From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <heyi.guo@linaro.org>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=2607:f8b0:400e:c01::242; helo=mail-pl0-x242.google.com;
 envelope-from=heyi.guo@linaro.org; receiver=edk2-devel@lists.01.org 
Received: from mail-pl0-x242.google.com (mail-pl0-x242.google.com
 [IPv6:2607:f8b0:400e:c01::242])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 83CAF20954CB8
 for <edk2-devel@lists.01.org>; Thu, 22 Feb 2018 19:11:39 -0800 (PST)
Received: by mail-pl0-x242.google.com with SMTP id v9-v6so2136444plp.12
 for <edk2-devel@lists.01.org>; Thu, 22 Feb 2018 19:17:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=from:date:to:cc:subject:message-id:references:mime-version
 :content-disposition:in-reply-to:user-agent;
 bh=2n/Z+gFw3QKm4lAqMBvU9KBku2cCmtOo2KG5VFdeXhs=;
 b=Ml+UMhOvzi868EZbn0c/x0ZzVttN9Mtt2xTi5Mch37xUVmE5kMMZ5oUvDMzzELTD5H
 P7iMHbLB0hYSIKi+m6IlG+3G9sJNDWRN1RE8juFOC6SaKEXODNiqKzYW8RTu9X76g0XB
 T8N/6CkmUl3JzMSVVAOhItmqTTfIGld9lrHTc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:date:to:cc:subject:message-id:references
 :mime-version:content-disposition:in-reply-to:user-agent;
 bh=2n/Z+gFw3QKm4lAqMBvU9KBku2cCmtOo2KG5VFdeXhs=;
 b=j5NzIjYPQ/UnrohUqMATghH7/fUbpgKM5nkZ7XonWbbPWu1Qg/eBWEnNzcUBEgG54h
 zG14Y+/v6JehOwYjxWO274TrmNXThPb46fRBaZNeWJhZMSA9keu3MQTzxf/Ml+dl4W/H
 O11Y4dCWrDj2mT8Hn+kytWqHz6wvWEmFr/x7JW9aIxWuyb/QtQ3OBy8fn4w8eLnXJYSS
 td2l8xp40AFZ3VNClZZZo8cYcwqp/KI1l7ZNbuoyISaYBjJW4xtBm1bUE1TtbgEpi6IG
 UbEQN28mm2QkBtuXwni7habbYbdZMtgXGEDQ5QQqab0ja7/rBuNmz8kwYcBIecSNnsVi
 n29A==
X-Gm-Message-State: APf1xPBkJq7VK4kvTh0UW8MADwb7oFnuCM1kc4DZA06ZbKQY+RqNo0AV
 jqlsRcvkxJowB90wO3EEAttVWA==
X-Google-Smtp-Source: AH8x227cH1arfqNoxH3qOCviRpIyapsB+x3znc1bpXiHxINtcmpCfX4OVdAQvvJXgB+u3zXctjBoQw==
X-Received: by 2002:a17:902:4643:: with SMTP id
 o61-v6mr272071pld.103.1519355861055; 
 Thu, 22 Feb 2018 19:17:41 -0800 (PST)
Received: from SZX1000114654 ([45.56.152.187])
 by smtp.gmail.com with ESMTPSA id p9sm1769945pgs.35.2018.02.22.19.17.37
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Thu, 22 Feb 2018 19:17:40 -0800 (PST)
From: Guo Heyi <heyi.guo@linaro.org>
X-Google-Original-From: Guo Heyi <g00179230@SZX1000114654>
Date: Fri, 23 Feb 2018 11:17:35 +0800
To: Jeremy Linton <jeremy.linton@arm.com>
Cc: Heyi Guo <heyi.guo@linaro.org>, leif.lindholm@linaro.org,
 linaro-uefi@lists.linaro.org, edk2-devel@lists.01.org,
 graeme.gregory@linaro.org, huangming23@huawei.com,
 ard.biesheuvel@linaro.org, john.garry@huawei.com,
 zhangjinsong2@huawei.com, wanghuiqiang@huawei.com,
 guoheyi@huawei.com, waip23@126.com, mengfanrong@huawei.com,
 huangdaode@hisilicon.com
Message-ID: <20180223031735.GE95440@SZX1000114654>
References: <1517572648-11343-1-git-send-email-heyi.guo@linaro.org>
 <1517572648-11343-8-git-send-email-heyi.guo@linaro.org>
 <a4a07a8a-eb9b-6692-1422-6878e288d4ff@arm.com>
MIME-Version: 1.0
In-Reply-To: <a4a07a8a-eb9b-6692-1422-6878e288d4ff@arm.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Subject: Re: [PATCH edk2-non-osi v3 7/7] Hisilicon/D05: Update binary of trusted-firmware
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Feb 2018 03:11:40 -0000
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Hi Jeremy,

This TF binaries have not been patched the latest SMCCC workaround; it is based
on v1.4 release and was only
patched with "disable/enable MMU in PSCI SMC call", as the commit in upstream TF
code:
f62ad322695d16178db464dc062fe0af592c6780 

When we generated these binaries, SMCCC patches had not come out so they are not
contained in these binaries.

Do you recommend using the latest smccc patches?

Thanks and regards,

Heyi

On Thu, Feb 22, 2018 at 08:37:11PM -0600, Jeremy Linton wrote:
> Hi,
> 
> On 02/02/2018 05:57 AM, Heyi Guo wrote:
> >1 Workarounds for CVE-2017-5715 on Cortex A57/A72/A73 and A75 #1214.
> 
> I've been trying to verify spectre fixes, and I don't get a smccc version
> from this firmware (see this kernel branch
> https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/log/?h=kpti)
> image.
> 
> This means that the spectre BP hardening isn't activating on the D05. So,
> unless i'm doing something wrong (quite possible) it appears that this image
> isn't utilizing the correct ATF patches.
> 
> Can someone please verify/check this image with a SMCCC enabled kernel?
> 
> Thanks,
> 
> 
> >2 Upgrade trusted firmware to 1.4
> >
> >Contributed-under: TianoCore Contribution Agreement 1.1
> >Signed-off-by: Ming Huang <huangming23@huawei.com>
> >Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
> >Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
> >Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> >---
> >  Platform/Hisilicon/D05/bl1.bin | Bin 14344 -> 12424 bytes
> >  Platform/Hisilicon/D05/fip.bin | Bin 41493 -> 37546 bytes
> >  2 files changed, 0 insertions(+), 0 deletions(-)
> >
> >diff --git a/Platform/Hisilicon/D05/bl1.bin b/Platform/Hisilicon/D05/bl1.bin
> >index 7341476..b95257c 100644
> >Binary files a/Platform/Hisilicon/D05/bl1.bin and b/Platform/Hisilicon/D05/bl1.bin differ
> >diff --git a/Platform/Hisilicon/D05/fip.bin b/Platform/Hisilicon/D05/fip.bin
> >index 496a9b8..5958293 100644
> >Binary files a/Platform/Hisilicon/D05/fip.bin and b/Platform/Hisilicon/D05/fip.bin differ
> >
>