Le mar. 27 avr. 2021 à 11:04, Loh, Tien Hock via TF-A < email@example.com> a écrit :
Yes that’s what I have suspected in the first place, but no harm asking :)
As per discussed, we could probably expose the a compile time option in BL31 that expose a command that read/write to the secure domain.
That case, u-boot shell will be able to access secure domain and not need to run in EL3.
Would you allow an OS to access underlying hypervisor ? In essence this is what you are asking: there are architectural services such as kicking off a new cpu that are supposed to be routed to the right service handler (PSCI) or secure firmware updates with anti-bricking support....
Could you be more specific on what you want to do and why ? That may help us advise on achieving your goals while still being architecturally correct.
*From:* Chee, Tien Fong firstname.lastname@example.org *Sent:* Tuesday, April 27, 2021 5:01 PM *To:* Achin Gupta Achin.Gupta@arm.com; email@example.com; Loh, Tien Hock firstname.lastname@example.org *Cc:* See, Chin Liang email@example.com; Hea, Kok Kiang < firstname.lastname@example.org> *Subject:* RE: Run BL33 (u-boot) in EL3
Thanks for the feedback.
This is use case when user doing development, testing and bring up the board, they can use this option to run their script on U-Boot shell to access these secure region. Once they have finished the development, and testing, then user can switch U-Boot into EL2. This flexibility would definitely giving some degree of convenience for development and testing.
*From:* Achin Gupta Achin.Gupta@arm.com *Sent:* Tuesday, 27 April, 2021 4:38 PM *To:* email@example.com; Loh, Tien Hock < firstname.lastname@example.org> *Cc:* Chee, Tien Fong email@example.com; See, Chin Liang < firstname.lastname@example.org>; Hea, Kok Kiang email@example.com *Subject:* Re: Run BL33 (u-boot) in EL3
Hi Tien Hock,
The maintainers will have more thoughts on this but my $0.02 fwiw.
I cannot see why the Trusted Firmware project should carry any option that enables use of EL3 by users who do not care about security. EL3 is not meant to run u-boot with a shell that can be used to fiddle with secure memory. This flies against the basic security principles that the project is built upon.
*From:* TF-A firstname.lastname@example.org on behalf of Loh, Tien Hock via TF-A email@example.com *Sent:* 27 April 2021 09:02 *To:* firstname.lastname@example.org email@example.com *Cc:* Chee, Tien Fong firstname.lastname@example.org; See, Chin Liang < email@example.com>; Hea, Kok Kiang firstname.lastname@example.org *Subject:* [TF-A] Run BL33 (u-boot) in EL3
I’m maintaining TF-A for Intel SoCFPGA platform.
Would it be possible if we should have the option to run BL33 (u-boot in our case) in EL3?
The Intel SoCFPGA platform u-boot used to handle all SMC calls:
SPL u-boot (EL3) -> u-boot (EL3)
And we have since move to use TF-A’s BL31, thus boot became SPL u-boot (EL3) -> TF-A BL31 (EL3) -> u-boot (EL2)
Main reason is that some users would like to keep u-boot at EL3 as they do not care about security, and some users wanted to run some debugging read/write to secure region in u-boot shell.
-- TF-A mailing list TF-A@lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a