From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mw@semihalf.com>
Received-SPF: None (no SPF record) identity=mailfrom;
 client-ip=2607:f8b0:4864:20::12a; helo=mail-it1-x12a.google.com;
 envelope-from=mw@semihalf.com; receiver=edk2-devel@lists.01.org 
Received: from mail-it1-x12a.google.com (mail-it1-x12a.google.com
 [IPv6:2607:f8b0:4864:20::12a])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 7539A209603EB
 for <edk2-devel@lists.01.org>; Tue, 22 Jan 2019 10:27:10 -0800 (PST)
Received: by mail-it1-x12a.google.com with SMTP id h65so21506931ith.3
 for <edk2-devel@lists.01.org>; Tue, 22 Jan 2019 10:27:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=semihalf-com.20150623.gappssmtp.com; s=20150623;
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to
 :cc:content-transfer-encoding;
 bh=LVATnXkU06guJR8nMqodEJk+n+3Hpa5+fcW8K+aKI5U=;
 b=n4rfNFw3ZrF4ZavHfJivOTxerVGfInWF1ZEyPHkPWRrmMqWBuUGmoNvI437A1rT83V
 7bceFZIz5c2C3G++0ysFcBweyNsXuhfm6OyKRYlQ6pfukSIYrH3eLmbB0XPVqrtxtlre
 Sqqxn5smHmYE18unU1nwG9iEN4EHbfoUtKQ1c9jn8Og/9EnCKsWKSDywbgkboNw/bQRQ
 +iMsedpwmHrVttuJcuQSbn2RtMXObz7z7rsGTzMVM0KFaH3BzjVwBm/9lqGY1wC8xCw7
 YNuU3dVvfgOHqtC62tANZM263qhygQagB3pEixTZmEc74Zii1nzbs5b4IR13tEtaFw+v
 NTzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc:content-transfer-encoding;
 bh=LVATnXkU06guJR8nMqodEJk+n+3Hpa5+fcW8K+aKI5U=;
 b=tiZf6MnVJtKUXWC29SZ0BUySAWCm/mC0sEhGxYtRCgLvR3b/mNU+XtP9OcNgbaztSB
 3MWFGAswQmFyksND6I3S0LcPlyzONN0heF21H8zFx7Jd5txqFwxpekkJ0+zJUtmPNFd2
 STAZXP5zeKm9gCCkBV7h7hHbTzgooRAoNSWVxwkhpYfgvK7Mwx3T/eZva0L2XQEvlwP8
 Ui5cJMaiaqPEqZimgPJgi5GqOYt1C81Yf4V/8wey8Xsn5GV9KOHqF/lQWpIosiAAdfok
 OHBcNEo4SvnP3g8ynT78xvfVwt+DQAZRzketbqbjTz37F9TK8dn9JSCslXLB1RZUE1dd
 b7FA==
X-Gm-Message-State: AJcUukdf79Gop4Afp66XnBWHWEXo1x2FvQC4BsKQEKGnHdUUmPDVz482
 MtupysuEqtTTWoBv4iaYZ3UCVcJS7v58z/L4/ZklOCxavho=
X-Google-Smtp-Source: ALg8bN6mZZ1EZALjfBM3ydj07Y6fghH8C+2g/0k1jlpYy3Ro3tbg2R3hulSBysiLNm0qZBgB3GLifAcdEeQSzpFnet8=
X-Received: by 2002:a24:eb0b:: with SMTP id h11mr2811528itj.138.1548181629581; 
 Tue, 22 Jan 2019 10:27:09 -0800 (PST)
MIME-Version: 1.0
References: <1548120742-11928-1-git-send-email-mw@semihalf.com>
 <1548120742-11928-2-git-send-email-mw@semihalf.com>
 <20190122172643.i6newphbfjiertsb@bivouac.eciton.net>
In-Reply-To: <20190122172643.i6newphbfjiertsb@bivouac.eciton.net>
From: Marcin Wojtas <mw@semihalf.com>
Date: Tue, 22 Jan 2019 19:26:58 +0100
Message-ID: <CAPv3WKezXgovav6a5NG4rDGLOok5EZkc2MLwB4DqA3X0p33NUQ@mail.gmail.com>
To: Leif Lindholm <leif.lindholm@linaro.org>
Cc: edk2-devel-01 <edk2-devel@lists.01.org>,
 Ard Biesheuvel <ard.biesheuvel@linaro.org>, 
 nadavh@marvell.com, "jsd@semihalf.com" <jsd@semihalf.com>,
 Grzegorz Jaszczyk <jaz@semihalf.com>, 
 Kostya Porotchkin <kostap@marvell.com>
Subject: Re: [platforms: PATCH v2 1/4] Marvell/Armada7k8k: Shift PEI stack base
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
X-List-Received-Date: Tue, 22 Jan 2019 18:27:10 -0000
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Hi Leif,

wt., 22 sty 2019 o 18:26 Leif Lindholm <leif.lindholm@linaro.org> napisa=C5=
=82(a):
>
> On Tue, Jan 22, 2019 at 02:32:19AM +0100, Marcin Wojtas wrote:
> > Recent changes in the ARM-TF configure its runtime serices region
> > as protected, hence the hitherto PEI stack base address (0x41F0000)
> > violated it.
> >
> > In order to fix this, extend the region which is non-accessible
> > by the OS to cover both the ARM-TF (0x4000000 - 0x4200000) and OPTEE
> > (0x4400000 - 0x5400000) within a single area (0x4000000 - 0x5400000).
> > Set the PEI stack base address between both images (0x43F0000).
>
> OK, that is a much better description.
> But I'm getting slight cognitive dissonance from placing the PEI stack
> inside something we've just claimed belongs to Secure world...
>
> Could you instead break this out into two separate protected regions?
> PcdSecureOpteeBase/Size and PcdSecureTfBase/Size?
>
> Alternatively, nudge the stackbase to 0x5400000?

As discussed some time ago with Ard, when the PEI stack base was
introduced, it is recommended that this stack is placed in the
location, which is not accessible by OS. Most preferred is to have it
in the SRAM (cannot do it on Armada7k8k) or in a reserved region - cut
out from the memory map passed to the OS.

Currently we have a single region (a "hole") that covers:
2MB for EL3 runtime services
2MB of nothing
16MB for OPTEE image

The 2MB space between images IMO seems perfect for PEI stack to place.
If it was placed e.g. @0x5400000 and we kept the reserved regions
separate, the outcome would be:
2MB for EL3 runtime services
2MB of DRAM normal memory
16MB + 64kB for Optee and PEI stack base.

This is the reason, I'd like to keep original setting, proposed in the
patch. Please let know your opinion.

Best regards,
Marcin


>
> /
>     Leif
>
> > Contributed-under: TianoCore Contribution Agreement 1.1
> > Signed-off-by: Marcin Wojtas <mw@semihalf.com>
> > ---
> >  Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc b/Silicon/Ma=
rvell/Armada7k8k/Armada7k8k.dsc.inc
> > index eafcd6e..c8c597f 100644
> > --- a/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
> > +++ b/Silicon/Marvell/Armada7k8k/Armada7k8k.dsc.inc
> > @@ -376,12 +376,12 @@
> >
> >    gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|36
> >
> > -  gArmPlatformTokenSpaceGuid.PcdCPUCoresStackBase|0x41F0000
> > +  gArmPlatformTokenSpaceGuid.PcdCPUCoresStackBase|0x43F0000
> >    gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize|0x10000
> >
> >    # Secure region reservation
> >    gMarvellTokenSpaceGuid.PcdSecureRegionBase|0x4000000
> > -  gMarvellTokenSpaceGuid.PcdSecureRegionSize|0x0200000
> > +  gMarvellTokenSpaceGuid.PcdSecureRegionSize|0x1400000
> >
> >    # TRNG
> >    gMarvellTokenSpaceGuid.PcdEip76TrngBaseAddress|0xF2760000
> > --
> > 2.7.4
> >