lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BN9PR11MB548303B09536EB1577472029E6B3A@BN9PR11MB5483.namprd11.prod.outlook.com>
Date:   Mon, 13 Nov 2023 18:09:05 +0000
From:   "Chiu, Chasel" <chasel.chiu@...el.com>
To:     Ard Biesheuvel <ardb@...nel.org>
CC:     Simon Glass <sjg@...omium.org>,
        "devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
        Mark Rutland <mark.rutland@....com>,
        "Rob Herring" <robh@...nel.org>,
        "Tan, Lean Sheng" <sheng.tan@...ements.com>,
        lkml <linux-kernel@...r.kernel.org>,
        Dhaval Sharma <dhaval@...osinc.com>,
        "Brune, Maximilian" <maximilian.brune@...ements.com>,
        Yunhui Cui <cuiyunhui@...edance.com>,
        "Dong, Guo" <guo.dong@...el.com>, Tom Rini <trini@...sulko.com>,
        ron minnich <rminnich@...il.com>,
        "Guo, Gua" <gua.guo@...el.com>,
        "linux-acpi@...r.kernel.org" <linux-acpi@...r.kernel.org>,
        U-Boot Mailing List <u-boot@...ts.denx.de>
Subject: RE: [PATCH v7 2/2] schemas: Add some common reserved-memory usages


Hi Ard,

Please see my reply below inline.

Thanks,
Chasel


> -----Original Message-----
> From: Ard Biesheuvel <ardb@...nel.org>
> Sent: Saturday, November 11, 2023 3:04 AM
> To: Chiu, Chasel <chasel.chiu@...el.com>
> Cc: Simon Glass <sjg@...omium.org>; devicetree@...r.kernel.org; Mark Rutland
> <mark.rutland@....com>; Rob Herring <robh@...nel.org>; Tan, Lean Sheng
> <sheng.tan@...ements.com>; lkml <linux-kernel@...r.kernel.org>; Dhaval
> Sharma <dhaval@...osinc.com>; Brune, Maximilian
> <maximilian.brune@...ements.com>; Yunhui Cui <cuiyunhui@...edance.com>;
> Dong, Guo <guo.dong@...el.com>; Tom Rini <trini@...sulko.com>; ron minnich
> <rminnich@...il.com>; Guo, Gua <gua.guo@...el.com>; linux-
> acpi@...r.kernel.org; U-Boot Mailing List <u-boot@...ts.denx.de>
> Subject: Re: [PATCH v7 2/2] schemas: Add some common reserved-memory
> usages
> 
> On Sat, 11 Nov 2023 at 04:20, Chiu, Chasel <chasel.chiu@...el.com> wrote:
> >
> >
> > Just sharing some usage examples from UEFI/EDK2 scenario.
> > To support ACPI S4/Hibernation, memory map must be consistent before
> > entering and after resuming from S4, in this case payload may need to
> > know previous memory map from bootloader (currently generic payload
> > cannot access platform/bootloader specific non-volatile data, thus
> > could not save/restore memory map information)
> 
> So how would EDK2 reconstruct the entire EFI memory map from just these
> unannotated /reserved-memory nodes? The EFI memory map contains much
> more information than that, and all of it has to match the pre-hibernate situation,
> right? Can you given an example?


Here we listed only typically memory types that may change cross different platforms.
Reserved memory type already can be handled by reserved-memory node, and rest of the types usually no need to change cross platforms thus currently we could rely on default in generic payload.
In the future if we see a need to add new memory types we will discuss and add it to FDT schema.



> 
> > Another usage is to support binary model which generic payload is a prebuilt
> binary compatible for all platforms/configurations, however the payload default
> memory map might not always work for all the configurations and we want to
> allow bootloader to override payload default memory map without recompiling.
> >
> 
> Agreed. But can you explain how a EDK2 payload might make meaningful use of
> 'runtime-code' regions provided via DT  by the non-EDK2 platform init? Can you
> give an example?


Runtime-code/data is used by UEFI payload for booting UEFI OS which required UEFI runtime services.
Platform Init will select some regions from the usable memory and assign it to runtime-code/data for UPL to consume. Or assign same runtime-code/data from previous boot.
If UEFI OS is not supported, PlatformInit may not need to provide runtime-code/data regions to payload. (always providing runtime-code/data should be supported too)


> 
> > Under below assumption:
> >         FDT OS impact has been evaluated and taken care by relevant
> experts/stakeholders.
> > Reviewed-by: Chasel Chiu <chasel.chiu@...el.com>
> >
> 
> I am sorry but I don't know what 'FDT OS impact' means. We are talking about a
> firmware-to-firmware abstraction that has the potential to leak into the OS
> visible interface.
> 
> I am a maintainer in the Tianocore project myself, so it would help if you could
> explain who these relevant experts and stakeholders are. Was this discussed on
> the edk2-devel mailing list? If so, apologies for missing it but I may not have been
> cc'ed perhaps?




I'm not familiar with FDT OS, also I do not know if who from edk2-devel were supporting FDT OS, I think Simon might be able to connect FDT OS experts/stakeholders.
We are mostly focusing on payload firmware phase implementation in edk2 (and other payloads too), however, since we have aligned the payload FDT and OS FDT months ago, I'm assuming FDT OS impact must be there and we need (or already done?) FDT OS experts to support it. (again, maybe Simon could share more information about FDT OS) 

In edk2 such FDT schema is UefiPayloadPkg internal usage only and payload entry will convert FDT into HOB thus we expected the most of the edk2 generic code are no-touch/no impact, that's why we only had small group (UefiPayloadPkg) discussion.
Ard, if you are aware of any edk2 code that's for supporting FDT OS, please let us know and we can discuss if those code were impacted or not.




> 
> 
> >
> > > -----Original Message-----
> > > From: Simon Glass <sjg@...omium.org>
> > > Sent: Tuesday, September 26, 2023 12:43 PM
> > > To: devicetree@...r.kernel.org
> > > Cc: Mark Rutland <mark.rutland@....com>; Rob Herring
> > > <robh@...nel.org>; Tan, Lean Sheng <sheng.tan@...ements.com>; lkml
> > > <linux- kernel@...r.kernel.org>; Dhaval Sharma
> > > <dhaval@...osinc.com>; Brune, Maximilian
> > > <maximilian.brune@...ements.com>; Yunhui Cui
> > > <cuiyunhui@...edance.com>; Dong, Guo <guo.dong@...el.com>; Tom Rini
> > > <trini@...sulko.com>; ron minnich <rminnich@...il.com>; Guo, Gua
> > > <gua.guo@...el.com>; Chiu, Chasel <chasel.chiu@...el.com>; linux-
> > > acpi@...r.kernel.org; U-Boot Mailing List <u-boot@...ts.denx.de>;
> > > Ard Biesheuvel <ardb@...nel.org>; Simon Glass <sjg@...omium.org>
> > > Subject: [PATCH v7 2/2] schemas: Add some common reserved-memory
> > > usages
> > >
> > > It is common to split firmware into 'Platform Init', which does the
> > > initial hardware setup and a "Payload" which selects the OS to be booted.
> > > Thus an handover interface is required between these two pieces.
> > >
> > > Where UEFI boot-time services are not available, but UEFI firmware
> > > is present on either side of this interface, information about
> > > memory usage and attributes must be presented to the "Payload" in some
> form.
> > >
> > > This aims to provide an small schema addition for the memory mapping
> > > needed to keep these two pieces working together well.
> > >
> > > Signed-off-by: Simon Glass <sjg@...omium.org>
> > > ---
> > >
> > > Changes in v7:
> > > - Rename acpi-reclaim to acpi
> > > - Drop individual mention of when memory can be reclaimed
> > > - Rewrite the item descriptions
> > > - Add back the UEFI text (with trepidation)
> > >
> > > Changes in v6:
> > > - Drop mention of UEFI
> > > - Use compatible strings instead of node names
> > >
> > > Changes in v5:
> > > - Drop the memory-map node (should have done that in v4)
> > > - Tidy up schema a bit
> > >
> > > Changes in v4:
> > > - Make use of the reserved-memory node instead of creating a new one
> > >
> > > Changes in v3:
> > > - Reword commit message again
> > > - cc a lot more people, from the FFI patch
> > > - Split out the attributes into the /memory nodes
> > >
> > > Changes in v2:
> > > - Reword commit message
> > >
> > >  .../reserved-memory/common-reserved.yaml      | 71 +++++++++++++++++++
> > >  1 file changed, 71 insertions(+)
> > >  create mode 100644 dtschema/schemas/reserved-memory/common-
> > > reserved.yaml
> > >
> > > diff --git a/dtschema/schemas/reserved-memory/common-reserved.yaml
> > > b/dtschema/schemas/reserved-memory/common-reserved.yaml
> > > new file mode 100644
> > > index 0000000..f7fbdfd
> > > --- /dev/null
> > > +++ b/dtschema/schemas/reserved-memory/common-reserved.yaml
> > > @@ -0,0 +1,71 @@
> > > +# SPDX-License-Identifier: GPL-2.0-only OR BSD-2-Clause %YAML 1.2
> > > +---
> > > +$id:
> > > +http://devicetree.org/schemas/reserved-memory/common-reserved.yaml#
> > > +$schema: http://devicetree.org/meta-schemas/core.yaml#
> > > +
> > > +title: Common memory reservations
> > > +
> > > +description: |
> > > +  Specifies that the reserved memory region can be used for the
> > > +purpose
> > > +  indicated by its compatible string.
> > > +
> > > +  Clients may reuse this reserved memory if they understand what it
> > > + is for,  subject to the notes below.
> > > +
> > > +maintainers:
> > > +  - Simon Glass <sjg@...omium.org>
> > > +
> > > +allOf:
> > > +  - $ref: reserved-memory.yaml
> > > +
> > > +properties:
> > > +  compatible:
> > > +    description: |
> > > +      This describes some common memory reservations, with the compatible
> > > +      string indicating what it is used for:
> > > +
> > > +         acpi: Advanced Configuration and Power Interface (ACPI) tables
> > > +         acpi-nvs: ACPI Non-Volatile-Sleeping Memory (NVS). This is reserved by
> > > +           the firmware for its use and is required to be saved and restored
> > > +           across an NVS sleep
> > > +         boot-code: Contains code used for booting which is not needed by the
> OS
> > > +         boot-code: Contains data used for booting which is not needed by the
> OS
> > > +         runtime-code: Contains code used for interacting with the system when
> > > +           running the OS
> > > +         runtime-data: Contains data used for interacting with the system when
> > > +           running the OS
> > > +
> > > +    enum:
> > > +      - acpi
> > > +      - acpi-nvs
> > > +      - boot-code
> > > +      - boot-data
> > > +      - runtime-code
> > > +      - runtime-data
> > > +
> > > +  reg:
> > > +    description: region of memory that is reserved for the purpose indicated
> > > +      by the compatible string.
> > > +
> > > +required:
> > > +  - reg
> > > +
> > > +unevaluatedProperties: false
> > > +
> > > +examples:
> > > +  - |
> > > +    reserved-memory {
> > > +        #address-cells = <1>;
> > > +        #size-cells = <1>;
> > > +
> > > +        reserved@...40000 {
> > > +            compatible = "boot-code";
> > > +            reg = <0x12340000 0x00800000>;
> > > +        };
> > > +
> > > +        reserved@...10000 {
> > > +            compatible = "boot-data";
> > > +            reg = <0x43210000 0x00800000>;
> > > +        };
> > > +    };
> > > --
> > > 2.42.0.515.g380fc7ccd1-goog
> >

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ