From: Jens Wiklander <jens.wiklander@linaro.org>
To: op-tee@lists.trustedfirmware.org
Subject: Re: [RFC PATCH 0/2] introduce op-tee based EFI Runtime Variable Service
Date: Fri, 03 Feb 2023 09:29:01 +0100 [thread overview]
Message-ID: <Y9zFzW2yj7uMI0XR@jade> (raw)
In-Reply-To: < <CAFA6WYMdTxkcFkSux7F3fwxx2OqHP9UzqbWxdGnxuzjNU75PxA@mail.gmail.com>>
[-- Attachment #1: Type: text/plain, Size: 2942 bytes --]
Hi Sumit,
On Thu, Feb 02, 2023 at 05:35:49PM +0530, Sumit Garg wrote:
> Hi Masahisa,
>
> On Thu, 26 Jan 2023 at 18:52, Masahisa Kojima
> <masahisa.kojima@linaro.org> wrote:
> >
> > This RFC series introduces the op-tee based EFI Runtime Variable
> > Service.
> >
> > The eMMC device is typically owned by the non-secure world(linux in
> > this case). There is an existing solution utilizing eMMC RPMB partition
> > for EFI Variables, it is implemented by interacting with
> > OP-TEE, StandaloneMM(as EFI Variable Service Pseudo TA), eMMC driver
> > and tee-supplicant. The last piece is the tee-based variable access
> > driver to interact with OP-TEE and StandaloneMM.
> >
>
> After an overall look at the APIs, following are some initial comments:
> - Is there any reason to have the edk2 specific StandaloneMM stack in
> Linux to communicate with OP-TEE pseudo TA?
> - I think the OP-TEE pseudo TA should be able to expose a rather
> generic invoke commands such as:
> TEE_EFI_GET_VARIABLE
> TEE_EFI_GET_NEXT_VARIABLE
> TEE_EFI_SET_VARIABLE
> So it should no longer be tied to StMM stack and other TEE
> implementations can re-use the abstracted interface to communicate
> with its corresponding secure storage TA.
In the current setup we have the following layers in the kernel:
1. efivar_operations
2. MM
3. PTA_STMM
4. OP-TEE MSG
and in the secure world:
S1. internal to StMM
S2. MM interface to StMM
S3. PTA_STMM
S4. OP-TEE MSG
If I understand you correctly you'd like to see this instead:
Kernel:
1. efivar_operations
2. PTA_EFIVAR
4. OP-TEE MSG
Since we still have the MM interface with StMM we'd have this in the secure
world:
S1. internal to StMM
S2. MM interface to StMM
S3. PTA_EFIVAR
S4. OP-TEE MSG
At S3 we'd have to convert between EFIVAR and MM messages. The
difference is that we're moving the EFIVAR <-> MM conversion from the
non-secure world into the secure world. We're still using OP-TEE
specific communication at the fourth layer. So we're only moving problem
around, I'd rather avoid growing the OP-TEE part in the secure world.
Cheers,
Jens
>
> -Sumit
>
> > Masahisa Kojima (2):
> > efi: expose efivar generic ops register function
> > tee: Add op-tee helper functions for variable access
> >
> > drivers/firmware/efi/efi.c | 12 +
> > drivers/tee/optee/Kconfig | 10 +
> > drivers/tee/optee/Makefile | 1 +
> > drivers/tee/optee/mm_communication.h | 249 +++++++++++
> > drivers/tee/optee/optee_private.h | 5 +-
> > drivers/tee/optee/optee_stmm_efi.c | 598 +++++++++++++++++++++++++++
> > drivers/tee/tee_core.c | 23 ++
> > include/linux/efi.h | 4 +
> > include/linux/tee_drv.h | 23 ++
> > 9 files changed, 924 insertions(+), 1 deletion(-)
> > create mode 100644 drivers/tee/optee/mm_communication.h
> > create mode 100644 drivers/tee/optee/optee_stmm_efi.c
> >
> > --
> > 2.30.2
> >
WARNING: multiple messages have this Message-ID (diff)
From: Jens Wiklander <jens.wiklander@linaro.org>
To: Sumit Garg <sumit.garg@linaro.org>
Cc: Masahisa Kojima <masahisa.kojima@linaro.org>,
Ard Biesheuvel <ardb@kernel.org>,
linux-kernel@vger.kernel.org, op-tee@lists.trustedfirmware.org,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Johan Hovold <johan+linaro@kernel.org>
Subject: Re: [RFC PATCH 0/2] introduce op-tee based EFI Runtime Variable Service
Date: Fri, 3 Feb 2023 09:29:01 +0100 [thread overview]
Message-ID: <Y9zFzW2yj7uMI0XR@jade> (raw)
In-Reply-To: <CAFA6WYMdTxkcFkSux7F3fwxx2OqHP9UzqbWxdGnxuzjNU75PxA@mail.gmail.com>
Hi Sumit,
On Thu, Feb 02, 2023 at 05:35:49PM +0530, Sumit Garg wrote:
> Hi Masahisa,
>
> On Thu, 26 Jan 2023 at 18:52, Masahisa Kojima
> <masahisa.kojima@linaro.org> wrote:
> >
> > This RFC series introduces the op-tee based EFI Runtime Variable
> > Service.
> >
> > The eMMC device is typically owned by the non-secure world(linux in
> > this case). There is an existing solution utilizing eMMC RPMB partition
> > for EFI Variables, it is implemented by interacting with
> > OP-TEE, StandaloneMM(as EFI Variable Service Pseudo TA), eMMC driver
> > and tee-supplicant. The last piece is the tee-based variable access
> > driver to interact with OP-TEE and StandaloneMM.
> >
>
> After an overall look at the APIs, following are some initial comments:
> - Is there any reason to have the edk2 specific StandaloneMM stack in
> Linux to communicate with OP-TEE pseudo TA?
> - I think the OP-TEE pseudo TA should be able to expose a rather
> generic invoke commands such as:
> TEE_EFI_GET_VARIABLE
> TEE_EFI_GET_NEXT_VARIABLE
> TEE_EFI_SET_VARIABLE
> So it should no longer be tied to StMM stack and other TEE
> implementations can re-use the abstracted interface to communicate
> with its corresponding secure storage TA.
In the current setup we have the following layers in the kernel:
1. efivar_operations
2. MM
3. PTA_STMM
4. OP-TEE MSG
and in the secure world:
S1. internal to StMM
S2. MM interface to StMM
S3. PTA_STMM
S4. OP-TEE MSG
If I understand you correctly you'd like to see this instead:
Kernel:
1. efivar_operations
2. PTA_EFIVAR
4. OP-TEE MSG
Since we still have the MM interface with StMM we'd have this in the secure
world:
S1. internal to StMM
S2. MM interface to StMM
S3. PTA_EFIVAR
S4. OP-TEE MSG
At S3 we'd have to convert between EFIVAR and MM messages. The
difference is that we're moving the EFIVAR <-> MM conversion from the
non-secure world into the secure world. We're still using OP-TEE
specific communication at the fourth layer. So we're only moving problem
around, I'd rather avoid growing the OP-TEE part in the secure world.
Cheers,
Jens
>
> -Sumit
>
> > Masahisa Kojima (2):
> > efi: expose efivar generic ops register function
> > tee: Add op-tee helper functions for variable access
> >
> > drivers/firmware/efi/efi.c | 12 +
> > drivers/tee/optee/Kconfig | 10 +
> > drivers/tee/optee/Makefile | 1 +
> > drivers/tee/optee/mm_communication.h | 249 +++++++++++
> > drivers/tee/optee/optee_private.h | 5 +-
> > drivers/tee/optee/optee_stmm_efi.c | 598 +++++++++++++++++++++++++++
> > drivers/tee/tee_core.c | 23 ++
> > include/linux/efi.h | 4 +
> > include/linux/tee_drv.h | 23 ++
> > 9 files changed, 924 insertions(+), 1 deletion(-)
> > create mode 100644 drivers/tee/optee/mm_communication.h
> > create mode 100644 drivers/tee/optee/optee_stmm_efi.c
> >
> > --
> > 2.30.2
> >
next prev parent reply other threads:[~2023-02-03 8:29 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] < <CAFA6WYMdTxkcFkSux7F3fwxx2OqHP9UzqbWxdGnxuzjNU75PxA@mail.gmail.com>
2023-02-02 13:19 ` [RFC PATCH 0/2] introduce op-tee based EFI Runtime Variable Service Ilias Apalodimas
2023-02-02 13:19 ` Ilias Apalodimas
2023-02-03 8:29 ` Jens Wiklander [this message]
2023-02-03 8:29 ` Jens Wiklander
2023-02-03 9:33 ` Sumit Garg
2023-02-03 9:33 ` Sumit Garg
[not found] < <CAFA6WYO5r66VqdczFH4HC1O=DuuauQBohr80zPLA86rnHgC48Q@mail.gmail.com>
2023-02-20 5:01 ` Masahisa Kojima
2023-02-20 5:01 ` Masahisa Kojima
[not found] < <CAMj1kXGg3wwhJFRjAGEP2fDLcbHpiuHuiaW2y+oVgjwULqVTZg@mail.gmail.com>
2023-02-06 11:11 ` Sumit Garg
2023-02-06 11:11 ` Sumit Garg
[not found] < <CAFA6WYPLeN5tUY8JA=J9T3XVNfq5jAQ62i=qSk-6eesM-9_K=Q@mail.gmail.com>
2023-02-06 7:47 ` Jens Wiklander
2023-02-06 7:47 ` Jens Wiklander
2023-02-06 9:22 ` Ard Biesheuvel
2023-02-06 9:22 ` Ard Biesheuvel
2023-02-06 9:31 ` Ilias Apalodimas
2023-02-06 9:31 ` Ilias Apalodimas
[not found] < <CAFA6WYOp-NQxvqOmemiW2D5Au549f-u4LJA7XEK2aJgMiXRUYg@mail.gmail.com>
2023-02-03 10:55 ` Jens Wiklander
2023-02-03 10:55 ` Jens Wiklander
2023-02-06 6:44 ` Sumit Garg
2023-02-06 6:44 ` Sumit Garg
2023-01-26 13:21 Masahisa Kojima
2023-01-26 13:21 ` Masahisa Kojima
2023-01-26 13:21 ` [RFC PATCH 1/2] efi: expose efivar generic ops register function Masahisa Kojima
2023-01-26 13:21 ` Masahisa Kojima
2023-01-26 13:21 ` [RFC PATCH 2/2] tee: Add op-tee helper functions for variable access Masahisa Kojima
2023-01-26 13:21 ` Masahisa Kojima
2023-01-26 13:21 ` Masahisa Kojima
2023-01-29 2:08 ` kernel test robot
2023-01-29 3:41 ` kernel test robot
2023-02-03 9:30 ` Jens Wiklander
2023-02-03 9:30 ` Jens Wiklander
2023-02-03 9:30 ` Jens Wiklander
2023-02-06 6:08 ` Masahisa Kojima
2023-02-06 6:08 ` Masahisa Kojima
2023-02-06 6:08 ` Masahisa Kojima
2023-02-02 12:05 ` [RFC PATCH 0/2] introduce op-tee based EFI Runtime Variable Service Sumit Garg
2023-02-02 12:05 ` Sumit Garg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y9zFzW2yj7uMI0XR@jade \
--to=jens.wiklander@linaro.org \
--cc=op-tee@lists.trustedfirmware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.