| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250625142722.1911172-1-andre.przywara@arm.com> Date: Wed, 25 Jun 2025 15:27:21 +0100 From: Andre Przywara <andre.przywara@....com> To: Mark Rutland <mark.rutland@....com>, Lorenzo Pieralisi <lpieralisi@...nel.org>, Sudeep Holla <sudeep.holla@....com> Cc: linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, linux-coco@...ts.linux.dev, Chao Gao <chao.gao@...el.com>, Ard Biesheuvel <ardb@...nel.org>, Salman Nabi <salman.nabi@....com> Subject: [RFC PATCH 0/1] Arm Live Firmware activation support Hi, (please feel free to add people interested on this from the x86 side as you see fit) this is a proposal for a driver for the Arm Live Firmware Activation (LFA) specification[1]. LFA provides an interface to allow "activating" firmware updates without a reboot. In contrast to Intel's TDX [2] approach (which seems only concerned about some confidential computing related firmware blob), and even OCP's "impactless" updates[3], the Arm approach just lists a number of "activatable" firmware images, and does not limit their scope. In particular those updates can (and will) be for firmware bits used by the application processors (which OCP seems to rule out), including runtime secure firmware (TF-A/BL31), confidential compute firmware, and potentially even UEFI runtime firmware. Initially we have the whole chain demoing the Arm Confidential Computing firmware (RMM) update, which is conceptually the same as Intel's TDX proposal. So our design approach is to create a directory under /sys/firmware, and just list all images there, as directories named by their GUID. Then the properties of each image can be queried and the activation triggered by the sysfs files inside each directory. For details see the commit message of the patch. This is admittedly a somewhat raw interface, though even in that form it's good enough for testing. Eventually I would expect some fwupd plugin to wrap this nicely for any admins or end users. The purpose of this RFC is to get some feedback on the feasibility of this interface, and to understand how this would relate to the other two approaches (TDX + OCP "impactless" updates). - Are GUID named directories under /sys/firmware/lfa a good idea? - Shall all three approaches be unified under a common kernel/userland sysfs interface? Or can we live with separate interfaces, given the different scopes, and unify this in userland, for instance via fwupd plugins? Thanks, Andre [1] https://developer.arm.com/documentation/den0147/latest/ [2] https://lore.kernel.org/all/20250523095322.88774-1-chao.gao@intel.com/ [3] https://www.opencompute.org/documents/hyperscale-cpu-impactless-firmware-updates-requirements-specification-v0-5-2025-05-22-pdf Salman Nabi (1): firmware: smccc: Add support for Live Firmware Activation (LFA) drivers/firmware/smccc/Kconfig | 7 + drivers/firmware/smccc/Makefile | 1 + drivers/firmware/smccc/lfa_fw.c | 411 ++++++++++++++++++++++++++++++++ 3 files changed, 419 insertions(+) create mode 100644 drivers/firmware/smccc/lfa_fw.c -- 2.25.1
Powered by blists - more mailing lists