From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from EUR03-DB5-obe.outbound.protection.outlook.com (EUR03-DB5-obe.outbound.protection.outlook.com [40.107.4.43]) by mx.groups.io with SMTP id smtpd.web09.53350.1612278833639885004 for ; Tue, 02 Feb 2021 07:13:54 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=kE+easr0; spf=pass (domain: arm.com, ip: 40.107.4.43, mailfrom: sami.mujawar@arm.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3zRgucX/nVm+5C5gNiHPoTHwAtViERGMM18EfXIS0RY=; b=kE+easr0E+saUop+TkHiyKmR8lk8o2uz4HAVblUaLfYsy1SGSCbgR0pcGWeoCZB3IO3XX5VJA9mFoGR2FV3nX7wLveIeOH0GrKKlgv/yp4XCTRNAm3kAGu9/QKPPdABxIrf9GGwo2tlFDhqPueM/6jiGaqdp0bxeBskmpid5WGQ= Received: from AM0PR02CA0199.eurprd02.prod.outlook.com (2603:10a6:20b:28f::6) by AM0PR08MB4386.eurprd08.prod.outlook.com (2603:10a6:208:138::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3805.17; Tue, 2 Feb 2021 15:13:50 +0000 Received: from AM5EUR03FT032.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:28f:cafe::ef) by AM0PR02CA0199.outlook.office365.com (2603:10a6:20b:28f::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3805.18 via Frontend Transport; Tue, 2 Feb 2021 15:13:50 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; edk2.groups.io; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;edk2.groups.io; dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT032.mail.protection.outlook.com (10.152.16.84) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.11 via Frontend Transport; Tue, 2 Feb 2021 15:13:50 +0000 Received: ("Tessian outbound e989e14f9207:v71"); Tue, 02 Feb 2021 15:13:50 +0000 X-CR-MTA-TID: 64aa7808 Received: from e14a4c4ec566.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id D92581BF-2DBC-4C8C-AFC8-BA072EE87030.1; Tue, 02 Feb 2021 15:13:44 +0000 Received: from EUR04-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id e14a4c4ec566.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 02 Feb 2021 15:13:44 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WvsEmHqN62r+UtPYmbwxEeE6H60/qEbWDnujYvsw8agx7nfe5hd2gaRQO96mcvo+up71HATTbJ7i/wBrSSL20OQxdK4Ig/EdRSS2AM/Ctde/+c80v1G4gaWyoC3sKcf4qz9bdvFtDOqALHOx3WPcjXRitlqO7p8OPNWjUKlQXN1B51c76ju2son+9gMZsAtDe9Q8D5DHu7XsV3AdzYxBCrqOWKM11LJlpH8K4Irs/Y27Jd2Y988kC96QsTWqmkfpAwfU2pPWKPFZ1niD+ZQWimcxqdR1NU6oP2IU9K6bwmi8qTV/i3DEUHyBMYs3Q626VTtH3nrqwrifB0NPyGdZcA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3zRgucX/nVm+5C5gNiHPoTHwAtViERGMM18EfXIS0RY=; b=kKeg7I5scEfXXyUWtXZyw35cRkTm3rOn2v8KGStb0adaxgHUfOvVZbAWdQazqae4145XPQIVODsloqWYb5L84vPL/GAF00FlzY+wcIxBCNtWYDbz7+E4R1uxFFnrUOMheAP0BaDKkTZYoZ2HLjKRugV7CBaV6UUwI5+CbjfY96IA93eAtbaBAqf7Zz/6DzM0BcaWbaEyLlLSGsa0A/i+AovBlOhWfx+jiakZZODcpE1PgrLkZdFl94MbI/RrrD+lChEJ/55YWIWD45i3T9BiYppVuO+h3kFp7uCc5SgoBDbf39rd3QGy4pv97Ko6sFZHuJ3zsuu7vgGEFleSx3JwEw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3zRgucX/nVm+5C5gNiHPoTHwAtViERGMM18EfXIS0RY=; b=kE+easr0E+saUop+TkHiyKmR8lk8o2uz4HAVblUaLfYsy1SGSCbgR0pcGWeoCZB3IO3XX5VJA9mFoGR2FV3nX7wLveIeOH0GrKKlgv/yp4XCTRNAm3kAGu9/QKPPdABxIrf9GGwo2tlFDhqPueM/6jiGaqdp0bxeBskmpid5WGQ= Received: from DB7PR08MB3097.eurprd08.prod.outlook.com (2603:10a6:5:1d::27) by DB7PR08MB3819.eurprd08.prod.outlook.com (2603:10a6:10:30::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.15; Tue, 2 Feb 2021 15:13:42 +0000 Received: from DB7PR08MB3097.eurprd08.prod.outlook.com ([fe80::8c43:eec3:76be:9001]) by DB7PR08MB3097.eurprd08.prod.outlook.com ([fe80::8c43:eec3:76be:9001%4]) with mapi id 15.20.3805.026; Tue, 2 Feb 2021 15:13:42 +0000 From: "Sami Mujawar" To: Ilias Apalodimas CC: Sughosh Ganu , "devel@edk2.groups.io" , Ard Biesheuvel , Leif Lindholm , Sahil Malhotra , nd Subject: Re: [PATCH edk2-platforms v3 1/2] Drivers/OpTeeRpmb: Add an OP-TEE backed RPMB driver Thread-Topic: [PATCH edk2-platforms v3 1/2] Drivers/OpTeeRpmb: Add an OP-TEE backed RPMB driver Thread-Index: AQHW05wANg6qV1bhf02zxj7gesITj6o70FMggAKyfwCABRs0gIABSX7AgAAwXgCAACY3gIAABUzg Date: Tue, 2 Feb 2021 15:13:42 +0000 Message-ID: References: <20201216110903.17995-1-sughosh.ganu@linaro.org> <20201216110903.17995-2-sughosh.ganu@linaro.org> In-Reply-To: Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ts-tracking-id: 6C5C5ABC75E9854E906E8FBD0CF65E7A.0 x-checkrecipientchecked: true Authentication-Results-Original: linaro.org; dkim=none (message not signed) header.d=none;linaro.org; dmarc=none action=none header.from=arm.com; x-originating-ip: [86.132.153.38] x-ms-publictraffictype: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: fd9979ed-6687-4f77-619b-08d8c78d2563 x-ms-traffictypediagnostic: DB7PR08MB3819:|AM0PR08MB4386: x-ms-exchange-transport-forked: True X-Microsoft-Antispam-PRVS: x-checkrecipientrouted: true nodisclaimer: true x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: SX73j4gFfCdQUoIwAWonFEzbIuFICGteUM0TzW+K7AbB4sFjDrI/nSqTKA89ppa8xlPReO1V986Sk0w+A9/yKw4jDWsQedFbno3V43xNgNpnnRdqZpfO/ViPXph0v5y1R/ppdTJMtIFVOE/4MRep2yyIzdkUbXtk7lO013zzQTjTSYRM2+49UwtvwZM4x0c1py5fyiwp/FvVGesT+MRgmI1/o0z4c10OAoOyEeI91rK1ZeNaQQqx7k7atjHB0bO7kxDeTwrOAkICvFY5p9lQocetusLS4B2IWpHYDfRMMr9muxg0SwZiN+V1lqE99S6JJy412n1M/6qvNAXolNPwouVBJ3MrJ2q34YD4saoq9lIUtWnyS/EjLVmF73E6dLPXkRvXQawyfQPMELjs+LnlpU8O13ZW5yJSLXdE+281vqsnLfJd+stTHVbI3wbqDW28JfBG6BoJcPggS5CSDG/A/yhRYDOmXZ1nmm26lpeyhzv5GvrMkyE2H34vd6UzWcX+fC8kaz3tEk+I1uNxqZQ7PQ== X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB7PR08MB3097.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(6029001)(4636009)(366004)(136003)(346002)(39860400002)(376002)(396003)(9686003)(52536014)(54906003)(55016002)(6506007)(8676002)(33656002)(2906002)(71200400001)(53546011)(4326008)(5660300002)(83380400001)(26005)(6916009)(86362001)(478600001)(7696005)(8936002)(66446008)(316002)(64756008)(66556008)(76116006)(66946007)(66476007)(186003);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?xYRlYl8JokXWFILnJS+phEgVMdqhSHzo5QitaHA6FqoGqybfIBIjF3NhPXmh?= =?us-ascii?Q?aeTCUsBPsedOLMRooPeU90M6Z5hz+MlHZyt8CdndB5EfmHHFPZN9Rcl+ysBc?= =?us-ascii?Q?EWSHHc0Y7MhjwlPFBWxEnX6ElWrztXtLjVYv6A2amHJkbHXFE0MZmXCj3Ibv?= =?us-ascii?Q?Lc+D+4u2L3dW0BKgP6CyL9nWQvnBHDPaKur6ngGNwWZbTPmoQfsM/Sa5tgWV?= =?us-ascii?Q?N4ffIsPK9X74ybSo9+7896iVTx9+EHffXRXRu8bAdzspuiTKsn5zwYU3mUBG?= =?us-ascii?Q?x3ac5OIbddRPyv+p9jfJoYgX6wj4YSqRI8u8l/dutoA+kuBCPezePzG/CV2r?= =?us-ascii?Q?pMfxISC8cqkWp5nztjJU3FEV8/cztWDvtK7P3oLjpA/i2JOXWSN4UnyN2q0R?= =?us-ascii?Q?dLjQx80xCl6xaH/6bpFRTbpYnsQfst4aEhLuLvE0kC3Mv+6FVAQ0R+aOpdI/?= =?us-ascii?Q?E7QY+yuwWApw3NF4wmOoy9hvDAdQohwUnMCxgqrF0yHdEjv7DZgkwsT/3HOs?= =?us-ascii?Q?+XfKqm09/r0NtdV/7DmCq5nTX6ixIvZtweaHl3Gujd0DhHzXdOvSd07rzR5N?= =?us-ascii?Q?6BJdsU8ivQneXHvGdY9Xj1ZHe2yHohRI/a0RVyAw0GyFvbppujR6AFR4GRWL?= =?us-ascii?Q?L2vo8zRJ/T7LAOvdMlsKVoLfx95rgvvkNmqdZAuYR2mPu91C3yWfJzaGH9iq?= =?us-ascii?Q?k1LyQBCApSwKgz1brNPkegWDhG/YM7nUeY5lp2OroB7W/mUCkKwGU4QMMgbl?= =?us-ascii?Q?nxiTV3vxAggEIZu4PubObn3MzuVYUKw+g7IhtZNYjf3K67bG1Fn6U0XB6AqM?= =?us-ascii?Q?58e884nZrnP2bSwmsmiVair5d1+m/flbqD6eD+4XZUYfWDZ/9Fj4y4ko1oXL?= =?us-ascii?Q?buh0joBkS+xNdzztKWo6fJzzbnL7Z5StvMCM7lkHI5tLP/qlC+KzRSwuCNtV?= =?us-ascii?Q?OqEcwKUdPf1aEd3GZxEogmeCQOsEshXbFalrFXKKxbBl0HnItOZlg5Y+J004?= =?us-ascii?Q?sGs1IMq/MeLjbUMPqrSH5ZyrCFDOEtqzzgKOQBIvmZQffP1Nn8RD2Q3geAOk?= =?us-ascii?Q?NdsIfCk2?= MIME-Version: 1.0 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR08MB3819 Original-Authentication-Results: linaro.org; dkim=none (message not signed) header.d=none;linaro.org; dmarc=none action=none header.from=arm.com; Return-Path: Sami.Mujawar@arm.com X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT032.eop-EUR03.prod.protection.outlook.com X-MS-Office365-Filtering-Correlation-Id-Prvs: 2e89393e-ec10-4866-8630-08d8c78d20a5 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: r7O7WtDiVZIQIFYRnAMnCbnKaQfl7tCc1cFgQ4t6ucy34Vz0SaSl1k14CXwXVwXqMiDKLbWpCYt7pMkLsARO5x8mbA7ErBuUhuJrJYvXfyBsf4odik3VsVo7K2r10lBNvU8PzVLXM0AB38lHY9R60SEVXDZW/k4gg0wvJVCl6lraCcf0ZgteGO5Drn0Ji5ddIxuuxHBbeHi+SYxuGwJ6fL10cieZsdEHMV274K+UbYFLuRgO8aab6HuZPiKVAJo56LktA3RlDcIOA0uiuthByjGZvqIi+Ncw2YBbGrvoP6LFf2cORZ1IwoDj3BjhL2XLulkigLqWOXiCl8+KVQ/OBXAr0vQDwJU/PLZxokkuhJXwAhMc+FzCFFAAIXvfdbevjQ7J91mfA4R+Cm1yYQxV+OjFgyE3Rvy/HEYZb3f7763N1JYICh3FoKQ6354EJQ0lSS/uPkIAuFsT+qcOym6xR5IFE2zBqAjVDPKwiYrTqKamOFlE4VcWLGn6mT5rGzKE3Vs2bJicx3t5rWNZXOZ4Byiy2VW6XvLtFFTmm5MEkdqUcojRcB9Bfay8JlyAE+2HoQKofX4s/6KJWi7+9iOv88EAe3YQzriOgIldzdIXcN/V8Z+2uDS1smCSik8WsYV8rlvM4+uhkzJsLiV9ChuVEA4MK+lZAOOJuhSGPVXHlc4= X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(6029001)(4636009)(376002)(396003)(346002)(39860400002)(136003)(36840700001)(46966006)(5660300002)(86362001)(26005)(356005)(2906002)(6862004)(83380400001)(478600001)(6506007)(4326008)(9686003)(36860700001)(186003)(70586007)(52536014)(53546011)(81166007)(82310400003)(47076005)(8936002)(336012)(33656002)(7696005)(8676002)(316002)(54906003)(82740400003)(55016002)(70206006);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Feb 2021 15:13:50.3881 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fd9979ed-6687-4f77-619b-08d8c78d2563 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: AM5EUR03FT032.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB4386 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Ilias, Please see my response inline marked [SAMI]. Regards, Sami Mujawar -----Original Message----- From: Ilias Apalodimas =20 Sent: 02 February 2021 02:50 PM To: Sami Mujawar Cc: Sughosh Ganu ; devel@edk2.groups.io; Ard Biesh= euvel ; Leif Lindholm ; Sahil Ma= lhotra ; nd Subject: Re: [PATCH edk2-platforms v3 1/2] Drivers/OpTeeRpmb: Add an OP-TEE= backed RPMB driver Hi Sami,=20 Inlining some additional info on my explanation. > > > [...] > > > I actually picked up the error handling from the previous non-FFA cod= e. > > > I'll check what's on Sughosh latest patches and fix it if there are > > > any differences. > > > Looking at it again EFI_BAD_BUFFER_SIZE can change to indicate out of > > > memory properly anyway. > > > > >=20 > > Had another look at this. This seems fine if I just change > > EFI_BAD_BUFFER_SIZE -> EFI OUT_OF_RESOURCES because OP-TEE is only > > using these errors from FFA. Eventually the OP-TEE code that launches > > StMM today, will move to FFA and become a separate SP, so that will > > naturally be handled once that's done. I don't see a point of adding > > unused error cases. > >=20 > > [SAMI] Referring to the FFA specification, DEN0077A, v1.0, section 10.2= FFA_MSG_SEND_DIRECT_REQ and Table 10.8: FFA_ERROR encoding, I think the=20 > > error codes being handled above would be returned in SvcArgs.Arg2.=20 >=20 > Hmm why ? [SAMI] This is for the case where the FFA_MSG_SEND_DIRECT_REQ does not reac= h the target endpoint.=20 [/SAMI] >=20 > > The message flow would be as follows: > > - Caller sends FFA_MSG_SEND_DIRECT_REQ to the target endpoint. > > - if the message does not reach the target endpoint, an error code = from Table 10.8 may be returned in w2 (i.e. SvcArgs.Arg2) >=20 > That would be in the case you have a working TF-A implementation and the > message is never dispatched to the endpoint right? [SAMI] Yes [/SAMI] >=20 > The current driver is not implementing the whole range of that spec. The > communication between secure/non secure world is still based on the OP-TE= E > messaging mechanism.=20 > The only part that complies to the FFA spec is the communication between = the > driver itself and OP-TEE. > > - If the message reaches the target endpoint, then callee shall inv= oke one of the following interfaces: > > * FFA_MSG_SEND_DIRECT_RESP >=20 > So what's happening here, is that we send an SVC with ARM_SVC_ID_FFA_MSG_= SEND_DIRECT_REQ_AARCH64. > The op-tee relevant code is located at ./core/arch/arm/kernel/stmm_sp.c > There's 2 things we handle right now on OP-TEE: > 1. set the page permissions, after relocating the executable. > 2. Read/Write data on our RPMB. >=20 > In both cases service_compose_direct_resp() is used to construct the resp= onse > and that set the return value on x3. What you mention and looking for is the discovery mechanism that FFA implements. This is not part of the patches (yet) and that's the reason the driver hardcodes mMemMgrId =3D 3U and mStorageId =3D 4U.=20 In OP-TEE side the only reason we have to fill in x2 with the error code is= if the request that comes in doesn't match any of these values. But that's nev= er the case from this driver yet, since there's no SP discovery mechanism implemented to begin with. Hope that clears it up now. [SAMI] Thank you for the explanation. It makes sense. I think a comment de= scribing this rationale would be helpful for someone trying to understand t= he code. [/SAMI] Regards /Ilias >=20 >=20 > Regards > /Ilias >=20 > > * FFA_INTERRUPT > > * FFA_SUCCESS > > This would mean that if the callee responds with FFA_MSG_SEND_DIREC= T_RESP, the callee returned error/status code shall be in w/x3-w/x7 (which = I think in this case may be in SvcArgs.Arg3). > > [/SAMI] > >=20 > > Regards > > /Ilias