From: Andrew Davis <afd@ti.com>
To: Thomas Richard <thomas.richard@bootlin.com>, <u-boot@lists.denx.de>
Cc: <nm@ti.com>, <thomas.petazzoni@bootlin.com>,
<gregory.clement@bootlin.com>, <u-kumar1@ti.com>,
Tom Rini <trini@konsulko.com>
Subject: Re: [PATCH v2 7/8] board: ti: j721e: During resume spl restores TF-A and DM-Firmware
Date: Thu, 9 Nov 2023 10:17:39 -0600 [thread overview]
Message-ID: <6f24d3f5-8624-4dc2-bea3-fa893c8b10da@ti.com> (raw)
In-Reply-To: <b2a9a9db-9f96-491c-882e-de4efa4ff472@bootlin.com>
On 11/9/23 5:29 AM, Thomas Richard wrote:
> On 11/8/23 18:30, Andrew Davis wrote:
>>> void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image)
>>> {
>>> typedef void __noreturn (*image_entry_noargs_t)(void);
>>> @@ -235,6 +241,32 @@ void __noreturn jump_to_image_no_args(struct
>>> spl_image_info *spl_image)
>>> if (ret)
>>> panic("rproc failed to be initialized (%d)\n", ret);
>>> + if (board_is_resuming()) {
>>> +#if IS_ENABLED(CONFIG_SOC_K3_J721E)
>>> + if (!valid_elf_image(LPM_DM_SAVE))
>>> + panic("%s: DM-Firmware image is not valid, it cannot be
>>> loaded\n",
>>> + __func__);
>>> +
>>> + loadaddr = load_elf_image_phdr(LPM_DM_SAVE);
>>> +
>>> + /*
>>> + * Check if the start address of TF-A is in DRAM.
>>> + * If not it means TF-A was running in SRAM, so it shall be
>>> + * restored.
>>> + */
>>> + if (*(ulong *)(LPM_BL31_START_SAVE) < CFG_SYS_SDRAM_BASE)
>>> + memcpy((void *)*(uintptr_t *)(LPM_BL31_START_SAVE),
>>> + (void *)LPM_BL31_SAVE, BL31_SIZE);
>>
>> This will not work. The memory where TF-A is running will be firewalled and
>> SPL absolutely cannot be securely trusted to load TF-A. Especially from an
>> unencrypted location in DDR. TF-A must be loaded as it is today using
>> signed
>> certificate images. You should know this, I explained it all when you tried
>> the same in TF-A:
>>
>> https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/23992
>
> Hi Andrew,
>
> We understood that GP devices are not impacted (we had this information
> from TI, probably Manorit I don't remember), and Manorit confirmed it in
> the TF-A review.
>
> Maybe I could add a check of the device type to not impact HS devices.
>
I'm not interested in GP devices, and neither are most our customers.
Those are development devices, customers go to production with secured
devices.
Saying "let's make it work on GP only, then we will figure it out on HS
later" was a mistake we made back in OMAP class device days. It made
bringing support to production secured devices (HS) miserable as we had
to unroll all the hacks that only worked on the development devices (GP).
Your method here is completely unusable on HS and will need a ground up
rewrite for HS. Since the solution for HS will also work on GP, but
not the other way around, you need to start with the HS solution.
I'll make this same point over on the TF-A review then let's continue
discussion over there only. If you cant get the TF-A part in then no
need for this U-Boot part.
Andrew
> Regards,
>
> Thomas
>
>>
>> NAK
>>
>> Andrew
>>
>
next prev parent reply other threads:[~2023-11-09 16:17 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-07 16:17 [PATCH v2 0/8] Suspend to RAM support for K3 J7200 Thomas Richard
2023-11-07 16:17 ` [PATCH v2 1/8] DO NOT MERGE: arm: dts: k3-j7200-r5-common: Add pmic node for esm Thomas Richard
2023-11-07 16:17 ` [PATCH v2 2/8] configs: j7200_evm_r5: Used reserved memory in DDR for stack Thomas Richard
2023-11-07 18:12 ` Tom Rini
2023-11-07 16:17 ` [PATCH v2 3/8] configs: j7200_evm_r5: Move address used for allocation in the reserved space Thomas Richard
2023-11-07 16:17 ` [PATCH v2 4/8] board: ti: j721e: Add resume detection for J7200 Thomas Richard
2023-11-07 18:16 ` Tom Rini
2023-11-07 16:17 ` [PATCH v2 5/8] ram: k3-ddrss: Add exit retention support Thomas Richard
2023-11-07 16:18 ` [PATCH v2 6/8] board: ti: j721e: Add the missing part of exit retention for k3-ddrss (J7200) Thomas Richard
2023-11-07 18:18 ` Tom Rini
2023-11-09 10:43 ` Thomas Richard
2023-11-09 14:07 ` Tom Rini
2023-11-07 16:18 ` [PATCH v2 7/8] board: ti: j721e: During resume spl restores TF-A and DM-Firmware Thomas Richard
2023-11-07 18:26 ` Tom Rini
2023-11-08 17:30 ` Andrew Davis
2023-11-09 11:29 ` Thomas Richard
2023-11-09 16:17 ` Andrew Davis [this message]
2023-11-07 16:18 ` [PATCH v2 8/8] arm: mach-k3: j7200: Skip fit processing when resuming Thomas Richard
2023-11-07 18:06 ` [PATCH v2 0/8] Suspend to RAM support for K3 J7200 Tom Rini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6f24d3f5-8624-4dc2-bea3-fa893c8b10da@ti.com \
--to=afd@ti.com \
--cc=gregory.clement@bootlin.com \
--cc=nm@ti.com \
--cc=thomas.petazzoni@bootlin.com \
--cc=thomas.richard@bootlin.com \
--cc=trini@konsulko.com \
--cc=u-boot@lists.denx.de \
--cc=u-kumar1@ti.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox