lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20220704143057.76163208@donnerap.cambridge.arm.com>
Date:   Mon, 4 Jul 2022 14:30:57 +0100
From:   Andre Przywara <andre.przywara@....com>
To:     Jernej Škrabec <jernej.skrabec@...il.com>
Cc:     Samuel Holland <samuel@...lland.org>, Chen-Yu Tsai <wens@...e.org>,
        Rob Herring <robh@...nel.org>,
        Krzysztof Kozlowski <krzysztof.kozlowski+dt@...aro.org>,
        Icenowy Zheng <icenowy@...c.io>,
        linux-arm-kernel@...ts.infradead.org, linux-sunxi@...ts.linux.dev,
        devicetree@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v11 3/6] arm64: dts: allwinner: Add Allwinner H616 .dtsi
 file

On Sat, 02 Jul 2022 23:16:53 +0200
Jernej Škrabec <jernej.skrabec@...il.com> wrote:

Hi Jernej,

> Dne četrtek, 30. junij 2022 ob 02:04:10 CEST je Andre Przywara napisal(a):
> > On Tue, 03 May 2022 21:05:11 +0200
> > Jernej Škrabec <jernej.skrabec@...il.com> wrote:
> > 
> > Hi Jernej,
> > 
> > many thanks for taking the time to wade through this file!
> >   
> > > Dne petek, 29. april 2022 ob 01:09:30 CEST je Andre Przywara napisal(a):  
> > > > This (relatively) new SoC is similar to the H6, but drops the (broken)
> > > > PCIe support and the USB 3.0 controller. It also gets the management
> > > > controller removed, which in turn removes *some*, but not all of the
> > > > devices formerly dedicated to the ARISC (CPUS).
> > > > And while there is still the extra sunxi interrupt controller, the
> > > > package lacks the corresponding NMI pin, so no interrupts for the PMIC.
> > > > 
> > > > The reserved memory node is actually handled by Trusted Firmware now,
> > > > but U-Boot fails to propagate this to a separately loaded DTB, so we
> > > > keep it in here for now, until U-Boot learns to do this properly.
> > > > 
> > > > Signed-off-by: Andre Przywara <andre.przywara@....com>
> > > > ---
> > > > 
> > > >  .../arm64/boot/dts/allwinner/sun50i-h616.dtsi | 574 ++++++++++++++++++
> > > >  1 file changed, 574 insertions(+)
> > > >  create mode 100644 arch/arm64/boot/dts/allwinner/sun50i-h616.dtsi
> > > > 
> > > > diff --git a/arch/arm64/boot/dts/allwinner/sun50i-h616.dtsi
> > > > b/arch/arm64/  
> > > 
> > > boot/dts/allwinner/sun50i-h616.dtsi
> > >   
> > > > new file mode 100644
> > > > index 000000000000..cc06cdd15ba5
> > > > --- /dev/null
> > > > +++ b/arch/arm64/boot/dts/allwinner/sun50i-h616.dtsi
> > > > @@ -0,0 +1,574 @@
> > > > +// SPDX-License-Identifier: (GPL-2.0+ OR MIT)
> > > > +// Copyright (C) 2020 Arm Ltd.
> > > > +// based on the H6 dtsi, which is:
> > > > +//   Copyright (C) 2017 Icenowy Zheng <icenowy@...c.io>
> > > > +
> > > > +#include <dt-bindings/interrupt-controller/arm-gic.h>
> > > > +#include <dt-bindings/clock/sun50i-h616-ccu.h>
> > > > +#include <dt-bindings/clock/sun50i-h6-r-ccu.h>
> > > > +#include <dt-bindings/reset/sun50i-h616-ccu.h>
> > > > +#include <dt-bindings/reset/sun50i-h6-r-ccu.h>
> > > > +
> > > > +/ {
> > > > +	interrupt-parent = <&gic>;
> > > > +	#address-cells = <2>;
> > > > +	#size-cells = <2>;
> > > > +
> > > > +	cpus {
> > > > +		#address-cells = <1>;
> > > > +		#size-cells = <0>;
> > > > +
> > > > +		cpu0: cpu@0 {
> > > > +			compatible = "arm,cortex-a53";
> > > > +			device_type = "cpu";
> > > > +			reg = <0>;
> > > > +			enable-method = "psci";
> > > > +			clocks = <&ccu CLK_CPUX>;
> > > > +		};
> > > > +
> > > > +		cpu1: cpu@1 {
> > > > +			compatible = "arm,cortex-a53";
> > > > +			device_type = "cpu";
> > > > +			reg = <1>;
> > > > +			enable-method = "psci";
> > > > +			clocks = <&ccu CLK_CPUX>;
> > > > +		};
> > > > +
> > > > +		cpu2: cpu@2 {
> > > > +			compatible = "arm,cortex-a53";
> > > > +			device_type = "cpu";
> > > > +			reg = <2>;
> > > > +			enable-method = "psci";
> > > > +			clocks = <&ccu CLK_CPUX>;
> > > > +		};
> > > > +
> > > > +		cpu3: cpu@3 {
> > > > +			compatible = "arm,cortex-a53";
> > > > +			device_type = "cpu";
> > > > +			reg = <3>;
> > > > +			enable-method = "psci";
> > > > +			clocks = <&ccu CLK_CPUX>;
> > > > +		};
> > > > +	};
> > > > +
> > > > +	reserved-memory {
> > > > +		#address-cells = <2>;
> > > > +		#size-cells = <2>;
> > > > +		ranges;
> > > > +
> > > > +		/* 512KiB reserved for ARM Trusted Firmware (BL31) */
> > > > +		secmon_reserved: secmon@...00000 {
> > > > +			reg = <0x0 0x40000000 0x0 0x80000>;
> > > > +			no-map;
> > > > +		};
> > > > +	};  
> > > 
> > > I'm not a fan of above. If anything changes in future in BL31, U-Boot
> > > would
> > > need to reconfigure it anyway. Can we just skip it?  
> > 
> > I am not a fan neither, but last time I checked this is needed to boot.
> > Indeed TF-A inserts this node, with the right values, into U-Boot's DT.
> > And that's nicely preserved if you use that DT ($fdtcontroladdr) for
> > the kernel as well.
> > But if someone *loads* a DTB into U-Boot (to $fdt_addr_r), then
> > U-Boot fails to propagate the /reserved-memory node into that copy.
> > There does not seem to be a global notion of reserved memory in U-Boot.
> > Some commands (like tftp) explicitly parse the control DT to find and
> > respect reserved memory regions. bootm does that also, but only to
> > avoid placing the ramdisk or DTB into reserved memory. The information
> > ends up in images->lmb, but is not used to generate or amend nodes in
> > the target DT.
> > So the bits and pieces are there, but it will require some code to be
> > added to the generic U-Boot code.
> > 
> > So what do you think? Leaving this out will prevent loading DTBs into
> > U-Boot, at the moment, which sounds bad. I suggest we keep it in, for
> > now, it should not really hurt. U-Boot will hopefully start to do the
> > right thing soon, then we can either phase it out here (maybe when we
> > actually change something in TF-A), or let U-Boot fix it.  
> 
> TBH, if "soon" is really soon, I would rather wait with H616 DT until U-Boot 
> supports carrying over reserved memory nodes.

But this also carries compatibility issues. U-Boot support the H616 for
more than a year now, and the earliest possible U-Boot release having that
propagation code would be the one released in October. And then people
would still need to update first, so that's quite some months out.
And I was actually hoping to get at least the H616 DT patches off my
plate, and get them into the tree to have a stable and agreed upon base
(before this series turns into a teenager ;-)
Then we could for instance update the U-Boot H616 support.

> Whatever we do now, it will have 
> compatibility issues. If we introduce reserved memory node now, we can't 
> easily drop it later. Bootloaders are not very often updated, but kernels and 
> DTB files are, at least in my experience. So when we decide to drop the node?

I think of the three possibilities:
- Drop the node now, and ask people to not load DTBs explicitly
- Drop the node when U-Boot learned to propagate the reservation
- Keep the node
the last one is the least painful: having this node in does not really
hurt, so we can be very relaxed with this removal decision:
- If U-Boot does not add the reserved node, we are covered.
- If U-Boot adds the node, it will do so in a way where it deals with
existing reservations. So either it doesn't actually change anything, or
it extends the reservation.
- Should the TF-A location actually move (and we have no plans or needs to
do that), people would only get this by updating the firmware, at which
point the U-Boot part would surely be in place already. We don't really
support updating just BL31 in an existing binary firmware image, so you
would get an updated U-Boot as well.

I think the worst case scenario is that users end up with an unneeded 512K
reservation. If they care, a firmware update should solve this problem.

As for the time to remove that node: we could do that at the time when
(or rather: if) we actually change the TF-A reservation. At the moment
there are no plans to do this, and the size reservation is more than
generous (the current debug build is actually 77 KB or so only). If there
is no change, and the node stays in the .dtsi, it doesn't really hurt, see
above.

> After 10 years? Alternatively, reserved memory node can be just dropped and 
> anyone loading DTB file from outside would need to make sure it's patched. But 
> that's unexpected from user perspective, although patching DT files is done by 
> some distros.

Yeah, let's not go there. As you know, I already dislike the idea of
explicitly loading DTBs at all, but I understand this is what people, and
distributions, do, so I'd rather have them covered. Hence the node to
work with existing firmware.

Does that make sense?

Cheers,
Andre

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ