April 2021 - TF-A - lists.trustedfirmware.org

by Zelalem Aweke

Hi All, We are releasing the first TF-A threat model document. This release provides the baseline for future updates to be applied as required by developments to the TF-A code base. Please review the document provide comments here: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/9627. Thanks, Zelalem

4 years, 1 month

1
0
0 0

Re: [TF-A] [OCP-OSF] Firmware: Sustainability vs planned obsolescence

by François Ozog

Hi Open System Firmware and Trusted Firmware communities have common interests in driving *some* firmware discussions because upstream projects like EDK2, U-Boot and Linux boot greatly benefit from common approaches regardless of processor architecture and early firmware components. The discussion on passing metadata between early firmware components and from early firmware to EDK2/U-Boot/LinuxBoot is typically such a topic. EDK2 is the only project that has defined metadata in the form of Platform Initialization HOBs (chapter 5 of PI spec). U-Boot and LinuxBoot have platform specific techniques to consume that metadata. Let's make sure that at least there is common solution for those two and hope that the result is enticing enough that EDK2 decide to leverage the result one way or the other. Here is a patched repost of the state of discussion after last Trusted Substrate call: Topics where there seem to be consensus - Scope include diverse firmware flows (U-Boot/SPL, TFA, CoreBoot…) on different architectures (Arm, RiscV) - Definitions: The Hand Over Function is the firmware component that hands off to the booted payload = {OS/Hypervisor/Grub/Shim}. - Hand Over Function can be EDK2, U-Boot or LinuxBoot. - The HOF, through ACPI or DT is responsible to describe what shall be controlled and partly how (some parameters) - *There is information that can only be discovered at runtime by diverse early firmware components and needs to be conveyed through the HOF to the booted payload.* - The proposal is to convey that dynamic information in the form of HandOverBlocks (HOBs - generic idea, not the EDK2 construct) whose format is yet to be defined and built as a linked list of objects. The other proposal to use call backs (mmc calls or equivalent) from HOF to firmware is rejected. In Arm architecture, that choice does not preclude some firmware components to use SCMI calls into SCP to obtain authoritative information. - The firmware components shall not care about what is the actual HOF: the format is standard regardless if HOF is EDK2, U-Boot or LinuxBoot. In TF-A words, the HOBs become part of the input ABI for BL33. In the best world, it should be possible for the platform "buyer" to choose the HOF. Characteristics to consider about HOBs: - HOBs can be built by very early components and must fit into highly constrained SRAM - A HOB may be passed between different firmware components, secure and non-secure. - A HOB can be built by secure and non-secure firmware components - An information can have a single format: no alternative representation is allowed. In other words if the information is passed as a data structure it cannot be represented by a DT fragment by another implementation and conversely. Topics that need more discussion - HOBs need a way to be identified: UUID, ID, hybrid (like Platform Initialization). *My views: the hybrid allows constraints firmware components to be using simple IDs and richer components may want leverage UUIDs (same as Platform Initialization).* - HOB format: binary information; just static structure, flatten device tree fragments/overlays or even CBOR. *My views: again hybrid approach seem very efficient. Static structures for memory information, DT fragment for device assignment (for non-secure partitions or for secure world / secure partitions). Typically I would imagine a UUID HOB with a DT fragment seems just good. This is actually implemented like that with Platform Initialization:* *HOBs are identified by a simple ID, out of IDs are EFI_HOB_RESOURCE_DESCRIPTOR for DRAM description and EFI_HOB_GUID_TYPE that contains something identified by a GUID. There is a GUID used in the context of EDK2 to actually contain a DT fragment today.* *As an open specification that allows extension, there shall be a mandate to publish an open specification of any extension.* On Fri, 16 Apr 2021 at 07:51, François Ozog via TF-A < tf-a(a)lists.trustedfirmware.org> wrote: > +tf.org as the discussion evolved to a topic discussed there. > > Le ven. 16 avr. 2021 à 01:25, Zimmer, Vincent <vincent.zimmer(a)intel.com> > a écrit : > >> >> >> For the wayback machine, the design of HOB’s dates back to early 2000’s. >> >> >> >> >> >> The HOB defin was part of the Intel Framework specs & it was made public >> in 2003 through a click-through, as folks noted. HOBs became part of the >> UEFI Forum Platform Initialization (PI) spec in 2006. Essentially PI 1.0 >> absorbed most of the Framework 0.9x specs (sans datahub, CSM). >> >> from https://link.springer.com/book/10.1007/978-1-4842-0070-4 >> >> >> >> IMHO the biggest bug on the present Type Length Value (TLV)-based HOB >> design entails the “L” of the TLV, namely the 16-bit length limitation on >> the size of a specific HOB. Servers often bump into this limitation today >> given the amount of state discovered in these early initialization flows. >> The use of GUID’s w/o strings is also a usability challenge, I’d agree, >> that any new design can address. >> >> >> >> Going forward >> >> The more recent proposed use of HOB's for the generic payload interface >> https://github.com/universalpayload/documentation launching was more for >> convenience since it's a simple TLV encoded mechanism and there are parsing >> libraries already in the wild. But the use of HOB’s versus DT versus …. >> for the inargs of the payload is definitely open for discussion/change in >> the design. The earlier thread suggestions of CBOR/8949 >> https://www.rfc-editor.org/rfc/rfc8949.html from Francois/Nate is >> interesting. We can update the already open issue on this topic >> https://github.com/universalpayload/documentation/issues/9 with some of >> these thoughts and build upon the sentiments Ron shared earlier on the >> topic. >> >> >> >> And regarding the payload specification >> https://universalpayload.github.io/documentation/ mentioned above, I’m >> happy to present on this design effort in an upcoming OSF meeting, >> including how payloads may relate to the OSF workstream. The payload >> design is intended to be an open process with a code-first workflow that >> doesn’t tie itself to any specific bootloader design, as demonstrated by >> the different bootloaders and payloads ported at >> https://github.com/universalpayload. Although there isn’t a U-Boot >> example ported (I thought I heard mention of U-boot in this thread or >> meeting?), addressing the needs of U-boot and other *boot solutions (e.g., >> oreboot) is definitely part of the design scope intent, too. >> >> >> >> Thanks, >> >> >> >> Vincent >> >> >> >> >> >> -----Original Message----- >> From: OCP-OSF(a)OCP-All.groups.io <OCP-OSF(a)OCP-All.groups.io> On Behalf Of >> ron minnich >> Sent: Thursday, April 15, 2021 3:14 PM >> To: Desimone, Nathaniel L <nathaniel.l.desimone(a)intel.com> >> Cc: OCP-OSF(a)OCP-All.groups.io; Boot Architecture Mailman List < >> boot-architecture(a)lists.linaro.org>; Leif Lindholm <leif(a)nuviainc.com> >> Subject: Re: [OCP-OSF] Firmware: Sustainability vs planned obsolescence >> >> >> >> actually isn't device tree a 1980s design :-) >> >> >> >> anyway, as long as we can hit the things I care so much about, >> >> >> >> self describing >> >> alignment independent >> >> endian independent >> >> names not magic numbers (I mean, you want to put a UUID in there too, >> fine, but I doubt a human-readable string will kill us on space) >> >> >> >> it can be anything you all think best. >> >> >> >> On Thu, Apr 15, 2021 at 2:49 PM Desimone, Nathaniel L < >> nathaniel.l.desimone(a)intel.com> wrote: >> >> > >> >> > On Thu, Apr 15, 2021 at 1:29 -0700, ron minnich wrote: >> >> > >> >> > >I'd rather not take HOB as a given without considering alternatives. >> >> > >It's a very 1990s design. >> >> > >> >> > Device tree is also a very early 90s design for that matter. If we are >> talking about clean slate design, how about something actually new and >> modern like RFC 8949? >> >> > >> >> > From a practical standpoint I don't see HOBs going away very soon but >> I'm open to possibility thinking on a long term basis. >> >> > >> >> > >> >> > >> >> > >> >> >> >> >> >> >> >> >> _._,_._,_ >> ------------------------------ >> Groups.io Links: >> >> You receive all messages sent to this group. >> >> View/Reply Online (#149) >> <https://OCP-All.groups.io/g/OCP-OSF/message/149> | Reply To Group >> <OCP-OSF@OCP-All.groups.io?subject=Re:%20Re%3A%20%5BOCP-OSF%5D%20Firmware%3A%20Sustainability%20vs%20planned%20obsolescence> >> | Reply To Sender >> <vincent.zimmer@intel.com?subject=Private:%20Re:%20Re%3A%20%5BOCP-OSF%5D%20Firmware%3A%20Sustainability%20vs%20planned%20obsolescence> >> | Mute This Topic <https://groups.io/mt/81937262/675475> | New Topic >> <https://OCP-All.groups.io/g/OCP-OSF/post> >> Your Subscription <https://OCP-All.groups.io/g/OCP-OSF/editsub/675475> | Contact >> Group Owner <OCP-OSF+owner(a)OCP-All.groups.io> | Unsubscribe >> <https://OCP-All.groups.io/g/OCP-OSF/leave/10214763/675475/1625423992/xyzzy> >> [francois.ozog(a)linaro.org] >> _._,_._,_ >> >> -- > François-Frédéric Ozog | *Director Linaro Edge & Fog Computing Group* > T: +33.67221.6485 > francois.ozog(a)linaro.org | Skype: ffozog > > -- > TF-A mailing list > TF-A(a)lists.trustedfirmware.org > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > -- François-Frédéric Ozog | *Director Linaro Edge & Fog Computing Group* T: +33.67221.6485 francois.ozog(a)linaro.org | Skype: ffozog

4 years, 1 month

1
0
0 0

Re: [TF-A] Problems building for qemu with SPM (S-EL2) support

by Olivier Deprez

Hi Rebecca, qemu is currently not supported for use with the SPM at S-EL2. The two available options are FVP (https://trustedfirmware-a.readthedocs.io/en/latest/components/secure-partit…) or Total Compute platform (https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-docs…) Regards, Olivier. ________________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Rebecca Cran via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 16 April 2021 00:02 To: tf-a(a)lists.trustedfirmware.org Subject: [TF-A] Problems building for qemu with SPM (S-EL2) support I'm having problems building TF-A with SPM/S-EL2 support. I can build with PLAT=fvp fine, but building with PLAT=qemu results in the error: LD /home/rebecca/src/arm-trusted-firmware/build/qemu/release/bl31/bl31.elf /home/rebecca/gcc-arm-10.2-2020.11-x86_64-aarch64-none-linux-gnu/bin/aarch64-none-linux-gnu-ld: /home/rebecca/src/arm-trusted-firmware/build/qemu/release/bl31/spmd_main.o: in function `spmd_setup': spmd_main.c:(.text.spmd_setup+0x74): undefined reference to `plat_spm_core_manifest_load' spmd_main.c:(.text.spmd_setup+0x74): relocation truncated to fit: R_AARCH64_CALL26 against undefined symbol `plat_spm_core_manifest_load' make: *** [Makefile:1136: /home/rebecca/src/arm-trusted-firmware/build/qemu/release/bl31/bl31.elf] Error 1 The command line I'm using is: make PLAT=qemu DEBUG=0 \ CROSS_COMPILE=~/gcc-arm-10.2-2020.11-x86_64-aarch64-none-linux-gnu/bin/aarch64-none-linux-gnu- \ SPD=spmd CTX_INCLUDE_EL2_REGS=1 BL32=bl32.bin BL33=bl33.bin \ SP_LAYOUT_FILE=sp_layout.json ARM_ARCH_MINOR=4 all fip Adding the following files to BL31_SOURCES in plat/qemu/platform.mk resolves the problem, but I suspect that's not the correct solution? plat/common/plat_spmd_manifest.c common/fdt_wrappers.c -- Rebecca Cran -- TF-A mailing list TF-A(a)lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 1 month

1
0
0 0

Re: [TF-A] [OCP-OSF] Firmware: Sustainability vs planned obsolescence

by François Ozog

+tf.org as the discussion evolved to a topic discussed there. Le ven. 16 avr. 2021 à 01:25, Zimmer, Vincent <vincent.zimmer(a)intel.com> a écrit : > > > For the wayback machine, the design of HOB’s dates back to early 2000’s. > > > > > > The HOB defin was part of the Intel Framework specs & it was made public > in 2003 through a click-through, as folks noted. HOBs became part of the > UEFI Forum Platform Initialization (PI) spec in 2006. Essentially PI 1.0 > absorbed most of the Framework 0.9x specs (sans datahub, CSM). > > from https://link.springer.com/book/10.1007/978-1-4842-0070-4 > > > > IMHO the biggest bug on the present Type Length Value (TLV)-based HOB > design entails the “L” of the TLV, namely the 16-bit length limitation on > the size of a specific HOB. Servers often bump into this limitation today > given the amount of state discovered in these early initialization flows. > The use of GUID’s w/o strings is also a usability challenge, I’d agree, > that any new design can address. > > > > Going forward > > The more recent proposed use of HOB's for the generic payload interface > https://github.com/universalpayload/documentation launching was more for > convenience since it's a simple TLV encoded mechanism and there are parsing > libraries already in the wild. But the use of HOB’s versus DT versus …. > for the inargs of the payload is definitely open for discussion/change in > the design. The earlier thread suggestions of CBOR/8949 > https://www.rfc-editor.org/rfc/rfc8949.html from Francois/Nate is > interesting. We can update the already open issue on this topic > https://github.com/universalpayload/documentation/issues/9 with some of > these thoughts and build upon the sentiments Ron shared earlier on the > topic. > > > > And regarding the payload specification > https://universalpayload.github.io/documentation/ mentioned above, I’m > happy to present on this design effort in an upcoming OSF meeting, > including how payloads may relate to the OSF workstream. The payload > design is intended to be an open process with a code-first workflow that > doesn’t tie itself to any specific bootloader design, as demonstrated by > the different bootloaders and payloads ported at > https://github.com/universalpayload. Although there isn’t a U-Boot > example ported (I thought I heard mention of U-boot in this thread or > meeting?), addressing the needs of U-boot and other *boot solutions (e.g., > oreboot) is definitely part of the design scope intent, too. > > > > Thanks, > > > > Vincent > > > > > > -----Original Message----- > From: OCP-OSF(a)OCP-All.groups.io <OCP-OSF(a)OCP-All.groups.io> On Behalf Of > ron minnich > Sent: Thursday, April 15, 2021 3:14 PM > To: Desimone, Nathaniel L <nathaniel.l.desimone(a)intel.com> > Cc: OCP-OSF(a)OCP-All.groups.io; Boot Architecture Mailman List < > boot-architecture(a)lists.linaro.org>; Leif Lindholm <leif(a)nuviainc.com> > Subject: Re: [OCP-OSF] Firmware: Sustainability vs planned obsolescence > > > > actually isn't device tree a 1980s design :-) > > > > anyway, as long as we can hit the things I care so much about, > > > > self describing > > alignment independent > > endian independent > > names not magic numbers (I mean, you want to put a UUID in there too, > fine, but I doubt a human-readable string will kill us on space) > > > > it can be anything you all think best. > > > > On Thu, Apr 15, 2021 at 2:49 PM Desimone, Nathaniel L < > nathaniel.l.desimone(a)intel.com> wrote: > > > > > > On Thu, Apr 15, 2021 at 1:29 -0700, ron minnich wrote: > > > > > > >I'd rather not take HOB as a given without considering alternatives. > > > >It's a very 1990s design. > > > > > > Device tree is also a very early 90s design for that matter. If we are > talking about clean slate design, how about something actually new and > modern like RFC 8949? > > > > > > From a practical standpoint I don't see HOBs going away very soon but > I'm open to possibility thinking on a long term basis. > > > > > > > > > > > > > > > > > > > > > _._,_._,_ > ------------------------------ > Groups.io Links: > > You receive all messages sent to this group. > > View/Reply Online (#149) <https://OCP-All.groups.io/g/OCP-OSF/message/149> > | Reply To Group > <OCP-OSF@OCP-All.groups.io?subject=Re:%20Re%3A%20%5BOCP-OSF%5D%20Firmware%3A%20Sustainability%20vs%20planned%20obsolescence> > | Reply To Sender > <vincent.zimmer@intel.com?subject=Private:%20Re:%20Re%3A%20%5BOCP-OSF%5D%20Firmware%3A%20Sustainability%20vs%20planned%20obsolescence> > | Mute This Topic <https://groups.io/mt/81937262/675475> | New Topic > <https://OCP-All.groups.io/g/OCP-OSF/post> > Your Subscription <https://OCP-All.groups.io/g/OCP-OSF/editsub/675475> | Contact > Group Owner <OCP-OSF+owner(a)OCP-All.groups.io> | Unsubscribe > <https://OCP-All.groups.io/g/OCP-OSF/leave/10214763/675475/1625423992/xyzzy> > [francois.ozog(a)linaro.org] > _._,_._,_ > > -- François-Frédéric Ozog | *Director Linaro Edge & Fog Computing Group* T: +33.67221.6485 francois.ozog(a)linaro.org | Skype: ffozog

4 years, 1 month

1
0
0 0

Re: [TF-A] Adoption of Conventional Commits

by Varun Wadekar

>> Otherwise, we will begin adopting Conventional Commits in the CI at the beginning of April, pending full rollout for everybody in the next release. IIRC, I already proposed another option that builds on the tagging mechanism from Conventional Commits. Did we document the objections somewhere? I remember, CC did get some "nays" on the wiki page. Were all those concerns resolved? From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> On Behalf Of Chris Kay via TF-A Sent: Thursday, March 18, 2021 5:08 AM To: tf-a(a)lists.trustedfirmware.org Subject: Re: [TF-A] Adoption of Conventional Commits External email: Use caution opening links or attachments Just a reminder to everybody that we're now most of the way through March, and therefore most of the way through the investigation period. If anybody has any proposals they'd like to make, please do share them as soon as possible so that we have time to brainstorm and come to a conclusion. Otherwise, we will begin adopting Conventional Commits in the CI at the beginning of April, pending full rollout for everybody in the next release. Chris From: Chris Kay <Chris.Kay(a)arm.com<mailto:Chris.Kay@arm.com>> Date: Thursday, 25 February 2021 at 17:30 To: tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> Subject: Re: [TF-A] Adoption of Conventional Commits Thanks to all those who attended the Tech Forum today! It's become apparent that the initial 2 week deadline for alternative proposals or implementations is too short, so - as agreed - we'll push the deadline for the investigation period to the end of March. This period is dedicated to evaluating the changelog automation proposal made, or to identifying alternative solutions. If you have an alternative proposal, any proof-of-concept tooling would be highly appreciated so we can get a clear idea of what sort of work and maintenance is going to be involved. If you do find a solution you wish to propose, please give it just a short name (e.g. "Update it manually") and make it obvious you want to propose it formally - I'll collect up the proposals made on the mailing list thread at the end of March and set up a Wiki poll so we can get a clear picture of where the community wants to take this. Chris From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org<mailto:tf-a-bounces@lists.trustedfirmware.org>> on behalf of Chris Kay via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> Reply to: Chris Kay <Chris.Kay(a)arm.com<mailto:Chris.Kay@arm.com>> Date: Thursday, 11 February 2021 at 13:59 To: "tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>" <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> Subject: [TF-A] Adoption of Conventional Commits Hi all, Recently we had an internal discussion on the merits of introducing semantics to commit messages pushed to the main TF-A repository, the conclusion being that we would look to adopting the Conventional Commits<https://www.conventionalcommits.org/en/v1.0.0/> specification in the near future. There was one major reason for this, which was to help us in automating the changelog in future releases, but it might also help us to dramatically reduce the overall amount of work needed to make a formal release in the future. This requires some buy-in (or buy-out, in this case) from maintainers because - even though it's to only a relatively minor extent - it does involve an adjustment to everybody's workflow. Notably, commit messages will be expected to adopt the structure defined by the specification, which will be enforced by the CI. Most commits that go upstream today adhere to "something that looks like Conventional Commits", so the change is not exactly sweeping, but any change has the potential be an inconvenience. With that in mind, I propose the following: * We collectively adopt the specification, enforced only for @arm.com contributors until such a time that the majority of maintainers are familiar with the new demands * We suggest - in the prerequisites documentation - the installation of two helper tools: * Commitizen<https://github.com/commitizen/cz-cli> * Commitlint<https://github.com/conventional-changelog/commitlint> Installation of these tools will be optional, but I believe they can help with the transition. In the patches currently in review, they are installed as Git hooks automatically upon execution of npm install, so it requires no manual installation or configuration (other than a relatively up-to-date Node.js installation). You'll find the patches here<https://review.trustedfirmware.org/q/topic:%22ck%252Fconventional-commits%2…>, and specifically the changes to the prerequisites documentation here<https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/8224/1/docs/…>. Feel free to review these changes if you have comments specifically on their implementation. Let me know if you have any questions or concerns. If everybody's on board, we can look to have this upstreamed shortly. Chris

4 years, 1 month

2
3
0 0

Problems building for qemu with SPM (S-EL2) support

by Rebecca Cran

I'm having problems building TF-A with SPM/S-EL2 support. I can build with PLAT=fvp fine, but building with PLAT=qemu results in the error: LD /home/rebecca/src/arm-trusted-firmware/build/qemu/release/bl31/bl31.elf /home/rebecca/gcc-arm-10.2-2020.11-x86_64-aarch64-none-linux-gnu/bin/aarch64-none-linux-gnu-ld: /home/rebecca/src/arm-trusted-firmware/build/qemu/release/bl31/spmd_main.o: in function `spmd_setup': spmd_main.c:(.text.spmd_setup+0x74): undefined reference to `plat_spm_core_manifest_load' spmd_main.c:(.text.spmd_setup+0x74): relocation truncated to fit: R_AARCH64_CALL26 against undefined symbol `plat_spm_core_manifest_load' make: *** [Makefile:1136: /home/rebecca/src/arm-trusted-firmware/build/qemu/release/bl31/bl31.elf] Error 1 The command line I'm using is: make PLAT=qemu DEBUG=0 \ CROSS_COMPILE=~/gcc-arm-10.2-2020.11-x86_64-aarch64-none-linux-gnu/bin/aarch64-none-linux-gnu- \ SPD=spmd CTX_INCLUDE_EL2_REGS=1 BL32=bl32.bin BL33=bl33.bin \ SP_LAYOUT_FILE=sp_layout.json ARM_ARCH_MINOR=4 all fip Adding the following files to BL31_SOURCES in plat/qemu/platform.mk resolves the problem, but I suspect that's not the correct solution? plat/common/plat_spmd_manifest.c common/fdt_wrappers.c -- Rebecca Cran

4 years, 1 month

1
0
0 0

Re: [TF-A] Debugging a lock-up in opteed_system_reset

by Jens Wiklander

Hi Jan, On Sat, Apr 10, 2021 at 1:18 PM Jan Kiszka via TF-A <tf-a(a)lists.trustedfirmware.org> wrote: > > On 09.04.21 14:56, Jan Kiszka wrote: > > Hi all, > > > > I'm currently debugging sporadic lockups in TF-A when calling the system > > reset hook of OP-TEE: opteed_system_reset() gets stuck on > > opteed_synchronous_sp_entry(), and the thread_system_reset_handler of > > OP-TEE is not invoked (I left a debug output on the OP-TEE side). > > Platform is k3, target hardware our IOT2050 device. I was using today's > > master of TF-A and OP-TEE, but also older versions of both. > > > > What could cause this? I would assume that TF-A and OP-TEE are protected > > against overwriting of the non-secure world and we would see exceptions > > in case some reservation is not properly set, possibly misleading Linux. > > > > Turned out that we had a bug in our device tree: "reserved_memory", > rather than "reserved-memory". That caused Linux to ignore the RAM > reservation, eventually accessing the memory that OP-TEE is using. > > But that still does not explain why the secured memory is left behind > unsecured. Who is responsible for that, TF-A or the TEE itself? This might be memory reserved for the static shared memory pool used when communicating between Linux normal world and OP-TEE in secure world. If that's the case it's normal that the memory is accessible from Linux, however if Linux uses it for other purposes too there will be memory corruptions. Cheers, Jens

4 years, 1 month

2
1
0 0

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

by Manish Pandey2

Hi, From TF-A project point of view, we prefer to use existing mechanism to pass parameters across boot stages using linked list of tagged elements (as suggested by Julius). It has support for both generic and SiP-specific tags. Having said that, it does not stop partners to introduce new mechanisms suitable for their usecase in platform port initially and later move to generic code if its suitable for other platforms. To start with, Ampere can introduce a platform specific implementation of memory tag(speed/NUMA topology etc) which can be evaluated and discussed for generalization in future. The tag will be populated in BL2 stage and can be forwarded to further stages(and to BL33) by passing the head of list pointer in one of the registers. Initially any register can be used but going forward a standardization will be needed. The U-boot bloblist mentioned by Simon is conceptually similar to what TF-A is using, if there is consensus of using bloblist/taglist then TF-A tag list may be enhanced to take best of both the implementations. One of the potential problems of having structure used in different projects is maintainability, this can be avoided by having a single copy of these structures in TF-A (kept inside "include/export" which intended to be used by other projects.) Regarding usage of either UUID or tag, I echo the sentiments of Simon and Julius to keep it simple and use tag values. Looking forward to having further discussions on zoom call today. Thanks Manish P ________________________________ From: TF-A <tf-a-bounces(a)lists.trustedfirmware.org> on behalf of Julius Werner via TF-A <tf-a(a)lists.trustedfirmware.org> Sent: 25 March 2021 02:43 To: Simon Glass <sjg(a)chromium.org> Cc: Harb Abdulhamid OS <abdulhamid(a)os.amperecomputing.com>; Boot Architecture Mailman List <boot-architecture(a)lists.linaro.org>; tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org>; U-Boot Mailing List <u-boot(a)lists.denx.de>; Paul Isaac's <paul.isaacs(a)linaro.org>; Ron Minnich <rminnich(a)google.com> Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages Just want to point out that TF-A currently already supports a (very simple) mechanism like this: https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/… https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/… https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/… It's just a linked list of tagged elements. The tag space is split into TF-A-wide generic tags and SiP-specific tags (with plenty of room to spare if more areas need to be defined -- a 64-bit tag can fit a lot). This is currently being used by some platforms that run coreboot in place of BL1/BL2, to pass information from coreboot (BL2) to BL31. I would echo Simon's sentiment of keeping this as simple as possible and avoiding complicated and bloated data structures with UUIDs. You usually want to parse something like this as early as possible in the passed-to firmware stage, particularly if the structure encodes information about the debug console (like it does for the platforms I mentioned above). For example, in BL31 this basically means doing it right after moving from assembly to C in bl31_early_platform_setup2() to get the console up before running anything else. At that point in the BL31 initialization, the MMU and caches are disabled, so data accesses are pretty expensive and you don't want to spend a lot of parsing effort or calculate complicated checksums or the like. You just want something extremely simple where you ideally have to touch every data word only once. On Wed, Mar 24, 2021 at 5:06 PM Simon Glass via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> wrote: Hi Harb, On Wed, 24 Mar 2021 at 11:39, Harb Abdulhamid OS <abdulhamid(a)os.amperecomputing.com<mailto:abdulhamid@os.amperecomputing.com>> wrote: Hello Folks, Appreciate the feedback and replies on this. Glad to see that there is interest in this topic. 😊 I try to address the comments/feedback from Francois and Simon below…. @François Ozog<mailto:francois.ozog@linaro.org> – happy to discuss this on a zoom call. I will make that time slot work, and will be available to attend April 8, 4pm CT. Note that I’m using the term “HOB” here more generically, as there are typically vendor specific structures beyond the resource descriptor HOB, which provides only a small subset of the information that needs to be passed between the boot phases. The whole point here is to provide mechanism to develop firmware that we can build ARM Server SoC’s that support *any* BL33 payload (e.g. EDK2, AptioV, CoreBoot, and maybe even directly boot strapping LinuxBoot at some point). In other-words, we are trying to come up with a TF-A that would be completely agnostic to the implementation of BL33 (i.e. BL33 is built completely independently by a separate entity – e.g. an ODM/OEM). Keep in mind, in the server/datacenter market segment we are not building vertically integrated systems with a single entity compiling firmware/software stacks like most folks in TF-A have become use to. There are two categories of higher level firmware code blobs in the server/datacenter model: 1. “SoC” or “silicon” firmware – in TF-A this may map to BL1, BL2, BL31, and *possibly* one or more BL32 instances 2. “Platform” or “board” firmware – in TF-A this may map to BL33 and *possibly* one or more BL32 instances. Even the platform firmware stack could be further fragmented by having multiple entities involved in delivering the entire firmware stack: IBVs, ODMs, OEMs, CSPs, and possibly even device vendor code. To support a broad range of platform designs with a broad range of memory devices, we need a crisp and clear contract between the SoC firmware that initializes memory (e.g. BL2) and how that platform boot firmware (e.g. BL33) gathers information about what memory that was initialized, at what speeds, NUMA topology, and many other relevant information that needs to be known and comprehended by the platform firmware and eventually by the platform software. I understand the versatility of DT, but I see two major problems with DT: * DT requires more complicated parsing to get properties, and even more complex to dynamically set properties – this HOB structures may need to be generated in boot phases where DDR is not available, and therefore we will be extremely memory constrained. * DT is probably overkill for this purpose – We really just want a list of pointers to simple C structures that code cast (e.g. JEDEC SPD data blob) I think that we should not mix the efforts around DT/ACPI specs with what we are doing here, because those specs and concepts were developed for a completely different purpose (i.e. abstractions needed for OS / RTOS software, and not necessarily suitable for firmware-to-firmware hand-offs). Frankly, I would personally push back pretty hard on defining SMC’s for something that should be one way information passing. Every SMC we add is another attack vector to the secure world and an increased burden on the folks that have to do security auditing and threat analysis. I see no benefit in exposing these boot/HOB/BOB structures at run-time via SMC calls. Please do let me know if you disagree and why. Look forward to discussing on this thread or on the call. @Simon Glass<mailto:sjg@chromium.org> - Thanks for the pointer to bloblist. I briefly reviewed and it seems like a good baseline for what we may be looking for. That being said, I would say that there is some benefit in having some kind of unique identifiers (e.g. UUID or some unique signature) so that we can tie standardized data structures (based on some future TBD specs) to a particular ID. For example, if the TPM driver in BL33 is looking for the TPM structure in the HOB/BOB list, and may not care about the other data blobs. The driver needs a way to identify and locate the blob it cares about. The tag is intended to serve that purpose, although perhaps it should switch from an auto-allocating enum to one with explicit values for each entry and a range for 'local' use. I guess we can achieve this with the tag, but the problem with tag when you have eco-system with a lot of parties doing parallel development, you can end up with tag collisions and folks fighting about who has rights to what tag values. We would need some official process for folks to register tags for whatever new structures we define, or maybe some tag range for vendor specific structures. This comes with a lot of pain and bureaucracy. On the other hand, UUID has been a proven way to make it easy to just define your own blobs with *either* standard or vendor specific structures without worry of ID collisions between vendors. True. I think the pain is overstated, though. In this case I think we actually want something that can be shared between projects and orgs, so some amount of coordination could be considered a benefit. It could just be a github pull request. I find the UUID unfriendly and not just to code size and eyesight! Trying to discover what GUIDs mean or are valid is quite tricky. E.g. see this code: #define FSP_HOB_RESOURCE_OWNER_TSEG_GUID \ EFI_GUID(0xd038747c, 0xd00c, 0x4980, \ 0xb3, 0x19, 0x49, 0x01, 0x99, 0xa4, 0x7d, 0x55) (etc.) static struct guid_name { efi_guid_t guid; const char *name; } guid_name[] = { { FSP_HOB_RESOURCE_OWNER_TSEG_GUID, "TSEG" }, { FSP_HOB_RESOURCE_OWNER_FSP_GUID, "FSP" }, { FSP_HOB_RESOURCE_OWNER_SMM_PEI_SMRAM_GUID, "SMM PEI SMRAM" }, { FSP_NON_VOLATILE_STORAGE_HOB_GUID, "NVS" }, { FSP_VARIABLE_NV_DATA_HOB_GUID, "Variable NVS" }, { FSP_GRAPHICS_INFO_HOB_GUID, "Graphics info" }, { FSP_HOB_RESOURCE_OWNER_PCD_DATABASE_GUID1, "PCD database ea" }, { FSP_HOB_RESOURCE_OWNER_PCD_DATABASE_GUID2, "PCD database 9b" }, (never figured out what those two are) { FSP_HOB_RESOURCE_OWNER_PEIM_DXE_GUID, "PEIM Init DXE" }, { FSP_HOB_RESOURCE_OWNER_ALLOC_STACK_GUID, "Alloc stack" }, { FSP_HOB_RESOURCE_OWNER_SMBIOS_MEMORY_GUID, "SMBIOS memory" }, { {}, "zero-guid" }, {} }; static const char *guid_to_name(const efi_guid_t *guid) { struct guid_name *entry; for (entry = guid_name; entry->name; entry++) { if (!guidcmp(guid, &entry->guid)) return entry->name; } return NULL; } Believe it or not it took a fair bit of effort to find just that small list, with nearly every one in a separate doc, from memory. We can probably debate whether there is any value in GUID/UUID or not during the call… but again, boblist seems like a reasonable starting point as an alternative to HOB. Indeed. There is certainly value in both approaches. Regards, Simon Thanks, --Harb From: François Ozog <francois.ozog(a)linaro.org<mailto:francois.ozog@linaro.org>> Sent: Tuesday, March 23, 2021 10:00 AM To: François Ozog <francois.ozog(a)linaro.org<mailto:francois.ozog@linaro.org>>; Ron Minnich <rminnich(a)google.com<mailto:rminnich@google.com>>; Paul Isaac's <paul.isaacs(a)linaro.org<mailto:paul.isaacs@linaro.org>> Cc: Simon Glass <sjg(a)chromium.org<mailto:sjg@chromium.org>>; Harb Abdulhamid OS <abdulhamid(a)os.amperecomputing.com<mailto:abdulhamid@os.amperecomputing.com>>; Boot Architecture Mailman List <boot-architecture(a)lists.linaro.org<mailto:boot-architecture@lists.linaro.org>>; tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages +Ron Minnich<mailto:rminnich@google.com> +Paul Isaac's<mailto:paul.isaacs@linaro.org> Adding Ron and Paul because I think this interface should be also benefiting LinuxBoot efforts. On Tue, 23 Mar 2021 at 11:17, François Ozog via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> wrote: Hi, I propose we cover the topic at the next Trusted Substrate<https://collaborate.linaro.org/display/TS/Trusted+Substrate+Home> zoom call<https://linaro-org.zoom.us/j/94563644892> on April 8th 4pm CET. The agenda: ABI between non-secure firmware and the rest of firmware (EL3, S-EL1, S-EL2, SCP) to adapt hardware description to some runtime conditions. runtime conditions here relates to DRAM size and topology detection, secure DRAM memory carvings, PSCI and SCMI interface publishing. For additional background on existing metadata: UEFI Platform Initialization Specification Version 1.7<https://uefi.org/sites/default/files/resources/PI_Spec_1_7_final_Jan_2019.p…>, 5.5 Resource Descriptor HOB Out of the ResourceType we care about is EFI_RESOURCE_SYSTEM_MEMORY. This HOB lacks memory NUMA attachment or something that could be related to fill SRAT table for ACPI or relevant DT proximity domains. HOB is not consistent accros platforms: some platforms (Arm) lists memory from the booting NUMA node, other platforms (x86) lists all memory from all NUMA nodes. (At least this is the case on the two platforms I tested). There are two proposals to use memory structures from SPL/BLx up to the handover function (as defined in the Device Tree technical report<https://docs.google.com/document/d/1CLkhLRaz_zcCq44DLGmPZQFPbYHOC6nzPowaL0X…>) which can be U-boot (BL33 or just U-Boot in case of SPL/U-Boot scheme) or EDK2. I would propose we also discuss possibility of FF-A interface to actually query information or request actions to be done (this is a model actually used in some SoCs with proprietary SMC calls). Requirements (to be validated): - ACPI and DT hardware descriptions. - agnostic to boot framework (SPL/U-Boot, TF-A/U-Boot, TF-A/EDK2) - agnostic to boot framework (SPL/U-Boot, TF-A/U-Boot, TF-A/EDK2, TF-A/LinuxBoot) - at least allows complete DRAM description and "persistent" usage (reserved areas for secure world or other usages) - support secure world device assignment Cheers FF On Mon, 22 Mar 2021 at 19:56, Simon Glass <sjg(a)chromium.org<mailto:sjg@chromium.org>> wrote: Hi, Can I suggest using bloblist for this instead? It is lightweight, easier to parse, doesn't have GUIDs and is already used within U-Boot for passing info between SPL/U-Boot, etc. Docs here: https://github.com/u-boot/u-boot/blob/master/doc/README.bloblist Header file describes the format: https://github.com/u-boot/u-boot/blob/master/include/bloblist.h Full set of unit tests: https://github.com/u-boot/u-boot/blob/master/test/bloblist.c Regards, Simon On Mon, 22 Mar 2021 at 23:58, François Ozog <francois.ozog(a)linaro.org<mailto:francois.ozog@linaro.org>> wrote: > > +Boot Architecture Mailman List <boot-architecture(a)lists.linaro.org<mailto:boot-architecture@lists.linaro.org>> > > standardization is very much welcomed here and need to accommodate a very > diverse set of situations. > For example, TEE OS may need to pass memory reservations to BL33 or > "capture" a device for the secure world. > > I have observed a number of architectures: > 1) pass information from BLx to BLy in the form of a specific object > 2) BLx called by BLy by a platform specific SMC to get information > 3) BLx called by BLy by a platform specific SMC to perform Device Tree > fixups > > I also imagined a standardized "broadcast" FF-A call so that any firmware > element can either provide information or "do something". > > My understanding of your proposal is about standardizing on architecture 1) > with the HOB format. > > The advantage of the HOB is simplicity but it may be difficult to implement > schemes such as pruning a DT because device assignment in the secure world. > > In any case, it looks feasible to have TF-A and OP-TEE complement the list > of HOBs to pass information downstream (the bootflow). > > It would be good to start with building the comprehensive list of > information that need to be conveyed between firmware elements: > > information. | authoritative entity | reporting entity | information > exchanged: > dram | TFA | TFA | > <format to be detailed, NUMA topology to build the SRAT table or DT > equivalent?> > PSCI | SCP | TFA? | > SCMI | SCP or TEE-OS | TFA? TEE-OS?| > secure SRAM | TFA. | TFA. | > secure DRAM | TFA? TEE-OS? | TFA? TEE-OS? | > other? | | > | > > Cheers > > FF > > > On Mon, 22 Mar 2021 at 09:34, Harb Abdulhamid OS via TF-A < > tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> wrote: > > > Hello Folks, > > > > > > > > I'm emailing to start an open discussion about the adoption of a concept > > known as "hand-off blocks" or HOB to become a part of the TF-A Firmware > > Framework Architecture (FFA). This is something that is a pretty major > > pain point when it comes to the adoption of TF-A in ARM Server SoC’s > > designed to enable a broad range of highly configurable datacenter > > platforms. > > > > > > > > > > > > What is a HOB (Background)? > > > > --------------------------- > > > > UEFI PI spec describes a particular definition for how HOB may be used for > > transitioning between the PEI and DXE boot phases, which is a good > > reference point for this discussion, but not necessarily the exact solution > > appropriate for TF-A. > > > > > > > > A HOB is simply a dynamically generated data structure passed in between > > two boot phases. This is information that was obtained through discovery > > and needs to be passed forward to the next boot phase *once*, with no API > > needed to call back (e.g. no call back into previous firmware phase is > > needed to fetch this information at run-time - it is simply passed one time > > during boot). > > > > > > > > There may be one or more HOBs passed in between boot phases. If there are > > more than one HOB that needs to be passed, this can be in a form of a "HOB > > table", which (for example) could be a UUID indexed array of pointers to > > HOB structures, used to locate a HOB of interest (based on UUID). In such > > cases, instead of passing a single HOB, the boot phases may rely on passing > > the pointer to the HOB table. > > > > > > > > This has been extremely useful concept to employ on highly configurable > > systems that must rely on flexible discovery mechanisms to initialize and > > boot the system. This is especially helpful when you have multiple > > > > > > > > > > > > Why do we need HOBs in TF-A?: > > > > ----------------------------- > > > > It is desirable that EL3 firmware (e.g. TF-A) built for ARM Server SoC in > > a way that is SoC specific *but* platform agnostic. This means that a > > single ARM SoC that a SiP may deliver to customers may provide a single > > TF-A binary (e.g. BL1, BL2, BL31) that could be used to support a broad > > range of platform designs and configurations in order to boot a platform > > specific firmware (e.g. BL33 and possibly even BL32 code). In order to > > achieve this, the platform configuration must be *discovered* instead of > > statically compiled as it is today in TF-A via device tree based > > enumeration. The mechanisms of discovery may differ broadly depending on > > the relevant industry standard, or in some cases may have rely on SiP > > specific discovery flows. > > > > > > > > For example: On server systems that support a broad range DIMM memory > > population/topologies, all the necessary information required to boot is > > fully discovered via standard JEDEC Serial Presence Detect (SPD) over an > > I2C bus. Leveraging the SPD bus, may platform variants could be supported > > with a single TF-A binary. Not only is this information required to > > initialize memory in early boot phases (e.g. BL2), the subsequent boot > > phases will also need this SPD info to construct a system physical address > > map and properly initialize the MMU based on the memory present, and where > > the memory may be present. Subsequent boot phases (e.g. BL33 / UEFI) may > > need to generate standard firmware tables to the operating systems, such as > > SMBIOS tables describing DIMM topology and various ACPI tables (e.g. SLIT, > > SRAT, even NFIT if NVDIMM's are present). > > > > > > > > In short, it all starts with a standardized or vendor specific discovery > > flow in an early boot stage (e.g. BL1/BL2), followed by the passing of > > information to the next boot stages (e.g. BL31/BL32/BL33). > > > > > > > > Today, every HOB may be a vendor specific structure, but in the future > > there may be benefit of defining standard HOBs. This may be useful for > > memory discovery, passing the system physical address map, enabling TPM > > measured boot, and potentially many other common HOB use-cases. > > > > > > > > It would be extremely beneficial to the datacenter market segment if the > > TF-A community would adopt this concept of information passing between all > > boot phases as opposed to rely solely on device tree enumeration. This is > > not intended to replace device tree, rather intended as an alternative way > > to describe the info that must be discovered and dynamically generated. > > > > > > > > > > > > Conclusion: > > > > ----------- > > > > We are proposing that the TF-A community begin pursuing the adoption of > > HOBs as a mechanism used for information exchange between each boot stage > > (e.g. BL1->BL2, BL2->BL31, BL31->BL32, and BL31->BL33)? Longer term we > > want to explore standardizing some HOB structures for the BL33 phase (e.g. > > UEFI HOB structures), but initially would like to agree on this being a > > useful mechanism used to pass information between each boot stage. > > > > > > > > Thanks, > > > > --Harb > > > > > > > > > > > > > > -- > > TF-A mailing list > > TF-A(a)lists.trustedfirmware.org<mailto:TF-A@lists.trustedfirmware.org> > > https://lists.trustedfirmware.org/mailman/listinfo/tf-a > > > > > -- > François-Frédéric Ozog | *Director Linaro Edge & Fog Computing Group* > T: +33.67221.6485 > francois.ozog(a)linaro.org<mailto:francois.ozog@linaro.org> | Skype: ffozog > _______________________________________________ > boot-architecture mailing list > boot-architecture(a)lists.linaro.org<mailto:boot-architecture@lists.linaro.org> > https://lists.linaro.org/mailman/listinfo/boot-architecture -- [https://drive.google.com/a/linaro.org/uc?id=0BxTAygkus3RgQVhuNHMwUi1mYWc&ex…] François-Frédéric Ozog | Director Linaro Edge & Fog Computing Group T: +33.67221.6485 francois.ozog(a)linaro.org<mailto:francois.ozog@linaro.org> | Skype: ffozog -- TF-A mailing list TF-A(a)lists.trustedfirmware.org<mailto:TF-A@lists.trustedfirmware.org> https://lists.trustedfirmware.org/mailman/listinfo/tf-a -- [https://drive.google.com/a/linaro.org/uc?id=0BxTAygkus3RgQVhuNHMwUi1mYWc&ex…] François-Frédéric Ozog | Director Linaro Edge & Fog Computing Group T: +33.67221.6485 francois.ozog(a)linaro.org<mailto:francois.ozog@linaro.org> | Skype: ffozog -- TF-A mailing list TF-A(a)lists.trustedfirmware.org<mailto:TF-A@lists.trustedfirmware.org> https://lists.trustedfirmware.org/mailman/listinfo/tf-a

4 years, 1 month

6
5
0 0

Debugging a lock-up in opteed_system_reset

by Jan Kiszka

Hi all, I'm currently debugging sporadic lockups in TF-A when calling the system reset hook of OP-TEE: opteed_system_reset() gets stuck on opteed_synchronous_sp_entry(), and the thread_system_reset_handler of OP-TEE is not invoked (I left a debug output on the OP-TEE side). Platform is k3, target hardware our IOT2050 device. I was using today's master of TF-A and OP-TEE, but also older versions of both. What could cause this? I would assume that TF-A and OP-TEE are protected against overwriting of the non-secure world and we would see exceptions in case some reservation is not properly set, possibly misleading Linux. Jan -- Siemens AG, T RDA IOT Corporate Competence Center Embedded Linux

4 years, 1 month

2
2
0 0

TF-A 2.5 Release: Code-Freeze 30th April

by Gary Morrison

Hi, This is to notify that we are planning to target the Trusted Firmware-A 2.5 release during the second week of May 2021 as part of the regular ~6-month cadence. The aim is to consolidate all TF-A work since the 2.4 release. As part of this, a release candidate tag will be created and release activities will commence after the 30th of April. Essentially we will not merge any major enhancements from this date until the release is made. Please ensure any Gerrit Patch Reviews desired to make the 2.5 release are submitted in good time to be complete by last week of Apr 2021. Any major enhancement Gerrit Patch Reviews still open after that date will not be merged until after the release.

4 years, 1 month

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

TF-A April 2021