Hi Tien Hock,
The maintainers will have more thoughts on this but my $0.02 fwiw.
I cannot see why the Trusted Firmware project should carry any option that enables use of EL3 by users who do not care about security. EL3 is not meant to run u-boot with a shell that can be used to fiddle with secure memory. This flies against the basic security principles that the project is built upon.
cheers, Achin
________________________________ From: TF-A tf-a-bounces@lists.trustedfirmware.org on behalf of Loh, Tien Hock via TF-A tf-a@lists.trustedfirmware.org Sent: 27 April 2021 09:02 To: tf-a@lists.trustedfirmware.org tf-a@lists.trustedfirmware.org Cc: Chee, Tien Fong tien.fong.chee@intel.com; See, Chin Liang chin.liang.see@intel.com; Hea, Kok Kiang kok.kiang.hea@intel.com Subject: [TF-A] Run BL33 (u-boot) in EL3
Hi,
I’m maintaining TF-A for Intel SoCFPGA platform.
Would it be possible if we should have the option to run BL33 (u-boot in our case) in EL3?
The Intel SoCFPGA platform u-boot used to handle all SMC calls:
SPL u-boot (EL3) -> u-boot (EL3)
And we have since move to use TF-A’s BL31, thus boot became SPL u-boot (EL3) -> TF-A BL31 (EL3) -> u-boot (EL2)
Main reason is that some users would like to keep u-boot at EL3 as they do not care about security, and some users wanted to run some debugging read/write to secure region in u-boot shell.
Thanks
Tien Hock
Hi Achin,
Thanks for the feedback.
This is use case when user doing development, testing and bring up the board, they can use this option to run their script on U-Boot shell to access these secure region. Once they have finished the development, and testing, then user can switch U-Boot into EL2. This flexibility would definitely giving some degree of convenience for development and testing.
Thanks.
From: Achin Gupta Achin.Gupta@arm.com Sent: Tuesday, 27 April, 2021 4:38 PM To: tf-a@lists.trustedfirmware.org; Loh, Tien Hock tien.hock.loh@intel.com Cc: Chee, Tien Fong tien.fong.chee@intel.com; See, Chin Liang chin.liang.see@intel.com; Hea, Kok Kiang kok.kiang.hea@intel.com Subject: Re: Run BL33 (u-boot) in EL3
Hi Tien Hock,
The maintainers will have more thoughts on this but my $0.02 fwiw.
I cannot see why the Trusted Firmware project should carry any option that enables use of EL3 by users who do not care about security. EL3 is not meant to run u-boot with a shell that can be used to fiddle with secure memory. This flies against the basic security principles that the project is built upon.
cheers, Achin
________________________________ From: TF-A <tf-a-bounces@lists.trustedfirmware.orgmailto:tf-a-bounces@lists.trustedfirmware.org> on behalf of Loh, Tien Hock via TF-A <tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org> Sent: 27 April 2021 09:02 To: tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org <tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org> Cc: Chee, Tien Fong <tien.fong.chee@intel.commailto:tien.fong.chee@intel.com>; See, Chin Liang <chin.liang.see@intel.commailto:chin.liang.see@intel.com>; Hea, Kok Kiang <kok.kiang.hea@intel.commailto:kok.kiang.hea@intel.com> Subject: [TF-A] Run BL33 (u-boot) in EL3
Hi,
I'm maintaining TF-A for Intel SoCFPGA platform.
Would it be possible if we should have the option to run BL33 (u-boot in our case) in EL3?
The Intel SoCFPGA platform u-boot used to handle all SMC calls:
SPL u-boot (EL3) -> u-boot (EL3)
And we have since move to use TF-A's BL31, thus boot became SPL u-boot (EL3) -> TF-A BL31 (EL3) -> u-boot (EL2)
Main reason is that some users would like to keep u-boot at EL3 as they do not care about security, and some users wanted to run some debugging read/write to secure region in u-boot shell.
Thanks
Tien Hock
Achin, Yes that's what I have suspected in the first place, but no harm asking :)
Tien Fong, As per discussed, we could probably expose the a compile time option in BL31 that expose a command that read/write to the secure domain. That case, u-boot shell will be able to access secure domain and not need to run in EL3.
Thanks
From: Chee, Tien Fong tien.fong.chee@intel.com Sent: Tuesday, April 27, 2021 5:01 PM To: Achin Gupta Achin.Gupta@arm.com; tf-a@lists.trustedfirmware.org; Loh, Tien Hock tien.hock.loh@intel.com Cc: See, Chin Liang chin.liang.see@intel.com; Hea, Kok Kiang kok.kiang.hea@intel.com Subject: RE: Run BL33 (u-boot) in EL3
Hi Achin,
Thanks for the feedback.
This is use case when user doing development, testing and bring up the board, they can use this option to run their script on U-Boot shell to access these secure region. Once they have finished the development, and testing, then user can switch U-Boot into EL2. This flexibility would definitely giving some degree of convenience for development and testing.
Thanks.
From: Achin Gupta <Achin.Gupta@arm.commailto:Achin.Gupta@arm.com> Sent: Tuesday, 27 April, 2021 4:38 PM To: tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org; Loh, Tien Hock <tien.hock.loh@intel.commailto:tien.hock.loh@intel.com> Cc: Chee, Tien Fong <tien.fong.chee@intel.commailto:tien.fong.chee@intel.com>; See, Chin Liang <chin.liang.see@intel.commailto:chin.liang.see@intel.com>; Hea, Kok Kiang <kok.kiang.hea@intel.commailto:kok.kiang.hea@intel.com> Subject: Re: Run BL33 (u-boot) in EL3
Hi Tien Hock,
The maintainers will have more thoughts on this but my $0.02 fwiw.
I cannot see why the Trusted Firmware project should carry any option that enables use of EL3 by users who do not care about security. EL3 is not meant to run u-boot with a shell that can be used to fiddle with secure memory. This flies against the basic security principles that the project is built upon.
cheers, Achin
________________________________ From: TF-A <tf-a-bounces@lists.trustedfirmware.orgmailto:tf-a-bounces@lists.trustedfirmware.org> on behalf of Loh, Tien Hock via TF-A <tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org> Sent: 27 April 2021 09:02 To: tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org <tf-a@lists.trustedfirmware.orgmailto:tf-a@lists.trustedfirmware.org> Cc: Chee, Tien Fong <tien.fong.chee@intel.commailto:tien.fong.chee@intel.com>; See, Chin Liang <chin.liang.see@intel.commailto:chin.liang.see@intel.com>; Hea, Kok Kiang <kok.kiang.hea@intel.commailto:kok.kiang.hea@intel.com> Subject: [TF-A] Run BL33 (u-boot) in EL3
Hi,
I'm maintaining TF-A for Intel SoCFPGA platform.
Would it be possible if we should have the option to run BL33 (u-boot in our case) in EL3?
The Intel SoCFPGA platform u-boot used to handle all SMC calls:
SPL u-boot (EL3) -> u-boot (EL3)
And we have since move to use TF-A's BL31, thus boot became SPL u-boot (EL3) -> TF-A BL31 (EL3) -> u-boot (EL2)
Main reason is that some users would like to keep u-boot at EL3 as they do not care about security, and some users wanted to run some debugging read/write to secure region in u-boot shell.
Thanks
Tien Hock
tf-a@lists.trustedfirmware.org