From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: None (no SPF record) identity=mailfrom; client-ip=2607:f8b0:4864:20::d29; helo=mail-io1-xd29.google.com; envelope-from=mw@semihalf.com; receiver=edk2-devel@lists.01.org Received: from mail-io1-xd29.google.com (mail-io1-xd29.google.com [IPv6:2607:f8b0:4864:20::d29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 46EAD210F30CE for ; Tue, 22 Jan 2019 12:56:27 -0800 (PST) Received: by mail-io1-xd29.google.com with SMTP id s8so7991003iob.13 for ; Tue, 22 Jan 2019 12:56:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=semihalf-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=LtPzW0QC5ZNvbOOZinNg4ildxyl7/uU86fuIyPZYVQs=; b=M+Q78cOzoEESegDW1jPdM0qjFKYu3K/NsEZUM5f8nBdlOYUsEs+w325zTu+1Cb8OvQ jnNB/YHVFLTOrfyPT12ZJ/HcAydUY8RsEidIH/6WTLWjSsHA8JANrHd/mYMlruNEV1y7 bzu2TxY5Ipmtbzasy/x1W/Wyjz/tRvie7GbYP2lM0vH7ONtZy+7SInD+7ujINGLBacLN +4EJak6jo6RWjPJG3o6VRNSNp65nTJPE/STsK5BEIZ6uB3B2OcnXyWb17WAj253q72et uraOGkrPGJVeyRhoDJGwjC8jeZr16wyU5tAm9TiBhGfVczupRM2EaG7aRYFTiZwCx2qw H86Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=LtPzW0QC5ZNvbOOZinNg4ildxyl7/uU86fuIyPZYVQs=; b=ao4PNhhiFres/G7gNRBYpPqcOiZwJFrkPGpRcQD3vIVykHXhM7j/am1o02A0HATuKr E6HchWDUe2JidpyXl1hi/UumKCxZIhzD5rWAy1WelHcHI94jprrel0+azeTSSMgkpvgg NlEdYjqyko2gVAkOD3fH/yj+8EGBOvWN1hlPM+mHQdQr9nIhfg1D1bRPWU7JRvbvPSd2 WBNV2j50kvXl3Wm5VMINNiT7TMv6Forr5/z/D8qA6nL+RnGZdy3+fX/cKLRGT1ZzvgNP HvhuwTUW2InpCXb2PcdbMNZNNASsxZCX2wF2CtmLPsrTOKpX+Tlo0NttsNEhbodHBYcC ckFQ== X-Gm-Message-State: AJcUukc5MnYXJ7Mc1CdQDxmPGfUSY+Ix0lmGky0SChNEBHi1Yc1NWrsz W1ZGucAqAJAqybi2gDj2s2fb/kCSk8d2HDTxlQVrkA== X-Google-Smtp-Source: ALg8bN6J2aTeQ2DWqrZykJIKuOJa4GUmUZtKjXHoj9c4Pop9LDkvIiBh46uE4lnEikxOMA3hZx99WomNS0MZNM2ILKw= X-Received: by 2002:a5d:8049:: with SMTP id b9mr20721097ior.108.1548190586201; Tue, 22 Jan 2019 12:56:26 -0800 (PST) MIME-Version: 1.0 References: <1548120742-11928-1-git-send-email-mw@semihalf.com> <1548120742-11928-2-git-send-email-mw@semihalf.com> <20190122172643.i6newphbfjiertsb@bivouac.eciton.net> <20190122190649.x2bh7gd5szxmfxy5@bivouac.eciton.net> <20190122202627.ccu3koeskydsvjus@bivouac.eciton.net> In-Reply-To: <20190122202627.ccu3koeskydsvjus@bivouac.eciton.net> From: Marcin Wojtas Date: Tue, 22 Jan 2019 21:56:14 +0100 Message-ID: To: Leif Lindholm Cc: edk2-devel-01 , Ard Biesheuvel , nadavh@marvell.com, "jsd@semihalf.com" , Grzegorz Jaszczyk , Kostya Porotchkin Subject: Re: [platforms: PATCH v2 1/4] Marvell/Armada7k8k: Shift PEI stack base X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jan 2019 20:56:27 -0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Leif, wt., 22 sty 2019 o 21:26 Leif Lindholm napisa=C5= =82(a): > > On Tue, Jan 22, 2019 at 08:27:10PM +0100, Marcin Wojtas wrote: > > > > > > In order to fix this, extend the region which is non-accessible > > > > > > by the OS to cover both the ARM-TF (0x4000000 - 0x4200000) and = OPTEE > > > > > > (0x4400000 - 0x5400000) within a single area (0x4000000 - 0x540= 0000). > > > > > > Set the PEI stack base address between both images (0x43F0000). > > > > > > > > > > OK, that is a much better description. > > > > > But I'm getting slight cognitive dissonance from placing the PEI = stack > > > > > inside something we've just claimed belongs to Secure world... > > > > > > > > > > Could you instead break this out into two separate protected regi= ons? > > > > > PcdSecureOpteeBase/Size and PcdSecureTfBase/Size? > > > > > > > > > > Alternatively, nudge the stackbase to 0x5400000? > > > > > > > > As discussed some time ago with Ard, when the PEI stack base was > > > > introduced, it is recommended that this stack is placed in the > > > > location, which is not accessible by OS. Most preferred is to have = it > > > > in the SRAM (cannot do it on Armada7k8k) or in a reserved region - = cut > > > > out from the memory map passed to the OS. > > > > > > > > Currently we have a single region (a "hole") that covers: > > > > 2MB for EL3 runtime services > > > > 2MB of nothing > > > > 16MB for OPTEE image > > > > > > > > The 2MB space between images IMO seems perfect for PEI stack to pla= ce. > > > > If it was placed e.g. @0x5400000 and we kept the reserved regions > > > > separate, the outcome would be: > > > > 2MB for EL3 runtime services > > > > 2MB of DRAM normal memory > > > > 16MB + 64kB for Optee and PEI stack base. > > > > > > > > This is the reason, I'd like to keep original setting, proposed in = the > > > > patch. Please let know your opinion. > > > > > > I have no issue with the placement of the PEI stack between the ARM-T= F > > > region and the Op-TEE region. I _have_ an issue with the PEI stack > > > being placed between PcdSecureRegionBase and (PcdSecureRegionBase + > > > PcdSecureRegionSize). I.e. something that we describe as "the Secure > > > region". > > > > > > I think I gave my suggestion for the resolution of this problem (with > > > moving StackBase to 0x05400000 as the alternative) in my previous > > > reply. > > > > > > > Yes, and I answered, presenting the alternative memory map with > > additional 64kB "cut out" on top of 20MB "hole" of memory, which I'm > > not fancy, given available space inside the 20MB chunk. > > Please go back and reread my first and my second email. > Then please point out where I have, other than as an alternative > solution, suggested growing the cutout size. > > Then perhaps we can rewind this conversation and try again? Ok. So would it be sufficient to replace gMarvellTokenSpaceGuid.PcdSecureRegionBase with two sets of separate PCDs for ARM-TF runtime services and OPTEE leaving the PEI stack base @0x43f0000? Best regards, Marcin > > Best Regards, > > Leif > > > Because in fact this region is not entirely secure (EL3 runtime > > services are exectued in NS context for example), how about I: > > - rename the PCD's to be more generic (e.g. > > gMarvellTokenSpaceGuid.PcdReservedRegionBase) > > - add proper comment in Armada7k8k.dsc.inc for the default reserved > > memory (+ maybe in Armada7k8kLib, where the PCD's are used) > > ? > > > > Best regards, > > Marcin > > > > > > > > > > Best regards, > > > > Marcin > > > > > > > > > > > > > > > > > > / > > > > > Leif > > > > > > > > > > > Contributed-under: TianoCore Contribution Agreement 1.1 > > > > > > Signed-off-by: Marcin Wojtas > > > > > > --- > > > > > > Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc | 4 ++-- > > > > > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > > > > > > > > > diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc b/Si= licon/Marvell/Armada7k8k/Armada7k8k.dsc.inc > > > > > > index eafcd6e..c8c597f 100644 > > > > > > --- a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc > > > > > > +++ b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc > > > > > > @@ -376,12 +376,12 @@ > > > > > > > > > > > > gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|36 > > > > > > > > > > > > - gArmPlatformTokenSpaceGuid.PcdCPUCoresStackBase|0x41F0000 > > > > > > + gArmPlatformTokenSpaceGuid.PcdCPUCoresStackBase|0x43F0000 > > > > > > gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize|0x1000= 0 > > > > > > > > > > > > # Secure region reservation > > > > > > gMarvellTokenSpaceGuid.PcdSecureRegionBase|0x4000000 > > > > > > - gMarvellTokenSpaceGuid.PcdSecureRegionSize|0x0200000 > > > > > > + gMarvellTokenSpaceGuid.PcdSecureRegionSize|0x1400000 > > > > > > > > > > > > # TRNG > > > > > > gMarvellTokenSpaceGuid.PcdEip76TrngBaseAddress|0xF2760000 > > > > > > -- > > > > > > 2.7.4 > > > > > >