Received: by 2002:ac0:e350:0:0:0:0:0 with SMTP id g16csp1337968imn; Sun, 31 Jul 2022 03:06:11 -0700 (PDT) X-Google-Smtp-Source: AA6agR5d+4Tjrj/azMDq1kL3BTOsOO8DijABuP8eOXQ5fkmG6YdqWLEuPHK+Ayca6gN9TLOSCX4A X-Received: by 2002:a17:902:7612:b0:16d:c805:7d4d with SMTP id k18-20020a170902761200b0016dc8057d4dmr11353479pll.171.1659261971487; Sun, 31 Jul 2022 03:06:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1659261971; cv=none; d=google.com; s=arc-20160816; b=QNcOFec/eSMjDfQ9cyu5Mk1Uvw2/mgCZ2x40EjhhfWX8UNVxLJO0+u/r+7q7Q275K2 mRdk6TXjT3psASIo/1q/KJARdTj9Xtijvnf40dj9QICyyya/25enKlPJblht8U3715MA eidrZU1jNH6yX06zPY+JSIdxnV06eUDQa1KXa2k60kbw1MhCteqpEGwSceUWl157xEsb I/nvYvTRPUVUsoyRq8BA2BlLVnXZ+4uhdHcDhgW7TjwhFJyO4ywpVmHUYC81/fW1EQ/t 1Fy+ur393cPeHxGfpODjNfTxq+z4vpbJGD5vMqAdVAkYSWlf6ZySFDB7f0EoPmQEfNmE 6p4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=BsZfWrLyYjP0/eroAD6Tswpaa/jZnIwA/CULSdWEsRw=; b=aMIbu02MwKVzxcLNxPZCFrRgkJXIeOv+BPgxkWa/3S7txLPBkwmjnAYMOnCkBfAmIo ok9D88AfY9x24mJKPjEY8SiQxOzRK0mqINnqtbf6eb0t9ICUo+wjNKzirjdB8w5VVlnE U6zT0DNGYVK7G99jhb1k5lHNahkg4I805GW9okDVf3R5R8gJE+1ELJAePPhwfFcxgP+m w/UDIN6V4b3tYNPo+ldbopQnqqhQD/4AVAh5Fh8h+Ub9mWPK09iSsaZ/aUzzjBTvM6A6 HEBx4ppcznCPfkdUohzBSTi8Ic/TjnQTTtgUzyuoRJEbUHUuNdncN8NioJXu4u3K+3q6 FDyQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Te2BLHgK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e6-20020a636906000000b0041a65a2e45bsi9802068pgc.873.2022.07.31.03.05.56; Sun, 31 Jul 2022 03:06:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Te2BLHgK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231239AbiGaJy6 (ORCPT + 99 others); Sun, 31 Jul 2022 05:54:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52496 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232412AbiGaJyy (ORCPT ); Sun, 31 Jul 2022 05:54:54 -0400 Received: from mail-yb1-xb33.google.com (mail-yb1-xb33.google.com [IPv6:2607:f8b0:4864:20::b33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A17821209F for ; Sun, 31 Jul 2022 02:54:48 -0700 (PDT) Received: by mail-yb1-xb33.google.com with SMTP id j63so14562947ybb.13 for ; Sun, 31 Jul 2022 02:54:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BsZfWrLyYjP0/eroAD6Tswpaa/jZnIwA/CULSdWEsRw=; b=Te2BLHgKyWcngv+lgmyImbh71a//Cv1duStFCayIsf0NUJPLngkUldq0f9S3qHK7Cx c/0zzsaMtN0H1qc9Du2fJt4BBAJHbKOC12EeBPe9qcZ4SexySj8dOm4sHreXcyfG6MAP YLps9hBwq0H97frk/FYEQgEw93EIKYleJUwyXyyghkNag4m0gP/KYmGiDlGo72fc8H2i 9HXv/47I3Lo1HbyjZJ6ZNKEKeMhnYkP3KQ+2NIoTou3FNknkV32ZSU0e7T7ayzeUL4dk CG1xp8yBmEO3zY2hkSKezY6hmorwGhaERPgJc1L3P88xj+XzfaXeWQ5/FZce9JZG6dHe Q2FQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BsZfWrLyYjP0/eroAD6Tswpaa/jZnIwA/CULSdWEsRw=; b=qZN8AYi7iBCBFFf+rmzBEZl9qE8ZJHCjd2LXoYSK81gAlc3AYa9qOEKtpiz2gkmS8b 33T+P76kPEDoFPqYOG/ZeDQsKFeog6TaFrGbJKokcwssJljeE+nbf6VSVS3miZdRRC+v gcp/T/8CMmEbhL0nmQIT/GO7jJjqDt4oHmei4zC28AhEQ4W9g8QrVNJCD2leL++X80r1 lj5mMytQ/E/axJsJwNvONGf50aYvTNBAYcvJSJn2FwTQXvv8FResvTRV3BnmhETlyAHE RNkA8tUFcv/+XzdwUw8AXacP8hXBpN92uoMaxKnbKAOZw4IZT7ShbfeB2bQAoKouogmD MksQ== X-Gm-Message-State: ACgBeo03wO6Ra+rD69sV3dTqkbcSWo4ZhpGW8g2TGq/BsVL8/t/y2kFe tC9+MWwnfRX0dPbsUmd8bRqmOzezJmHKzsr2gGyakA== X-Received: by 2002:a25:424f:0:b0:671:816f:6979 with SMTP id p76-20020a25424f000000b00671816f6979mr7555758yba.26.1659261287749; Sun, 31 Jul 2022 02:54:47 -0700 (PDT) MIME-Version: 1.0 References: <20220723224949.1089973-1-luzmaximilian@gmail.com> <20220723224949.1089973-5-luzmaximilian@gmail.com> <20220726143005.wt4be7yo7sbd3xut@bogus> <829c8fee-cae5-597d-933d-784b4b57bd73@gmail.com> <20220726154138.74avqs6iqlzqpzjk@bogus> <7284953b-52bb-37ac-fbe1-1fa845c44ff9@linaro.org> <3d752603-365d-3a33-e13e-ca241cee9a11@gmail.com> <20220727132437.pjob3z2nyxsuxgam@bogus> In-Reply-To: From: Ilias Apalodimas Date: Sun, 31 Jul 2022 12:54:11 +0300 Message-ID: Subject: Re: [PATCH 4/4] dt-bindings: firmware: Add Qualcomm UEFI Secure Application client To: Maximilian Luz Cc: Sudeep Holla , Krzysztof Kozlowski , Andy Gross , Bjorn Andersson , Ard Biesheuvel , Konrad Dybcio , Rob Herring , Krzysztof Kozlowski , Steev Klimaszewski , Shawn Guo , Cristian Marussi , Greg Kroah-Hartman , linux-arm-msm@vger.kernel.org, linux-efi@vger.kernel.org, devicetree@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Maximilian, On Thu, 28 Jul 2022 at 20:27, Maximilian Luz wrote: > [...] > >>>>> > >>>>> [1] https://git.linaro.org/people/ilias.apalodimas/net-next.git/log/?h=setvar_rt_optee_3 > >>>> > >>>> I would very much like to avoid the need for special bootloaders. The > >>>> devices we're talking about are WoA devices, meaning they _should_ > >>>> ideally boot just fine with EFI and ACPI. > >>> > >>> I've already responded to following email, but I'll repeat it here for > >>> completeness. It's not a special bootloader. It's the opposite, it's > >>> a generic UEFI compliant bootloader which takes advantage of the fact > >>> EFI is extensible. We are doing something very similar in how we load > >>> our initrd via the EFI_LOAD_FILE2 protocol. Whether Qualcomm can add > >>> that to their bootloaders is a different topic though. But at some > >>> point we need to draw a line than keep overloading the DT because a > >>> vendor decided to go down it's own path. > >> > >> But still, you're asking users to install an extra thing in the boot > >> chain. > > > > Not users. EFI firmware implementations that want to support this in > > a generic way. > > The whole point here is that we don't have control over that. I'd like > to fix the firmware, but we're talking about WoA devices where, let's > face it, both device and SoC vendor don't really care about Linux. Even > if you'd convince them to implement that for future generations, you'd > still need them to push firmware updates for older generations. > Generations that are end-of-life. IMHO, we should still try support > those. Or we just say "sorry, Linux doesn't support that on your WoA > device". Yea we agree on that. I've mentioned on a previous mail that whether Qualcomm wants to support this in a generic way is questionable, since we have no control over the firmware. My only 'objection' is that the kernel has a generic way of discovering which runtime services are supported, which we will completely ignore based on some DT entries. In any case let's find something that fits OP-TEE as well, since I can send those patches afterwards. > > >> That's what I mean by "special". So the situation would then be > >> this: User needs a) GRUB (or something similar) for booting the kernel > >> (or dual-booting, ...), b) DTBLoader for loading the device-tree because > >> we don't support the ACPI Qualcomm provided, and c) your thing for EFI > >> variables and potentially other firmware fix-ups. b) and c) are both > >> things that "normal" users don't expect. IMHO we should try to get rid > >> of those "non-standard" things, not add more. > > > > But that's exactly why EFI is extensible . You can have non standard > > functionality on your firmware for cases like this which doesn't need > > to land in the spec. > > > >> > >>>> From an end-user perspective, it's annoying enough that we'll have to > >>>> stick with DTs for the time being due to the use of PEPs in ACPI. I > >>>> really don't want to add some special bootloader for fixups to that. > >>>> Also, this would just move the problem from kernel to bootloader. > >>> > >>> But it *is* a bootloader problem. The bootloader is aware of the fact > >>> that it can't provide runtime services for X reasons and that's > >>> exactly why we are trying to set EFI_RT_PROPERTIES_TABLE correctly > >>> from the firmware. All we are doing is install a config table to tell > >>> the OS "I can't do that, can you find a way around it?". > >> > >> Sure, but is making the Linux installation process more device > >> dependent and complicated really the best way to solve this? > > > > Isn't it device dependent already? That boat has sailed already since > > we need to change the very definition of runtime services and replace > > them with OS specific ones. If we add it on the DT, you'll end up > > with different DTs per OS and potentially per use case. In my head > > the DTs should be part of the firmware (and authenticated by the > > firmware as well) instead of loading whatever we want each time. By > > using a config table we can add a u64 (random thought), that tells > > the kernel which TEE implementation will handle variable storage. So > > we can have a common extension to boot loaders, which at least uses > > EFI interfaces to communicate the functionality. > > The only thing that is making the installation-process for end-users > device dependent is installing the DTB. We can handle the device > specific stuff in the kernel, just as we already handle buggy devices. > > Further, you seem to assume that these devices provide a DT in the first > place. WoA devices use ACPI, so they don't. But for the time being (as > discussed elsewhere) we unfortunately need to stick with DTs and can't > really use ACPI. I agree that we should avoid OS and use-case specific > DTs, but I don't see how this would make a DT use-case or OS specific. > Things are firmware specific, the interface doesn't change with a > different OS, and we're only indicating the presence of that interface. > > My current suggestion (already sent to Sudeep earlier) is (roughly) > this: Add one compatible for the TrEE / TrustZone interface. Then decide > to load or instantiate what needs to be loaded in the driver for that. > That (depending on maybe SoC / platform / vendor) includes installing > the efivar operations. This way we don't have to fill the DT with the > specific things running in firmware. As far as OP-TEE is concerned, I think we can make the 'feature' discoverable. I'll go propose that to op-tee but if that gets accepted, we don't need any extra nodes (other than the existing one), to wire up efivars_register(). Thanks /Ilias > > Regards, > Max