From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=217.140.101.70; helo=foss.arm.com; envelope-from=marc.zyngier@arm.com; receiver=edk2-devel@lists.01.org Received: from foss.arm.com (foss.arm.com [217.140.101.70]) by ml01.01.org (Postfix) with ESMTP id C4D6B2237A4F8 for ; Sat, 3 Feb 2018 05:39:14 -0800 (PST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id DE44F1529; Sat, 3 Feb 2018 05:44:52 -0800 (PST) Received: from why.wild-wind.fr.eu.org (usa-sjc-mx-foss1.foss.arm.com [217.140.101.70]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id ECA283F24D; Sat, 3 Feb 2018 05:44:51 -0800 (PST) Date: Sat, 3 Feb 2018 13:44:47 +0000 From: Marc Zyngier To: Ard Biesheuvel Cc: "edk2-devel@lists.01.org" , Leif Lindholm , Alan Ott Message-ID: <20180203134447.087c12a1@why.wild-wind.fr.eu.org> In-Reply-To: References: <20180201160435.3010-1-ard.biesheuvel@linaro.org> <20180201160435.3010-3-ard.biesheuvel@linaro.org> Organization: ARM Ltd X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu) MIME-Version: 1.0 Subject: Re: [PATCH edk2-non-osi 2/2] Silicon/AMD/Styx: update ArmTrustedFirmware.bin X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Feb 2018 13:39:15 -0000 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Thu, 1 Feb 2018 16:42:53 +0000 Ard Biesheuvel wrote: > On 1 February 2018 at 16:04, Ard Biesheuvel wrote: > > The ARM Trusted Firmware build we have been using up until now was built > > with optimizations disabled (which means every variable manipulation > > involves a load, the operation itself and a store), and runs with the > > MMU disabled, making it needlessly slow. > > > > This appears to be due to the fact that > > a) the page tables are not set up correctly, so not all memory can be > > accessed from EL3 > > b) the handling of SMC service calls does not take into account that > > these calls may be made with the MMU off (e.g., by UEFI PEI). > > > > These issues have been fixed in the source code, which should hopefully > > remove any performance bottlenecks that may become more noticeable now > > that we are going to call into the secure firmware more often to perform > > Spectre variant 2 mitigations, which have been backported as well. > > > > So update the binary image to a RELEASE build that was created with > > optimizations enabled, and has the above fixes incorporated. > > > > Contributed-under: TianoCore Contribution Agreement 1.1 > > Signed-off-by: Ard Biesheuvel > > --- > > Silicon/AMD/Styx/ArmTrustedFirmware.bin | Bin 75344 -> 34320 bytes > > 1 file changed, 0 insertions(+), 0 deletions(-) > > > > Note to Marc: this is the exact image I shared with you as > bl31.bin-release earlier today, so if that works as expected, could > you report back here please? Thanks. To confirm, this firmware boots perfectly on Cello, and the new SMCCC 1.1 is now reported by the kernel (with in-flight patches): [ 0.000000] psci: probing for conduit method from DT. [ 0.000000] psci: PSCIv1.0 detected in firmware. [ 0.000000] psci: Using standard PSCI v0.2 function IDs [ 0.000000] psci: MIGRATE_INFO_TYPE not supported. [ 0.000000] psci: SMC Calling Convention v1.1 as well as ARM_SMCCC_ARCH_WORKAROUND_1, allowing for efficient mitigation of Spectre v2. I guess we have quite a few Seattle/Overdrive and OD1000 that now need this to be deployed. Thanks a lot Ard! M. -- Without deviation from the norm, progress is not possible.