussions Thanks Joanna

5 years

1
0
0 0

Re: [TF-A] Candidates for fconf based dynamic configuration

by Raghu K

Off the top of my head, secure world interrupts(SPI's, PPI's, SGI's), MMU mappings for anything that does not depend on image layout(platform specific devices, UEFI MM or other special regions), security policies like TZC region protections. -Raghu On 5/14/20 8:45 AM, Madhukar Pappireddy via TF-A wrote: > > Hi, > > We are in the process of leveraging the fconf framework to make the > static configurations of various components of TF-A to more dynamic > configurations. The primary motivation behind this effort is to > evaluate the possibility of having common TF-A BL images that can be > used across multiple platforms. As a start, this involves moving > compile-time C based data structures into device tree which are > extracted during runtime. We have chosen the FVP platform as a proof > of concept for this effort and have identified the following > components to be made more dynamic: > > runtime UART std-out: > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3775, > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3923/ > > Topology description: > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3492, > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3522 > > GICv3 configuration: > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4066 > > Timer configuration: > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3696 > > SDEI platform setup: > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3990 > > CoT descriptor: > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4080, > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4081 > > Platform IO Policies: > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/2558 > > Please advise if there are any other components of TF-A that can be > configured dynamically in runtime. > > Thanks, > > Madhu > >

5 years, 1 month

1
0
0 0

Candidates for fconf based dynamic configuration

by Madhukar Pappireddy

Hi, We are in the process of leveraging the fconf framework to make the static configurations of various components of TF-A to more dynamic configurations. The primary motivation behind this effort is to evaluate the possibility of having common TF-A BL images that can be used across multiple platforms. As a start, this involves moving compile-time C based data structures into device tree which are extracted during runtime. We have chosen the FVP platform as a proof of concept for this effort and have identified the following components to be made more dynamic: runtime UART std-out: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3775, https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3923/ Topology description: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3492, https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3522 GICv3 configuration: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4066 Timer configuration: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3696 SDEI platform setup: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3990 CoT descriptor: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4080, https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4081 Platform IO Policies: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/2558 Please advise if there are any other components of TF-A that can be configured dynamically in runtime. Thanks, Madhu

5 years, 1 month

1
0
0 0

Re: [TF-A] TF-A and U-Boot: How to Boot a specific u-boot image

by Raghu K

Hi Florian, I can give some general answers to your questions and hopefully get to answering your real questions with further discussion. Please feel free to ask more questions if this does not help. >> I noticed that TF-A is designed to load FIP Image but the U-Boot Environment have a different format. How to access the QSPI NOR memory? NXP specific driver? [RK] TF-A generally provides frameworks to do most things and does not provide device specific drivers but for SPI NOR, there are drivers under drivers/mtd/nor that could potentially be used. You will likely need to implement the appropriate platform hooks for the SPI bus itself to use it. The TF-A IO framework has the io_mtd layer that can be hooked into a nor device. drivers/st/spi/stm32_qspi.c seems to use all of this and should be a good example(perhaps some one from ST can chime in too). if you hook you SPI driver to the TF-A layers correctly, there should be nothing preventing you from accessing the uboot environment partition. Also, TF-A's primary/default format for firmware images is FIP but definitely does not preclude a platform from using it's own format. >>The bl2 is designed to load only one FIP image, is it possible to add an additional entry ? [RK] Not really. BL2 is fairly generic and you should be able to hook any image format to it. If you must use the FIP format, you can map your images to existing image id's to create a FIP with any image that you have. Once again, FIP is fairly flexible and generally treats firmware images in the package as blob's. >>if we want to use a secure boot in the future [RK] Like with the above things, the Trusted Board Boot framework is flexible and you should be able to implement secure boot on FIP and other formats. TF-A provides an implementation of the TBBR specification for secure boot. It should be possible to implement the algorithm below, if you have an appropriate platform port, from what i gather in your question below. Thanks -Raghu On 5/13/20 5:40 AM, florian.manoel--- via TF-A wrote: > > Hello TF-A mail list, > > I’m new here, so I quickly introduce myself. > I am Florian Manoel, working as firmware developer at Siemens in > Karlsruhe, Germany. Recently, we decided to start some development > based on ARM processor, the theme TF-A is new for us. > > Currently, we have a custom board equipped with the processor NXP > Layerscape LS1043a. So far, everything is working as planned, the > PreBootLoader (TF-A) boots the bootloader (U-Boot) that’s boots linux > on top. > However, we want to have the possibility to boot an alternative u-boot > FIP image, I explain: > We use as boot source a QSPI NOR memory. In this memory are stored > ‘bl2_qspi.pbl’, 2 times ‘fip.bin’, the u-boot environment and some > micro-code. > We want to select the u-boot image to be booted according to the value > of a specific variable stored in the u-boot environment ‘u-boot-select’. > The algo is, for my eye, relatively simple : > > Start > - Check value of the u-boot variable ‘u-boot-select’ > > - Check if the corresponding u-boot image is valid, if not select the > alternative one > - Boot selected u-boot image > End > > > We want this functionality in case an u-boot image is broken (ex: > power OFF during U-Boot update). > > I already went through the source code and it rose more question than > it answered. For example: > I noticed that TF-A is designed to load FIP Image but the U-Boot > Environment have a different format. How to access the QSPI NOR > memory? NXP specific driver? > The bl2 is designed to load only one FIP image, is it possible to add > an additional entry ? > On top of it come the question of the reliability and what will happen > if we want to use a secure boot in the future.. > > I am looking for advice and support on this specific topic. > Thanks for your support, > > Mit freundlichen Grüßen > Florian Manoël > > Siemens AG > Digital Industries > Process Automation > Software House Khe > DI PA CI R&D 2 > Östliche Rheinbrückenstr. 50 > 76187 Karlsruhe, Deutschland > Tel.: +49 721 595-1433 > mailto:florian.manoel@siemens.com > www.siemens.com/ingenuityforlife <https://siemens.com/ingenuityforlife> > > Siemens Aktiengesellschaft: Vorsitzender des Aufsichtsrats: Jim > Hagemann Snabe; Vorstand: Joe Kaeser, Vorsitzender; Roland Busch, > Klaus Helmrich, Cedrik Neike, Ralf P. Thomas; Sitz der Gesellschaft: > Berlin und München, Deutschland; Registergericht: Berlin > Charlottenburg, HRB 12300, München, HRB 6684; WEEE-Reg.-Nr. DE 23691322 > >

5 years, 1 month

1
0
0 0

Re: [TF-A] fconf: Validating config data

by Sandrine Bailleux

Hi Raghu and Louis, On 4/7/20 12:14 PM, Louis Mayencourt via TF-A wrote: > I do agree with you: case 2 and 3 are similar (wrongly formed DTB) and > should lead to the same behavior. > > A mandatory property miss or a hit with a structurally incorrect node > means that the DTB doesn't follow the provided binding document. Such a > DTB shouldn't be considered as valid and should trigger a build failure > and/or a code panic. That's what still confuses me... Agree on cases 2 and 3 triggering a build failure if possible, but not a code panic. A code panic stays in a release build. With what we've been discussing so far, it would seem more appropriate to me to have debug assertions to catch cases 2 and 3. These debug assertions can help catching structural problems in the DTB during the development phase and can be eliminated for a production build, leaving no checks whatsoever in the code. This is the strategy we've been using so far in TF-A. For lots of platform interfaces, the generic code includes debug assertions to check the correct implementation of these interfaces by platform integrators. For example, checking the range of their return values. I would say this is deeply embedded into the threat model TF-A uses today. See https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guideline… On one hand, it makes sense to me. On the other hand, I take Raghu's point that it would be unrealistic to assume that 100% of code has been covered by tests. This is very hard to achieve in practice, especially to cover all error cases ; thus, it seems utopian to assume that all debug assertions have been exercised during development and can be safely removed. TF-A does provide a way to keep debug assertions in a release build (using the ENABLE_ASSERTIONS build flag) if platform integrators judge they would rather keep them but this is not the default behaviour. Regards, Sandrine

5 years, 1 month

3
4
0 0

TF-A and U-Boot: How to Boot a specific u-boot image

by florian.manoel＠siemens.com

Hello TF-A mail list, I'm new here, so I quickly introduce myself. I am Florian Manoel, working as firmware developer at Siemens in Karlsruhe, Germany. Recently, we decided to start some development based on ARM processor, the theme TF-A is new for us. Currently, we have a custom board equipped with the processor NXP Layerscape LS1043a. So far, everything is working as planned, the PreBootLoader (TF-A) boots the bootloader (U-Boot) that's boots linux on top. However, we want to have the possibility to boot an alternative u-boot FIP image, I explain: We use as boot source a QSPI NOR memory. In this memory are stored 'bl2_qspi.pbl', 2 times 'fip.bin', the u-boot environment and some micro-code. We want to select the u-boot image to be booted according to the value of a specific variable stored in the u-boot environment 'u-boot-select'. The algo is, for my eye, relatively simple : Start - Check value of the u-boot variable 'u-boot-select' - Check if the corresponding u-boot image is valid, if not select the alternative one - Boot selected u-boot image End We want this functionality in case an u-boot image is broken (ex: power OFF during U-Boot update). I already went through the source code and it rose more question than it answered. For example: I noticed that TF-A is designed to load FIP Image but the U-Boot Environment have a different format. How to access the QSPI NOR memory? NXP specific driver? The bl2 is designed to load only one FIP image, is it possible to add an additional entry ? On top of it come the question of the reliability and what will happen if we want to use a secure boot in the future.. I am looking for advice and support on this specific topic. Thanks for your support, Mit freundlichen Grüßen Florian Manoël Siemens AG Digital Industries Process Automation Software House Khe DI PA CI R&D 2 Östliche Rheinbrückenstr. 50 76187 Karlsruhe, Deutschland Tel.: +49 721 595-1433 mailto:florian.manoel@siemens.com www.siemens.com/ingenuityforlife<https://siemens.com/ingenuityforlife> Siemens Aktiengesellschaft: Vorsitzender des Aufsichtsrats: Jim Hagemann Snabe; Vorstand: Joe Kaeser, Vorsitzender; Roland Busch, Klaus Helmrich, Cedrik Neike, Ralf P. Thomas; Sitz der Gesellschaft: Berlin und München, Deutschland; Registergericht: Berlin Charlottenburg, HRB 12300, München, HRB 6684; WEEE-Reg.-Nr. DE 23691322

5 years, 1 month

1
0
0 0

Impact of the tf.org projects' maintenance process on TF-A

by Sandrine Bailleux

Hello all, As the trustedfirmware.org project maintenance process [1] is now live, it would be good if we start adopting it in our development flow for TF-A. I would like to highlight the main changes that will have an impact on our day-to-day work on the project. 1. Patch submitters to explicit choose their reviewers ------------------------------------------------------ All patches should now have dedicated reviewers. The patch submitter is responsible for adding them in the reviewers field of their Gerrit review. Each patch should have 2 types of reviewers: - Code owners. - Maintainers. There needs to be 1 code owner per module modified by the patch as well as 1 maintainer. The maintainers and code owners are listed here: https://trustedfirmware-a.readthedocs.io/en/latest/about/maintainers.html Ideally, we would have at least 2 code owners per module so that they can review each other's patches. Unfortunately we're not there yet (especially for platform ports) so we need a work around for patches submitted by the sole code owner of a module itself. In this scenario, I would like to suggest we leave it to the patch submitter to decide on a case by case basis whether they want to nominate someone to do the detailed technical review or skip it entirely. In any case, a maintainer will still need to review and approve the patch. If this proves not to be working well over time (either because it creates unnecessary review bottlenecks or lowers the code quality too much), we can revisit that in the future. If you've got patches in review right now, may I please request you to add reviewers accordingly? The sooner we start adopting this process the better, as it will allow us to see how this works in practice and come up with adjustments if need be. 2. Reviewers to provide feedback in a timely manner --------------------------------------------------- If someone asks you to do a review, please try to do it in a timely manner. There is no timeline guidelines set just yet for TF-A but I think a good rule of thumb would be to aim to provide feedback in a week's time. This does not mean that the review has to be completed in a week (complex patches might need a lot of discussion and/or rounds of review & rework), just that there's some progress and activity at least once per week. If for some reason, you know you won't be able to honour a review request, please say so on Gerrit ASAP so that the patch submitter can choose another reviewer. 3. What's next? --------------- In the coming weeks or months, we'd like to: - Extend the list of code owners. - Extend the list of maintainers. - Come up with TF-A specific contribution guidelines that complement the tf.org process [1]. We already have some here [2] but would like to expand them and possibly revisit some of them. Obviously, this will be a community effort, much like the tf.org process was, and all TF-A contributors will have a say in defining this so that we end up with something that works for everyone (as much as possible). Best regards, Sandrine [1] https://developer.trustedfirmware.org/w/collaboration/project-maintenance-p… [2] https://trustedfirmware-a.readthedocs.io/en/latest/process/contributing.html

5 years, 1 month

1
0
0 0

Re: [TF-A] GCC compiler flags

by Samuel Holland

Hi, On 5/12/20 1:41 PM, Varun Wadekar via TF-A wrote: > While reviewing all the compiler flags used by TF-A, we couldn’t find > information for the following options in the GCC manual [1] > > * --fatal-warnings > (https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/…) Options passed to -Wa are assembler options, not compiler options. That one is documented here: https://sourceware.org/binutils/docs/as/W.html > * -fno-stack-protector > (https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/…) This is the negative version of -fstack-protector, needed on compilers configured with --enable-default-ssp: https://gcc.gnu.org/onlinedocs/gcc-10.1.0/gcc/Instrumentation-Options.html#… They are both valid. Regards, Samuel

5 years, 1 month

1
0
0 0

GCC compiler flags

by Varun Wadekar

Hello, While reviewing all the compiler flags used by TF-A, we couldn't find information for the following options in the GCC manual [1] * --fatal-warnings (https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/…) * -fno-stack-protector (https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/…) Can someone please help me understand if these options are still valid? Thanks. [1] https://gcc.gnu.org/onlinedocs/gcc-9.2.0/gcc/Option-Index.html#Option-Index ----------------------------------------------------------------------------------- This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. -----------------------------------------------------------------------------------

5 years, 1 month

1
0
0 0

Re: [TF-A] Project Maintenance Proposal for tf.org Projects

by Sandrine Bailleux

Hi all, On 5/5/20 9:04 AM, Sandrine Bailleux via TF-A wrote: > I've received very little feedback on version 2 of the proposal, which > hints that we are reaching an agreement. Thus, I plan to finalize the > proposal this week. This can then become part of our development flow > for all trustedfirmware.org projects. > > Thanks again for all the inputs! The project maintenance process is now live. The document has been moved here (with a few minor edits to turn it from a proposal to an effective process): https://developer.trustedfirmware.org/w/collaboration/project-maintenance-p… Thanks! Regards, Sandrine

5 years, 1 month

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 358027: Insecure data handling (TAINTED_SCALAR) ________________________________________________________________________________________________________ *** CID 358027: Insecure data handling (TAINTED_SCALAR) /common/fdt_wrappers.c: 295 in fdt_get_reg_props_by_name() 289 290 index = fdt_stringlist_search(dtb, node, "reg-names", name); 291 if (index < 0) { 292 return index; 293 } 294 >>> CID 358027: Insecure data handling (TAINTED_SCALAR) >>> Passing tainted variable "index" to a tainted sink. 295 return fdt_get_reg_props_by_index(dtb, node, index, base, size); 296 } 297 298 /******************************************************************************* 299 * This function gets the stdout path node. 300 * It reads the value indicated inside the device tree. ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/ls/click?upn=nJaKvJSIH-2FPAfmty-2BK5tYpPkl…

5 years, 1 month

1
0
0 0

Re: [TF-A] Proposal for Measured Boot Implementation

by Vivek Prasad

Hello Stuart, Alexei, Chiming-in here on Ampere's behalf... We analysed this proposal internally. And we see a number issues with this, some of which was already raised by Raghu in the previous threads. Here is a summary of the main issues that we see. * Only supporting mbedtls, and this is fixed config at compile time. * We propose that there should be a variable for the algorithm to be used, which can be setup at initialization time. * This solution relies on taking the hash directly from the digest as the measurement, instead of the computed hash. This is not safe, especially considering measured boot may use a different hash bank, so digest hash may not be correct/valid. * Only measuring the BL2 image, per the ARM SBSG we must be measuring and logging *all* images/boot phases * BL31 * BL32 (all secure partitions) * BL33 (UEFI or any other non-secure boot loader) * Once we ERET into BL33, the measure boot flow continues and is owned by that boot loader * Only see support for PCR0, any/all unsigned config data must be logged to PCR1. * Passing PCRs to non-secure software before logging is not compliant with TCG Static-Root-of-Trust Measurement (SRTM) requirements * It was discussed before in separate conversations… especially in systems where you are talked about two different signing domains where BL33 is a different trust/signing domain. * BL33 should only do hash-log-extend… there is no need for BL33 to be aware of the current PCR value (beyond what is provided in the boot event log). * Based on comments on the mail thread, there seem to be bad assumptions/expectations around TPM accessibility from non-secure world. * Expecting SPI/I2C TPMs to be directly accessed from non-secure world instead of abstracting hardware details via the TCG CRB interface (which has been already standardized as the defacto mechanism for ARM on past mobile, client, and server solutions). * CRB will "just work" for Aptio/EDK2/Linux/Windows/Hyper-V/VMWare * NOTE: This goes back to what is a “productizable” TPM solution. We want it to be turn-key solution for customers without having to support/develop proprietary drivers. -Vivek/Harb

5 years, 1 month

3
3
0 0

TF-A Tech Forum Agenda @ Thr 7th May 2020 17:00-1800 BST

by Joanna Farley

Hi All, The next TF-A Tech Forum is scheduled for Thu 7th May 2020 17:00 - 18:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. This meeting will be chaired by Bipin Ravi. Agenda: * Overview of a new TF-A Build System based on Cmake by Javier Almansa Sobrino * Optional TF-A Mailing List Topic Discussions Thanks Joanna

5 years, 1 month

1
0
0 0

Re: [TF-A] Need input on Errata implementation

by Soby Mathew

> -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Raghu > Krishnamurthy via TF-A > Sent: 30 April 2020 02:33 > To: Manish Badarkhe <Manish.Badarkhe(a)arm.com>; tf- > a(a)lists.trustedfirmware.org > Cc: nd <nd(a)arm.com> > Subject: Re: [TF-A] Need input on Errata implementation > > Hi Manish, > > Really appreciate you for taking time to respond to my concerns/questions. > > What about this situation? NS-EL2 makes an SMC call to EL3 to get some basic > information like GET_SOC_INFORMATION. This is a simple SMC and there is no > call to context save or context restore. During the SMC call, if there is a > speculative AT instruction on a lower EL(say NS-EL2), there could be a bad > cached translation. Do you not need to apply the errata in this situation ? If > not, why? > > >>We can't simply apply this errata on reset and just leave the system. > > [RK]Totally agree. See CPU_E_HANDLER_FUNC. It is not necessary that > cpu_ops are only called during reset and power down. > CPU_E_HANDLER_FUNC is called at runtime due EA's. > > >>We thought of taking different approach for this errata > implementation >>where anybody disable this workaround using macro as > this errata is >>applicable for most of the CPUs (by default enabled) and can't > be >>placed in cpu_ops. > > [RK]This is a poor approach in my view. Most CPU's is not all CPU's. The reason > the errata framework exists is to apply CPU specific erratas by checking for > them dynamically. Different stepping's of the same CPU's may or may not have > the errata and typically you check the MIDR to know if the errata applies or > not. Linux does not apply the errata to all CPU's since "most" CPU's have the > issue. They check for its existence at runtime and only then apply it. TF-A > should not hold itself to a lower standard. Hi Raghu I guess this depends on what the errata workaround involves. Since this workaround applies bit setting on an out of context register, it was not expected to affect the EL3 execution performance (or the lower level EL because the bits are restored on return). Also it was thought that the act of searching through the list of compiled CPUs and checking if the workaround is applicable might be more detrimental than the unilateral application of the workaround for this case (assuming no extra barriers are added since the code path it is inserted in have them already later in the sequence). But I agree it is more elegant to have this coupled into CPU_OPS framework. I think Manish has some ideas for this. Best Regards Soby Mathew > > -Raghu > > On 4/29/20 1:35 AM, Manish Badarkhe wrote: > > Hi Raghu > > > > Just to add/correct one more thing from my previous emails that this errata > workaround proposed is > > applied to both normal and secure world switches to EL3. > > > > Thanks > > Manish Badarkhe > > > > On 29/04/2020, 12:25, "TF-A on behalf of Manish Badarkhe via TF-A" <tf-a- > bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> > wrote: > > > > Hi Raghu > > > > On 29/04/2020, 02:00, "Raghu K" <raghu.ncstate(a)icloud.com> wrote: > > > > Hi Manish, > > > > Thanks. > > > > >> we don’t have any AT instances in minimum execution window after > context switching from S-EL(1/2) > > >> to EL3 and before updating TCR register. > > > > 1) What is the minimum execution window? Does that not change based > on micro-architecture? > > Not sure about exact minimum execution window. IMO, it really depend > upon when "context_save" gets called after > > entering into EL3 from S-EL1/2. It may changed upon micro-architecture. > Need some experts comment here. > > > > 2) Do we know that the "execution window" is exactly the same for all > the CPU's this errata applies to? > > It may be but we should not worry on that if we don’t have any AT > instruction execution in that window. > > > > Also, it appears we are only talking about switching from S-EL1/2 to EL3. > The same issue can happen when you go from NS-EL1/EL2 to EL3 as well. There > also seems to be an assumption in the patch you submitted that this errata > happens only during a so called context-switch. From my reading, the cortex- > Ax errata notices don't limit the errata to occur only during "context-switches" > in the "conditions" section and can occur while executing ANY code, although > the work around section does muddy the waters a bit. > > > > In Linux, at NS-EL2 this workaround is already in place. Hence we just > thought of considering cases from Secure EL side to put this workaround. > > Yes, errata should not limit to particular conditional section but this > particular errata is not straight-forward like another errata placed in the code > currently. We can't simply apply this errata on reset and just leave the system. > > > > Back to problem, AT instruction speculative execution using out-of- > context regime that results in page table walk and generate the incorrect > > translation which are cached in TLB. To avoid this issue we thought of > disabling PTW for that particular EL. > > for e.g. If AT instruction execution for EL1 present in EL3 then we have to > make sure speculative behaviour of this AT should not result in incorrect > translation cached in TLB. If system is always in EL3 (if we loop-in in EL3 always > without going back and forth to/from lower EL) then in that case > > there is no need of this workaround. > > Hence we thought to put this workaround over boundary context of > context switches. When "context save" (close to EL3 entry) happened we > meticulously save all EL system registers (S-EL1/S-EL2) with PTW disabled and > continue EL3 execution with PTW disabled ensuring we should not cache any > incorrect translation for (S-EL1/S-EL2) and during "context restore" (i.e. close > to EL3 exit) again we disabled PTW, restore all system registers for EL (S-EL1/S- > EL2) except TCR and then restore TCR. > > > > 3) Has there been any work done to actually reproduce this issue and > also to see that this actually fixes the issue? > > No this issue is hard to reproduce. > > > > 4) Has the CPU errata framework(cpu_ops etc.) been considered to > possibly implement the errata? Sprinkling erratas through common framework > code does not seem like a good idea. > > We thought of taking different approach for this errata implementation > where anybody disable this workaround using macro as this errata is > applicable for most of the CPUs (by default enabled) and can't be placed in > cpu_ops. > > > > Thanks > > Raghu > > > > Thanks > > Manish Badarkhe > > > > On 4/28/20 1:44 AM, Manish Badarkhe wrote: > > > Hi Raghu > > > > > > Please see my replies inline. > > > > > > Regards > > > Manish Badarkhe > > > > > > On 28/04/2020, 11:29, "Raghu Krishnamurthy" > <raghu.ncstate(a)icloud.com> wrote: > > > > > > Hi Manish, > > > > > > Understood. > > > > > > >>Hence before entering in EL3, we ensured that PTW is disabled > (at > > > context save) > > > > > > The context save and restore functions are executed in EL3. So how > are > > > you disabling PTW before entering EL3 ? > > > > > > Yes, I put it wrongly. We thought "context_save/restore" is best place > to disable PTW without much affecting the > > > code because we don’t have any AT instances in minimum execution > window after context switching from S-EL(1/2) > > > to EL3 and before updating TCR register. > > > > > > -Raghu > > > > > > Thanks > > > Manish Badarkhe > > > > > > On 4/27/20 10:53 PM, Manish Badarkhe wrote: > > > > Hi Raghu > > > > > > > > This workaround is specifically need for speculative AT instruction > behaviour in out of context regime. > > > > That means executing AT instruction for lower ELs (S-EL1/S-EL2) in > higher EL i.e. EL3. > > > > > > > > Behaviour of AT instruction is unaltered when it get executed in > same regime (when AT instruction executed for same EL > > > > where it is executing) and there is no possibility to execute AT > instruction for higher EL in lower EL. > > > > > > > > Hence before entering in EL3, we ensured that PTW is disabled (at > context save) and restore PTW back during > > > > exit of EL3. (at context restore). > > > > > > > > Thanks > > > > Manish Badarkhe > > > > > > > > On 28/04/2020, 01:23, "Raghu K" <raghu.ncstate(a)icloud.com> > wrote: > > > > > > > > Hi Manish, > > > > > > > > >>Hence proposed solution will work as it is > > > > > > > > [RK]If you are sure go ahead. I'm not convinced, but that may > be because > > > > i don't understand the errata fully/correctly. > > > > > > > > >>This workaround is very specific during context switching > > > > > > > > [RK] Context switching has many meanings depending on the > context(OS, > > > > hypervisor, TF-A world switch etc). The errata document i saw > does not > > > > elaborate on this. Perhaps clarifying this will help understand > why the > > > > solution you proposed will work. > > > > > > > > The solution below in points 2 and 3 have the same problem on > entry and > > > > exit, mentioned in my first email. Before you call > > > > el1_sysregs_context_save, an AT instruction could have > speculatively > > > > executed through speculation of branches that occur BEFORE > you call this > > > > function, when TCR still has the enable bit set. The fact that you > don't > > > > have an AT instruction in the context save routine or any > routine for > > > > that matter, does not guarantee that the hardware did not > speculate > > > > through some other means to reach an AT instruction. The > same applies to > > > > the context_restore routines. There is no guarantee right after > you > > > > finish the restore routing(and hence TCR has the enable bit set), > that > > > > the CPU cannot speculate to an AT instruction. > > > > So i'm not clear how you can say for certain that there was no > > > > speculative AT instruction with the proposal below. > > > > > > > > Thanks > > > > Raghu > > > > > > > > On 4/27/20 10:08 AM, Manish Badarkhe wrote: > > > > > Hi All, > > > > > > > > > > Just update/correct details. > > > > > > > > > > Thanks > > > > > Manish Badarkhe > > > > > > > > > > On 27/04/2020, 22:13, "TF-A on behalf of Manish Badarkhe > via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf- > a(a)lists.trustedfirmware.org> wrote: > > > > > > > > > > Hi Raghu > > > > > > > > > > Please ignore my answer on question 2. > > > > > > > > > > With internal discussion came to below conclusion: > > > > > 1. This workaround is very specific during context > switching. > > > > > 2 . If you check in context save routine > (el1_sysregs_context_save or el2_sysregs_context_save), > > > > > As per proposed solution, First step performed is to > disable page table walk and we don’t have > > > > > any AT instruction execution in context save routine. > > > > > This ensures that there will be no possibility of > speculative AT instruction execution without TCR update. > > > > > 3. If you check in context restore routine > (el1_sysregs_context_restore or el2_sysregs_context_restore), > > > > > As per proposed solution, first step performed is to > disable page table walk and we don’t have any > > > > > AT instruction execution in context restore routine. > > > > > This ensures that there will be no possibility of > speculative AT instruction execution without TCR update. > > > > > > > > > > Hence proposed solution will work as it is ensuring no > caching of translations in TLB while speculative AT instruction execution. > > > > > > > > > > Thanks > > > > > Manish Badarkhe > > > > > > > > > > On 27/04/2020, 13:38, "TF-A on behalf of Manish Badarkhe > via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf- > a(a)lists.trustedfirmware.org> wrote: > > > > > > > > > > Hi Raghu > > > > > > > > > > Please see my answers inline > > > > > > > > > > On 25/04/2020, 06:38, "TF-A on behalf of Raghu K via TF- > A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf- > a(a)lists.trustedfirmware.org> wrote: > > > > > > > > > > Hi Manish, > > > > > > > > > > Before I agree or disagree with the suggested fix, the > following would > > > > > be interesting to know/discuss. Please feel free to > correct me if i've > > > > > misunderstood something. > > > > > > > > > > 1) Are "speculative" AT instructions subject to TCR_ELx > control bits for > > > > > all the listed CPU's? I imagine the answer is yes but > would be good to > > > > > get confirmation. I could not find any evidence in the > instruction > > > > > description or psuedocode in the ARMv8 ARM. It is > possible to play many > > > > > tricks on speculative execution of instructions such as > skipping checks > > > > > and doing them only when the CPU knows the > instruction will be > > > > > committed. If this is the case, changing TCR_ELx bits > may not work. The > > > > > errata document is vague about how to fix it. > > > > > > > > > > The speculative AT instruction may behave as you > mentioned. We need more > > > > > opinion on this. > > > > > Proposed fix I mentioned by referring linux workaround > for the same errata. > > > > > Linux workaround is available in mainline kernel as > below: > > > > > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… > v5.7-rc3&id=bd227553ad5077f21ddb382dcd910ba46181805a > > > > > > > > > > 2) Assuming the answer to question 1 is yes, your > proposal may not work > > > > > as is. In the worst case, as soon as you enter EL3, the > very first thing > > > > > that may happen, before you ever operate/write to > TCR_ELx, is a > > > > > speculative AT instruction that caches a bad translation > in the TLB's. > > > > > The same thing can happen on the exit path. As soon as > you restore the > > > > > TCR_ELx register, the first thing that can happen is a > speculative AT > > > > > that caches a bad translation. However, the el3_exit > path does have DSB > > > > > before ERET, so we will not speculate to an AT > instruction if there are > > > > > no branches between the instruction that sets TCR_ELx > and the ERET. > > > > > Somewhere in between, it looks like we will need a > TLBI NSH to be > > > > > certain there are no bad translation cached. This > obviously has a > > > > > potential performance cost on the lower EL's. Every > entry into EL3 > > > > > flushes the TLB for lower EL's. > > > > > > > > > > Yes, this seems to be valid case during entry and exit path. > > > > > I am not quite sure in that case where we need to avoid > PTW. > > > > > Also "TLBI NSH" works but it may cause performance > issue. > > > > > Need some more opinion/thoughts on this. > > > > > > > > > > Just thinking, can sequence mentioned for context save > does not ensure that > > > > > PTW is disabled? > > > > > Something as below as last step in ELx(1/2) context save > (elaborated more): > > > > > > ·Save TCR register with PTW enable (EPD=0). (Just to > enable PTW during > > > > > > restore context). Do not operate TCR_EL1x register > here just save its value to restore. > > > > > > This ensures that during entry in EL3 there will be no > chance of PTW > > > > > >. while executing AT instruction. > > > > > > > > > > Thanks > > > > > > > > > > Raghu > > > > > > > > > > Thanks > > > > > Manish Badarkhe > > > > > > > > > > On 4/24/20 2:56 AM, Manish Badarkhe via TF-A wrote: > > > > > > > > > > > > Hi All > > > > > > > > > > > > We are trying to implement errata which is applicable > for below CPUs: > > > > > > > > > > > > <CPUs> : <Errata No.> > > > > > > > > > > > > Cortex-A53: 1530924 > > > > > > > > > > > > Cortex-A76: 1165522 > > > > > > Cortex-A72: 1319367 > > > > > > Cortex-A57: 1319537 > > > > > > Cortex-A55: 1530923 > > > > > > > > > > > > *Errata Description:* > > > > > > > > > > > > A speculative Address Translation (AT) instruction > translates using > > > > > > registers that are associated with an out-of-context > translation > > > > > > regime and caches the resulting translation in the TLB. > A subsequent > > > > > > translation request that is generated when the out- > of-context > > > > > > translation regime is current uses the previous cached > TLB entry > > > > > > producing an incorrect virtual to physical mapping. > > > > > > > > > > > > *Probable solution is to implement below fix in > context.S file:* > > > > > > > > > > > > *During ELx (1 or 2) context save:* > > > > > > > > > > > > ·Operate TCR_ELx(1/2) to disable page table walk by > operating EPD bits > > > > > > > > > > > > oThis will avoid any page table walk for S-EL1 or S-EL2. > This will > > > > > > help in avoiding caching of translations in TLB > > > > > > > > > > > > for S-EL1/S-EL2 in EL3. > > > > > > > > > > > > ·Save all system registers (which is already available) > except TCR > > > > > > > > > > > > ·Clear EPD bits of TCR and then save. (Just to enable > PTW during > > > > > > restore context). > > > > > > > > > > > > *During ELx (1 or 2) context restore:* > > > > > > > > > > > > * Operate TCR_ELx(1/2) to disable page table walk > by operating EPD bits > > > > > > * Restore all system registers (which are saved > during context save) > > > > > > except TCR register. > > > > > > * Restore TCR_ELx(1/2) register (which enable back > PTW). > > > > > > > > > > > > With above we ensured that there will be no page > table walk for S-EL1 > > > > > > and S-EL2 in EL3. > > > > > > > > > > > > is this proper other way to fix this problem? Need > some suggestion/use > > > > > > cases where and all we need this workaround in TF-A > code. > > > > > > > > > > > > Thanks > > > > > > > > > > > > Manish Badarkhe > > > > > > > > > > > > IMPORTANT NOTICE: The contents of this email and > any attachments are > > > > > > confidential and may also be privileged. If you are not > the intended > > > > > > recipient, please notify the sender immediately and > do not disclose > > > > > > the contents to any other person, use it for any > purpose, or store or > > > > > > copy the information in any medium. Thank you. > > > > > > > > > > > > > > > > -- > > > > > TF-A mailing list > > > > > TF-A(a)lists.trustedfirmware.org > > > > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > > > > > > > > > IMPORTANT NOTICE: The contents of this email and any > attachments are confidential and may also be privileged. If you are not the > intended recipient, please notify the sender immediately and do not disclose > the contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > > > > > -- > > > > > TF-A mailing list > > > > > TF-A(a)lists.trustedfirmware.org > > > > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > > > > > > > > > IMPORTANT NOTICE: The contents of this email and any > attachments are confidential and may also be privileged. If you are not the > intended recipient, please notify the sender immediately and do not disclose > the contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > > > > > -- > > > > > TF-A mailing list > > > > > TF-A(a)lists.trustedfirmware.org > > > > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > > > > > > > > > IMPORTANT NOTICE: The contents of this email and any > attachments are confidential and may also be privileged. If you are not the > intended recipient, please notify the sender immediately and do not disclose > the contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > > > > > > > > > > > > IMPORTANT NOTICE: The contents of this email and any > attachments are confidential and may also be privileged. If you are not the > intended recipient, please notify the sender immediately and do not disclose > the contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > > > > > > > > > > IMPORTANT NOTICE: The contents of this email and any attachments > are confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > > > > > > -- > > TF-A mailing list > > TF-A(a)lists.trustedfirmware.org > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years, 1 month

3
6
0 0

Re: [TF-A] Project Maintenance Proposal for tf.org Projects

by Sandrine Bailleux

Hi all, I've received very little feedback on version 2 of the proposal, which hints that we are reaching an agreement. Thus, I plan to finalize the proposal this week. This can then become part of our development flow for all trustedfirmware.org projects. Thanks again for all the inputs! Regards, Sandrine Bailleux

5 years, 1 month

1
0
0 0

Re: [TF-A] [RFC] isolation between runtime BL33 services and OS

by Achin Gupta

Hi Francois, On Mon, Apr 20, 2020 at 11:45:02AM +0000, François Ozog via TF-A wrote: > Hi, > > I am trying to identify a mechanism to enforce a form of two-way > isolation between BL33 runtime services in OS, for instance: > - a pair of 2MB areas that could be RO by one entity and RW by the other > - an execute only BL33 2MB area? Stupid Q! Are you referring to isolation between EFI runtime services and the OS? It is not clear what you mean by BL33 runtime services? cheers, Achin > > This is similar to hypervisor except it only deals with memory, no > vCPU, no GIC virtualization... > > Could EL3 or EL2 install protective mappings ? BL33 could ask either > EL2 hypervisor or SecureMonitor to actually install them. > > Cordially, > > FF > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

2
5
0 0

Re: [TF-A] Need input on Errata implementation

by Manish Badarkhe

Hi Raghu Just to add/correct one more thing from my previous emails that this errata workaround proposed is applied to both normal and secure world switches to EL3. Thanks Manish Badarkhe On 29/04/2020, 12:25, "TF-A on behalf of Manish Badarkhe via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi Raghu On 29/04/2020, 02:00, "Raghu K" <raghu.ncstate(a)icloud.com> wrote: Hi Manish, Thanks. >> we don’t have any AT instances in minimum execution window after context switching from S-EL(1/2) >> to EL3 and before updating TCR register. 1) What is the minimum execution window? Does that not change based on micro-architecture? Not sure about exact minimum execution window. IMO, it really depend upon when "context_save" gets called after entering into EL3 from S-EL1/2. It may changed upon micro-architecture. Need some experts comment here. 2) Do we know that the "execution window" is exactly the same for all the CPU's this errata applies to? It may be but we should not worry on that if we don’t have any AT instruction execution in that window. Also, it appears we are only talking about switching from S-EL1/2 to EL3. The same issue can happen when you go from NS-EL1/EL2 to EL3 as well. There also seems to be an assumption in the patch you submitted that this errata happens only during a so called context-switch. From my reading, the cortex-Ax errata notices don't limit the errata to occur only during "context-switches" in the "conditions" section and can occur while executing ANY code, although the work around section does muddy the waters a bit. In Linux, at NS-EL2 this workaround is already in place. Hence we just thought of considering cases from Secure EL side to put this workaround. Yes, errata should not limit to particular conditional section but this particular errata is not straight-forward like another errata placed in the code currently. We can't simply apply this errata on reset and just leave the system. Back to problem, AT instruction speculative execution using out-of-context regime that results in page table walk and generate the incorrect translation which are cached in TLB. To avoid this issue we thought of disabling PTW for that particular EL. for e.g. If AT instruction execution for EL1 present in EL3 then we have to make sure speculative behaviour of this AT should not result in incorrect translation cached in TLB. If system is always in EL3 (if we loop-in in EL3 always without going back and forth to/from lower EL) then in that case there is no need of this workaround. Hence we thought to put this workaround over boundary context of context switches. When "context save" (close to EL3 entry) happened we meticulously save all EL system registers (S-EL1/S-EL2) with PTW disabled and continue EL3 execution with PTW disabled ensuring we should not cache any incorrect translation for (S-EL1/S-EL2) and during "context restore" (i.e. close to EL3 exit) again we disabled PTW, restore all system registers for EL (S-EL1/S-EL2) except TCR and then restore TCR. 3) Has there been any work done to actually reproduce this issue and also to see that this actually fixes the issue? No this issue is hard to reproduce. 4) Has the CPU errata framework(cpu_ops etc.) been considered to possibly implement the errata? Sprinkling erratas through common framework code does not seem like a good idea. We thought of taking different approach for this errata implementation where anybody disable this workaround using macro as this errata is applicable for most of the CPUs (by default enabled) and can't be placed in cpu_ops. Thanks Raghu Thanks Manish Badarkhe On 4/28/20 1:44 AM, Manish Badarkhe wrote: > Hi Raghu > > Please see my replies inline. > > Regards > Manish Badarkhe > > On 28/04/2020, 11:29, "Raghu Krishnamurthy" <raghu.ncstate(a)icloud.com> wrote: > > Hi Manish, > > Understood. > > >>Hence before entering in EL3, we ensured that PTW is disabled (at > context save) > > The context save and restore functions are executed in EL3. So how are > you disabling PTW before entering EL3 ? > > Yes, I put it wrongly. We thought "context_save/restore" is best place to disable PTW without much affecting the > code because we don’t have any AT instances in minimum execution window after context switching from S-EL(1/2) > to EL3 and before updating TCR register. > > -Raghu > > Thanks > Manish Badarkhe > > On 4/27/20 10:53 PM, Manish Badarkhe wrote: > > Hi Raghu > > > > This workaround is specifically need for speculative AT instruction behaviour in out of context regime. > > That means executing AT instruction for lower ELs (S-EL1/S-EL2) in higher EL i.e. EL3. > > > > Behaviour of AT instruction is unaltered when it get executed in same regime (when AT instruction executed for same EL > > where it is executing) and there is no possibility to execute AT instruction for higher EL in lower EL. > > > > Hence before entering in EL3, we ensured that PTW is disabled (at context save) and restore PTW back during > > exit of EL3. (at context restore). > > > > Thanks > > Manish Badarkhe > > > > On 28/04/2020, 01:23, "Raghu K" <raghu.ncstate(a)icloud.com> wrote: > > > > Hi Manish, > > > > >>Hence proposed solution will work as it is > > > > [RK]If you are sure go ahead. I'm not convinced, but that may be because > > i don't understand the errata fully/correctly. > > > > >>This workaround is very specific during context switching > > > > [RK] Context switching has many meanings depending on the context(OS, > > hypervisor, TF-A world switch etc). The errata document i saw does not > > elaborate on this. Perhaps clarifying this will help understand why the > > solution you proposed will work. > > > > The solution below in points 2 and 3 have the same problem on entry and > > exit, mentioned in my first email. Before you call > > el1_sysregs_context_save, an AT instruction could have speculatively > > executed through speculation of branches that occur BEFORE you call this > > function, when TCR still has the enable bit set. The fact that you don't > > have an AT instruction in the context save routine or any routine for > > that matter, does not guarantee that the hardware did not speculate > > through some other means to reach an AT instruction. The same applies to > > the context_restore routines. There is no guarantee right after you > > finish the restore routing(and hence TCR has the enable bit set), that > > the CPU cannot speculate to an AT instruction. > > So i'm not clear how you can say for certain that there was no > > speculative AT instruction with the proposal below. > > > > Thanks > > Raghu > > > > On 4/27/20 10:08 AM, Manish Badarkhe wrote: > > > Hi All, > > > > > > Just update/correct details. > > > > > > Thanks > > > Manish Badarkhe > > > > > > On 27/04/2020, 22:13, "TF-A on behalf of Manish Badarkhe via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: > > > > > > Hi Raghu > > > > > > Please ignore my answer on question 2. > > > > > > With internal discussion came to below conclusion: > > > 1. This workaround is very specific during context switching. > > > 2 . If you check in context save routine (el1_sysregs_context_save or el2_sysregs_context_save), > > > As per proposed solution, First step performed is to disable page table walk and we don’t have > > > any AT instruction execution in context save routine. > > > This ensures that there will be no possibility of speculative AT instruction execution without TCR update. > > > 3. If you check in context restore routine (el1_sysregs_context_restore or el2_sysregs_context_restore), > > > As per proposed solution, first step performed is to disable page table walk and we don’t have any > > > AT instruction execution in context restore routine. > > > This ensures that there will be no possibility of speculative AT instruction execution without TCR update. > > > > > > Hence proposed solution will work as it is ensuring no caching of translations in TLB while speculative AT instruction execution. > > > > > > Thanks > > > Manish Badarkhe > > > > > > On 27/04/2020, 13:38, "TF-A on behalf of Manish Badarkhe via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: > > > > > > Hi Raghu > > > > > > Please see my answers inline > > > > > > On 25/04/2020, 06:38, "TF-A on behalf of Raghu K via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: > > > > > > Hi Manish, > > > > > > Before I agree or disagree with the suggested fix, the following would > > > be interesting to know/discuss. Please feel free to correct me if i've > > > misunderstood something. > > > > > > 1) Are "speculative" AT instructions subject to TCR_ELx control bits for > > > all the listed CPU's? I imagine the answer is yes but would be good to > > > get confirmation. I could not find any evidence in the instruction > > > description or psuedocode in the ARMv8 ARM. It is possible to play many > > > tricks on speculative execution of instructions such as skipping checks > > > and doing them only when the CPU knows the instruction will be > > > committed. If this is the case, changing TCR_ELx bits may not work. The > > > errata document is vague about how to fix it. > > > > > > The speculative AT instruction may behave as you mentioned. We need more > > > opinion on this. > > > Proposed fix I mentioned by referring linux workaround for the same errata. > > > Linux workaround is available in mainline kernel as below: > > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… > > > > > > 2) Assuming the answer to question 1 is yes, your proposal may not work > > > as is. In the worst case, as soon as you enter EL3, the very first thing > > > that may happen, before you ever operate/write to TCR_ELx, is a > > > speculative AT instruction that caches a bad translation in the TLB's. > > > The same thing can happen on the exit path. As soon as you restore the > > > TCR_ELx register, the first thing that can happen is a speculative AT > > > that caches a bad translation. However, the el3_exit path does have DSB > > > before ERET, so we will not speculate to an AT instruction if there are > > > no branches between the instruction that sets TCR_ELx and the ERET. > > > Somewhere in between, it looks like we will need a TLBI NSH to be > > > certain there are no bad translation cached. This obviously has a > > > potential performance cost on the lower EL's. Every entry into EL3 > > > flushes the TLB for lower EL's. > > > > > > Yes, this seems to be valid case during entry and exit path. > > > I am not quite sure in that case where we need to avoid PTW. > > > Also "TLBI NSH" works but it may cause performance issue. > > > Need some more opinion/thoughts on this. > > > > > > Just thinking, can sequence mentioned for context save does not ensure that > > > PTW is disabled? > > > Something as below as last step in ELx(1/2) context save (elaborated more): > > > > ·Save TCR register with PTW enable (EPD=0). (Just to enable PTW during > > > > restore context). Do not operate TCR_EL1x register here just save its value to restore. > > > > This ensures that during entry in EL3 there will be no chance of PTW > > > >. while executing AT instruction. > > > > > > Thanks > > > > > > Raghu > > > > > > Thanks > > > Manish Badarkhe > > > > > > On 4/24/20 2:56 AM, Manish Badarkhe via TF-A wrote: > > > > > > > > Hi All > > > > > > > > We are trying to implement errata which is applicable for below CPUs: > > > > > > > > <CPUs> : <Errata No.> > > > > > > > > Cortex-A53: 1530924 > > > > > > > > Cortex-A76: 1165522 > > > > Cortex-A72: 1319367 > > > > Cortex-A57: 1319537 > > > > Cortex-A55: 1530923 > > > > > > > > *Errata Description:* > > > > > > > > A speculative Address Translation (AT) instruction translates using > > > > registers that are associated with an out-of-context translation > > > > regime and caches the resulting translation in the TLB. A subsequent > > > > translation request that is generated when the out-of-context > > > > translation regime is current uses the previous cached TLB entry > > > > producing an incorrect virtual to physical mapping. > > > > > > > > *Probable solution is to implement below fix in context.S file:* > > > > > > > > *During ELx (1 or 2) context save:* > > > > > > > > ·Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits > > > > > > > > oThis will avoid any page table walk for S-EL1 or S-EL2. This will > > > > help in avoiding caching of translations in TLB > > > > > > > > for S-EL1/S-EL2 in EL3. > > > > > > > > ·Save all system registers (which is already available) except TCR > > > > > > > > ·Clear EPD bits of TCR and then save. (Just to enable PTW during > > > > restore context). > > > > > > > > *During ELx (1 or 2) context restore:* > > > > > > > > * Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits > > > > * Restore all system registers (which are saved during context save) > > > > except TCR register. > > > > * Restore TCR_ELx(1/2) register (which enable back PTW). > > > > > > > > With above we ensured that there will be no page table walk for S-EL1 > > > > and S-EL2 in EL3. > > > > > > > > is this proper other way to fix this problem? Need some suggestion/use > > > > cases where and all we need this workaround in TF-A code. > > > > > > > > Thanks > > > > > > > > Manish Badarkhe > > > > > > > > IMPORTANT NOTICE: The contents of this email and any attachments are > > > > confidential and may also be privileged. If you are not the intended > > > > recipient, please notify the sender immediately and do not disclose > > > > the contents to any other person, use it for any purpose, or store or > > > > copy the information in any medium. Thank you. > > > > > > > > > > -- > > > TF-A mailing list > > > TF-A(a)lists.trustedfirmware.org > > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > > > > > IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. > > > -- > > > TF-A mailing list > > > TF-A(a)lists.trustedfirmware.org > > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > > > > > IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. > > > -- > > > TF-A mailing list > > > TF-A(a)lists.trustedfirmware.org > > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > > > > > IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. > > > > > > IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. > > > > IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years, 1 month

2
1
0 0

Updated invitation: TF-A Tech Forum @ Every 2 weeks from 18:00 to 19:00 on Thursday from Thu 7 May to Thu 30 Jul (CEST) (tf-a@lists.trustedfirmware.org)

by François Ozog

This event has been changed. Title: TF-A Tech Forum We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   When: Every 2 weeks from 18:00 to 19:00 on Thursday from Thu 7 May to Thu 30 Jul Central European Time - Paris (changed) Where: Zoom Calendar: tf-a(a)lists.trustedfirmware.org Who: (Guest list has been hidden at organiser's request) Event details: https://www.google.com/calendar/event?action=VIEW&eid=N3ZoNDBuZzZnM2k4cGszY… Invitation from Google Calendar: https://www.google.com/calendar/ You are receiving this courtesy email at the account tf-a(a)lists.trustedfirmware.org because you are an attendee of this event. To stop receiving future updates for this event, decline this event. Alternatively, you can sign up for a Google Account at https://www.google.com/calendar/ and control your notification settings for your entire calendar. Forwarding this invitation could allow any recipient to send a response to the organiser and be added to the guest list, invite others regardless of their own invitation status or to modify your RSVP. Learn more at https://support.google.com/calendar/answer/37135#forwarding

5 years, 1 month

1
0
0 0

Re: [TF-A] 回复：RE: 回复：Re: 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed

by Olivier Deprez

Hi Bin Wu, Glad if this helped! Hi Thomas, Thanks for the heads up! Regards, Olivier. ________________________________________ From: 吴斌(郅隆) <zhilong.wb(a)alibaba-inc.com> Sent: 21 April 2020 13:52 To: Thomas Abraham; Olivier Deprez; TF-A Subject: 回复：RE: [TF-A] 回复：Re: 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed Dear All, Thanks all your help again. Your professionalism and assistance impressed me. BRs， Bin Wu ------------------原始邮件 ------------------ 发件人:Thomas Abraham <thomas.abraham(a)arm.com> 发送时间:Tue Apr 21 19:38:38 2020 收件人:Olivier Deprez <Olivier.Deprez(a)arm.com>, TF-A <tf-a-bounces(a)lists.trustedfirmware.org>, 吴斌(郅隆) <zhilong.wb(a)alibaba-inc.com> 主题:RE: [TF-A] 回复：Re: 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed Hi, Looking into the mail chain below, this is probably being tested on RD-N1-Edge platform. There was regression noticed in the dmc620 ras error handling in the code pushed to Linaro for RD-N1-Edge platform. This will be fixed later today and patches will be merged into Linaro repos. It should then be accessible using the usual repo init/sync commands. Thanks, Thomas. > -----Original Message----- > From: TF-A On Behalf Of Olivier > Deprez via TF-A > Sent: Tuesday, April 21, 2020 4:45 PM > To: TF-A ; Raghu K via TF-A > a(a)lists.trustedfirmware.org>; 吴斌(郅隆) > Subject: Re: [TF-A] 回复：Re: 回复：Re: [RAS] BL32 UnRecognized Event - > 0xC4000061 and BL31 Crashed > > Hi Raghu, > > Yes you're right, we probably need few return code checks here and here. I > may submit a patch and verify it doesn't break anything else. > > Hi Bin Wu, > > I had noticed the following sequence originating from linux sdei driver init > down to TF-A: > > INFO: SDEI: Private events initialized on 81000100 > INFO: SDEI: Private events initialized on 81000200 > INFO: SDEI: Private events initialized on 81000300 > INFO: SDEI: Private events initialized on 81010000 > INFO: SDEI: Private events initialized on 81010100 > INFO: SDEI: Private events initialized on 81010200 > INFO: SDEI: Private events initialized on 81010300 > INFO: SDEI: > VER > INFO: SDEI: < VER:1000000000000 > INFO: SDEI: > P_RESET():81000000 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81000200 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81000300 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81010000 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81010100 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81010200 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81010300 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81000100 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > S_RESET():81000100 > INFO: SDEI: < S_RESET:0 > INFO: SDEI: > UNMASK:81000000 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81000100 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81000200 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81000300 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81010000 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81010100 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81010200 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81010300 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > INFO(n:804, 0) > INFO: SDEI: < INFO:0 > INFO: SDEI: > INFO(n:805, 0) > INFO: SDEI: < INFO:0 > > There is an Sdei Info request about events 804 and 805. > Although I don't see any register or enable event service call, so I wonder if > this demo code is missing something or expects that the platform > implements such event definition natively. > > This does not look like flows described in https://trustedfirmware- > a.readthedocs.io/en/latest/components/sdei.html > for regular SDEI usage or explicit dispatch of events. > > Maybe we should involve Linaro ppl on the expected init sequence and > dependency to TF-A (platform files). > > Regards, > Olivier. > > > ________________________________________ > From: TF-A on behalf of 吴斌(郅 > 隆) via TF-A > Sent: 21 April 2020 08:45 > To: TF-A; Raghu K via TF-A > Subject: [TF-A] 回复：Re: 回复：Re: [RAS] BL32 UnRecognized Event - > 0xC4000061 and BL31 Crashed > > Hi Olivier and All, > > Thank you so much for your help. It makes me understand the internals. > The next step, I need to check this event_num(804) register flow in kernel > side, am I right? > > > BRs， > Bin Wu > ------------------原始邮件 ------------------ > 发件人:TF-A > 发送时间:Tue Apr 21 09:51:49 2020 > 收件人:Raghu K via TF-A > 主题:Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and > BL31 Crashed > Nice debug! Apart from the issue you pointed out, there is also the > issue with not checking the return code. The ras handler should really > be checking or panic'ing if there is an unexpected error code from > spm_sp_call and sdei_dispatch_event. > > -Raghu > > On 4/20/20 2:37 PM, Olivier Deprez via TF-A wrote: > > Hi Bin Wu, > > > > Here's an early observation. On receiving the RAS fiq interrupt the > following occurs: > > > > ehf_el3_interrupt_handler => sgi_ras_intr_handler => spm_sp_call > (enters/exit the SP to handle the injected RAS error) => sdei_dispatch_event > > > > se = get_event_entry(map); > > if (!can_sdei_state_trans(se, DO_DISPATCH)) > > return -1; > > > > p *map > > $6 = {ev_num = 804, intr = 0, map_flags = 112, reg_count = 0, lock = {lock = > 0}} > > p *se > > $4 = {ep = 0, arg = 0, affinity = 0, reg_flags = 0, state = 0 '\0'} > > > > sdei_dispatch_event exits in error at this stage, this does not seem a > correct behavior. > > The SDEI handler is not called in NS world and context remains unchanged. > > The interrupt handler blindly returns to S-EL1 SP context at same location > where it last exited. > > sgi_ras_intr_handler => ehf_el3_interrupt_handler => vector_entry > fiq_aarch64 => el3_exit => re-enters the SP with X0=0xC4000061 > > SP then exits but the EL3 context has not been setup for SP entry leading > to crash. > > > > IMO there is an issue around mapping SDEI event number to RAS interrupt > number leading to sdei_dispatch_event exiting early. > > > > Regards, > > Olivier. > > > > > > ________________________________________ > > From: TF-A on behalf of Matteo Carlini via TF-A > > Sent: 14 April 2020 10:41 > > To: 吴斌(郅隆); tf-a(a)lists.trustedfirmware.org; Thomas Abraham; Deepak > Pandey > > Cc: nd > > Subject: Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 > and BL31 Crashed > > > > Looping-in Thomas & Deepak, responsible for the RD-N1 landing team > platforms releases. They might be able to help. > > > > Thanks > > Matteo > > > > From: TF-A On Behalf Of ??(??) via TF-A > > Sent: 14 April 2020 06:47 > > To: TF-A ; Raghu Krishnamurthy via TF-A > > Subject: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 > and BL31 Crashed > > > > Hi RagHu, > > > > Really appreciate your help. > > > > I was downloaded this software stack from git.linaro.org. This software > stack include ATF, kernel, edk2 and so on. > > The user guide i used from linaro is:https://git.linaro.org/landing- > teams/working/arm/arm-reference- > platforms.git/about/docs/rdn1edge/user-guide.rst#obtaining-the-rd-n1- > edge-and-rd-n1-edge-dual-fast-model > > > > 1) What platform you are running on? Can this issue be reproduced > > outside your testing environment, perhaps on FVP or QEMU? > > A: I am running on ARM N1-Edge FVP platform. It can reproduced on this > FVP platform. > > > > 2) What version of TF-A and StandaloneMM is being used? Preferably the > > commit-id, so that we can be sure we are looking at the same code. > > A: TF-A: https://git.linaro.org/landing-teams/working/arm/arm-tf.git > tag:RD-INFRA-20191024-RC0 > > StandloneMM seems build from edk2 & edk2-platform. so i just put edk2 > and edk2-platform version information. if anything i missed, please let me > know. > > edk2: https://git.linaro.org/landing-teams/working/arm/edk2.git tag:RD- > INFRA-20191024-RC0 > > edk2-platform: https://git.linaro.org/landing-teams/working/arm/edk2- > platforms.git tag:RD-INFRA-20191024-RC0 > > > > 3) What version of the kernel and sdei driver is being used? > > A: kernel-release: https://git.linaro.org/landing- > teams/working/arm/kernel-release.git tag:RD-INFRA-20191024-RC0 > > The sdei driver was included in kernel, do i need to provide sdei driver > version? If need please let me know. > > 4) I can't tell from looking at the log but do you know if writing 0x123 > > to sde_ras_poison causes a DMC620 interrupt or an SError or external > > abort through memory access ? > > A: Sorry, linaro only refered it will inject the DMC-620 single-bit RAS error. > So I am also not sure which exception type it will trigger. > > > > BRs， > > Bin Wu > > > > ------------------原始邮件 ------------------ > > 发件人:TF-A > > > 发送时间:Tue Apr 14 01:25:47 2020 > > 收件人:Raghu Krishnamurthy via TF-A > > > 主题:Re: [TF-A] [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 > Crashed > > Hello, > > > > >>Does BL31 need to send 0xC4000061 event to BL32 again? > > > > I don't think it will. It is really odd that > > 0xC4000061(SP_EVENT_COMPLETE_AARCH64) ever reaches the BL32/MM > handler. > > This is from looking at the upstream code quickly but it definitely > > depends on the platform you are running, what version of TF-A you are > > using, build options used. Is it possible that the unhandled exception > > is occurring after successful handling of the DMC620 error but there is > > a following issue that occurs right after, causing the crash? > > From the register dump it looks like there was an Instruction abort > > exception at address 0 while running in EL3. Something seems to have > > gone seriously wrong to have 0xC4000061 ever go back to BL32 and to get > > an instruction abort at address 0. > > > > >>Does current TF-A support to run RAS test? It seems BL31 will crash. > > See above. The answer really depends on the factors mentioned above. > > > > The following would be helpful to know: > > 1) What platform you are running on? Can this issue be reproduced > > outside your testing environment, perhaps on FVP or QEMU? > > 2) What version of TF-A and StandaloneMM is being used? Preferably the > > commit-id, so that we can be sure we are looking at the same code. > > 3) What version of the kernel and sdei driver is being used? > > 4) I can't tell from looking at the log but do you know if writing 0x123 > > to sde_ras_poison causes a DMC620 interrupt or an SError or external > > abort through memory access ? > > > > Thanks > > Raghu > > > > > > On 4/13/20 12:16 AM, 吴斌(郅隆) via TF-A wrote: > >> Dear Friends, > >> > >> I am using TF-A to test RAS feature. > >> When I triggered DMC620 RAS error in Linux(echo 0x123 > > >> /sys/kernel/debug/sdei_ras_poison). > >> BL32 will recieve > >> UnRecognized Event - 0xC4000061(SP_EVENT_COMPLETE_AARCH64) and > finally > >> BL31 crashed. > >> > >> In my understanding, this 0xC4000061 should consumed by BL31, not > send > >> it to BL32 again. > >> > >> A piece of error log as below: > >> > >> ************************************* > >> > >> CperWrite - CperAddress@0xFF610064 > >> CperWrite - 1 Section@FFBE91A8, Length 80, SectionType@FFBE9138 > >> CperWrite - Got Error Section: Platform Memory. > >> MmEntryPoint Done > >> Received delegated event > >> X0 : 0xC4000061 > >> X1 : 0x0 > >> X2 : 0x0 > >> X3 : 0x0 > >> Received event - 0xC4000061 on cpu 0 > >> UnRecognized Event - 0xC4000061 > >> Failed delegated event 0xC4000061, Status 0x2 > >> Unhandled Exception in EL3. > >> x30 = 0x0000000000000000 > >> x0 = 0x00000000ff007e00 > >> x1 = 0xfffffffffffffffe > >> x2 = 0x00000000600003c0 > >> x3 = 0x0000000000000000 > >> x4 = 0x0000000000000000 > >> x5 = 0x0000000000000000 > >> x6 = 0x00000000ff015080 > >> x7 = 0x0000000000000000 > >> x8 = 0x00000000c4000061 > >> x9 = 0x0000000000000021 > >> x10 = 0x0000000000000040 > >> x11 = 0x00000000ff00f2b0 > >> x12 = 0x00000000ff0118c0 > >> x13 = 0x0000000000000002 > >> x14 = 0x00000000ff016b70 > >> x15 = 0x00000000ff003f20 > >> x16 = 0x0000000000000044 > >> x17 = 0x00000000ff010430 > >> x18 = 0x0000000000000e3c > >> x19 = 0x0000000000000000 > >> More error log please refer to attachment. > >> > >> My question is, > >> 1. Does BL31 need to send 0xC4000061 event to BL32 again? > >> 2. Does current TF-A support to run RAS test? It seems BL31 will crash. > >> > >> Appreciate your help. > >> > >> BRs， > >> Bin Wu > >> > > -- > > TF-A mailing list > > TF-A(a)lists.trustedfirmware.org > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

3
6
0 0

Re: [TF-A] Need input on Errata implementation

by Manish Badarkhe

Hi All, Just update/correct details. Thanks Manish Badarkhe On 27/04/2020, 22:13, "TF-A on behalf of Manish Badarkhe via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi Raghu Please ignore my answer on question 2. With internal discussion came to below conclusion: 1. This workaround is very specific during context switching. 2 . If you check in context save routine (el1_sysregs_context_save or el2_sysregs_context_save), As per proposed solution, First step performed is to disable page table walk and we don’t have any AT instruction execution in context save routine. This ensures that there will be no possibility of speculative AT instruction execution without TCR update. 3. If you check in context restore routine (el1_sysregs_context_restore or el2_sysregs_context_restore), As per proposed solution, first step performed is to disable page table walk and we don’t have any AT instruction execution in context restore routine. This ensures that there will be no possibility of speculative AT instruction execution without TCR update. Hence proposed solution will work as it is ensuring no caching of translations in TLB while speculative AT instruction execution. Thanks Manish Badarkhe On 27/04/2020, 13:38, "TF-A on behalf of Manish Badarkhe via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi Raghu Please see my answers inline On 25/04/2020, 06:38, "TF-A on behalf of Raghu K via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi Manish, Before I agree or disagree with the suggested fix, the following would be interesting to know/discuss. Please feel free to correct me if i've misunderstood something. 1) Are "speculative" AT instructions subject to TCR_ELx control bits for all the listed CPU's? I imagine the answer is yes but would be good to get confirmation. I could not find any evidence in the instruction description or psuedocode in the ARMv8 ARM. It is possible to play many tricks on speculative execution of instructions such as skipping checks and doing them only when the CPU knows the instruction will be committed. If this is the case, changing TCR_ELx bits may not work. The errata document is vague about how to fix it. The speculative AT instruction may behave as you mentioned. We need more opinion on this. Proposed fix I mentioned by referring linux workaround for the same errata. Linux workaround is available in mainline kernel as below: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… 2) Assuming the answer to question 1 is yes, your proposal may not work as is. In the worst case, as soon as you enter EL3, the very first thing that may happen, before you ever operate/write to TCR_ELx, is a speculative AT instruction that caches a bad translation in the TLB's. The same thing can happen on the exit path. As soon as you restore the TCR_ELx register, the first thing that can happen is a speculative AT that caches a bad translation. However, the el3_exit path does have DSB before ERET, so we will not speculate to an AT instruction if there are no branches between the instruction that sets TCR_ELx and the ERET. Somewhere in between, it looks like we will need a TLBI NSH to be certain there are no bad translation cached. This obviously has a potential performance cost on the lower EL's. Every entry into EL3 flushes the TLB for lower EL's. Yes, this seems to be valid case during entry and exit path. I am not quite sure in that case where we need to avoid PTW. Also "TLBI NSH" works but it may cause performance issue. Need some more opinion/thoughts on this. Just thinking, can sequence mentioned for context save does not ensure that PTW is disabled? Something as below as last step in ELx(1/2) context save (elaborated more): > ·Save TCR register with PTW enable (EPD=0). (Just to enable PTW during > restore context). Do not operate TCR_EL1x register here just save its value to restore. > This ensures that during entry in EL3 there will be no chance of PTW >. while executing AT instruction. Thanks Raghu Thanks Manish Badarkhe On 4/24/20 2:56 AM, Manish Badarkhe via TF-A wrote: > > Hi All > > We are trying to implement errata which is applicable for below CPUs: > > <CPUs> : <Errata No.> > > Cortex-A53: 1530924 > > Cortex-A76: 1165522 > Cortex-A72: 1319367 > Cortex-A57: 1319537 > Cortex-A55: 1530923 > > *Errata Description:* > > A speculative Address Translation (AT) instruction translates using > registers that are associated with an out-of-context translation > regime and caches the resulting translation in the TLB. A subsequent > translation request that is generated when the out-of-context > translation regime is current uses the previous cached TLB entry > producing an incorrect virtual to physical mapping. > > *Probable solution is to implement below fix in context.S file:* > > *During ELx (1 or 2) context save:* > > ·Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits > > oThis will avoid any page table walk for S-EL1 or S-EL2. This will > help in avoiding caching of translations in TLB > > for S-EL1/S-EL2 in EL3. > > ·Save all system registers (which is already available) except TCR > > ·Clear EPD bits of TCR and then save. (Just to enable PTW during > restore context). > > *During ELx (1 or 2) context restore:* > > * Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits > * Restore all system registers (which are saved during context save) > except TCR register. > * Restore TCR_ELx(1/2) register (which enable back PTW). > > With above we ensured that there will be no page table walk for S-EL1 > and S-EL2 in EL3. > > is this proper other way to fix this problem? Need some suggestion/use > cases where and all we need this workaround in TF-A code. > > Thanks > > Manish Badarkhe > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose > the contents to any other person, use it for any purpose, or store or > copy the information in any medium. Thank you. > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

3
6
0 0

Re: [TF-A] Need input on Errata implementation

by Manish Badarkhe

Hi Raghu Please ignore my answer on question 2. With internal discussion came to below conclusion: 1. This workaround is very specific during context switching. 2 . If you check in context save routine (el1_sysregs_context_save or el2_sysregs_context_save), First step performed is to disable page table walk and Also, we don’t have any AT instruction execution in that context save routing. This ensures that there will be no possibility of speculative AT instruction execution without TCR update. 3. If you check in context save routine (el1_sysregs_context_restore or el2_sysregs_context_restore), first step performed is to disable page table walk and Also, we don’t have any AT instruction execution in that path. This ensures that there will be no possibility of speculative AT instruction execution without TCR update. Hence proposed solution will work as it is ensuring no caching of translations in TLB while speculative AT instruction execution. Thanks Manish Badarkhe On 27/04/2020, 13:38, "TF-A on behalf of Manish Badarkhe via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi Raghu Please see my answers inline On 25/04/2020, 06:38, "TF-A on behalf of Raghu K via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi Manish, Before I agree or disagree with the suggested fix, the following would be interesting to know/discuss. Please feel free to correct me if i've misunderstood something. 1) Are "speculative" AT instructions subject to TCR_ELx control bits for all the listed CPU's? I imagine the answer is yes but would be good to get confirmation. I could not find any evidence in the instruction description or psuedocode in the ARMv8 ARM. It is possible to play many tricks on speculative execution of instructions such as skipping checks and doing them only when the CPU knows the instruction will be committed. If this is the case, changing TCR_ELx bits may not work. The errata document is vague about how to fix it. The speculative AT instruction may behave as you mentioned. We need more opinion on this. Proposed fix I mentioned by referring linux workaround for the same errata. Linux workaround is available in mainline kernel as below: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… 2) Assuming the answer to question 1 is yes, your proposal may not work as is. In the worst case, as soon as you enter EL3, the very first thing that may happen, before you ever operate/write to TCR_ELx, is a speculative AT instruction that caches a bad translation in the TLB's. The same thing can happen on the exit path. As soon as you restore the TCR_ELx register, the first thing that can happen is a speculative AT that caches a bad translation. However, the el3_exit path does have DSB before ERET, so we will not speculate to an AT instruction if there are no branches between the instruction that sets TCR_ELx and the ERET. Somewhere in between, it looks like we will need a TLBI NSH to be certain there are no bad translation cached. This obviously has a potential performance cost on the lower EL's. Every entry into EL3 flushes the TLB for lower EL's. Yes, this seems to be valid case during entry and exit path. I am not quite sure in that case where we need to avoid PTW. Also "TLBI NSH" works but it may cause performance issue. Need some more opinion/thoughts on this. Just thinking, can sequence mentioned for context save does not ensure that PTW is disabled? Something as below as last step in ELx(1/2) context save (elaborated more): > ·Save TCR register with PTW enable (EPD=0). (Just to enable PTW during > restore context). Do not operate TCR_EL1x register here just save its value to restore. > This ensures that during entry in EL3 there will be no chance of PTW >. while executing AT instruction. Thanks Raghu Thanks Manish Badarkhe On 4/24/20 2:56 AM, Manish Badarkhe via TF-A wrote: > > Hi All > > We are trying to implement errata which is applicable for below CPUs: > > <CPUs> : <Errata No.> > > Cortex-A53: 1530924 > > Cortex-A76: 1165522 > Cortex-A72: 1319367 > Cortex-A57: 1319537 > Cortex-A55: 1530923 > > *Errata Description:* > > A speculative Address Translation (AT) instruction translates using > registers that are associated with an out-of-context translation > regime and caches the resulting translation in the TLB. A subsequent > translation request that is generated when the out-of-context > translation regime is current uses the previous cached TLB entry > producing an incorrect virtual to physical mapping. > > *Probable solution is to implement below fix in context.S file:* > > *During ELx (1 or 2) context save:* > > ·Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits > > oThis will avoid any page table walk for S-EL1 or S-EL2. This will > help in avoiding caching of translations in TLB > > for S-EL1/S-EL2 in EL3. > > ·Save all system registers (which is already available) except TCR > > ·Clear EPD bits of TCR and then save. (Just to enable PTW during > restore context). > > *During ELx (1 or 2) context restore:* > > * Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits > * Restore all system registers (which are saved during context save) > except TCR register. > * Restore TCR_ELx(1/2) register (which enable back PTW). > > With above we ensured that there will be no page table walk for S-EL1 > and S-EL2 in EL3. > > is this proper other way to fix this problem? Need some suggestion/use > cases where and all we need this workaround in TF-A code. > > Thanks > > Manish Badarkhe > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose > the contents to any other person, use it for any purpose, or store or > copy the information in any medium. Thank you. > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

1
0
0 0

Re: [TF-A] Need input on Errata implementation

by Manish Badarkhe

Hi Raghu Please see my answers inline On 25/04/2020, 06:38, "TF-A on behalf of Raghu K via TF-A" <tf-a-bounces(a)lists.trustedfirmware.org on behalf of tf-a(a)lists.trustedfirmware.org> wrote: Hi Manish, Before I agree or disagree with the suggested fix, the following would be interesting to know/discuss. Please feel free to correct me if i've misunderstood something. 1) Are "speculative" AT instructions subject to TCR_ELx control bits for all the listed CPU's? I imagine the answer is yes but would be good to get confirmation. I could not find any evidence in the instruction description or psuedocode in the ARMv8 ARM. It is possible to play many tricks on speculative execution of instructions such as skipping checks and doing them only when the CPU knows the instruction will be committed. If this is the case, changing TCR_ELx bits may not work. The errata document is vague about how to fix it. The speculative AT instruction may behave as you mentioned. We need more opinion on this. Proposed fix I mentioned by referring linux workaround for the same errata. Linux workaround is available in mainline kernel as below: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… 2) Assuming the answer to question 1 is yes, your proposal may not work as is. In the worst case, as soon as you enter EL3, the very first thing that may happen, before you ever operate/write to TCR_ELx, is a speculative AT instruction that caches a bad translation in the TLB's. The same thing can happen on the exit path. As soon as you restore the TCR_ELx register, the first thing that can happen is a speculative AT that caches a bad translation. However, the el3_exit path does have DSB before ERET, so we will not speculate to an AT instruction if there are no branches between the instruction that sets TCR_ELx and the ERET. Somewhere in between, it looks like we will need a TLBI NSH to be certain there are no bad translation cached. This obviously has a potential performance cost on the lower EL's. Every entry into EL3 flushes the TLB for lower EL's. Yes, this seems to be valid case during entry and exit path. I am not quite sure in that case where we need to avoid PTW. Also "TLBI NSH" works but it may cause performance issue. Need some more opinion/thoughts on this. Just thinking, can sequence mentioned for context save does not ensure that PTW is disabled? Something as below as last step in ELx(1/2) context save (elaborated more): > ·Save TCR register with PTW enable (EPD=0). (Just to enable PTW during > restore context). Do not operate TCR_EL1x register here just save its value to restore. > This ensures that during entry in EL3 there will be no chance of PTW >. while executing AT instruction. Thanks Raghu Thanks Manish Badarkhe On 4/24/20 2:56 AM, Manish Badarkhe via TF-A wrote: > > Hi All > > We are trying to implement errata which is applicable for below CPUs: > > <CPUs> : <Errata No.> > > Cortex-A53: 1530924 > > Cortex-A76: 1165522 > Cortex-A72: 1319367 > Cortex-A57: 1319537 > Cortex-A55: 1530923 > > *Errata Description:* > > A speculative Address Translation (AT) instruction translates using > registers that are associated with an out-of-context translation > regime and caches the resulting translation in the TLB. A subsequent > translation request that is generated when the out-of-context > translation regime is current uses the previous cached TLB entry > producing an incorrect virtual to physical mapping. > > *Probable solution is to implement below fix in context.S file:* > > *During ELx (1 or 2) context save:* > > ·Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits > > oThis will avoid any page table walk for S-EL1 or S-EL2. This will > help in avoiding caching of translations in TLB > > for S-EL1/S-EL2 in EL3. > > ·Save all system registers (which is already available) except TCR > > ·Clear EPD bits of TCR and then save. (Just to enable PTW during > restore context). > > *During ELx (1 or 2) context restore:* > > * Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits > * Restore all system registers (which are saved during context save) > except TCR register. > * Restore TCR_ELx(1/2) register (which enable back PTW). > > With above we ensured that there will be no page table walk for S-EL1 > and S-EL2 in EL3. > > is this proper other way to fix this problem? Need some suggestion/use > cases where and all we need this workaround in TF-A code. > > Thanks > > Manish Badarkhe > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose > the contents to any other person, use it for any purpose, or store or > copy the information in any medium. Thank you. > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

1
0
0 0

Re: [TF-A] Need input on Errata implementation

by Raghu K

Hi Manish, Before I agree or disagree with the suggested fix, the following would be interesting to know/discuss. Please feel free to correct me if i've misunderstood something. 1) Are "speculative" AT instructions subject to TCR_ELx control bits for all the listed CPU's? I imagine the answer is yes but would be good to get confirmation. I could not find any evidence in the instruction description or psuedocode in the ARMv8 ARM. It is possible to play many tricks on speculative execution of instructions such as skipping checks and doing them only when the CPU knows the instruction will be committed. If this is the case, changing TCR_ELx bits may not work. The errata document is vague about how to fix it. 2) Assuming the answer to question 1 is yes, your proposal may not work as is. In the worst case, as soon as you enter EL3, the very first thing that may happen, before you ever operate/write to TCR_ELx, is a speculative AT instruction that caches a bad translation in the TLB's. The same thing can happen on the exit path. As soon as you restore the TCR_ELx register, the first thing that can happen is a speculative AT that caches a bad translation. However, the el3_exit path does have DSB before ERET, so we will not speculate to an AT instruction if there are no branches between the instruction that sets TCR_ELx and the ERET. Somewhere in between, it looks like we will need a TLBI NSH to be certain there are no bad translation cached. This obviously has a potential performance cost on the lower EL's. Every entry into EL3 flushes the TLB for lower EL's. Thanks Raghu On 4/24/20 2:56 AM, Manish Badarkhe via TF-A wrote: > > Hi All > > We are trying to implement errata which is applicable for below CPUs: > > <CPUs> : <Errata No.> > > Cortex-A53: 1530924 > > Cortex-A76: 1165522 > Cortex-A72: 1319367 > Cortex-A57: 1319537 > Cortex-A55: 1530923 > > *Errata Description:* > > A speculative Address Translation (AT) instruction translates using > registers that are associated with an out-of-context translation > regime and caches the resulting translation in the TLB. A subsequent > translation request that is generated when the out-of-context > translation regime is current uses the previous cached TLB entry > producing an incorrect virtual to physical mapping. > > *Probable solution is to implement below fix in context.S file:* > > *During ELx (1 or 2) context save:* > > ·Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits > > oThis will avoid any page table walk for S-EL1 or S-EL2. This will > help in avoiding caching of translations in TLB > > for S-EL1/S-EL2 in EL3. > > ·Save all system registers (which is already available) except TCR > > ·Clear EPD bits of TCR and then save. (Just to enable PTW during > restore context). > > *During ELx (1 or 2) context restore:* > > * Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits > * Restore all system registers (which are saved during context save) > except TCR register. > * Restore TCR_ELx(1/2) register (which enable back PTW). > > With above we ensured that there will be no page table walk for S-EL1 > and S-EL2 in EL3. > > is this proper other way to fix this problem? Need some suggestion/use > cases where and all we need this workaround in TF-A code. > > Thanks > > Manish Badarkhe > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose > the contents to any other person, use it for any purpose, or store or > copy the information in any medium. Thank you. >

5 years, 1 month

1
0
0 0

Need input on Errata implementation

by Manish Badarkhe

Hi All We are trying to implement errata which is applicable for below CPUs: <CPUs> : <Errata No.> Cortex-A53: 1530924 Cortex-A76: 1165522 Cortex-A72: 1319367 Cortex-A57: 1319537 Cortex-A55: 1530923 Errata Description: A speculative Address Translation (AT) instruction translates using registers that are associated with an out-of-context translation regime and caches the resulting translation in the TLB. A subsequent translation request that is generated when the out-of-context translation regime is current uses the previous cached TLB entry producing an incorrect virtual to physical mapping. Probable solution is to implement below fix in context.S file: During ELx (1 or 2) context save: · Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits o This will avoid any page table walk for S-EL1 or S-EL2. This will help in avoiding caching of translations in TLB for S-EL1/S-EL2 in EL3. · Save all system registers (which is already available) except TCR · Clear EPD bits of TCR and then save. (Just to enable PTW during restore context). During ELx (1 or 2) context restore: * Operate TCR_ELx(1/2) to disable page table walk by operating EPD bits * Restore all system registers (which are saved during context save) except TCR register. * Restore TCR_ELx(1/2) register (which enable back PTW). With above we ensured that there will be no page table walk for S-EL1 and S-EL2 in EL3. is this proper other way to fix this problem? Need some suggestion/use cases where and all we need this workaround in TF-A code. Thanks Manish Badarkhe IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

1
0
0 0

Re: [TF-A] Event Log for Measured Boot

by Sandrine Bailleux

Hi, On 4/21/20 7:23 AM, Soby Mathew via TF-A wrote: > My view is that smaller patches are easier to review and we should try to break up the patches to logical chucks where possible. I haven't taken a look at the patches myself but I am sure there will be ways to break it up for ease of review. I would like to strongly echo this. I find big patches so hard to review. There is only so much things the human brain can comprehend in one go. Smaller patches are just easier to reason about, they focus on one thing and it is easier to get your head around them because the entire patch and the interaction it may have with other components "fits" in one's head. Thus, it is much easier to reach a good level of confidence at review time. Also, I believe there is a natural tendency of getting discouraged at the sight of big patches, smaller patches have a much better chance of getting reviewed quickly. They can also be dealt with incrementally. Say in a 10 patch stack, it may happen that the 5 first are good to go, while the sixth is more controversial and requires more discussion. In this case, being able to merge the 5 patches is a first step in the right direction. Ideally, one should think about how to split the patches in a logical, manageable way early during development. It is true that if it is an afterthought, breaking up a huge patch down into smaller ones is a lot of work. This is why it needs doing upfront IMO. Cheers, Sandrine

5 years, 1 month

1
0
0 0

Re: [TF-A] 回复：Re: 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed

by Thomas Abraham

[resending as the previous email was sent to the wrong address] Hi, Looking into the mail chain below, this is probably being tested on RD-N1-Edge platform. There was regression noticed in the dmc620 ras error handling in the code pushed to Linaro for RD-N1-Edge platform. This will be fixed later today and patches will be merged into Linaro repos. It should then be accessible using the usual repo init/sync commands. Thanks, Thomas. > -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Olivier > Deprez via TF-A > Sent: Tuesday, April 21, 2020 4:45 PM > To: TF-A <tf-a-bounces(a)lists.trustedfirmware.org>; Raghu K via TF-A <tf- > a(a)lists.trustedfirmware.org>; 吴斌(郅隆) <zhilong.wb(a)alibaba-inc.com> > Subject: Re: [TF-A] 回复：Re: 回复：Re: [RAS] BL32 UnRecognized Event - > 0xC4000061 and BL31 Crashed > > Hi Raghu, > > Yes you're right, we probably need few return code checks here and here. I > may submit a patch and verify it doesn't break anything else. > > Hi Bin Wu, > > I had noticed the following sequence originating from linux sdei driver init > down to TF-A: > > INFO: SDEI: Private events initialized on 81000100 > INFO: SDEI: Private events initialized on 81000200 > INFO: SDEI: Private events initialized on 81000300 > INFO: SDEI: Private events initialized on 81010000 > INFO: SDEI: Private events initialized on 81010100 > INFO: SDEI: Private events initialized on 81010200 > INFO: SDEI: Private events initialized on 81010300 > INFO: SDEI: > VER > INFO: SDEI: < VER:1000000000000 > INFO: SDEI: > P_RESET():81000000 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81000200 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81000300 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81010000 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81010100 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81010200 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81010300 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > P_RESET():81000100 > INFO: SDEI: < P_RESET:0 > INFO: SDEI: > S_RESET():81000100 > INFO: SDEI: < S_RESET:0 > INFO: SDEI: > UNMASK:81000000 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81000100 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81000200 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81000300 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81010000 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81010100 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81010200 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > UNMASK:81010300 > INFO: SDEI: < UNMASK:0 > INFO: SDEI: > INFO(n:804, 0) > INFO: SDEI: < INFO:0 > INFO: SDEI: > INFO(n:805, 0) > INFO: SDEI: < INFO:0 > > There is an Sdei Info request about events 804 and 805. > Although I don't see any register or enable event service call, so I wonder if > this demo code is missing something or expects that the platform > implements such event definition natively. > > This does not look like flows described in https://trustedfirmware- > a.readthedocs.io/en/latest/components/sdei.html > for regular SDEI usage or explicit dispatch of events. > > Maybe we should involve Linaro ppl on the expected init sequence and > dependency to TF-A (platform files). > > Regards, > Olivier. > > > ________________________________________ > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of 吴斌(郅 > 隆) via TF-A <tf-a(a)lists.trustedfirmware.org> > Sent: 21 April 2020 08:45 > To: TF-A; Raghu K via TF-A > Subject: [TF-A] 回复：Re: 回复：Re: [RAS] BL32 UnRecognized Event - > 0xC4000061 and BL31 Crashed > > Hi Olivier and All, > > Thank you so much for your help. It makes me understand the internals. > The next step, I need to check this event_num(804) register flow in kernel > side, am I right? > > > BRs， > Bin Wu > ------------------原始邮件 ------------------ > 发件人:TF-A <tf-a-bounces(a)lists.trustedfirmware.org> > 发送时间:Tue Apr 21 09:51:49 2020 > 收件人:Raghu K via TF-A <tf-a(a)lists.trustedfirmware.org> > 主题:Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and > BL31 Crashed > Nice debug! Apart from the issue you pointed out, there is also the > issue with not checking the return code. The ras handler should really > be checking or panic'ing if there is an unexpected error code from > spm_sp_call and sdei_dispatch_event. > > -Raghu > > On 4/20/20 2:37 PM, Olivier Deprez via TF-A wrote: > > Hi Bin Wu, > > > > Here's an early observation. On receiving the RAS fiq interrupt the > following occurs: > > > > ehf_el3_interrupt_handler => sgi_ras_intr_handler => spm_sp_call > (enters/exit the SP to handle the injected RAS error) => sdei_dispatch_event > > > > se = get_event_entry(map); > > if (!can_sdei_state_trans(se, DO_DISPATCH)) > > return -1; > > > > p *map > > $6 = {ev_num = 804, intr = 0, map_flags = 112, reg_count = 0, lock = {lock = > 0}} > > p *se > > $4 = {ep = 0, arg = 0, affinity = 0, reg_flags = 0, state = 0 '\0'} > > > > sdei_dispatch_event exits in error at this stage, this does not seem a > correct behavior. > > The SDEI handler is not called in NS world and context remains unchanged. > > The interrupt handler blindly returns to S-EL1 SP context at same location > where it last exited. > > sgi_ras_intr_handler => ehf_el3_interrupt_handler => vector_entry > fiq_aarch64 => el3_exit => re-enters the SP with X0=0xC4000061 > > SP then exits but the EL3 context has not been setup for SP entry leading > to crash. > > > > IMO there is an issue around mapping SDEI event number to RAS interrupt > number leading to sdei_dispatch_event exiting early. > > > > Regards, > > Olivier. > > > > > > ________________________________________ > > From: TF-A on behalf of Matteo Carlini via TF-A > > Sent: 14 April 2020 10:41 > > To: 吴斌(郅隆); tf-a(a)lists.trustedfirmware.org; Thomas Abraham; Deepak > Pandey > > Cc: nd > > Subject: Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 > and BL31 Crashed > > > > Looping-in Thomas & Deepak, responsible for the RD-N1 landing team > platforms releases. They might be able to help. > > > > Thanks > > Matteo > > > > From: TF-A On Behalf Of ??(??) via TF-A > > Sent: 14 April 2020 06:47 > > To: TF-A ; Raghu Krishnamurthy via TF-A > > Subject: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 > and BL31 Crashed > > > > Hi RagHu, > > > > Really appreciate your help. > > > > I was downloaded this software stack from git.linaro.org. This software > stack include ATF, kernel, edk2 and so on. > > The user guide i used from linaro is:https://git.linaro.org/landing- > teams/working/arm/arm-reference- > platforms.git/about/docs/rdn1edge/user-guide.rst#obtaining-the-rd-n1- > edge-and-rd-n1-edge-dual-fast-model > > > > 1) What platform you are running on? Can this issue be reproduced > > outside your testing environment, perhaps on FVP or QEMU? > > A: I am running on ARM N1-Edge FVP platform. It can reproduced on this > FVP platform. > > > > 2) What version of TF-A and StandaloneMM is being used? Preferably the > > commit-id, so that we can be sure we are looking at the same code. > > A: TF-A: https://git.linaro.org/landing-teams/working/arm/arm-tf.git > tag:RD-INFRA-20191024-RC0 > > StandloneMM seems build from edk2 & edk2-platform. so i just put edk2 > and edk2-platform version information. if anything i missed, please let me > know. > > edk2: https://git.linaro.org/landing-teams/working/arm/edk2.git tag:RD- > INFRA-20191024-RC0 > > edk2-platform: https://git.linaro.org/landing-teams/working/arm/edk2- > platforms.git tag:RD-INFRA-20191024-RC0 > > > > 3) What version of the kernel and sdei driver is being used? > > A: kernel-release: https://git.linaro.org/landing- > teams/working/arm/kernel-release.git tag:RD-INFRA-20191024-RC0 > > The sdei driver was included in kernel, do i need to provide sdei driver > version? If need please let me know. > > 4) I can't tell from looking at the log but do you know if writing 0x123 > > to sde_ras_poison causes a DMC620 interrupt or an SError or external > > abort through memory access ? > > A: Sorry, linaro only refered it will inject the DMC-620 single-bit RAS error. > So I am also not sure which exception type it will trigger. > > > > BRs， > > Bin Wu > > > > ------------------原始邮件 ------------------ > > 发件人:TF-A > > > 发送时间:Tue Apr 14 01:25:47 2020 > > 收件人:Raghu Krishnamurthy via TF-A > > > 主题:Re: [TF-A] [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 > Crashed > > Hello, > > > > >>Does BL31 need to send 0xC4000061 event to BL32 again? > > > > I don't think it will. It is really odd that > > 0xC4000061(SP_EVENT_COMPLETE_AARCH64) ever reaches the BL32/MM > handler. > > This is from looking at the upstream code quickly but it definitely > > depends on the platform you are running, what version of TF-A you are > > using, build options used. Is it possible that the unhandled exception > > is occurring after successful handling of the DMC620 error but there is > > a following issue that occurs right after, causing the crash? > > From the register dump it looks like there was an Instruction abort > > exception at address 0 while running in EL3. Something seems to have > > gone seriously wrong to have 0xC4000061 ever go back to BL32 and to get > > an instruction abort at address 0. > > > > >>Does current TF-A support to run RAS test? It seems BL31 will crash. > > See above. The answer really depends on the factors mentioned above. > > > > The following would be helpful to know: > > 1) What platform you are running on? Can this issue be reproduced > > outside your testing environment, perhaps on FVP or QEMU? > > 2) What version of TF-A and StandaloneMM is being used? Preferably the > > commit-id, so that we can be sure we are looking at the same code. > > 3) What version of the kernel and sdei driver is being used? > > 4) I can't tell from looking at the log but do you know if writing 0x123 > > to sde_ras_poison causes a DMC620 interrupt or an SError or external > > abort through memory access ? > > > > Thanks > > Raghu > > > > > > On 4/13/20 12:16 AM, 吴斌(郅隆) via TF-A wrote: > >> Dear Friends, > >> > >> I am using TF-A to test RAS feature. > >> When I triggered DMC620 RAS error in Linux(echo 0x123 > > >> /sys/kernel/debug/sdei_ras_poison). > >> BL32 will recieve > >> UnRecognized Event - 0xC4000061(SP_EVENT_COMPLETE_AARCH64) and > finally > >> BL31 crashed. > >> > >> In my understanding, this 0xC4000061 should consumed by BL31, not > send > >> it to BL32 again. > >> > >> A piece of error log as below: > >> > >> ************************************* > >> > >> CperWrite - CperAddress@0xFF610064 > >> CperWrite - 1 Section@FFBE91A8, Length 80, SectionType@FFBE9138 > >> CperWrite - Got Error Section: Platform Memory. > >> MmEntryPoint Done > >> Received delegated event > >> X0 : 0xC4000061 > >> X1 : 0x0 > >> X2 : 0x0 > >> X3 : 0x0 > >> Received event - 0xC4000061 on cpu 0 > >> UnRecognized Event - 0xC4000061 > >> Failed delegated event 0xC4000061, Status 0x2 > >> Unhandled Exception in EL3. > >> x30 = 0x0000000000000000 > >> x0 = 0x00000000ff007e00 > >> x1 = 0xfffffffffffffffe > >> x2 = 0x00000000600003c0 > >> x3 = 0x0000000000000000 > >> x4 = 0x0000000000000000 > >> x5 = 0x0000000000000000 > >> x6 = 0x00000000ff015080 > >> x7 = 0x0000000000000000 > >> x8 = 0x00000000c4000061 > >> x9 = 0x0000000000000021 > >> x10 = 0x0000000000000040 > >> x11 = 0x00000000ff00f2b0 > >> x12 = 0x00000000ff0118c0 > >> x13 = 0x0000000000000002 > >> x14 = 0x00000000ff016b70 > >> x15 = 0x00000000ff003f20 > >> x16 = 0x0000000000000044 > >> x17 = 0x00000000ff010430 > >> x18 = 0x0000000000000e3c > >> x19 = 0x0000000000000000 > >> More error log please refer to attachment. > >> > >> My question is, > >> 1. Does BL31 need to send 0xC4000061 event to BL32 again? > >> 2. Does current TF-A support to run RAS test? It seems BL31 will crash. > >> > >> Appreciate your help. > >> > >> BRs， > >> Bin Wu > >> > > -- > > TF-A mailing list > > TF-A(a)lists.trustedfirmware.org > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

1
0
0 0

Re: [TF-A] 回复：Re: 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed

by Olivier Deprez

Hi Raghu, Yes you're right, we probably need few return code checks here and here. I may submit a patch and verify it doesn't break anything else. Hi Bin Wu, I had noticed the following sequence originating from linux sdei driver init down to TF-A: INFO: SDEI: Private events initialized on 81000100 INFO: SDEI: Private events initialized on 81000200 INFO: SDEI: Private events initialized on 81000300 INFO: SDEI: Private events initialized on 81010000 INFO: SDEI: Private events initialized on 81010100 INFO: SDEI: Private events initialized on 81010200 INFO: SDEI: Private events initialized on 81010300 INFO: SDEI: > VER INFO: SDEI: < VER:1000000000000 INFO: SDEI: > P_RESET():81000000 INFO: SDEI: < P_RESET:0 INFO: SDEI: > P_RESET():81000200 INFO: SDEI: < P_RESET:0 INFO: SDEI: > P_RESET():81000300 INFO: SDEI: < P_RESET:0 INFO: SDEI: > P_RESET():81010000 INFO: SDEI: < P_RESET:0 INFO: SDEI: > P_RESET():81010100 INFO: SDEI: < P_RESET:0 INFO: SDEI: > P_RESET():81010200 INFO: SDEI: < P_RESET:0 INFO: SDEI: > P_RESET():81010300 INFO: SDEI: < P_RESET:0 INFO: SDEI: > P_RESET():81000100 INFO: SDEI: < P_RESET:0 INFO: SDEI: > S_RESET():81000100 INFO: SDEI: < S_RESET:0 INFO: SDEI: > UNMASK:81000000 INFO: SDEI: < UNMASK:0 INFO: SDEI: > UNMASK:81000100 INFO: SDEI: < UNMASK:0 INFO: SDEI: > UNMASK:81000200 INFO: SDEI: < UNMASK:0 INFO: SDEI: > UNMASK:81000300 INFO: SDEI: < UNMASK:0 INFO: SDEI: > UNMASK:81010000 INFO: SDEI: < UNMASK:0 INFO: SDEI: > UNMASK:81010100 INFO: SDEI: < UNMASK:0 INFO: SDEI: > UNMASK:81010200 INFO: SDEI: < UNMASK:0 INFO: SDEI: > UNMASK:81010300 INFO: SDEI: < UNMASK:0 INFO: SDEI: > INFO(n:804, 0) INFO: SDEI: < INFO:0 INFO: SDEI: > INFO(n:805, 0) INFO: SDEI: < INFO:0 There is an Sdei Info request about events 804 and 805. Although I don't see any register or enable event service call, so I wonder if this demo code is missing something or expects that the platform implements such event definition natively. This does not look like flows described in https://trustedfirmware-a.readthedocs.io/en/latest/components/sdei.html for regular SDEI usage or explicit dispatch of events. Maybe we should involve Linaro ppl on the expected init sequence and dependency to TF-A (platform files). Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of 吴斌(郅隆) via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 21 April 2020 08:45 To: TF-A; Raghu K via TF-A Subject: [TF-A] 回复：Re: 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed Hi Olivier and All, Thank you so much for your help. It makes me understand the internals. The next step, I need to check this event_num(804) register flow in kernel side, am I right? BRs， Bin Wu ------------------原始邮件 ------------------ 发件人:TF-A <tf-a-bounces(a)lists.trustedfirmware.org> 发送时间:Tue Apr 21 09:51:49 2020 收件人:Raghu K via TF-A <tf-a(a)lists.trustedfirmware.org> 主题:Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed Nice debug! Apart from the issue you pointed out, there is also the issue with not checking the return code. The ras handler should really be checking or panic'ing if there is an unexpected error code from spm_sp_call and sdei_dispatch_event. -Raghu On 4/20/20 2:37 PM, Olivier Deprez via TF-A wrote: > Hi Bin Wu, > > Here's an early observation. On receiving the RAS fiq interrupt the following occurs: > > ehf_el3_interrupt_handler => sgi_ras_intr_handler => spm_sp_call (enters/exit the SP to handle the injected RAS error) => sdei_dispatch_event > > se = get_event_entry(map); > if (!can_sdei_state_trans(se, DO_DISPATCH)) > return -1; > > p *map > $6 = {ev_num = 804, intr = 0, map_flags = 112, reg_count = 0, lock = {lock = 0}} > p *se > $4 = {ep = 0, arg = 0, affinity = 0, reg_flags = 0, state = 0 '\0'} > > sdei_dispatch_event exits in error at this stage, this does not seem a correct behavior. > The SDEI handler is not called in NS world and context remains unchanged. > The interrupt handler blindly returns to S-EL1 SP context at same location where it last exited. > sgi_ras_intr_handler => ehf_el3_interrupt_handler => vector_entry fiq_aarch64 => el3_exit => re-enters the SP with X0=0xC4000061 > SP then exits but the EL3 context has not been setup for SP entry leading to crash. > > IMO there is an issue around mapping SDEI event number to RAS interrupt number leading to sdei_dispatch_event exiting early. > > Regards, > Olivier. > > > ________________________________________ > From: TF-A on behalf of Matteo Carlini via TF-A > Sent: 14 April 2020 10:41 > To: 吴斌(郅隆); tf-a(a)lists.trustedfirmware.org; Thomas Abraham; Deepak Pandey > Cc: nd > Subject: Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed > > Looping-in Thomas & Deepak, responsible for the RD-N1 landing team platforms releases. They might be able to help. > > Thanks > Matteo > > From: TF-A On Behalf Of ??(??) via TF-A > Sent: 14 April 2020 06:47 > To: TF-A ; Raghu Krishnamurthy via TF-A > Subject: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed > > Hi RagHu, > > Really appreciate your help. > > I was downloaded this software stack from git.linaro.org. This software stack include ATF, kernel, edk2 and so on. > The user guide i used from linaro is:https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms… > > 1) What platform you are running on? Can this issue be reproduced > outside your testing environment, perhaps on FVP or QEMU? > A: I am running on ARM N1-Edge FVP platform. It can reproduced on this FVP platform. > > 2) What version of TF-A and StandaloneMM is being used? Preferably the > commit-id, so that we can be sure we are looking at the same code. > A: TF-A: https://git.linaro.org/landing-teams/working/arm/arm-tf.git tag:RD-INFRA-20191024-RC0 > StandloneMM seems build from edk2 & edk2-platform. so i just put edk2 and edk2-platform version information. if anything i missed, please let me know. > edk2: https://git.linaro.org/landing-teams/working/arm/edk2.git tag:RD-INFRA-20191024-RC0 > edk2-platform: https://git.linaro.org/landing-teams/working/arm/edk2-platforms.git tag:RD-INFRA-20191024-RC0 > > 3) What version of the kernel and sdei driver is being used? > A: kernel-release: https://git.linaro.org/landing-teams/working/arm/kernel-release.git tag:RD-INFRA-20191024-RC0 > The sdei driver was included in kernel, do i need to provide sdei driver version? If need please let me know. > 4) I can't tell from looking at the log but do you know if writing 0x123 > to sde_ras_poison causes a DMC620 interrupt or an SError or external > abort through memory access ? > A: Sorry, linaro only refered it will inject the DMC-620 single-bit RAS error. So I am also not sure which exception type it will trigger. > > BRs， > Bin Wu > > ------------------原始邮件 ------------------ > 发件人:TF-A > > 发送时间:Tue Apr 14 01:25:47 2020 > 收件人:Raghu Krishnamurthy via TF-A > > 主题:Re: [TF-A] [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed > Hello, > > >>Does BL31 need to send 0xC4000061 event to BL32 again? > > I don't think it will. It is really odd that > 0xC4000061(SP_EVENT_COMPLETE_AARCH64) ever reaches the BL32/MM handler. > This is from looking at the upstream code quickly but it definitely > depends on the platform you are running, what version of TF-A you are > using, build options used. Is it possible that the unhandled exception > is occurring after successful handling of the DMC620 error but there is > a following issue that occurs right after, causing the crash? > From the register dump it looks like there was an Instruction abort > exception at address 0 while running in EL3. Something seems to have > gone seriously wrong to have 0xC4000061 ever go back to BL32 and to get > an instruction abort at address 0. > > >>Does current TF-A support to run RAS test? It seems BL31 will crash. > See above. The answer really depends on the factors mentioned above. > > The following would be helpful to know: > 1) What platform you are running on? Can this issue be reproduced > outside your testing environment, perhaps on FVP or QEMU? > 2) What version of TF-A and StandaloneMM is being used? Preferably the > commit-id, so that we can be sure we are looking at the same code. > 3) What version of the kernel and sdei driver is being used? > 4) I can't tell from looking at the log but do you know if writing 0x123 > to sde_ras_poison causes a DMC620 interrupt or an SError or external > abort through memory access ? > > Thanks > Raghu > > > On 4/13/20 12:16 AM, 吴斌(郅隆) via TF-A wrote: >> Dear Friends, >> >> I am using TF-A to test RAS feature. >> When I triggered DMC620 RAS error in Linux(echo 0x123 > >> /sys/kernel/debug/sdei_ras_poison). >> BL32 will recieve >> UnRecognized Event - 0xC4000061(SP_EVENT_COMPLETE_AARCH64) and finally >> BL31 crashed. >> >> In my understanding, this 0xC4000061 should consumed by BL31, not send >> it to BL32 again. >> >> A piece of error log as below: >> >> ************************************* >> >> CperWrite - CperAddress@0xFF610064 >> CperWrite - 1 Section@FFBE91A8, Length 80, SectionType@FFBE9138 >> CperWrite - Got Error Section: Platform Memory. >> MmEntryPoint Done >> Received delegated event >> X0 : 0xC4000061 >> X1 : 0x0 >> X2 : 0x0 >> X3 : 0x0 >> Received event - 0xC4000061 on cpu 0 >> UnRecognized Event - 0xC4000061 >> Failed delegated event 0xC4000061, Status 0x2 >> Unhandled Exception in EL3. >> x30 = 0x0000000000000000 >> x0 = 0x00000000ff007e00 >> x1 = 0xfffffffffffffffe >> x2 = 0x00000000600003c0 >> x3 = 0x0000000000000000 >> x4 = 0x0000000000000000 >> x5 = 0x0000000000000000 >> x6 = 0x00000000ff015080 >> x7 = 0x0000000000000000 >> x8 = 0x00000000c4000061 >> x9 = 0x0000000000000021 >> x10 = 0x0000000000000040 >> x11 = 0x00000000ff00f2b0 >> x12 = 0x00000000ff0118c0 >> x13 = 0x0000000000000002 >> x14 = 0x00000000ff016b70 >> x15 = 0x00000000ff003f20 >> x16 = 0x0000000000000044 >> x17 = 0x00000000ff010430 >> x18 = 0x0000000000000e3c >> x19 = 0x0000000000000000 >> More error log please refer to attachment. >> >> My question is, >> 1. Does BL31 need to send 0xC4000061 event to BL32 again? >> 2. Does current TF-A support to run RAS test? It seems BL31 will crash. >> >> Appreciate your help. >> >> BRs， >> Bin Wu >> > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

1
0
0 0

TF-A Tech Forum Agenda @ Thr 23rd Apr 2020 17:00-1800 BST

by Joanna Farley

Hi All, The next TF-A Tech Forum is scheduled for Thu 23rd Apr 2020 17:00 - 18:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. Agenda: * Overview of the TF-A v2.3 Release by Bipin Ravi and Mark Dykes * Project Maintenance Proposal for tf.org Projects discussion * Optional TF-A Mailing List Topic Discussions Thanks Joanna IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

1
0
0 0

Re: [TF-A] [RFC] isolation between runtime BL33 services and OS

by Soby Mathew

> -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of François > Ozog via TF-A > Sent: 20 April 2020 16:25 > To: Achin Gupta <Achin.Gupta(a)arm.com> > Cc: tf-a(a)lists.trustedfirmware.org > Subject: Re: [TF-A] [RFC] isolation between runtime BL33 services and OS > > On Mon, 20 Apr 2020 at 15:50, Achin Gupta <achin.gupta(a)arm.com> wrote: > > > > On Mon, Apr 20, 2020 at 03:37:23PM +0200, François Ozog wrote: > > > On Mon, 20 Apr 2020 at 15:27, Achin Gupta <[1]achin.gupta(a)arm.com> > > > wrote: > > > > > > Hi Francois, > > > On Mon, Apr 20, 2020 at 11:45:02AM +0000, Fran ois Ozog via TF-A > > > wrote: > > > > Hi, > > > > > > > > I am trying to identify a mechanism to enforce a form of two-way > > > > isolation between BL33 runtime services in OS, for instance: > > > > - a pair of 2MB areas that could be RO by one entity and RW by the > > > other > > > > - an execute only BL33 2MB area? > > > Stupid Q! Are you referring to isolation between EFI runtime > > > services and the > > > OS? > > > It is not clear what you mean by BL33 runtime services? > > > > > > Not a stupid Q. I concentrate effectively on EFI runtime but more > > > generally this is the non-trusted firmware component that delivers > > > runtime services to OS. > > > (My flow is somewhat convoluted: TFA loads minimal Linux as BL33, Linux > > > kexecs a UEFI reduced U-Boot (without drivers) which bootefi the > > > distro). > > > > Thanks! I see and IIUC, this is about two separately provisioned SW > > components that share an EL (EL1 in this case) at the same time in the > > same image. We want component A to have permission X on a memory > > region and component B to have permission Y on the same memory region. > > If so, then this would require a cooperation between the two components? > > > Yes. Well cooperation is what happens today: Component A (UEFI compliant > FW) tells component B not to use memory it occupies. > I wish an EL(+n) component to make that a guarantee. Yet I don't want to > have "virtualization". > > > I might be still missing the obvious but I am wondering how a SW > > entity at a higher EL (Hypervisor in EL2 or TF-A in EL3) could create > > and enforce the separation between the two components. It would not > > have visibility of what is happening inside the EL at the very least. > > I hoped that by installing a page mapping "power play", we could enforce > some policy. > Performance here is not important because those data and context changes > seldomly happen. > I assume components A and B have a different mapping for the same "physical > page": > - EL1_A(VA)-> IA1; EL1_B(VA)->IA2 > - EL2(IA1) -> PA (RW), EL2(IA2)->PA(RO) or "not present" > A collaboration between UEFI FW and EL2/3 would allow that to happen. > A call to UEFI runtime service from SystemTable would result in a swap of > TTBR1 (from EL1_B to EL1_A) so that execution can continue in UEFI. > (I have no solution, just trying to check if we can find one). > HI Francois, What you suggest is possible AFAICS, as you suggest, if you create 2 IPAs with corresponding VAs. Communication between the 2 would involve some shared memory and invoking EL2 to trigger the switch between the VAs. This is suited more for an EL2 design I think rather than EL3. Best Regards Soby Mathew > > > > cheers, > > Achin > > > > > > > > cheers, > > > Achin > > > > > > > > This is similar to hypervisor except it only deals with memory, no > > > > vCPU, no GIC virtualization... > > > > > > > > Could EL3 or EL2 install protective mappings ? BL33 could ask > > > either > > > > EL2 hypervisor or SecureMonitor to actually install them. > > > > > > > > Cordially, > > > > > > > > FF > > > > -- > > > > TF-A mailing list > > > > [2]TF-A(a)lists.trustedfirmware.org > > > > [3]https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > > IMPORTANT NOTICE: The contents of this email and any attachments > are > > > confidential and may also be privileged. If you are not the intended > > > recipient, please notify the sender immediately and do not disclose > > > the contents to any other person, use it for any purpose, or store > > > or copy the information in any medium. Thank you. > > > > > > -- > > > [uc?id=0BxTAygkus3RgQVhuNHMwUi1mYWc&export=download] > > > Fran ois-Fr d ric Ozog | Director Linaro Edge & Fog Computing Group > > > T: +33.67221.6485 > > > [4]francois.ozog(a)linaro.org | Skype: ffozog > > > > > > References > > > > > > 1. mailto:achin.gupta@arm.com > > > 2. mailto:TF-A@lists.trustedfirmware.org > > > 3. https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > > 4. mailto:francois.ozog@linaro.org > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended recipient, > please notify the sender immediately and do not disclose the contents to any > other person, use it for any purpose, or store or copy the information in any > medium. Thank you. > > > > -- > François-Frédéric Ozog | Director Linaro Edge & Fog Computing Group > T: +33.67221.6485 > francois.ozog(a)linaro.org | Skype: ffozog > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

1
0
0 0

回复：Re: 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed

by 吴斌(郅隆)

Hi Olivier and All, Thank you so much for your help. It makes me understand the internals. The next step, I need to check this event_num(804) register flow in kernel side, am I right? BRs， Bin Wu ------------------原始邮件 ------------------ 发件人:TF-A <tf-a-bounces(a)lists.trustedfirmware.org> 发送时间:Tue Apr 21 09:51:49 2020 收件人:Raghu K via TF-A <tf-a(a)lists.trustedfirmware.org> 主题:Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed Nice debug! Apart from the issue you pointed out, there is also the issue with not checking the return code. The ras handler should really be checking or panic'ing if there is an unexpected error code from spm_sp_call and sdei_dispatch_event. -Raghu On 4/20/20 2:37 PM, Olivier Deprez via TF-A wrote: > Hi Bin Wu, > > Here's an early observation. On receiving the RAS fiq interrupt the following occurs: > > ehf_el3_interrupt_handler => sgi_ras_intr_handler => spm_sp_call (enters/exit the SP to handle the injected RAS error) => sdei_dispatch_event > > se = get_event_entry(map); > if (!can_sdei_state_trans(se, DO_DISPATCH)) > return -1; > > p *map > $6 = {ev_num = 804, intr = 0, map_flags = 112, reg_count = 0, lock = {lock = 0}} > p *se > $4 = {ep = 0, arg = 0, affinity = 0, reg_flags = 0, state = 0 '\0'} > > sdei_dispatch_event exits in error at this stage, this does not seem a correct behavior. > The SDEI handler is not called in NS world and context remains unchanged. > The interrupt handler blindly returns to S-EL1 SP context at same location where it last exited. > sgi_ras_intr_handler => ehf_el3_interrupt_handler => vector_entry fiq_aarch64 => el3_exit => re-enters the SP with X0=0xC4000061 > SP then exits but the EL3 context has not been setup for SP entry leading to crash. > > IMO there is an issue around mapping SDEI event number to RAS interrupt number leading to sdei_dispatch_event exiting early. > > Regards, > Olivier. > > > ________________________________________ > From: TF-A on behalf of Matteo Carlini via TF-A > Sent: 14 April 2020 10:41 > To: 吴斌(郅隆); tf-a(a)lists.trustedfirmware.org; Thomas Abraham; Deepak Pandey > Cc: nd > Subject: Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed > > Looping-in Thomas & Deepak, responsible for the RD-N1 landing team platforms releases. They might be able to help. > > Thanks > Matteo > > From: TF-A On Behalf Of ??(??) via TF-A > Sent: 14 April 2020 06:47 > To: TF-A ; Raghu Krishnamurthy via TF-A > Subject: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed > > Hi RagHu, > > Really appreciate your help. > > I was downloaded this software stack from git.linaro.org. This software stack include ATF, kernel, edk2 and so on. > The user guide i used from linaro is:https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms… > > 1) What platform you are running on? Can this issue be reproduced > outside your testing environment, perhaps on FVP or QEMU? > A: I am running on ARM N1-Edge FVP platform. It can reproduced on this FVP platform. > > 2) What version of TF-A and StandaloneMM is being used? Preferably the > commit-id, so that we can be sure we are looking at the same code. > A: TF-A: https://git.linaro.org/landing-teams/working/arm/arm-tf.git tag:RD-INFRA-20191024-RC0 > StandloneMM seems build from edk2 & edk2-platform. so i just put edk2 and edk2-platform version information. if anything i missed, please let me know. > edk2: https://git.linaro.org/landing-teams/working/arm/edk2.git tag:RD-INFRA-20191024-RC0 > edk2-platform: https://git.linaro.org/landing-teams/working/arm/edk2-platforms.git tag:RD-INFRA-20191024-RC0 > > 3) What version of the kernel and sdei driver is being used? > A: kernel-release: https://git.linaro.org/landing-teams/working/arm/kernel-release.git tag:RD-INFRA-20191024-RC0 > The sdei driver was included in kernel, do i need to provide sdei driver version? If need please let me know. > 4) I can't tell from looking at the log but do you know if writing 0x123 > to sde_ras_poison causes a DMC620 interrupt or an SError or external > abort through memory access ? > A: Sorry, linaro only refered it will inject the DMC-620 single-bit RAS error. So I am also not sure which exception type it will trigger. > > BRs， > Bin Wu > > ------------------原始邮件 ------------------ > 发件人:TF-A > > 发送时间:Tue Apr 14 01:25:47 2020 > 收件人:Raghu Krishnamurthy via TF-A > > 主题:Re: [TF-A] [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed > Hello, > > >>Does BL31 need to send 0xC4000061 event to BL32 again? > > I don't think it will. It is really odd that > 0xC4000061(SP_EVENT_COMPLETE_AARCH64) ever reaches the BL32/MM handler. > This is from looking at the upstream code quickly but it definitely > depends on the platform you are running, what version of TF-A you are > using, build options used. Is it possible that the unhandled exception > is occurring after successful handling of the DMC620 error but there is > a following issue that occurs right after, causing the crash? > From the register dump it looks like there was an Instruction abort > exception at address 0 while running in EL3. Something seems to have > gone seriously wrong to have 0xC4000061 ever go back to BL32 and to get > an instruction abort at address 0. > > >>Does current TF-A support to run RAS test? It seems BL31 will crash. > See above. The answer really depends on the factors mentioned above. > > The following would be helpful to know: > 1) What platform you are running on? Can this issue be reproduced > outside your testing environment, perhaps on FVP or QEMU? > 2) What version of TF-A and StandaloneMM is being used? Preferably the > commit-id, so that we can be sure we are looking at the same code. > 3) What version of the kernel and sdei driver is being used? > 4) I can't tell from looking at the log but do you know if writing 0x123 > to sde_ras_poison causes a DMC620 interrupt or an SError or external > abort through memory access ? > > Thanks > Raghu > > > On 4/13/20 12:16 AM, 吴斌(郅隆) via TF-A wrote: >> Dear Friends, >> >> I am using TF-A to test RAS feature. >> When I triggered DMC620 RAS error in Linux(echo 0x123 > >> /sys/kernel/debug/sdei_ras_poison). >> BL32 will recieve >> UnRecognized Event - 0xC4000061(SP_EVENT_COMPLETE_AARCH64) and finally >> BL31 crashed. >> >> In my understanding, this 0xC4000061 should consumed by BL31, not send >> it to BL32 again. >> >> A piece of error log as below: >> >> ************************************* >> >> CperWrite - CperAddress@0xFF610064 >> CperWrite - 1 Section@FFBE91A8, Length 80, SectionType@FFBE9138 >> CperWrite - Got Error Section: Platform Memory. >> MmEntryPoint Done >> Received delegated event >> X0 : 0xC4000061 >> X1 : 0x0 >> X2 : 0x0 >> X3 : 0x0 >> Received event - 0xC4000061 on cpu 0 >> UnRecognized Event - 0xC4000061 >> Failed delegated event 0xC4000061, Status 0x2 >> Unhandled Exception in EL3. >> x30 = 0x0000000000000000 >> x0 = 0x00000000ff007e00 >> x1 = 0xfffffffffffffffe >> x2 = 0x00000000600003c0 >> x3 = 0x0000000000000000 >> x4 = 0x0000000000000000 >> x5 = 0x0000000000000000 >> x6 = 0x00000000ff015080 >> x7 = 0x0000000000000000 >> x8 = 0x00000000c4000061 >> x9 = 0x0000000000000021 >> x10 = 0x0000000000000040 >> x11 = 0x00000000ff00f2b0 >> x12 = 0x00000000ff0118c0 >> x13 = 0x0000000000000002 >> x14 = 0x00000000ff016b70 >> x15 = 0x00000000ff003f20 >> x16 = 0x0000000000000044 >> x17 = 0x00000000ff010430 >> x18 = 0x0000000000000e3c >> x19 = 0x0000000000000000 >> More error log please refer to attachment. >> >> My question is, >> 1. Does BL31 need to send 0xC4000061 event to BL32 again? >> 2. Does current TF-A support to run RAS test? It seems BL31 will crash. >> >> Appreciate your help. >> >> BRs， >> Bin Wu >> > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years, 1 month

1
0
0 0

Re: [TF-A] Event Log for Measured Boot

by Soby Mathew

My view is that smaller patches are easier to review and we should try to break up the patches to logical chucks where possible. I haven't taken a look at the patches myself but I am sure there will be ways to break it up for ease of review. Best Regards Soby Mathew > -----Original Message----- > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Raghu > Krishnamurthy via TF-A > Sent: 20 April 2020 18:09 > To: Alexei Fedorov <Alexei.Fedorov(a)arm.com>; tf-a(a)lists.trustedfirmware.org > Subject: Re: [TF-A] Event Log for Measured Boot > > Fair enough. I have no doubt it was tested. It is just extremely difficult to review > such patches and I disagree with your statement. > There is almost always a way to split patches up by using feature flags for > example, that will help with not breaking the build. You can test them all > together once you have all the patches. I also think it is perfectly reasonable to > say measured boot cannot be turned on until a certain commit id present. > However, if you think this is the right approach, i have no issues. > > Thanks > Raghu > > On 4/20/20 8:44 AM, Alexei Fedorov wrote: > > Hi Raghu and Varun, > > > > This patch is a complete, tested and verified reference implementation > > for FVP platform. > > Splitting it will create a set of separate non-buildable patches > > causing more complexity in following and understanding the code > > changes and dependencies. > > The whole patch with all the code present in it should be reviewed > > anyway, and the time spent will be less than the time used for > > reviewing separate patches (mass defect). > > > > Alexei > > > > ---------------------------------------------------------------------- > > -- > > *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of > > Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> > > *Sent:* 02 April 2020 05:11 > > *To:* tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> > > *Subject:* Re: [TF-A] Event Log for Measured Boot Hi Alexei, > > > > I second Varun on this. The patch is huge. I recommend breaking it up > > into multiple commits. I've reviewed it but since it is a large patch, > > it might require a few more sittings to grasp all the changes(which > > also means there may be some stupid review comments :)). > > > > -Raghu > > > > On 3/31/20 10:28 AM, Varun Wadekar via TF-A wrote: > >> Hello Alexei, > >> > >> Just curious, the patch is huge and will take some time to review. Do > >> you expect this change to be merged before the v2.3 release? > >> > >> -Varun > >> > >> *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org> *On Behalf Of > >> *Alexei Fedorov via TF-A > >> *Sent:* Tuesday, March 31, 2020 7:19 AM > >> *To:* tf-a(a)lists.trustedfirmware.org > >> *Subject:* [TF-A] Event Log for Measured Boot > >> > >> *External email: Use caution opening links or attachments* > >> > >> Hi, > >> > >> Please review and provide your comments for the patch which adds > >> > >> Event Log generation for the Measured Boot. > >> > >> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3806 > >> > >> Thanks. > >> > >> Alexei > >> > >> IMPORTANT NOTICE: The contents of this email and any attachments are > >> confidential and may also be privileged. If you are not the intended > >> recipient, please notify the sender immediately and do not disclose > >> the contents to any other person, use it for any purpose, or store or > >> copy the information in any medium. Thank you. > >> > >> --------------------------------------------------------------------- > >> --- This email message is for the sole use of the intended > >> recipient(s) and may contain confidential information. Any > >> unauthorized review, use, disclosure or distribution is prohibited. > >> If you are not the intended recipient, please contact the sender by > >> reply email and destroy all copies of the original message. > >> --------------------------------------------------------------------- > >> --- > >> > > -- > > TF-A mailing list > > TF-A(a)lists.trustedfirmware.org > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > IMPORTANT NOTICE: The contents of this email and any attachments are > > confidential and may also be privileged. If you are not the intended > > recipient, please notify the sender immediately and do not disclose > > the contents to any other person, use it for any purpose, or store or > > copy the information in any medium. Thank you. > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

1
0
0 0

Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed

by Raghu K

Nice debug! Apart from the issue you pointed out, there is also the issue with not checking the return code. The ras handler should really be checking or panic'ing if there is an unexpected error code from spm_sp_call and sdei_dispatch_event. -Raghu On 4/20/20 2:37 PM, Olivier Deprez via TF-A wrote: > Hi Bin Wu, > > Here's an early observation. On receiving the RAS fiq interrupt the following occurs: > > ehf_el3_interrupt_handler => sgi_ras_intr_handler => spm_sp_call (enters/exit the SP to handle the injected RAS error) => sdei_dispatch_event > > se = get_event_entry(map); > if (!can_sdei_state_trans(se, DO_DISPATCH)) > return -1; > > p *map > $6 = {ev_num = 804, intr = 0, map_flags = 112, reg_count = 0, lock = {lock = 0}} > p *se > $4 = {ep = 0, arg = 0, affinity = 0, reg_flags = 0, state = 0 '\0'} > > sdei_dispatch_event exits in error at this stage, this does not seem a correct behavior. > The SDEI handler is not called in NS world and context remains unchanged. > The interrupt handler blindly returns to S-EL1 SP context at same location where it last exited. > sgi_ras_intr_handler => ehf_el3_interrupt_handler => vector_entry fiq_aarch64 => el3_exit => re-enters the SP with X0=0xC4000061 > SP then exits but the EL3 context has not been setup for SP entry leading to crash. > > IMO there is an issue around mapping SDEI event number to RAS interrupt number leading to sdei_dispatch_event exiting early. > > Regards, > Olivier. > > > ________________________________________ > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Matteo Carlini via TF-A <tf-a(a)lists.trustedfirmware.org> > Sent: 14 April 2020 10:41 > To: 吴斌(郅隆); tf-a(a)lists.trustedfirmware.org; Thomas Abraham; Deepak Pandey > Cc: nd > Subject: Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed > > Looping-in Thomas & Deepak, responsible for the RD-N1 landing team platforms releases. They might be able to help. > > Thanks > Matteo > > From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of ??(??) via TF-A > Sent: 14 April 2020 06:47 > To: TF-A <tf-a-bounces(a)lists.trustedfirmware.org>; Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> > Subject: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed > > Hi RagHu, > > Really appreciate your help. > > I was downloaded this software stack from git.linaro.org. This software stack include ATF, kernel, edk2 and so on. > The user guide i used from linaro is:https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms… > > 1) What platform you are running on? Can this issue be reproduced > outside your testing environment, perhaps on FVP or QEMU? > A: I am running on ARM N1-Edge FVP platform. It can reproduced on this FVP platform. > > 2) What version of TF-A and StandaloneMM is being used? Preferably the > commit-id, so that we can be sure we are looking at the same code. > A: TF-A: https://git.linaro.org/landing-teams/working/arm/arm-tf.git tag:RD-INFRA-20191024-RC0 > StandloneMM seems build from edk2 & edk2-platform. so i just put edk2 and edk2-platform version information. if anything i missed, please let me know. > edk2: https://git.linaro.org/landing-teams/working/arm/edk2.git<https://git.linaro.org/landing-teams/working/arm/edk2.git/> tag:RD-INFRA-20191024-RC0 > edk2-platform: https://git.linaro.org/landing-teams/working/arm/edk2-platforms.git<https://git.linaro.org/landing-teams/working/arm/edk2-platforms.git/> tag:RD-INFRA-20191024-RC0 > > 3) What version of the kernel and sdei driver is being used? > A: kernel-release: https://git.linaro.org/landing-teams/working/arm/kernel-release.git tag:RD-INFRA-20191024-RC0 > The sdei driver was included in kernel, do i need to provide sdei driver version? If need please let me know. > 4) I can't tell from looking at the log but do you know if writing 0x123 > to sde_ras_poison causes a DMC620 interrupt or an SError or external > abort through memory access ? > A: Sorry, linaro only refered it will inject the DMC-620 single-bit RAS error. So I am also not sure which exception type it will trigger. > > BRs， > Bin Wu > > ------------------原始邮件 ------------------ > 发件人:TF-A <tf-a-bounces(a)lists.trustedfirmware.org<mailto:tf-a-bounces@lists.trustedfirmware.org>> > 发送时间:Tue Apr 14 01:25:47 2020 > 收件人:Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> > 主题:Re: [TF-A] [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed > Hello, > > >>Does BL31 need to send 0xC4000061 event to BL32 again? > > I don't think it will. It is really odd that > 0xC4000061(SP_EVENT_COMPLETE_AARCH64) ever reaches the BL32/MM handler. > This is from looking at the upstream code quickly but it definitely > depends on the platform you are running, what version of TF-A you are > using, build options used. Is it possible that the unhandled exception > is occurring after successful handling of the DMC620 error but there is > a following issue that occurs right after, causing the crash? > From the register dump it looks like there was an Instruction abort > exception at address 0 while running in EL3. Something seems to have > gone seriously wrong to have 0xC4000061 ever go back to BL32 and to get > an instruction abort at address 0. > > >>Does current TF-A support to run RAS test? It seems BL31 will crash. > See above. The answer really depends on the factors mentioned above. > > The following would be helpful to know: > 1) What platform you are running on? Can this issue be reproduced > outside your testing environment, perhaps on FVP or QEMU? > 2) What version of TF-A and StandaloneMM is being used? Preferably the > commit-id, so that we can be sure we are looking at the same code. > 3) What version of the kernel and sdei driver is being used? > 4) I can't tell from looking at the log but do you know if writing 0x123 > to sde_ras_poison causes a DMC620 interrupt or an SError or external > abort through memory access ? > > Thanks > Raghu > > > On 4/13/20 12:16 AM, 吴斌(郅隆) via TF-A wrote: >> Dear Friends, >> >> I am using TF-A to test RAS feature. >> When I triggered DMC620 RAS error in Linux(echo 0x123 > >> /sys/kernel/debug/sdei_ras_poison). >> BL32 will recieve >> UnRecognized Event - 0xC4000061(SP_EVENT_COMPLETE_AARCH64) and finally >> BL31 crashed. >> >> In my understanding, this 0xC4000061 should consumed by BL31, not send >> it to BL32 again. >> >> A piece of error log as below: >> >> ************************************* >> >> CperWrite - CperAddress@0xFF610064 >> CperWrite - 1 Section@FFBE91A8, Length 80, SectionType@FFBE9138 >> CperWrite - Got Error Section: Platform Memory. >> MmEntryPoint Done >> Received delegated event >> X0 : 0xC4000061 >> X1 : 0x0 >> X2 : 0x0 >> X3 : 0x0 >> Received event - 0xC4000061 on cpu 0 >> UnRecognized Event - 0xC4000061 >> Failed delegated event 0xC4000061, Status 0x2 >> Unhandled Exception in EL3. >> x30 = 0x0000000000000000 >> x0 = 0x00000000ff007e00 >> x1 = 0xfffffffffffffffe >> x2 = 0x00000000600003c0 >> x3 = 0x0000000000000000 >> x4 = 0x0000000000000000 >> x5 = 0x0000000000000000 >> x6 = 0x00000000ff015080 >> x7 = 0x0000000000000000 >> x8 = 0x00000000c4000061 >> x9 = 0x0000000000000021 >> x10 = 0x0000000000000040 >> x11 = 0x00000000ff00f2b0 >> x12 = 0x00000000ff0118c0 >> x13 = 0x0000000000000002 >> x14 = 0x00000000ff016b70 >> x15 = 0x00000000ff003f20 >> x16 = 0x0000000000000044 >> x17 = 0x00000000ff010430 >> x18 = 0x0000000000000e3c >> x19 = 0x0000000000000000 >> More error log please refer to attachment. >> >> My question is, >> 1. Does BL31 need to send 0xC4000061 event to BL32 again? >> 2. Does current TF-A support to run RAS test? It seems BL31 will crash. >> >> Appreciate your help. >> >> BRs， >> Bin Wu >> > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org<mailto:TF-A@lists.trustedfirmware.org> > https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years, 1 month

1
0
0 0

Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed

by Olivier.Deprez＠arm.com

Hi Bin Wu, Here's an early observation. On receiving the RAS fiq interrupt the following occurs: ehf_el3_interrupt_handler => sgi_ras_intr_handler => spm_sp_call (enters/exit the SP to handle the injected RAS error) => sdei_dispatch_event se = get_event_entry(map); if (!can_sdei_state_trans(se, DO_DISPATCH)) return -1; p *map $6 = {ev_num = 804, intr = 0, map_flags = 112, reg_count = 0, lock = {lock = 0}} p *se $4 = {ep = 0, arg = 0, affinity = 0, reg_flags = 0, state = 0 '\0'} sdei_dispatch_event exits in error at this stage, this does not seem a correct behavior. The SDEI handler is not called in NS world and context remains unchanged. The interrupt handler blindly returns to S-EL1 SP context at same location where it last exited. sgi_ras_intr_handler => ehf_el3_interrupt_handler => vector_entry fiq_aarch64 => el3_exit => re-enters the SP with X0=0xC4000061 SP then exits but the EL3 context has not been setup for SP entry leading to crash. IMO there is an issue around mapping SDEI event number to RAS interrupt number leading to sdei_dispatch_event exiting early. Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Matteo Carlini via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 14 April 2020 10:41 To: 吴斌(郅隆); tf-a(a)lists.trustedfirmware.org; Thomas Abraham; Deepak Pandey Cc: nd Subject: Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed Looping-in Thomas & Deepak, responsible for the RD-N1 landing team platforms releases. They might be able to help. Thanks Matteo From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of ??(??) via TF-A Sent: 14 April 2020 06:47 To: TF-A <tf-a-bounces(a)lists.trustedfirmware.org>; Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed Hi RagHu, Really appreciate your help. I was downloaded this software stack from git.linaro.org. This software stack include ATF, kernel, edk2 and so on. The user guide i used from linaro is:https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms… 1) What platform you are running on? Can this issue be reproduced outside your testing environment, perhaps on FVP or QEMU? A: I am running on ARM N1-Edge FVP platform. It can reproduced on this FVP platform. 2) What version of TF-A and StandaloneMM is being used? Preferably the commit-id, so that we can be sure we are looking at the same code. A: TF-A: https://git.linaro.org/landing-teams/working/arm/arm-tf.git tag:RD-INFRA-20191024-RC0 StandloneMM seems build from edk2 & edk2-platform. so i just put edk2 and edk2-platform version information. if anything i missed, please let me know. edk2: https://git.linaro.org/landing-teams/working/arm/edk2.git<https://git.linaro.org/landing-teams/working/arm/edk2.git/> tag:RD-INFRA-20191024-RC0 edk2-platform: https://git.linaro.org/landing-teams/working/arm/edk2-platforms.git<https://git.linaro.org/landing-teams/working/arm/edk2-platforms.git/> tag:RD-INFRA-20191024-RC0 3) What version of the kernel and sdei driver is being used? A: kernel-release: https://git.linaro.org/landing-teams/working/arm/kernel-release.git tag:RD-INFRA-20191024-RC0 The sdei driver was included in kernel, do i need to provide sdei driver version? If need please let me know. 4) I can't tell from looking at the log but do you know if writing 0x123 to sde_ras_poison causes a DMC620 interrupt or an SError or external abort through memory access ? A: Sorry, linaro only refered it will inject the DMC-620 single-bit RAS error. So I am also not sure which exception type it will trigger. BRs， Bin Wu ------------------原始邮件 ------------------ 发件人:TF-A <tf-a-bounces(a)lists.trustedfirmware.org<mailto:tf-a-bounces@lists.trustedfirmware.org>> 发送时间:Tue Apr 14 01:25:47 2020 收件人:Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> 主题:Re: [TF-A] [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed Hello, >>Does BL31 need to send 0xC4000061 event to BL32 again? I don't think it will. It is really odd that 0xC4000061(SP_EVENT_COMPLETE_AARCH64) ever reaches the BL32/MM handler. This is from looking at the upstream code quickly but it definitely depends on the platform you are running, what version of TF-A you are using, build options used. Is it possible that the unhandled exception is occurring after successful handling of the DMC620 error but there is a following issue that occurs right after, causing the crash? From the register dump it looks like there was an Instruction abort exception at address 0 while running in EL3. Something seems to have gone seriously wrong to have 0xC4000061 ever go back to BL32 and to get an instruction abort at address 0. >>Does current TF-A support to run RAS test? It seems BL31 will crash. See above. The answer really depends on the factors mentioned above. The following would be helpful to know: 1) What platform you are running on? Can this issue be reproduced outside your testing environment, perhaps on FVP or QEMU? 2) What version of TF-A and StandaloneMM is being used? Preferably the commit-id, so that we can be sure we are looking at the same code. 3) What version of the kernel and sdei driver is being used? 4) I can't tell from looking at the log but do you know if writing 0x123 to sde_ras_poison causes a DMC620 interrupt or an SError or external abort through memory access ? Thanks Raghu On 4/13/20 12:16 AM, 吴斌(郅隆) via TF-A wrote: > Dear Friends, > > I am using TF-A to test RAS feature. > When I triggered DMC620 RAS error in Linux(echo 0x123 > > /sys/kernel/debug/sdei_ras_poison). > BL32 will recieve > UnRecognized Event - 0xC4000061(SP_EVENT_COMPLETE_AARCH64) and finally > BL31 crashed. > > In my understanding, this 0xC4000061 should consumed by BL31, not send > it to BL32 again. > > A piece of error log as below: > > ************************************* > > CperWrite - CperAddress@0xFF610064 > CperWrite - 1 Section@FFBE91A8, Length 80, SectionType@FFBE9138 > CperWrite - Got Error Section: Platform Memory. > MmEntryPoint Done > Received delegated event > X0 : 0xC4000061 > X1 : 0x0 > X2 : 0x0 > X3 : 0x0 > Received event - 0xC4000061 on cpu 0 > UnRecognized Event - 0xC4000061 > Failed delegated event 0xC4000061, Status 0x2 > Unhandled Exception in EL3. > x30 = 0x0000000000000000 > x0 = 0x00000000ff007e00 > x1 = 0xfffffffffffffffe > x2 = 0x00000000600003c0 > x3 = 0x0000000000000000 > x4 = 0x0000000000000000 > x5 = 0x0000000000000000 > x6 = 0x00000000ff015080 > x7 = 0x0000000000000000 > x8 = 0x00000000c4000061 > x9 = 0x0000000000000021 > x10 = 0x0000000000000040 > x11 = 0x00000000ff00f2b0 > x12 = 0x00000000ff0118c0 > x13 = 0x0000000000000002 > x14 = 0x00000000ff016b70 > x15 = 0x00000000ff003f20 > x16 = 0x0000000000000044 > x17 = 0x00000000ff010430 > x18 = 0x0000000000000e3c > x19 = 0x0000000000000000 > More error log please refer to attachment. > > My question is, > 1. Does BL31 need to send 0xC4000061 event to BL32 again? > 2. Does current TF-A support to run RAS test? It seems BL31 will crash. > > Appreciate your help. > > BRs， > Bin Wu > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org<mailto:TF-A@lists.trustedfirmware.org> https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years, 1 month

1
0
0 0

Trusted Firmware-A & TF-A tests version 2.3 is now available

by Bipin Ravi

Hi all, Trusted Firmware-A and TF-A tests version 2.3 is now available and can be found here: TF-A: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tag/?h=v2.3 TF-A-tests: https://git.trustedfirmware.org/TF-A/tf-a-tests.git/tag/?h=v2.3 Please refer to the readme and change log for further information. Thanks & best regards, [cid:image001.jpg@01D6170F.64702DF0] Bipin Ravi | Principal Design Engineer Bipin.Ravi(a)arm.com<mailto:Bipin.Ravi@arm.com> | Mobile: +1-214-212-0794 5707 Southwest Parkway, Suite 100, Austin, TX 78735

5 years, 1 month

1
0
0 0

Re: [TF-A] Event Log for Measured Boot

by Alexei Fedorov

Hi Raghu and Varun, This patch is a complete, tested and verified reference implementation for FVP platform. Splitting it will create a set of separate non-buildable patches causing more complexity in following and understanding the code changes and dependencies. The whole patch with all the code present in it should be reviewed anyway, and the time spent will be less than the time used for reviewing separate patches (mass defect). Alexei ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 02 April 2020 05:11 To: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: Re: [TF-A] Event Log for Measured Boot Hi Alexei, I second Varun on this. The patch is huge. I recommend breaking it up into multiple commits. I've reviewed it but since it is a large patch, it might require a few more sittings to grasp all the changes(which also means there may be some stupid review comments :)). -Raghu On 3/31/20 10:28 AM, Varun Wadekar via TF-A wrote: > Hello Alexei, > > Just curious, the patch is huge and will take some time to review. Do > you expect this change to be merged before the v2.3 release? > > -Varun > > *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org> *On Behalf Of > *Alexei Fedorov via TF-A > *Sent:* Tuesday, March 31, 2020 7:19 AM > *To:* tf-a(a)lists.trustedfirmware.org > *Subject:* [TF-A] Event Log for Measured Boot > > *External email: Use caution opening links or attachments* > > Hi, > > Please review and provide your comments for the patch which adds > > Event Log generation for the Measured Boot. > > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3806 > > Thanks. > > Alexei > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy > the information in any medium. Thank you. > > ------------------------------------------------------------------------ > This email message is for the sole use of the intended recipient(s) and > may contain confidential information. Any unauthorized review, use, > disclosure or distribution is prohibited. If you are not the intended > recipient, please contact the sender by reply email and destroy all > copies of the original message. > ------------------------------------------------------------------------ > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

2
1
0 0

Re: [TF-A] [RFC] isolation between runtime BL33 services and OS

by Olivier.Deprez＠arm.com

Hi, If buffers are to be consumed by NWd only, it's probably better to contain the isolation at NS-EL2 (through Stage-2 MMU mapping). Though from your statements I'm not clear if you wish to use an hypervisor, or not? If yes, which implementation or kind do you want to use? If not, I wonder if you could re-use OS facilities like shared mem with different permissions for two child processes (might be tricky)? I don't think execute-only regions exist in Cortex-A (unless implementing additional hardware). If executable it's probably also readable. Maybe you meant execute-never? Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of François Ozog via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 20 April 2020 13:45 To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] [RFC] isolation between runtime BL33 services and OS Hi, I am trying to identify a mechanism to enforce a form of two-way isolation between BL33 runtime services in OS, for instance: - a pair of 2MB areas that could be RO by one entity and RW by the other - an execute only BL33 2MB area? This is similar to hypervisor except it only deals with memory, no vCPU, no GIC virtualization... Could EL3 or EL2 install protective mappings ? BL33 could ask either EL2 hypervisor or SecureMonitor to actually install them. Cordially, FF -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years, 1 month

2
1
0 0

[RFC] isolation between runtime BL33 services and OS

by François Ozog

Hi, I am trying to identify a mechanism to enforce a form of two-way isolation between BL33 runtime services in OS, for instance: - a pair of 2MB areas that could be RO by one entity and RW by the other - an execute only BL33 2MB area? This is similar to hypervisor except it only deals with memory, no vCPU, no GIC virtualization... Could EL3 or EL2 install protective mappings ? BL33 could ask either EL2 hypervisor or SecureMonitor to actually install them. Cordially, FF

5 years, 1 month

1
0
0 0

TrustedFirmware's Hafnium mailing list

by Olivier Deprez

Hi, As part of integrating Hafnium within Trusted Firmware projects, a new mailing list has been created: https://lists.trustedfirmware.org/mailman/listinfo/hafnium You can register this list to participate to Hafnium in general, and coming S-EL2 firmware design discussions. Regards, Olivier.

5 years, 1 month

1
0
0 0

Re: [TF-A] Design proposal: firmware debugfs interface

by Olivier Deprez

Hi, To complement the DebugFS design proposal document, here is a corresponding TF-A patchset: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/2422 https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/2431 https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/2432 https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/2423 https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/2421 An associated TFTF test case illustrates the usage: https://review.trustedfirmware.org/c/TF-A/tf-a-tests/+/2433 Regards, Olivier. ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Olivier Deprez via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 25 October 2019 15:30 To: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] Design proposal: firmware debugfs interface Hi All, We are proposing a new firmware debug interface in the form of a "debug filesystem". The intent is to expose live firmware data or firmware driver HAL to the upper layers, in debug builds. For people interested, please review and comment the design proposal: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/2381 The design is not closed, the intent is to collect opinions, and have a discussion on options and implications. Thanks & Regards, Olivier. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years, 1 month

1
1
0 0

Re: [TF-A] Linux as BL33

by Ash Wilding

Hi @François<mailto:francois.ozog@linaro.org>, <quote> Now, I changed U-Boot to Image, added code to ensure arg0 is 0 (DTB) but Linux does not start (zero printk visible). I don't find kernel text base anymore, may be it disappeared: any suggestion to get the kernel start when loaded at 64KB offset? the kernel image with embedded initrd is 10MB, SRAM is at 64MB so there should be enough space to decompress initrd... </quote> I recommend reading through the arm64 Linux booting requirements if you haven’t already; you’ll need to ensure all of those conditions are met before entering the kernel [1]. For example have you correctly set text_offset in the image header? <quote> u32 code0; /* Executable code */ u32 code1; /* Executable code */ u64 text_offset; /* Image load offset, little endian */ u64 image_size; /* Effective Image size, little endian */ u64 flags; /* kernel flags, little endian */ u64 res2 = 0; /* reserved */ u64 res3 = 0; /* reserved */ u64 res4 = 0; /* reserved */ u32 magic = 0x644d5241; /* Magic number, little endian, "ARM\x64" */ u32 res5; /* reserved (used for PE COFF offset) */ </quote> <quote> The Image must be placed text_offset bytes from a 2MB aligned base address anywhere in usable system RAM and called there. </quote> Kind regards, Ash. [1] https://elixir.bootlin.com/linux/latest/source/Documentation/arm64/booting.… IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

2
2
0 0

Re: [TF-A] sp select in atf

by Ash Wilding

Hi Feng, This is standard practice for operating systems, hypervisors, and firmware running on Armv8-A systems. A key distinction between SPSel,#0 and SPSel,#1 is that you can tell which stack pointer you were using when you took an exception as they correspond to different offsets in the vector table. Often times, taking an exception from the same EL when using SPSel,#0 is non-terminal whereas taking an exception from the same EL when already using SPSel,#1 is considered terminal. Take for example the scenario where your operating system, hypervisor, or firmware is running some task/thread code at EL1/EL2/EL3 and runs out of stack space, triggering a translation fault and attempting to stack some data (we’ll probably be using unmapped guard pages at the stack boundaries). The first thing the exception handler will try to do is stack the GPRs. If the reason you took the exception is because the stack pointed to by SP_EL1/2/3 has itself overflowed, this attempt to stack the GPRs will itself cause a translation fault and you’ll get stuck in a recursive exception. In contrast, if the reason you took the exception is because the stack pointed to by SP_EL0 has overflowed, the exception handler will successfully stack the GPRs to the SP_EL1/2/3 stack and be able to diagnose + log what went wrong before rebooting gracefully. Hope that helps, Ash. From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Chen Feng via TF-A <tf-a(a)lists.trustedfirmware.org> Reply to: Chen Feng <puck.chen(a)hisilicon.com> Date: Friday, 17 April 2020 at 09:02 To: "tf-a(a)lists.trustedfirmware.org" <tf-a(a)lists.trustedfirmware.org>, Alexei Fedorov <Alexei.Fedorov(a)arm.com>, Yatharth Kochar <Yatharth.Kochar(a)arm.com>, Sandrine Bailleux <Sandrine.Bailleux(a)arm.com> Cc: "puck.chen(a)hisilicon.com" <puck.chen(a)hisilicon.com>, "lizhong11(a)hisilicon.com" <lizhong11(a)hisilicon.com> Subject: [TF-A] sp select in atf Hello all, I see the atf use different sp, and special for smc64 it use the sp_el0. So for the unhandled-exception handler, it must switch to sp_el0 to do the back-trace-dump. Since it default used sp_el3 when exception happen. My question here is why using different sp in atf code? Just use the sp_el3 for all scenes seems more simpler. Cheers, - feng -- TF-A mailing list TF-A(a)lists.trustedfirmware.org<mailto:TF-A@lists.trustedfirmware.org> https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

2
1
0 0

sp select in atf

by Chen Feng

Hello all, I see the atf use different sp, and special for smc64 it use the sp_el0. So for the unhandled-exception handler, it must switch to sp_el0 to do the back-trace-dump. Since it default used sp_el3 when exception happen. My question here is why using different sp in atf code? Just use the sp_el3 for all scenes seems more simpler. Cheers, - feng

5 years, 1 month

1
0
0 0

Re: [TF-A] Linux as BL33

by Manish Pandey2

As of now ARM_LINUX_KERNEL_AS_BL33 is only supported when RESET_TO_BL31=1, along with it you need to pass PRELOADED_BL33_BASE as well as ARM_PRELOADED_DTB_BASE. AFAIK This feature is not tested for platforms which uses all the BL(1/2/31) stages from TF-A . The most likely reason for this is loading and authentication of Linux Image. BL2 which is responsible for loading of various images, does not have support to load linux image. With platforms having RESET_TO_BL31, TF-A relies on prior loader which loads kernel and device tree blobs at respective address. In short, if your platform has RESET_TO_BL31=1, it will be quite easy else you need to understand the BL2 loading mechanism and see if you can extend it for loading Linux and DTB. Kernel Output format zImage/Image should work. Hope this helps! ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of François Ozog via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 15 April 2020 13:31 To: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] Linux as BL33 I want to use Linux as BL33 on a Marvell Macchiatobin. Currently I have the successful boot flow: TFA (mainline v2.2) -> U-Boot (Mainline 2020.04rc5) -> Kernel (5.6.3) with U-root initrd (6.0.0, https://github.com/u-root/u-root ) -> Ubuntu 19.10 The 5.6.3 "intermediary" kernel is 5.5MB uncompressed , u-root initrd is 3.5MB compressed (some form of golang based busybox). I was pointed to the ARM_LINUX_KERNEL_AS_BL33 option which is not supported on the Macchiatobin. It does not look too difficult to add, but I'd like to have some feedback/guidance on how to do it: - how to add the option to the TFA platform - how to generate a usable kernel (compile options? non relocatable kernel? output format, i.e. Image, zImage, uImage...) Thanks for your help -FF -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 1 month

2
3
0 0

Re: [TF-A] Proposal for Measured Boot Implementation

by Vivek Prasad

+Harb ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Vivek Prasad via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: Thursday, April 16, 2020 10:19 AM To: Stuart Yoder <stuart.yoder(a)arm.com>; Alexei Fedorov <Alexei.Fedorov(a)arm.com>; tf-a <tf-a(a)lists.trustedfirmware.org>; Raghu Krishnamurthy <raghu.ncstate(a)icloud.com> Cc: Loc Ho <loc.ho(a)amperecomputing.com>; Vivek Kumar <vivek(a)amperecomputing.com>; Benjamin Chaffin <bchaffin(a)amperecomputing.com>; Ard Biesheuvel <Ard.Biesheuvel(a)arm.com>; Mohamad Ammar <moe(a)amperecomputing.com>; Charles Garcia-Tobin <Charles.Garcia-Tobin(a)arm.com> Subject: Re: [TF-A] Proposal for Measured Boot Implementation Hello Stuart, Alexei, Chiming-in here on Ampere's behalf... We analysed this proposal internally. And we see a number issues with this, some of which was already raised by Raghu in the previous threads. Here is a summary of the main issues that we see. * Only supporting mbedtls, and this is fixed config at compile time. * We propose that there should be a variable for the algorithm to be used, which can be setup at initialization time. * This solution relies on taking the hash directly from the digest as the measurement, instead of the computed hash. This is not safe, especially considering measured boot may use a different hash bank, so digest hash may not be correct/valid. * Only measuring the BL2 image, per the ARM SBSG we must be measuring and logging *all* images/boot phases * BL31 * BL32 (all secure partitions) * BL33 (UEFI or any other non-secure boot loader) * Once we ERET into BL33, the measure boot flow continues and is owned by that boot loader * Only see support for PCR0, any/all unsigned config data must be logged to PCR1. * Passing PCRs to non-secure software before logging is not compliant with TCG Static-Root-of-Trust Measurement (SRTM) requirements * It was discussed before in separate conversations… especially in systems where you are talked about two different signing domains where BL33 is a different trust/signing domain. * BL33 should only do hash-log-extend… there is no need for BL33 to be aware of the current PCR value (beyond what is provided in the boot event log). * Based on comments on the mail thread, there seem to be bad assumptions/expectations around TPM accessibility from non-secure world. * Expecting SPI/I2C TPMs to be directly accessed from non-secure world instead of abstracting hardware details via the TCG CRB interface (which has been already standardized as the defacto mechanism for ARM on past mobile, client, and server solutions). * CRB will "just work" for Aptio/EDK2/Linux/Windows/Hyper-V/VMWare * NOTE: This goes back to what is a “productizable” TPM solution. We want it to be turn-key solution for customers without having to support/develop proprietary drivers. -Vivek/Harb

5 years, 1 month

1
0
0 0

Re: [TF-A] Project Maintenance Proposal for tf.org Projects

by Sandrine Bailleux

Hi all, Thanks to all who have commented on this proposal so far. I've edited the original document to try and incorporate all feedback gathered so far (through the TSC meeting, this email thread and the TF-A tech call). Please have another look and flag anything I might have missed: https://developer.trustedfirmware.org/w/collaboration/project-maintenance-p… The major changes are: == Removed concept of self-review == This is proving too controversial, several people do not want to allow self-review. Roles of maintainer and code owner are still cumulative but cannot be both exercised for the same patch. The exact method of dealing with review bottleneck is still to be decided. In addition to the current proposal of increasing the maintainers pool, the most popular alternatives mentioned so far are: - Set a minimum wait time for feedback before a patch can be merged without any further delay. - Mandate distinct reviewers for a patch. == Enhanced the section "Patch contribution Guidelines" == Mentioned that patches should be small, on-topic, with comprehensive commit messages. == Added a note about how to deal with disagreement == If reviewers cannot find a common ground, the proposal is to call out a 3rd-party maintainer. == Removed "out-of-date" platform state == Squashed it into "limited support" to reduce the number of states. == Removed "orphan" state from platform support life cycle == This concept is orthogonal to the level of functionality. Added a note in the "Code Owner" section instead. == Per-project guidelines as a complementary document == Added a list of things that it would typically cover. == Added requirement on fully supported platforms to document the features they support == == Added todo mentioning that the proposal might cover branching strategies in the future == The full diff may be seen here: https://developer.trustedfirmware.org/phriction/diff/73/?l=4&r=5 This proposal is still open for discussion at this stage and further feedback is most welcome! Regards, Sandrine

5 years, 1 month

1
0
0 0

Linux as BL33

by François Ozog

I want to use Linux as BL33 on a Marvell Macchiatobin. Currently I have the successful boot flow: TFA (mainline v2.2) -> U-Boot (Mainline 2020.04rc5) -> Kernel (5.6.3) with U-root initrd (6.0.0, https://github.com/u-root/u-root ) -> Ubuntu 19.10 The 5.6.3 "intermediary" kernel is 5.5MB uncompressed , u-root initrd is 3.5MB compressed (some form of golang based busybox). I was pointed to the ARM_LINUX_KERNEL_AS_BL33 option which is not supported on the Macchiatobin. It does not look too difficult to add, but I'd like to have some feedback/guidance on how to do it: - how to add the option to the TFA platform - how to generate a usable kernel (compile options? non relocatable kernel? output format, i.e. Image, zImage, uImage...) Thanks for your help -FF

5 years, 1 month

1
0
0 0

Re: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed

by Matteo Carlini

Looping-in Thomas & Deepak, responsible for the RD-N1 landing team platforms releases. They might be able to help. Thanks Matteo From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of ??(??) via TF-A Sent: 14 April 2020 06:47 To: TF-A <tf-a-bounces(a)lists.trustedfirmware.org>; Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] 回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed Hi RagHu, Really appreciate your help. I was downloaded this software stack from git.linaro.org. This software stack include ATF, kernel, edk2 and so on. The user guide i used from linaro is:https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms… 1) What platform you are running on? Can this issue be reproduced outside your testing environment, perhaps on FVP or QEMU? A: I am running on ARM N1-Edge FVP platform. It can reproduced on this FVP platform. 2) What version of TF-A and StandaloneMM is being used? Preferably the commit-id, so that we can be sure we are looking at the same code. A: TF-A: https://git.linaro.org/landing-teams/working/arm/arm-tf.git tag:RD-INFRA-20191024-RC0 StandloneMM seems build from edk2 & edk2-platform. so i just put edk2 and edk2-platform version information. if anything i missed, please let me know. edk2: https://git.linaro.org/landing-teams/working/arm/edk2.git<https://git.linaro.org/landing-teams/working/arm/edk2.git/> tag:RD-INFRA-20191024-RC0 edk2-platform: https://git.linaro.org/landing-teams/working/arm/edk2-platforms.git<https://git.linaro.org/landing-teams/working/arm/edk2-platforms.git/> tag:RD-INFRA-20191024-RC0 3) What version of the kernel and sdei driver is being used? A: kernel-release: https://git.linaro.org/landing-teams/working/arm/kernel-release.git tag:RD-INFRA-20191024-RC0 The sdei driver was included in kernel, do i need to provide sdei driver version? If need please let me know. 4) I can't tell from looking at the log but do you know if writing 0x123 to sde_ras_poison causes a DMC620 interrupt or an SError or external abort through memory access ? A: Sorry, linaro only refered it will inject the DMC-620 single-bit RAS error. So I am also not sure which exception type it will trigger. BRs， Bin Wu ------------------原始邮件 ------------------ 发件人:TF-A <tf-a-bounces(a)lists.trustedfirmware.org<mailto:tf-a-bounces@lists.trustedfirmware.org>> 发送时间:Tue Apr 14 01:25:47 2020 收件人:Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> 主题:Re: [TF-A] [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed Hello, >>Does BL31 need to send 0xC4000061 event to BL32 again? I don't think it will. It is really odd that 0xC4000061(SP_EVENT_COMPLETE_AARCH64) ever reaches the BL32/MM handler. This is from looking at the upstream code quickly but it definitely depends on the platform you are running, what version of TF-A you are using, build options used. Is it possible that the unhandled exception is occurring after successful handling of the DMC620 error but there is a following issue that occurs right after, causing the crash? From the register dump it looks like there was an Instruction abort exception at address 0 while running in EL3. Something seems to have gone seriously wrong to have 0xC4000061 ever go back to BL32 and to get an instruction abort at address 0. >>Does current TF-A support to run RAS test? It seems BL31 will crash. See above. The answer really depends on the factors mentioned above. The following would be helpful to know: 1) What platform you are running on? Can this issue be reproduced outside your testing environment, perhaps on FVP or QEMU? 2) What version of TF-A and StandaloneMM is being used? Preferably the commit-id, so that we can be sure we are looking at the same code. 3) What version of the kernel and sdei driver is being used? 4) I can't tell from looking at the log but do you know if writing 0x123 to sde_ras_poison causes a DMC620 interrupt or an SError or external abort through memory access ? Thanks Raghu On 4/13/20 12:16 AM, 吴斌(郅隆) via TF-A wrote: > Dear Friends, > > I am using TF-A to test RAS feature. > When I triggered DMC620 RAS error in Linux(echo 0x123 > > /sys/kernel/debug/sdei_ras_poison). > BL32 will recieve > UnRecognized Event - 0xC4000061(SP_EVENT_COMPLETE_AARCH64) and finally > BL31 crashed. > > In my understanding, this 0xC4000061 should consumed by BL31, not send > it to BL32 again. > > A piece of error log as below: > > ************************************* > > CperWrite - CperAddress@0xFF610064 > CperWrite - 1 Section@FFBE91A8, Length 80, SectionType@FFBE9138 > CperWrite - Got Error Section: Platform Memory. > MmEntryPoint Done > Received delegated event > X0 : 0xC4000061 > X1 : 0x0 > X2 : 0x0 > X3 : 0x0 > Received event - 0xC4000061 on cpu 0 > UnRecognized Event - 0xC4000061 > Failed delegated event 0xC4000061, Status 0x2 > Unhandled Exception in EL3. > x30 = 0x0000000000000000 > x0 = 0x00000000ff007e00 > x1 = 0xfffffffffffffffe > x2 = 0x00000000600003c0 > x3 = 0x0000000000000000 > x4 = 0x0000000000000000 > x5 = 0x0000000000000000 > x6 = 0x00000000ff015080 > x7 = 0x0000000000000000 > x8 = 0x00000000c4000061 > x9 = 0x0000000000000021 > x10 = 0x0000000000000040 > x11 = 0x00000000ff00f2b0 > x12 = 0x00000000ff0118c0 > x13 = 0x0000000000000002 > x14 = 0x00000000ff016b70 > x15 = 0x00000000ff003f20 > x16 = 0x0000000000000044 > x17 = 0x00000000ff010430 > x18 = 0x0000000000000e3c > x19 = 0x0000000000000000 > More error log please refer to attachment. > > My question is, > 1. Does BL31 need to send 0xC4000061 event to BL32 again? > 2. Does current TF-A support to run RAS test? It seems BL31 will crash. > > Appreciate your help. > > BRs， > Bin Wu > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org<mailto:TF-A@lists.trustedfirmware.org> https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years, 2 months

1
0
0 0

回复：Re: [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed

by 吴斌(郅隆)

Hi RagHu, Really appreciate your help. I was downloaded this software stack from git.linaro.org. This software stack include ATF, kernel, edk2 and so on. The user guide i used from linaro is:https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms… 1) What platform you are running on? Can this issue be reproduced outside your testing environment, perhaps on FVP or QEMU? A: I am running on ARM N1-Edge FVP platform. It can reproduced on this FVP platform. 2) What version of TF-A and StandaloneMM is being used? Preferably the commit-id, so that we can be sure we are looking at the same code. A: TF-A: https://git.linaro.org/landing-teams/working/arm/arm-tf.git tag:RD-INFRA-20191024-RC0 StandloneMM seems build from edk2 & edk2-platform. so i just put edk2 and edk2-platform version information. if anything i missed, please let me know. edk2: https://git.linaro.org/landing-teams/working/arm/edk2.git tag:RD-INFRA-20191024-RC0 edk2-platform: https://git.linaro.org/landing-teams/working/arm/edk2-platforms.git tag:RD-INFRA-20191024-RC0 3) What version of the kernel and sdei driver is being used? A: kernel-release: https://git.linaro.org/landing-teams/working/arm/kernel-release.git tag:RD-INFRA-20191024-RC0 The sdei driver was included in kernel, do i need to provide sdei driver version? If need please let me know. 4) I can't tell from looking at the log but do you know if writing 0x123 to sde_ras_poison causes a DMC620 interrupt or an SError or external abort through memory access ? A: Sorry, linaro only refered it will inject the DMC-620 single-bit RAS error. So I am also not sure which exception type it will trigger. BRs， Bin Wu ------------------原始邮件 ------------------ 发件人:TF-A <tf-a-bounces(a)lists.trustedfirmware.org> 发送时间:Tue Apr 14 01:25:47 2020 收件人:Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> 主题:Re: [TF-A] [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed Hello, >>Does BL31 need to send 0xC4000061 event to BL32 again? I don't think it will. It is really odd that 0xC4000061(SP_EVENT_COMPLETE_AARCH64) ever reaches the BL32/MM handler. This is from looking at the upstream code quickly but it definitely depends on the platform you are running, what version of TF-A you are using, build options used. Is it possible that the unhandled exception is occurring after successful handling of the DMC620 error but there is a following issue that occurs right after, causing the crash? From the register dump it looks like there was an Instruction abort exception at address 0 while running in EL3. Something seems to have gone seriously wrong to have 0xC4000061 ever go back to BL32 and to get an instruction abort at address 0. >>Does current TF-A support to run RAS test? It seems BL31 will crash. See above. The answer really depends on the factors mentioned above. The following would be helpful to know: 1) What platform you are running on? Can this issue be reproduced outside your testing environment, perhaps on FVP or QEMU? 2) What version of TF-A and StandaloneMM is being used? Preferably the commit-id, so that we can be sure we are looking at the same code. 3) What version of the kernel and sdei driver is being used? 4) I can't tell from looking at the log but do you know if writing 0x123 to sde_ras_poison causes a DMC620 interrupt or an SError or external abort through memory access ? Thanks Raghu On 4/13/20 12:16 AM, 吴斌(郅隆) via TF-A wrote: > Dear Friends, > > I am using TF-A to test RAS feature. > When I triggered DMC620 RAS error in Linux(echo 0x123 > > /sys/kernel/debug/sdei_ras_poison). > BL32 will recieve > UnRecognized Event - 0xC4000061(SP_EVENT_COMPLETE_AARCH64) and finally > BL31 crashed. > > In my understanding, this 0xC4000061 should consumed by BL31, not send > it to BL32 again. > > A piece of error log as below: > > ************************************* > > CperWrite - CperAddress@0xFF610064 > CperWrite - 1 Section@FFBE91A8, Length 80, SectionType@FFBE9138 > CperWrite - Got Error Section: Platform Memory. > MmEntryPoint Done > Received delegated event > X0 : 0xC4000061 > X1 : 0x0 > X2 : 0x0 > X3 : 0x0 > Received event - 0xC4000061 on cpu 0 > UnRecognized Event - 0xC4000061 > Failed delegated event 0xC4000061, Status 0x2 > Unhandled Exception in EL3. > x30 = 0x0000000000000000 > x0 = 0x00000000ff007e00 > x1 = 0xfffffffffffffffe > x2 = 0x00000000600003c0 > x3 = 0x0000000000000000 > x4 = 0x0000000000000000 > x5 = 0x0000000000000000 > x6 = 0x00000000ff015080 > x7 = 0x0000000000000000 > x8 = 0x00000000c4000061 > x9 = 0x0000000000000021 > x10 = 0x0000000000000040 > x11 = 0x00000000ff00f2b0 > x12 = 0x00000000ff0118c0 > x13 = 0x0000000000000002 > x14 = 0x00000000ff016b70 > x15 = 0x00000000ff003f20 > x16 = 0x0000000000000044 > x17 = 0x00000000ff010430 > x18 = 0x0000000000000e3c > x19 = 0x0000000000000000 > More error log please refer to attachment. > > My question is, > 1. Does BL31 need to send 0xC4000061 event to BL32 again? > 2. Does current TF-A support to run RAS test? It seems BL31 will crash. > > Appreciate your help. > > BRs， > Bin Wu > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

5 years, 2 months

1
0
0 0

Re: [TF-A] BRANCH_PROTECTION

by Alexei Fedorov

Hi Varun, 1. The value of '1' sets ‘standard’ type of BP which according to GCC documentation: "turns on all types of branch protection features. If a feature has additional tuning options, then ‘standard’ sets it to its standard level. " It equals to "bti+pac-ret". 2. Yes. See above and use option value of '1'. Regards. Alexei ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Varun Wadekar via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 10 April 2020 19:28 To: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Cc: Kalyani Chidambaram Vaidyanathan <kalyanic(a)nvidia.com>; Anthony Zhou <anzhou(a)nvidia.com> Subject: Re: [TF-A] BRANCH_PROTECTION Hello, Can someone please help clarify? -Varun From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Varun Wadekar via TF-A Sent: Tuesday, April 7, 2020 9:58 PM To: tf-a(a)lists.trustedfirmware.org Cc: Kalyani Chidambaram Vaidyanathan <kalyanic(a)nvidia.com>; Anthony Zhou <anzhou(a)nvidia.com> Subject: [TF-A] BRANCH_PROTECTION External email: Use caution opening links or attachments Hello, Can someone please help me understand if 1. a ‘value’ of ‘1’ for BRANCH_PROTECTION covers the PAuth protection provided by a value of ‘2’ and/or ‘3’? 2. there is a way to enable BTI and “pac-ret” at the same time? The docs provide this information. <snip> - ``BRANCH_PROTECTION``: Numeric value to enable ARMv8.3 Pointer Authentication and ARMv8.5 Branch Target Identification support for TF-A BL images themselves. If enabled, it is needed to use a compiler that supports the option ``-mbranch-protection``. Selects the branch protection features to use: - 0: Default value turns off all types of branch protection - 1: Enables all types of branch protection features - 2: Return address signing to its standard level - 3: Extend the signing to include leaf functions The table below summarizes ``BRANCH_PROTECTION`` values, GCC compilation options and resulting PAuth/BTI<https://tegra-sw-opengrok.nvidia.com/source/s?path=PAuth/BTI&project=stage-…> features. +-------+--------------+-------+-----+ | Value | GCC option | PAuth | BTI | +=======+==============+=======+=====+ | 0 | none | N | N | +-------+--------------+-------+-----+ | 1 | standard | Y | Y | +-------+--------------+-------+-----+ | 2 | pac-ret | Y | N | +-------+--------------+-------+-----+ | 3 | pac-ret+leaf | Y | N | +-------+--------------+-------+-----+ This option defaults to 0 and this is an experimental feature. Note that Pointer Authentication is enabled for Non-secure world irrespective of the value of this option if the CPU supports it. <snip> Thanks, Varun ________________________________ This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. ________________________________ IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 2 months

2
1
0 0

Re: [TF-A] [RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed

by Raghu Krishnamurthy

Hello, >>Does BL31 need to send 0xC4000061 event to BL32 again? I don't think it will. It is really odd that 0xC4000061(SP_EVENT_COMPLETE_AARCH64) ever reaches the BL32/MM handler. This is from looking at the upstream code quickly but it definitely depends on the platform you are running, what version of TF-A you are using, build options used. Is it possible that the unhandled exception is occurring after successful handling of the DMC620 error but there is a following issue that occurs right after, causing the crash? From the register dump it looks like there was an Instruction abort exception at address 0 while running in EL3. Something seems to have gone seriously wrong to have 0xC4000061 ever go back to BL32 and to get an instruction abort at address 0. >>Does current TF-A support to run RAS test? It seems BL31 will crash. See above. The answer really depends on the factors mentioned above. The following would be helpful to know: 1) What platform you are running on? Can this issue be reproduced outside your testing environment, perhaps on FVP or QEMU? 2) What version of TF-A and StandaloneMM is being used? Preferably the commit-id, so that we can be sure we are looking at the same code. 3) What version of the kernel and sdei driver is being used? 4) I can't tell from looking at the log but do you know if writing 0x123 to sde_ras_poison causes a DMC620 interrupt or an SError or external abort through memory access ? Thanks Raghu On 4/13/20 12:16 AM, 吴斌(郅隆) via TF-A wrote: > Dear Friends, > > I am using TF-A to test RAS feature. > When I triggered DMC620 RAS error in Linux(echo 0x123 > > /sys/kernel/debug/sdei_ras_poison). > BL32 will recieve > UnRecognized Event - 0xC4000061(SP_EVENT_COMPLETE_AARCH64) and finally > BL31 crashed. > > In my understanding, this 0xC4000061 should consumed by BL31, not send > it to BL32 again. > > A piece of error log as below: > > ************************************* > > CperWrite - CperAddress@0xFF610064 > CperWrite - 1 Section@FFBE91A8, Length 80, SectionType@FFBE9138 > CperWrite - Got Error Section: Platform Memory. > MmEntryPoint Done > Received delegated event > X0 : 0xC4000061 > X1 : 0x0 > X2 : 0x0 > X3 : 0x0 > Received event - 0xC4000061 on cpu 0 > UnRecognized Event - 0xC4000061 > Failed delegated event 0xC4000061, Status 0x2 > Unhandled Exception in EL3. > x30 = 0x0000000000000000 > x0 = 0x00000000ff007e00 > x1 = 0xfffffffffffffffe > x2 = 0x00000000600003c0 > x3 = 0x0000000000000000 > x4 = 0x0000000000000000 > x5 = 0x0000000000000000 > x6 = 0x00000000ff015080 > x7 = 0x0000000000000000 > x8 = 0x00000000c4000061 > x9 = 0x0000000000000021 > x10 = 0x0000000000000040 > x11 = 0x00000000ff00f2b0 > x12 = 0x00000000ff0118c0 > x13 = 0x0000000000000002 > x14 = 0x00000000ff016b70 > x15 = 0x00000000ff003f20 > x16 = 0x0000000000000044 > x17 = 0x00000000ff010430 > x18 = 0x0000000000000e3c > x19 = 0x0000000000000000 > More error log please refer to attachment. > > My question is, > 1. Does BL31 need to send 0xC4000061 event to BL32 again? > 2. Does current TF-A support to run RAS test? It seems BL31 will crash. > > Appreciate your help. > > BRs， > Bin Wu >

5 years, 2 months

1
0
0 0

[RAS] BL32 UnRecognized Event - 0xC4000061 and BL31 Crashed

by 吴斌(郅隆)

Dear Friends, I am using TF-A to test RAS feature. When I triggered DMC620 RAS error in Linux(echo 0x123 > /sys/kernel/debug/sdei_ras_poison). BL32 will recieve UnRecognized Event - 0xC4000061(SP_EVENT_COMPLETE_AARCH64) and finally BL31 crashed. In my understanding, this 0xC4000061 should consumed by BL31, not send it to BL32 again. A piece of error log as below: ************************************* CperWrite - CperAddress@0xFF610064 CperWrite - 1 Section@FFBE91A8, Length 80, SectionType@FFBE9138 CperWrite - Got Error Section: Platform Memory. MmEntryPoint Done Received delegated event X0 : 0xC4000061 X1 : 0x0 X2 : 0x0 X3 : 0x0 Received event - 0xC4000061 on cpu 0 UnRecognized Event - 0xC4000061 Failed delegated event 0xC4000061, Status 0x2 Unhandled Exception in EL3. x30 = 0x0000000000000000 x0 = 0x00000000ff007e00 x1 = 0xfffffffffffffffe x2 = 0x00000000600003c0 x3 = 0x0000000000000000 x4 = 0x0000000000000000 x5 = 0x0000000000000000 x6 = 0x00000000ff015080 x7 = 0x0000000000000000 x8 = 0x00000000c4000061 x9 = 0x0000000000000021 x10 = 0x0000000000000040 x11 = 0x00000000ff00f2b0 x12 = 0x00000000ff0118c0 x13 = 0x0000000000000002 x14 = 0x00000000ff016b70 x15 = 0x00000000ff003f20 x16 = 0x0000000000000044 x17 = 0x00000000ff010430 x18 = 0x0000000000000e3c x19 = 0x0000000000000000 More error log please refer to attachment. My question is, 1. Does BL31 need to send 0xC4000061 event to BL32 again? 2. Does current TF-A support to run RAS test? It seems BL31 will crash. Appreciate your help. BRs， Bin Wu

5 years, 2 months

1
0
0 0

Re: [TF-A] BRANCH_PROTECTION

by Varun Wadekar

Hello, Can someone please help clarify? -Varun From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Varun Wadekar via TF-A Sent: Tuesday, April 7, 2020 9:58 PM To: tf-a(a)lists.trustedfirmware.org Cc: Kalyani Chidambaram Vaidyanathan <kalyanic(a)nvidia.com>; Anthony Zhou <anzhou(a)nvidia.com> Subject: [TF-A] BRANCH_PROTECTION External email: Use caution opening links or attachments Hello, Can someone please help me understand if 1. a 'value' of '1' for BRANCH_PROTECTION covers the PAuth protection provided by a value of '2' and/or '3'? 2. there is a way to enable BTI and "pac-ret" at the same time? The docs provide this information. <snip> - ``BRANCH_PROTECTION``: Numeric value to enable ARMv8.3 Pointer Authentication and ARMv8.5 Branch Target Identification support for TF-A BL images themselves. If enabled, it is needed to use a compiler that supports the option ``-mbranch-protection``. Selects the branch protection features to use: - 0: Default value turns off all types of branch protection - 1: Enables all types of branch protection features - 2: Return address signing to its standard level - 3: Extend the signing to include leaf functions The table below summarizes ``BRANCH_PROTECTION`` values, GCC compilation options and resulting PAuth/BTI<https://tegra-sw-opengrok.nvidia.com/source/s?path=PAuth/BTI&project=stage-…> features. +-------+--------------+-------+-----+ | Value | GCC option | PAuth | BTI | +=======+==============+=======+=====+ | 0 | none | N | N | +-------+--------------+-------+-----+ | 1 | standard | Y | Y | +-------+--------------+-------+-----+ | 2 | pac-ret | Y | N | +-------+--------------+-------+-----+ | 3 | pac-ret+leaf | Y | N | +-------+--------------+-------+-----+ This option defaults to 0 and this is an experimental feature. Note that Pointer Authentication is enabled for Non-secure world irrespective of the value of this option if the CPU supports it. <snip> Thanks, Varun ________________________________ This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. ________________________________

5 years, 2 months

1
0
0 0

Trusted Firmware-A 2.3 release candidate tags created

by Bipin Ravi

All, We have applied the release candidate tags(v2.3-rc0<https://git.trustedfirmware.org/TF-A/tf-a-tests.git/tag/?h=v2.3-rc0>) to the TF-A source and TF-A tests trees as part of the upcoming TF-A v2.3 release. Please use these tags to perform any platform specific tests planned. https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/ https://git.trustedfirmware.org/TF-A/tf-a-tests.git/ Thanks & best regards, [cid:image001.jpg@01D60DB5.48537900] Bipin Ravi | Principal Design Enginee Bipin.ravi(a)arm.com<mailto:Bipin.ravi@arm.com> | Skype: Bipin.Ravi.ARM Direct: +1-512-225 -1071 | Mobile: +1-214-212-0794 5707 Southwest Parkway, Suite 100, Austin, TX 78735

5 years, 2 months

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 3 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 355490: Uninitialized variables (UNINIT) /plat/brcm/board/stingray/src/paxb.c: 516 in pcie_cores_init() ________________________________________________________________________________________________________ *** CID 355490: Uninitialized variables (UNINIT) /plat/brcm/board/stingray/src/paxb.c: 516 in pcie_cores_init() 510 511 pcie_core_soft_reset(core_idx); 512 513 VERBOSE("PCIe core %u is powered up\n", core_idx); 514 } 515 >>> CID 355490: Uninitialized variables (UNINIT) >>> Using uninitialized value "ret". 516 return ret; 517 } 518 519 void paxb_rc_cfg_write(unsigned int core_idx, unsigned int where, 520 uint32_t val) 521 { ** CID 355489: Control flow issues (NO_EFFECT) /plat/brcm/board/stingray/src/bl2_setup.c: 685 in plat_bcm_bl2_plat_arch_setup() ________________________________________________________________________________________________________ *** CID 355489: Control flow issues (NO_EFFECT) /plat/brcm/board/stingray/src/bl2_setup.c: 685 in plat_bcm_bl2_plat_arch_setup() 679 EMMC_ERASE_PARTITION); 680 #endif 681 682 bcm_board_detect(); 683 #ifdef DRIVER_EMMC_ENABLE 684 /* Initialize the card, if it is not */ >>> CID 355489: Control flow issues (NO_EFFECT) >>> This less-than-zero comparison of an unsigned value is never true. "bcm_emmc_init(true) < 0U". 685 if (bcm_emmc_init(true) < 0) 686 WARN("eMMC Card Initialization Failed!!!\n"); 687 #endif 688 689 #if BL2_TEST_I2C 690 i2c_test(); ** CID 355488: (VARARGS) /plat/brcm/board/common/bcm_elog.c: 251 in bcm_elog() /plat/brcm/board/common/bcm_elog.c: 253 in bcm_elog() /plat/brcm/board/common/bcm_elog.c: 241 in bcm_elog() /plat/brcm/board/common/bcm_elog.c: 234 in bcm_elog() /plat/brcm/board/common/bcm_elog.c: 223 in bcm_elog() /plat/brcm/board/common/bcm_elog.c: 239 in bcm_elog() ________________________________________________________________________________________________________ *** CID 355488: (VARARGS) /plat/brcm/board/common/bcm_elog.c: 251 in bcm_elog() 245 case 'l': 246 bit64 = 1; 247 fmt++; 248 goto loop; 249 case 'u': 250 if (bit64) >>> CID 355488: (VARARGS) >>> Calling va_arg on va_list "args", which has not been prepared with va_start(). 251 unum = va_arg(args, uint64_t); 252 else 253 unum = va_arg(args, uint32_t); 254 255 elog_unsigned_num(elog, unum, 10); 256 break; /plat/brcm/board/common/bcm_elog.c: 253 in bcm_elog() 247 fmt++; 248 goto loop; 249 case 'u': 250 if (bit64) 251 unum = va_arg(args, uint64_t); 252 else >>> CID 355488: (VARARGS) >>> Calling va_arg on va_list "args", which has not been prepared with va_start(). 253 unum = va_arg(args, uint32_t); 254 255 elog_unsigned_num(elog, unum, 10); 256 break; 257 default: 258 /* Exit on any other format specifier */ /plat/brcm/board/common/bcm_elog.c: 241 in bcm_elog() 235 elog_string(elog, str); 236 break; 237 case 'x': 238 if (bit64) 239 unum = va_arg(args, uint64_t); 240 else >>> CID 355488: (VARARGS) >>> Calling va_arg on va_list "args", which has not been prepared with va_start(). 241 unum = va_arg(args, uint32_t); 242 243 elog_unsigned_num(elog, unum, 16); 244 break; 245 case 'l': 246 bit64 = 1; /plat/brcm/board/common/bcm_elog.c: 234 in bcm_elog() 228 } else 229 unum = (unsigned long)num; 230 231 elog_unsigned_num(elog, unum, 10); 232 break; 233 case 's': >>> CID 355488: (VARARGS) >>> Calling va_arg on va_list "args", which has not been prepared with va_start(). 234 str = va_arg(args, char *); 235 elog_string(elog, str); 236 break; 237 case 'x': 238 if (bit64) 239 unum = va_arg(args, uint64_t); /plat/brcm/board/common/bcm_elog.c: 223 in bcm_elog() 217 switch (*fmt) { 218 case 'i': /* Fall through to next one */ 219 case 'd': 220 if (bit64) 221 num = va_arg(args, int64_t); 222 else >>> CID 355488: (VARARGS) >>> Calling va_arg on va_list "args", which has not been prepared with va_start(). 223 num = va_arg(args, int32_t); 224 225 if (num < 0) { 226 elog_putchar(elog, '-'); 227 unum = (unsigned long)-num; 228 } else /plat/brcm/board/common/bcm_elog.c: 239 in bcm_elog() 233 case 's': 234 str = va_arg(args, char *); 235 elog_string(elog, str); 236 break; 237 case 'x': 238 if (bit64) >>> CID 355488: (VARARGS) >>> Calling va_arg on va_list "args", which has not been prepared with va_start(). 239 unum = va_arg(args, uint64_t); 240 else 241 unum = va_arg(args, uint32_t); 242 243 elog_unsigned_num(elog, unum, 16); 244 break; ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/ls/click?upn=nJaKvJSIH-2FPAfmty-2BK5tYpPkl…

5 years, 2 months

1
0
0 0

BRANCH_PROTECTION

by Varun Wadekar

Hello, Can someone please help me understand if 1. a 'value' of '1' for BRANCH_PROTECTION covers the PAuth protection provided by a value of '2' and/or '3'? 2. there is a way to enable BTI and "pac-ret" at the same time? The docs provide this information. <snip> - ``BRANCH_PROTECTION``: Numeric value to enable ARMv8.3 Pointer Authentication and ARMv8.5 Branch Target Identification support for TF-A BL images themselves. If enabled, it is needed to use a compiler that supports the option ``-mbranch-protection``. Selects the branch protection features to use: - 0: Default value turns off all types of branch protection - 1: Enables all types of branch protection features - 2: Return address signing to its standard level - 3: Extend the signing to include leaf functions The table below summarizes ``BRANCH_PROTECTION`` values, GCC compilation options and resulting PAuth/BTI<https://tegra-sw-opengrok.nvidia.com/source/s?path=PAuth/BTI&project=stage-…> features. +-------+--------------+-------+-----+ | Value | GCC option | PAuth | BTI | +=======+==============+=======+=====+ | 0 | none | N | N | +-------+--------------+-------+-----+ | 1 | standard | Y | Y | +-------+--------------+-------+-----+ | 2 | pac-ret | Y | N | +-------+--------------+-------+-----+ | 3 | pac-ret+leaf | Y | N | +-------+--------------+-------+-----+ This option defaults to 0 and this is an experimental feature. Note that Pointer Authentication is enabled for Non-secure world irrespective of the value of this option if the CPU supports it. <snip> Thanks, Varun ----------------------------------------------------------------------------------- This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. -----------------------------------------------------------------------------------

5 years, 2 months

1
0
0 0

Re: [TF-A] TF-A Tech Forum @ Thu 9 Apr 2020 17:00 - 18:00 (GMT) - Special session on Project Maintenance Proposal for tf.org

by Joanna Farley

I realise non TF-A people may not have access to session conference details. These can be found here: https://lists.trustedfirmware.org/pipermail/tf-a/2020-March/000330.html From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Joanna Farley via TF-A <tf-a(a)lists.trustedfirmware.org> Reply to: Joanna Farley <Joanna.Farley(a)arm.com> Date: Tuesday, 7 April 2020 at 18:10 To: tf-a <tf-a(a)lists.trustedfirmware.org> Cc: "tsc(a)lists.trustedfirmware.org" <tsc(a)lists.trustedfirmware.org>, "tf-m(a)lists.trustedfirmware.org" <tf-m(a)lists.trustedfirmware.org>, "op-tee(a)linaro.org" <op-tee(a)linaro.org> Subject: [TF-A] TF-A Tech Forum @ Thu 9 Apr 2020 17:00 - 18:00 (GMT) - Special session on Project Maintenance Proposal for tf.org Hi All, The third TF-A Tech Forum is scheduled for Thu 9th Apr 2020 17:00 - 18:00 (GMT). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. For this special session I have also copied the TF-M, TSC and OPTEE mailing lists as the subject may interest the people subscribed to those lists as there is a cross mailing list discussion currently ongoing. Agenda: * Overview of the Project Maintenance Proposal for tf.org Projects by Sandrine Bailleux * Optional TF-A Mailing List Topic Discussions Thanks Joanna IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 2 months

1
0
0 0

TF-A Tech Forum @ Thu 9 Apr 2020 17:00 - 18:00 (GMT) - Special session on Project Maintenance Proposal for tf.org

by Joanna Farley

Hi All, The third TF-A Tech Forum is scheduled for Thu 9th Apr 2020 17:00 - 18:00 (GMT). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know. For this special session I have also copied the TF-M, TSC and OPTEE mailing lists as the subject may interest the people subscribed to those lists as there is a cross mailing list discussion currently ongoing. Agenda: * Overview of the Project Maintenance Proposal for tf.org Projects by Sandrine Bailleux * Optional TF-A Mailing List Topic Discussions Thanks Joanna IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 2 months

1
0
0 0

Re: [TF-A] [TF-TSC] [TF-M] Project Maintenance Proposal for tf.org Projects

by Sandrine Bailleux

Hi Joakim, On 4/2/20 10:18 AM, Joakim Bech via TF-A wrote: > Hi Sandrine, > > On Wed, Apr 01, 2020 at 11:46:20AM +0200, Sandrine Bailleux wrote: >> Hi Joakim, >> >> On 4/1/20 10:08 AM, Joakim Bech via TSC wrote: >>> How that works in practice is that all OP-TEE maintainers are adding >>> their "Tested-by" (see example [2]) tag for the platform they maintain >>> when we're doing a release. If there are platforms with no "Tested-by" >>> tag, then they simply end up with the "last known version". >> >> I think that's a very good idea! >> > The "Tested-by" part for OP-TEE releases has been working pretty good, > not sure how scalable it is the long run though. To give some more > info regarding the "last known version", we even at one point had some > stop-light for that. I.e. if a maintainer missed testing a release once, > then it became "orange". If missed twice, then it became "red" and we > showed last know supported version. But we dropped that idea a short > while after introducing it. May I know why you dropped the idea? Was it too much maintenance? If that's the reason I guess again this could be addressed with some automation work (generating the stop-light status from the commit message info). >>> However, to keep that up-to-date, it requires some discipline from the >>> people maintaining such a table ... something that we in the OP-TEE >>> project haven't been very good at :) >> >> Can't this be automated, such that it doesn't need to be manually kept >> up-to-date? I imagine we could have some tools generating the platform >> support table out of such a commit message. >> > Indeed it could, it's just a matter of doing some scripting if one > doesn't want to do it manually. I already have Python scripts pulling > all tags from GitHub pull requests. But there are of course several > other ways how one could pull that kind of information. Regards, Sandrine

5 years, 2 months

2
1
0 0

Re: [TF-A] [EXTERNAL] [TF-M] Project Maintenance Proposal for tf.org Projects

by Sandrine Bailleux

Hi Erik, On 4/1/20 9:24 PM, Shreve, Erik via TF-A wrote: > Sandrine, > > To clarify on functionality vs. support. I listed out a support life cycle consisting of the following states: > Fully Supported > Orphan > Out of Date > Deprecated > These states are intended to have nothing to do with functionality, but only the support offered for the functionality that currently exists for a platform. > > I think I may have confused things when I listed "Functional Support" as the heading to represent "Functionality." > I'm proposing that the supported "Functionality" should be documented in a standard way (within a project) for every platform. > > I do agree this could be burdensome to keep up with. But that is why I suggested that the project's feature list be versioned. The platform's supported feature list document would reference the version of the project feature list used. Platform maintainers then don' t have to continuously update the document. But it will be clear how long it has been since they did update and thus what information may be missing. Versioning the feature list document is also why I mentioned that the project version number may want to adopt a version number scheme where feature changes are represented by a certain part of the version number. For example Semantic Versioning 2.0.0: https://semver.org/. Hope that clarifies the intent? For implementation of this I'm imagining each project could create a supported_feature_list.rst file and each platform would copy that file into their platform doc folder and fill it in. I'm not saying that approach would be required at tf.org level, just sharing to further illustrate. > > That said, perhaps the implementation details for a project would not warrant such a document per platform? My primary concern around this is misuse/misconfiguration. If a platform doesn't support a feature or configuration it may not be obvious to a user unless an error is generated at build or run-time. OK, I think I get the idea now, thanks for the explanations. This looks reasonable to me. The idea of keeping a project's feature list being mirrored and filled in per platform sounds like something we would want to enforce at the tf.org level IMO. At the same time, this could also be handled at the build system level as you pointed out, or more precisely by the configuration manager. I am thinking about the Linux kernel, where support for a particular feature is handled (and documented) through the KConfig system. This might be a more scalable approach. And it doesn't prevent us from also auto-generating some feature list out of the Kconfig files for making this information more accessible to users. > My secondary concern is being able to consistently track tickets/bugs with features. Thus, I'm recommending that the features on that list be used with the ticket/issue system by feature name. This would allow users to find all bugs for Feature X on Platform Y in Project Z. > Related to that, when I mentioned "tags." I wasn't thinking of Git tags, but "labels" in the ticket/issue tracking system(s). Different systems work differently for labeling/categorizing issues, but the goal is to provide a consistent way (per project) to find issues related to a feature on a platform. > > If requiring a feature list it is too much at the tf.org level then I'll be satisfied to push for that kind of documentation in the projects or platforms I'm involved in if/as appropriate. Yes, good point, I think it would be desirable to be able to tie tickets to some specific platform/feature/version. And I think it makes sense to unify this across tf.org projects. > Regarding the other conversational tidbits: > > Thanks for pointing out that the original proposal does say "builds all configurations supported by this platform" under "Fully Supported." I can see the intention here now. Substituting "features" for "configurations" would broaden the meaning a bit. OK, I will change the wording, thanks for the suggestion. > You said: "I am starting to think that we need a list of items to be defined per project." > Yes, this sounds like a great idea. > > My original mention of wanting a "stronger standard put forth for platform documentation" was a response to seeing "Limited Support" in the original proposal allowing documentation to fall out of date. > > > Hope that clarifies some of my thoughts. If not, I'm happy to continue the discussion. Thanks again for taking feedback! > > Erik Shreve, PSEM > Software Security Engineer & Architect (CMCU Platform Development) > > -----Original Message----- > From: Sandrine Bailleux [mailto:sandrine.bailleux@arm.com] > Sent: Wednesday, April 01, 2020 4:18 AM > To: Shreve, Erik; tf-a; tf-m(a)lists.trustedfirmware.org; tsc(a)lists.trustedfirmware.org; op-tee(a)linaro.org > Cc: nd(a)arm.com > Subject: Re: [EXTERNAL] [TF-M] Project Maintenance Proposal for tf.org Projects > > Hello Erik, > > Thanks for the feedback. > > On 3/26/20 3:37 PM, Shreve, Erik wrote: >> Sandrine, >> >> Really glad to see this being pulled together. A couple of areas of feedback around the Platform Support Life Cycle. >> >> As previously mentioned there are two orthogonal concerns captured in the current life cycle: Support and Functionality. >> I'd like to see these split out. > > Yes, you are the second person to mention that and I agree with you > both. Unless someone disagrees, I intend to update the proposal and > separate these 2 concepts in the next version of the document. > >> For functionality, chip vendors may not have a business case for supporting all features on a given platform but they may provide full support for the features they have chosen to include. >> A simple example would be supporting PSA FF Isolation Level 1 only due to lack of HW isolation support needed to achieve Isolation Level 2 or greater. > > I completely agree. It would not make sense to support all features on > all platforms just for the sake of completeness. Each platform ought to > implement what is relevant in its case. > > That's what the current proposal tried to convey: a fully supported > platform must "build all configurations *supported by this platform*" > and "All *supported* configurations are tested in the CI". The key word > here is supported and that would be defined by the platform itself. But > I can see that maybe this wasn't clear enough. Your proposal below makes > that a lot clearer. > >> Also, I'd like to see a stronger standard put forth for platform documentation. If a platform is "supported," I believe the documentation should be complete and accurate. A lack of complete and clear documentation leaves open a wide door for misuse/misconfiguration which could result in a vulnerable system. > > Fair point. > > But is it something we should include in this proposal or should we push > it to a separate document setting expectations for the project's > documentation, which the current general proposal could refer to (as in, > "the platform should provide quality documentation up to the project's > criteria defined in document XXX')? > > This is definitely an important topic but I am wary of keeping the > tf.org proposal concise and focused at this point. I am worried that if > we put too much stuff in it discussions will diverge too much and we > might never reach an agreement. > > The same applies to testing standards for example, we could detail that > in the proposal or simply leave it to projects to define it separately. > >> Here is a more concrete proposal: >> >> Functional Support: >> Each project shall provide a standard feature or functionality list. >> Each platform shall include in its documentation a copy of this list with the supported functionality marked as supported. >> The platform documentation may reference a ticket if support is planned but not yet present. >> The platform documentation shall explicitly state if a feature or function has no plans for support. > > Regarding the last item, this would require all platform maintainers to > update their documentation every time a new feature is added to the > project's global list of features. This seems too much of a constraint > and unnecessary maintenance burden to me. > > I think a better, more lightweight alternative might be to let platform > maintainers list what's supported and if some feature is not listed, it > implies that it is not supported. This does not prevent platform > maintainers from indicating their future plans of supporting a feature > if they want to. > >> The feature/functionality list shall be versioned, with the version tied to the release version(s) of the project. >> In this way, it will be clear if a platform was last officially updated for version X but the project is currently at version Y > X. > > I can see that Joakim Bech proposed something similar, with more details > about how this was implemented for OP-TEE. > >> Note: projects will need to adopt (if they have not already) a version scheme that distinguishes between feature updates and bug fixes. > > Sorry I didn't get this, could you please elaborate? > >> Each project and platform shall use tags or similar functionality on tickets to associate tickets to features/functionality and platforms. >> If the names of tags can't match the name of the feature or platform exactly then a mapping shall be provided in the appropriate document(s). > > If there's no appropriate tag in some cases, I guess we could always use > a git SHA1 of a specific commit. > >> Life Cycle State >> >> Fully Supported >> There is (at least) one active code owner for this platform. >> All supported features build and either all tests pass or failures are associated with tracked known issues. >> Other (not associated to a test) Known Issues are tracked >> Documentation is up to date >> >> Note: Projects should document standards on how "active" code ownership is measured and >> further document standards on how code owners are warned about impending life cycle state changes. > > Yes, good point, that is currently undefined in the proposal but I agree > that it needs defining per project. I will add an item in the last > section of the document. > > I am starting to think that we need a list of items to be defined per > project. This list would complement the general tf.org proposal. Things > like code owners/maintainers activity, code review timelines, and so on. > >> >> Orphan >> There is no active code owner >> All supported features build and either all tests pass or failures are associated with tracked known issues. >> Other (not associated to a test) Known Issues may not have been maintained (as there is no active code owner) >> Documentation status is unclear since there is no active code owner. >> There has been no change to the feature/functionality list in the project since the platform was last "Fully Supported" > > I am confused, you said earlier that you would like to see the concepts > of support and functionality split out, but here you're listing 'orphan' > as one of the possible states... Did I miss your point? > >> Out of date >> Same as orphan, but either: >> there have been changes to the feature/functionality list, or >> there are failing tests without tracked tickets, or >> there are known documentation issues. >> >> Deprecated >> Same as Out of Date, but the build is broken. Platform may be removed from the project codebase in the future. >> >> Erik Shreve, PSEM >> Software Security Engineer & Architect (CMCU Platform Development)

5 years, 2 months

1
0
0 0

Re: [TF-A] fconf: Validating config data

by Louis Mayencourt

Hi Raghu, I do agree with you: case 2 and 3 are similar (wrongly formed DTB) and should lead to the same behavior. A mandatory property miss or a hit with a structurally incorrect node means that the DTB doesn't follow the provided binding document. Such a DTB shouldn't be considered as valid and should trigger a build failure and/or a code panic. With the current implementation, case 2 and 3 are similar. The property_getter() functions expect a specific format of the node. If a node is not found or structurally incorrect, the function will return an error code, which will lead to a panic(). regards, Louis ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 06 April 2020 19:51 To: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: Re: [TF-A] fconf: Validating config data Thanks Louis. This new terminology helps. Let me spell this out again just to make sure we're on the same page. The following are the cases: 1) Mandatory Property hit, nodes are structurally correct - Works normally. 2) Mandatory Property hit, nodes are structurally *incorrect* - Asserts should catch structural issues during development because system integrator expected to not make mistakes with number of nodes etc. 3) Mandatory Property miss - Panic(). Why is this case causing a panic, but not case 2? You are allowing for some one to make the mistake of not having a mandatory property, but assume that if a mandatory property is present, it is always structurally sound. This is the part i have a problem with. In my view case 2 and case 3 should panic and code should not just assert on mandatory properties and must ALWAYS check for structural soundness of an FDT property. Similarly there are 3 cases for optional properties. My question: Why does case 3 panic, but not case 2 ? It sounds like your assumption is that case 2 cannot happen. If case 2 cannot happen, i claim that case 3 cannot happen either. Let me know what you think! Thanks Raghu On 4/6/20 3:57 AM, Louis Mayencourt via TF-A wrote: > Hi Raghu, > > Let me try to clarify/reword my idea: > > We complete the fconf documentation with a binding document, which > defines the nodes that should be present in the config DTB to consider > it as valid/well-formed. The document contains two kinds of node: > > * mandatory (critical): the firmware can't proceed without this > information (example: load address, image UUID, ...). If this node > is not present in the DTS, the build fails and/or the code panic. > > * optional (no-critical): the firmware can assume or assign a default > value and proceed (example: uart config, enable authentication flag, > ...). Such a property is used to influence the default behavior of > the firmware. > > />> This is non-deterministic failure./ > The miss of a mandatory (critical) node will always lead to a build > failure / code panic. > The miss of an optional (no-critical) node should not influence the > default behavior of the firmware. > > />> Is it not confusing to make the assumption that a DTB is "well > formed",i.e expect the build process/integrator to not mess up the >>> structure or number of nodes but allow the same integrator to miss a critical property in the DTB?/ > A DTB with a missing mandatory (critical) property should not be > considered well formed. > > />> If there is a missing critical property, is that not a badly formed > DTB?/ > With the above definition, it is. > > />> And if so, why not check for badly formed DTB's uniformly in code > and why only check for missing "critical" properties?/ > With the rewording of "critical" / "no-critical" to "mandatory" / > "optional", I think the situation is clearer: A DTB with a missing > "optional" node/property is is still considered well-formed. > > I hope I answered your questions and clarify the idea behind the design. > > regards, > Louis > > ------------------------------------------------------------------------ > *From:* Raghu Krishnamurthy <raghu.ncstate(a)icloud.com> > *Sent:* 05 April 2020 00:06 > *To:* Louis Mayencourt <Louis.Mayencourt(a)arm.com> > *Subject:* Re: [TF-A] fconf: Validating config data > Thanks Louis. > >>you can imagine a well-formed DTB which contain a > >>critical set of properties and can contain some optional properties. > > This makes things even more confusing. The assumption we are asking code > to make is that the DTB is always "well formed", ie don't check for > structural issues such as extra nodes etc, but we are still making the > distinctions between critical and non-critical properties, that may or > may not exist in the DTB, which may or may not cause a panic. This is > non-deterministic failure. > Is it not confusing to make the assumption that a DTB is "well > formed",i.e expect the build process/integrator to not mess up the > structure or number of nodes but allow the same integrator to miss a > critical property in the DTB? If there is a missing critical property, > is that not a badly formed DTB ? And if so, why not check for badly > formed DTB's uniformly in code and why only check for missing "critical" > properties? > > -Raghu > > On 4/3/20 3:16 AM, Louis Mayencourt wrote: >> Hi Raghu, >> >> I do agree that we need something similar to a binding document for >> fconf properties. (similar to >> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3694/2/docs/…). > >> At least for the common properties. >> >> The main idea behind the return code of the populator function was to >> allow the code to handle no-critical property misses or to handle >> critical failure by calling a platform hook. >> With this in mind, you can imagine a well-formed DTB which contain a >> critical set of properties and can contain some optional properties. The >> return code and the populator "name" / "config" can be used to handle >> this two cases. >> >> I tried to keep the design of fconf really simple, to leave room for >> improvement according to feedbacks. Thanks for helping improving it! >> >> Regards, >> Louis >> ------------------------------------------------------------------------ >> *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Raghu >> Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> >> *Sent:* 03 April 2020 10:15 >> *To:* tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> >> *Subject:* Re: [TF-A] fconf: Validating config data >> A further point is that the fconf populators return an error code and >> panics on error today. But if we are making the assumption that the >> DTB's are well formed, do we really need to fail or even return an error >> code? >> >> -Raghu >> >> On 4/3/20 1:51 AM, Raghu Krishnamurthy via TF-A wrote: >>> Hi All, (Sorry for the long email) >>> >>> The review >>> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3845 >>> attempts to fix bounds check in the fconf populator code for the >>> topology and SP's. During review, Sandrine thoughtfully pointed out that >>> there were discussions around bounds check along the same lines in the >>> review >>> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3492 and >>> it was deemed sufficient to have assertions in code and it was safe to >>> make the assumption that the DTB is always well formed and contains >>> valid values. I think this email mostly echoes Sandrine's concern from >>> review 3492. >>> >>> While i agree with the assumptions, I am generally of the opinion that >>> we should validate/range-check any data, even if it is signed. Being >>> signed does not necessarily mean the data is well formed/valid. If there >>> is a mistake in the build process and it is validly signed, it is >>> possible that we silently corrupt state/data that could later be used to >>> exploit firmware and/or make debugging hard. This is probably far >>> fetched, but the cost of adding the check is trivial to avoid this >>> possibility. >>> >>> I imagine the case where you have secure partitions signed by different >>> entity other than the silicon provider(dual root-of-trust). A silicon >>> provider provides a dev system for the SP provider to test and validate >>> the SP's on silicon. The silicon has production firmware(and hence no >>> assertions), but loads signed data from the SP provider which has some >>> invalid values. There could be silent corruption without any indication >>> whatsoever about what went wrong and it may be hard to debug if/when >>> there are issues. >>> Also, testing does not necessarily catch all invalid values since you >>> will likely not get 100% coverage, given the number of config options >>> available. Moreover, the code today, is not consistent in asserting on >>> every property for valid values and the failure mode is not >>> consistent/deterministic. It seems like every config option should have >>> a list of valid values or a range of acceptable values that must be at a >>> minimum asserted on. >>> I also wouldn't discount platforms such as RPI, where TRUSTED_BOARD_BOOT >>> is likely to be turned off since it really does not provide any >>> security, so assuming we always have signed data might not be valid. >>> >>> Anyway, is this decision worth revisiting? Too paranoid perhaps? :P >>> >>> >>> Thanks >>> Raghu >> -- >> TF-A mailing list >> TF-A(a)lists.trustedfirmware.org >> https://lists.trustedfirmware.org/mailman/listinfo/tf-a >> IMPORTANT NOTICE: The contents of this email and any attachments are >> confidential and may also be privileged. If you are not the intended >> recipient, please notify the sender immediately and do not disclose the >> contents to any other person, use it for any purpose, or store or copy >> the information in any medium. Thank you. > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy > the information in any medium. Thank you. > -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 2 months

1
0
0 0

Re: [TF-A] fconf: Validating config data

by Raghu Krishnamurthy

Thanks Louis. This new terminology helps. Let me spell this out again just to make sure we're on the same page. The following are the cases: 1) Mandatory Property hit, nodes are structurally correct - Works normally. 2) Mandatory Property hit, nodes are structurally *incorrect* - Asserts should catch structural issues during development because system integrator expected to not make mistakes with number of nodes etc. 3) Mandatory Property miss - Panic(). Why is this case causing a panic, but not case 2? You are allowing for some one to make the mistake of not having a mandatory property, but assume that if a mandatory property is present, it is always structurally sound. This is the part i have a problem with. In my view case 2 and case 3 should panic and code should not just assert on mandatory properties and must ALWAYS check for structural soundness of an FDT property. Similarly there are 3 cases for optional properties. My question: Why does case 3 panic, but not case 2 ? It sounds like your assumption is that case 2 cannot happen. If case 2 cannot happen, i claim that case 3 cannot happen either. Let me know what you think! Thanks Raghu On 4/6/20 3:57 AM, Louis Mayencourt via TF-A wrote: > Hi Raghu, > > Let me try to clarify/reword my idea: > > We complete the fconf documentation with a binding document, which > defines the nodes that should be present in the config DTB to consider > it as valid/well-formed. The document contains two kinds of node: > > * mandatory (critical): the firmware can't proceed without this > information (example: load address, image UUID, ...). If this node > is not present in the DTS, the build fails and/or the code panic. > > * optional (no-critical): the firmware can assume or assign a default > value and proceed (example: uart config, enable authentication flag, > ...). Such a property is used to influence the default behavior of > the firmware. > > />> This is non-deterministic failure./ > The miss of a mandatory (critical) node will always lead to a build > failure / code panic. > The miss of an optional (no-critical) node should not influence the > default behavior of the firmware. > > />> Is it not confusing to make the assumption that a DTB is "well > formed",i.e expect the build process/integrator to not mess up the >>> structure or number of nodes but allow the same integrator to miss a critical property in the DTB?/ > A DTB with a missing mandatory (critical) property should not be > considered well formed. > > />> If there is a missing critical property, is that not a badly formed > DTB?/ > With the above definition, it is. > > />> And if so, why not check for badly formed DTB's uniformly in code > and why only check for missing "critical" properties?/ > With the rewording of "critical" / "no-critical" to "mandatory" / > "optional", I think the situation is clearer: A DTB with a missing > "optional" node/property is is still considered well-formed. > > I hope I answered your questions and clarify the idea behind the design. > > regards, > Louis > > ------------------------------------------------------------------------ > *From:* Raghu Krishnamurthy <raghu.ncstate(a)icloud.com> > *Sent:* 05 April 2020 00:06 > *To:* Louis Mayencourt <Louis.Mayencourt(a)arm.com> > *Subject:* Re: [TF-A] fconf: Validating config data > Thanks Louis. > >>you can imagine a well-formed DTB which contain a > >>critical set of properties and can contain some optional properties. > > This makes things even more confusing. The assumption we are asking code > to make is that the DTB is always "well formed", ie don't check for > structural issues such as extra nodes etc, but we are still making the > distinctions between critical and non-critical properties, that may or > may not exist in the DTB, which may or may not cause a panic. This is > non-deterministic failure. > Is it not confusing to make the assumption that a DTB is "well > formed",i.e expect the build process/integrator to not mess up the > structure or number of nodes but allow the same integrator to miss a > critical property in the DTB? If there is a missing critical property, > is that not a badly formed DTB ? And if so, why not check for badly > formed DTB's uniformly in code and why only check for missing "critical" > properties? > > -Raghu > > On 4/3/20 3:16 AM, Louis Mayencourt wrote: >> Hi Raghu, >> >> I do agree that we need something similar to a binding document for >> fconf properties. (similar to >> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3694/2/docs/…). > >> At least for the common properties. >> >> The main idea behind the return code of the populator function was to >> allow the code to handle no-critical property misses or to handle >> critical failure by calling a platform hook. >> With this in mind, you can imagine a well-formed DTB which contain a >> critical set of properties and can contain some optional properties. The >> return code and the populator "name" / "config" can be used to handle >> this two cases. >> >> I tried to keep the design of fconf really simple, to leave room for >> improvement according to feedbacks. Thanks for helping improving it! >> >> Regards, >> Louis >> ------------------------------------------------------------------------ >> *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Raghu >> Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> >> *Sent:* 03 April 2020 10:15 >> *To:* tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> >> *Subject:* Re: [TF-A] fconf: Validating config data >> A further point is that the fconf populators return an error code and >> panics on error today. But if we are making the assumption that the >> DTB's are well formed, do we really need to fail or even return an error >> code? >> >> -Raghu >> >> On 4/3/20 1:51 AM, Raghu Krishnamurthy via TF-A wrote: >>> Hi All, (Sorry for the long email) >>> >>> The review >>> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3845 >>> attempts to fix bounds check in the fconf populator code for the >>> topology and SP's. During review, Sandrine thoughtfully pointed out that >>> there were discussions around bounds check along the same lines in the >>> review >>> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3492 and >>> it was deemed sufficient to have assertions in code and it was safe to >>> make the assumption that the DTB is always well formed and contains >>> valid values. I think this email mostly echoes Sandrine's concern from >>> review 3492. >>> >>> While i agree with the assumptions, I am generally of the opinion that >>> we should validate/range-check any data, even if it is signed. Being >>> signed does not necessarily mean the data is well formed/valid. If there >>> is a mistake in the build process and it is validly signed, it is >>> possible that we silently corrupt state/data that could later be used to >>> exploit firmware and/or make debugging hard. This is probably far >>> fetched, but the cost of adding the check is trivial to avoid this >>> possibility. >>> >>> I imagine the case where you have secure partitions signed by different >>> entity other than the silicon provider(dual root-of-trust). A silicon >>> provider provides a dev system for the SP provider to test and validate >>> the SP's on silicon. The silicon has production firmware(and hence no >>> assertions), but loads signed data from the SP provider which has some >>> invalid values. There could be silent corruption without any indication >>> whatsoever about what went wrong and it may be hard to debug if/when >>> there are issues. >>> Also, testing does not necessarily catch all invalid values since you >>> will likely not get 100% coverage, given the number of config options >>> available. Moreover, the code today, is not consistent in asserting on >>> every property for valid values and the failure mode is not >>> consistent/deterministic. It seems like every config option should have >>> a list of valid values or a range of acceptable values that must be at a >>> minimum asserted on. >>> I also wouldn't discount platforms such as RPI, where TRUSTED_BOARD_BOOT >>> is likely to be turned off since it really does not provide any >>> security, so assuming we always have signed data might not be valid. >>> >>> Anyway, is this decision worth revisiting? Too paranoid perhaps? :P >>> >>> >>> Thanks >>> Raghu >> -- >> TF-A mailing list >> TF-A(a)lists.trustedfirmware.org >> https://lists.trustedfirmware.org/mailman/listinfo/tf-a >> IMPORTANT NOTICE: The contents of this email and any attachments are >> confidential and may also be privileged. If you are not the intended >> recipient, please notify the sender immediately and do not disclose the >> contents to any other person, use it for any purpose, or store or copy >> the information in any medium. Thank you. > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy > the information in any medium. Thank you. >

5 years, 2 months

1
0
0 0

Re: [TF-A] fconf: Validating config data

by Louis Mayencourt

Hi Raghu, Let me try to clarify/reword my idea: We complete the fconf documentation with a binding document, which defines the nodes that should be present in the config DTB to consider it as valid/well-formed. The document contains two kinds of node: * mandatory (critical): the firmware can't proceed without this information (example: load address, image UUID, ...). If this node is not present in the DTS, the build fails and/or the code panic. * optional (no-critical): the firmware can assume or assign a default value and proceed (example: uart config, enable authentication flag, ...). Such a property is used to influence the default behavior of the firmware. >> This is non-deterministic failure. The miss of a mandatory (critical) node will always lead to a build failure / code panic. The miss of an optional (no-critical) node should not influence the default behavior of the firmware. >> Is it not confusing to make the assumption that a DTB is "well formed",i.e expect the build process/integrator to not mess up the >> structure or number of nodes but allow the same integrator to miss a critical property in the DTB? A DTB with a missing mandatory (critical) property should not be considered well formed. >> If there is a missing critical property, is that not a badly formed DTB? With the above definition, it is. >> And if so, why not check for badly formed DTB's uniformly in code and why only check for missing "critical" properties? With the rewording of "critical" / "no-critical" to "mandatory" / "optional", I think the situation is clearer: A DTB with a missing "optional" node/property is is still considered well-formed. I hope I answered your questions and clarify the idea behind the design. regards, Louis ________________________________ From: Raghu Krishnamurthy <raghu.ncstate(a)icloud.com> Sent: 05 April 2020 00:06 To: Louis Mayencourt <Louis.Mayencourt(a)arm.com> Subject: Re: [TF-A] fconf: Validating config data Thanks Louis. >>you can imagine a well-formed DTB which contain a >>critical set of properties and can contain some optional properties. This makes things even more confusing. The assumption we are asking code to make is that the DTB is always "well formed", ie don't check for structural issues such as extra nodes etc, but we are still making the distinctions between critical and non-critical properties, that may or may not exist in the DTB, which may or may not cause a panic. This is non-deterministic failure. Is it not confusing to make the assumption that a DTB is "well formed",i.e expect the build process/integrator to not mess up the structure or number of nodes but allow the same integrator to miss a critical property in the DTB? If there is a missing critical property, is that not a badly formed DTB ? And if so, why not check for badly formed DTB's uniformly in code and why only check for missing "critical" properties? -Raghu On 4/3/20 3:16 AM, Louis Mayencourt wrote: > Hi Raghu, > > I do agree that we need something similar to a binding document for > fconf properties. (similar to > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3694/2/docs/…). > At least for the common properties. > > The main idea behind the return code of the populator function was to > allow the code to handle no-critical property misses or to handle > critical failure by calling a platform hook. > With this in mind, you can imagine a well-formed DTB which contain a > critical set of properties and can contain some optional properties. The > return code and the populator "name" / "config" can be used to handle > this two cases. > > I tried to keep the design of fconf really simple, to leave room for > improvement according to feedbacks. Thanks for helping improving it! > > Regards, > Louis > ------------------------------------------------------------------------ > *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Raghu > Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> > *Sent:* 03 April 2020 10:15 > *To:* tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> > *Subject:* Re: [TF-A] fconf: Validating config data > A further point is that the fconf populators return an error code and > panics on error today. But if we are making the assumption that the > DTB's are well formed, do we really need to fail or even return an error > code? > > -Raghu > > On 4/3/20 1:51 AM, Raghu Krishnamurthy via TF-A wrote: >> Hi All, (Sorry for the long email) >> >> The review >> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3845 >> attempts to fix bounds check in the fconf populator code for the >> topology and SP's. During review, Sandrine thoughtfully pointed out that >> there were discussions around bounds check along the same lines in the >> review >> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3492 and >> it was deemed sufficient to have assertions in code and it was safe to >> make the assumption that the DTB is always well formed and contains >> valid values. I think this email mostly echoes Sandrine's concern from >> review 3492. >> >> While i agree with the assumptions, I am generally of the opinion that >> we should validate/range-check any data, even if it is signed. Being >> signed does not necessarily mean the data is well formed/valid. If there >> is a mistake in the build process and it is validly signed, it is >> possible that we silently corrupt state/data that could later be used to >> exploit firmware and/or make debugging hard. This is probably far >> fetched, but the cost of adding the check is trivial to avoid this >> possibility. >> >> I imagine the case where you have secure partitions signed by different >> entity other than the silicon provider(dual root-of-trust). A silicon >> provider provides a dev system for the SP provider to test and validate >> the SP's on silicon. The silicon has production firmware(and hence no >> assertions), but loads signed data from the SP provider which has some >> invalid values. There could be silent corruption without any indication >> whatsoever about what went wrong and it may be hard to debug if/when >> there are issues. >> Also, testing does not necessarily catch all invalid values since you >> will likely not get 100% coverage, given the number of config options >> available. Moreover, the code today, is not consistent in asserting on >> every property for valid values and the failure mode is not >> consistent/deterministic. It seems like every config option should have >> a list of valid values or a range of acceptable values that must be at a >> minimum asserted on. >> I also wouldn't discount platforms such as RPI, where TRUSTED_BOARD_BOOT >> is likely to be turned off since it really does not provide any >> security, so assuming we always have signed data might not be valid. >> >> Anyway, is this decision worth revisiting? Too paranoid perhaps? :P >> >> >> Thanks >> Raghu > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy > the information in any medium. Thank you. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 2 months

1
0
0 0

Re: [TF-A] fconf: Validating config data

by Raghu Krishnamurthy

+tf-a list On 4/4/20 4:06 PM, Raghu Krishnamurthy wrote: > Thanks Louis. > >>you can imagine a well-formed DTB which contain a > >>critical set of properties and can contain some optional properties. > > This makes things even more confusing. The assumption we are asking code > to make is that the DTB is always "well formed", ie don't check for > structural issues such as extra nodes etc, but we are still making the > distinctions between critical and non-critical properties, that may or > may not exist in the DTB, which may or may not cause a panic. This is > non-deterministic failure. > Is it not confusing to make the assumption that a DTB is "well > formed",i.e expect the build process/integrator to not mess up the > structure or number of nodes but allow the same integrator to miss a > critical property in the DTB? If there is a missing critical property, > is that not a badly formed DTB ? And if so, why not check for badly > formed DTB's uniformly in code and why only check for missing "critical" > properties? > > -Raghu > > On 4/3/20 3:16 AM, Louis Mayencourt wrote: >> Hi Raghu, >> >> I do agree that we need something similar to a binding document for >> fconf properties. (similar to >> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3694/2/docs/…). >> At least for the common properties. >> >> The main idea behind the return code of the populator function was to >> allow the code to handle no-critical property misses or to handle >> critical failure by calling a platform hook. >> With this in mind, you can imagine a well-formed DTB which contain a >> critical set of properties and can contain some optional properties. >> The return code and the populator "name" / "config" can be used to >> handle this two cases. >> >> I tried to keep the design of fconf really simple, to leave room for >> improvement according to feedbacks. Thanks for helping improving it! >> >> Regards, >> Louis >> ------------------------------------------------------------------------ >> *From:* TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of >> Raghu Krishnamurthy via TF-A <tf-a(a)lists.trustedfirmware.org> >> *Sent:* 03 April 2020 10:15 >> *To:* tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> >> *Subject:* Re: [TF-A] fconf: Validating config data >> A further point is that the fconf populators return an error code and >> panics on error today. But if we are making the assumption that the >> DTB's are well formed, do we really need to fail or even return an error >> code? >> >> -Raghu >> >> On 4/3/20 1:51 AM, Raghu Krishnamurthy via TF-A wrote: >>> Hi All, (Sorry for the long email) >>> >>> The review >>> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3845 >>> attempts to fix bounds check in the fconf populator code for the >>> topology and SP's. During review, Sandrine thoughtfully pointed out >>> that there were discussions around bounds check along the same lines >>> in the review >>> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3492 and >>> it was deemed sufficient to have assertions in code and it was safe >>> to make the assumption that the DTB is always well formed and >>> contains valid values. I think this email mostly echoes Sandrine's >>> concern from review 3492. >>> >>> While i agree with the assumptions, I am generally of the opinion >>> that we should validate/range-check any data, even if it is signed. >>> Being signed does not necessarily mean the data is well formed/valid. >>> If there is a mistake in the build process and it is validly signed, >>> it is possible that we silently corrupt state/data that could later >>> be used to exploit firmware and/or make debugging hard. This is >>> probably far fetched, but the cost of adding the check is trivial to >>> avoid this possibility. >>> >>> I imagine the case where you have secure partitions signed by >>> different entity other than the silicon provider(dual root-of-trust). >>> A silicon provider provides a dev system for the SP provider to test >>> and validate the SP's on silicon. The silicon has production >>> firmware(and hence no assertions), but loads signed data from the SP >>> provider which has some invalid values. There could be silent >>> corruption without any indication whatsoever about what went wrong >>> and it may be hard to debug if/when there are issues. >>> Also, testing does not necessarily catch all invalid values since you >>> will likely not get 100% coverage, given the number of config options >>> available. Moreover, the code today, is not consistent in asserting >>> on every property for valid values and the failure mode is not >>> consistent/deterministic. It seems like every config option should >>> have a list of valid values or a range of acceptable values that must >>> be at a minimum asserted on. >>> I also wouldn't discount platforms such as RPI, where >>> TRUSTED_BOARD_BOOT is likely to be turned off since it really does >>> not provide any security, so assuming we always have signed data >>> might not be valid. >>> >>> Anyway, is this decision worth revisiting? Too paranoid perhaps? :P >>> >>> >>> Thanks >>> Raghu >> -- >> TF-A mailing list >> TF-A(a)lists.trustedfirmware.org >> https://lists.trustedfirmware.org/mailman/listinfo/tf-a >> IMPORTANT NOTICE: The contents of this email and any attachments are >> confidential and may also be privileged. If you are not the intended >> recipient, please notify the sender immediately and do not disclose >> the contents to any other person, use it for any purpose, or store or >> copy the information in any medium. Thank you. >

5 years, 2 months

1
0
0 0

Re: [TF-A] Change in ...trusted-firmware-a[integration]: Check for out-of-bound accesses in the CoT description

by Sandrine Bailleux

Hi Raghu, On 4/3/20 1:38 AM, Raghu Krishnamurthy via TF-A wrote: > Thanks Sandrine. Patches look good. Thanks for the review! > I realized after looking at things a little closer that i had > misunderstood how fconf works for io policies. I thought the image id's > themselves came from the config files and not just the UUID's, which is > why i was worried about bounds check, since the id was coming from an > external source(trusted or untrusted, depending on if it is signed data > or not). > This also made me realize that we are using another table built into > code, to convert from image id to UUID for io policies. Is there a > reason image id's also can't be discovered from the config file? I remember some internal discussions around this topic a few weeks ago. If I recall correctly, the current thinking is that down the line, we would like to move image IDs to DTBs but this looks complicated to achieve today because image IDs are used by several components in TF-A to tie things together. More work would be needed to abstract this properly everywhere. I think other folks in the team (Olivier? Manish? Louis?) might be able to comment further on this. Regards, Sandrine IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years, 2 months

1
0
0 0

Re: [TF-A] fconf: Validating config data

by Raghu Krishnamurthy

A further point is that the fconf populators return an error code and panics on error today. But if we are making the assumption that the DTB's are well formed, do we really need to fail or even return an error code? -Raghu On 4/3/20 1:51 AM, Raghu Krishnamurthy via TF-A wrote: > Hi All, (Sorry for the long email) > > The review > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3845 > attempts to fix bounds check in the fconf populator code for the > topology and SP's. During review, Sandrine thoughtfully pointed out that > there were discussions around bounds check along the same lines in the > review > https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3492 and > it was deemed sufficient to have assertions in code and it was safe to > make the assumption that the DTB is always well formed and contains > valid values. I think this email mostly echoes Sandrine's concern from > review 3492. > > While i agree with the assumptions, I am generally of the opinion that > we should validate/range-check any data, even if it is signed. Being > signed does not necessarily mean the data is well formed/valid. If there > is a mistake in the build process and it is validly signed, it is > possible that we silently corrupt state/data that could later be used to > exploit firmware and/or make debugging hard. This is probably far > fetched, but the cost of adding the check is trivial to avoid this > possibility. > > I imagine the case where you have secure partitions signed by different > entity other than the silicon provider(dual root-of-trust). A silicon > provider provides a dev system for the SP provider to test and validate > the SP's on silicon. The silicon has production firmware(and hence no > assertions), but loads signed data from the SP provider which has some > invalid values. There could be silent corruption without any indication > whatsoever about what went wrong and it may be hard to debug if/when > there are issues. > Also, testing does not necessarily catch all invalid values since you > will likely not get 100% coverage, given the number of config options > available. Moreover, the code today, is not consistent in asserting on > every property for valid values and the failure mode is not > consistent/deterministic. It seems like every config option should have > a list of valid values or a range of acceptable values that must be at a > minimum asserted on. > I also wouldn't discount platforms such as RPI, where TRUSTED_BOARD_BOOT > is likely to be turned off since it really does not provide any > security, so assuming we always have signed data might not be valid. > > Anyway, is this decision worth revisiting? Too paranoid perhaps? :P > > > Thanks > Raghu

5 years, 2 months

1
0
0 0

fconf: Validating config data

by Raghu Krishnamurthy

Hi All, (Sorry for the long email) The review https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3845 attempts to fix bounds check in the fconf populator code for the topology and SP's. During review, Sandrine thoughtfully pointed out that there were discussions around bounds check along the same lines in the review https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3492 and it was deemed sufficient to have assertions in code and it was safe to make the assumption that the DTB is always well formed and contains valid values. I think this email mostly echoes Sandrine's concern from review 3492. While i agree with the assumptions, I am generally of the opinion that we should validate/range-check any data, even if it is signed. Being signed does not necessarily mean the data is well formed/valid. If there is a mistake in the build process and it is validly signed, it is possible that we silently corrupt state/data that could later be used to exploit firmware and/or make debugging hard. This is probably far fetched, but the cost of adding the check is trivial to avoid this possibility. I imagine the case where you have secure partitions signed by different entity other than the silicon provider(dual root-of-trust). A silicon provider provides a dev system for the SP provider to test and validate the SP's on silicon. The silicon has production firmware(and hence no assertions), but loads signed data from the SP provider which has some invalid values. There could be silent corruption without any indication whatsoever about what went wrong and it may be hard to debug if/when there are issues. Also, testing does not necessarily catch all invalid values since you will likely not get 100% coverage, given the number of config options available. Moreover, the code today, is not consistent in asserting on every property for valid values and the failure mode is not consistent/deterministic. It seems like every config option should have a list of valid values or a range of acceptable values that must be at a minimum asserted on. I also wouldn't discount platforms such as RPI, where TRUSTED_BOARD_BOOT is likely to be turned off since it really does not provide any security, so assuming we always have signed data might not be valid. Anyway, is this decision worth revisiting? Too paranoid perhaps? :P Thanks Raghu

5 years, 2 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

TF-A