From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2a00:1450:4864:20::444; helo=mail-wr1-x444.google.com; envelope-from=leif.lindholm@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-wr1-x444.google.com (mail-wr1-x444.google.com [IPv6:2a00:1450:4864:20::444]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 405642117D75A for ; Tue, 22 Jan 2019 12:26:30 -0800 (PST) Received: by mail-wr1-x444.google.com with SMTP id z5so28873639wrt.11 for ; Tue, 22 Jan 2019 12:26:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=Ua4KBUr2h2xBy7HG3gsmUm2oKrpbx8Tt6tlUfbxJMvI=; b=Q1wqSte+hp+EKo8yw/okLVnwg55laH1FMXw8q70Ua8rVkZkFYfYd4fmICz+J4mu5O7 NbhBsNZbMWFXlX3mF0pBZcMYRxJMwz6SLSr/LgDmelJOefRhKeioRHNifHkWA4q3TN5s U6Aa4edeGgH2EfTWmlZWsslvkCy1zhAiPdsUY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=Ua4KBUr2h2xBy7HG3gsmUm2oKrpbx8Tt6tlUfbxJMvI=; b=WaL3rLUFrhqjpB5t5faU0G5waBzsqoN+C4UgXOq47/3aQk3hNOnMIb5jPoiKbIaC+h FVR7Pew0syeQYE/jD2VR77vbJcElu0pz7y2zIc3tDyyqu1VTOJrU/wPndJTHYDUD55UJ 8pd5ExwUF6SE37dKhfv8H5+8FrsaBv9S9b13ZvX+FV4Uq4TEFFd8mc1DVTZ0stQlzpEx 6yO5NF8Gzn6mwL/qd7fvEKvitKcmQhVCtV8FoZXwzycQQxrs/gaYs4Nse8inS5qbhVh7 QUb82B260+5qk9gEea+FZZ+Mv8SC1EarYwwsNHZdIEiP3xNgB4Abfz4Ewcc11ZkRcJtW +eKA== X-Gm-Message-State: AJcUuke6qht+HD2GdXPJn9X6s6/yLiPvWontzZ8iX/n4d3X9eaHnN+z4 a2XNT6vCgw96rQwFjz17jiezm7H2/ro= X-Google-Smtp-Source: ALg8bN7SVniHWr1bR6PGeGd2YeHUfvl5pIC1ihhbIlpqPhfFFsk4Mr6nDzw0WXRv7y4OIA3NAgnd3g== X-Received: by 2002:adf:bc87:: with SMTP id g7mr33721976wrh.250.1548188789372; Tue, 22 Jan 2019 12:26:29 -0800 (PST) Received: from bivouac.eciton.net (bivouac.eciton.net. [2a00:1098:0:86:1000:23:0:2]) by smtp.gmail.com with ESMTPSA id h2sm110786485wrv.87.2019.01.22.12.26.28 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 22 Jan 2019 12:26:28 -0800 (PST) Date: Tue, 22 Jan 2019 20:26:27 +0000 From: Leif Lindholm To: Marcin Wojtas Cc: edk2-devel-01 , Ard Biesheuvel , nadavh@marvell.com, "jsd@semihalf.com" , Grzegorz Jaszczyk , Kostya Porotchkin Message-ID: <20190122202627.ccu3koeskydsvjus@bivouac.eciton.net> References: <1548120742-11928-1-git-send-email-mw@semihalf.com> <1548120742-11928-2-git-send-email-mw@semihalf.com> <20190122172643.i6newphbfjiertsb@bivouac.eciton.net> <20190122190649.x2bh7gd5szxmfxy5@bivouac.eciton.net> MIME-Version: 1.0 In-Reply-To: User-Agent: NeoMutt/20170113 (1.7.2) Subject: Re: [platforms: PATCH v2 1/4] Marvell/Armada7k8k: Shift PEI stack base X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jan 2019 20:26:31 -0000 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, Jan 22, 2019 at 08:27:10PM +0100, Marcin Wojtas wrote: > > > > > In order to fix this, extend the region which is non-accessible > > > > > by the OS to cover both the ARM-TF (0x4000000 - 0x4200000) and OPTEE > > > > > (0x4400000 - 0x5400000) within a single area (0x4000000 - 0x5400000). > > > > > Set the PEI stack base address between both images (0x43F0000). > > > > > > > > OK, that is a much better description. > > > > But I'm getting slight cognitive dissonance from placing the PEI stack > > > > inside something we've just claimed belongs to Secure world... > > > > > > > > Could you instead break this out into two separate protected regions? > > > > PcdSecureOpteeBase/Size and PcdSecureTfBase/Size? > > > > > > > > Alternatively, nudge the stackbase to 0x5400000? > > > > > > As discussed some time ago with Ard, when the PEI stack base was > > > introduced, it is recommended that this stack is placed in the > > > location, which is not accessible by OS. Most preferred is to have it > > > in the SRAM (cannot do it on Armada7k8k) or in a reserved region - cut > > > out from the memory map passed to the OS. > > > > > > Currently we have a single region (a "hole") that covers: > > > 2MB for EL3 runtime services > > > 2MB of nothing > > > 16MB for OPTEE image > > > > > > The 2MB space between images IMO seems perfect for PEI stack to place. > > > If it was placed e.g. @0x5400000 and we kept the reserved regions > > > separate, the outcome would be: > > > 2MB for EL3 runtime services > > > 2MB of DRAM normal memory > > > 16MB + 64kB for Optee and PEI stack base. > > > > > > This is the reason, I'd like to keep original setting, proposed in the > > > patch. Please let know your opinion. > > > > I have no issue with the placement of the PEI stack between the ARM-TF > > region and the Op-TEE region. I _have_ an issue with the PEI stack > > being placed between PcdSecureRegionBase and (PcdSecureRegionBase + > > PcdSecureRegionSize). I.e. something that we describe as "the Secure > > region". > > > > I think I gave my suggestion for the resolution of this problem (with > > moving StackBase to 0x05400000 as the alternative) in my previous > > reply. > > > > Yes, and I answered, presenting the alternative memory map with > additional 64kB "cut out" on top of 20MB "hole" of memory, which I'm > not fancy, given available space inside the 20MB chunk. Please go back and reread my first and my second email. Then please point out where I have, other than as an alternative solution, suggested growing the cutout size. Then perhaps we can rewind this conversation and try again? Best Regards, Leif > Because in fact this region is not entirely secure (EL3 runtime > services are exectued in NS context for example), how about I: > - rename the PCD's to be more generic (e.g. > gMarvellTokenSpaceGuid.PcdReservedRegionBase) > - add proper comment in Armada7k8k.dsc.inc for the default reserved > memory (+ maybe in Armada7k8kLib, where the PCD's are used) > ? > > Best regards, > Marcin > > > > > > > Best regards, > > > Marcin > > > > > > > > > > > > > > / > > > > Leif > > > > > > > > > Contributed-under: TianoCore Contribution Agreement 1.1 > > > > > Signed-off-by: Marcin Wojtas > > > > > --- > > > > > Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc | 4 ++-- > > > > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > > > > > > > diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc > > > > > index eafcd6e..c8c597f 100644 > > > > > --- a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc > > > > > +++ b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc > > > > > @@ -376,12 +376,12 @@ > > > > > > > > > > gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|36 > > > > > > > > > > - gArmPlatformTokenSpaceGuid.PcdCPUCoresStackBase|0x41F0000 > > > > > + gArmPlatformTokenSpaceGuid.PcdCPUCoresStackBase|0x43F0000 > > > > > gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize|0x10000 > > > > > > > > > > # Secure region reservation > > > > > gMarvellTokenSpaceGuid.PcdSecureRegionBase|0x4000000 > > > > > - gMarvellTokenSpaceGuid.PcdSecureRegionSize|0x0200000 > > > > > + gMarvellTokenSpaceGuid.PcdSecureRegionSize|0x1400000 > > > > > > > > > > # TRNG > > > > > gMarvellTokenSpaceGuid.PcdEip76TrngBaseAddress|0xF2760000 > > > > > -- > > > > > 2.7.4 > > > > >