Hello Francois,
in a previous post I already mentioned some device tree fix-ups that
U-Boot is applying.
One new fix-up I found is the "cpu-release-addr" property in CPU nodes
if the "enable-method" is "spin-table". - Before seeing this I never
imagined CPU nodes to be dynamically filled.
I think for our DTE discussion on signed device trees it would be
valuable to know which parts of the device-tree are dynamically created.
Where would be a good location to collect this information?
Would the topic of dynamic parts of device trees deserve two slides on
our next meeting?
Best regards
Heinrich
On 5/20/20 7:49 PM, François Ozog wrote:
>
>
> On Wed, 20 May 2020 at 19:30, Daniel Thompson
> <daniel.thompson(a)linaro.org <mailto:daniel.thompson@linaro.org>> wrote:
>
> On Wed, May 20, 2020 at 07:00:53PM +0200, François Ozog wrote:
> > On Wed, 20 May 2020 at 18:39, Daniel Thompson
> <daniel.thompson(a)linaro.org <mailto:daniel.thompson@linaro.org>>
> > wrote:
> >
> > > On Tue, May 19, 2020 at 03:29:01PM +0100, Grant Likely wrote:
> > > > On 11/03/2020 16:42, Daniel Thompson wrote:
> > > > > On Wed, Mar 11, 2020 at 01:42:36PM +0100, Francois Ozog wrote:
> > > > > > We have the following cases:
> > > > > >
> > > > > > - FW compatible with GPT (I mean firmware can be searched
> based on
> > > > > > GUID partition)
> > > > > > Ok
> > > > > >
> > > > > > - FW that uses offsets and can be positioned at LBA >= 33
> > > > > > Ok
> > > > > > Need to define a protective partition >>
> > > > > > - FW that uses offsets and can be positioned such that
> space between
> > > LBA-2
> > > > > > and LBA-33 is used.
> > > > > > Ok in theory as the header states where the partition entries
> > > location is
> > > > > > specified in a GPT_HEADER "Starting LBA of array of partition
> > > entries".
> > > > > > Linux kernel properly loads the partition entries if we
> push them
> > > after
> > > > > > 16MB.
> > > > > >
> > > > > > read_lba
> <https://elixir.bootlin.com/linux/latest/ident/read_lba
> > > >(state,
> > > > > > le64_to_cpu <
> > > https://elixir.bootlin.com/linux/latest/ident/le64_to_cpu
> > > >(gpt->partition_entry_lba)
> > > > > >
> > > > > > But I bet 2 is hardcoded in many tools...
> > > > >
> > > > > Agree... but that's "just bugs" and I suspect we could get
> >90% test
> > > > > coverage for Linux systems just by checking util-linux (and
> the kernel
> > > > > itself). Maybe for extra style points also check on of the BSDs.
> > > >
> > > > It is worth stepping back from the details to take a look at
> the intent.
> > > The
> > > > purpose of this entire section of EBBR is to describe how
> firmware and
> > > the
> > > > OS can co-exist on the same media device. In broad strokes it
> means if
> > > > firmware is stored on the block device, then the OS must
> constrain how it
> > > > uses the device.
> > > >
> > > > On platforms with separate firmware storage (e.g., SPI flash
> or UFS boot
> > > > partitions) this isn't an issue. The OS can blow away
> everything on the
> > > disk
> > > > and recreate it.
> > > >
> > > > But when it is an issue, the rules need to lay down what regions
> > > (offsets,
> > > > partitions, or file paths) firmware is allowed to own and what
> the OS is
> > > and
> > > > is not allowed to do. e.g., the OS is allowed to erase and
> recreate the
> > > OS
> > > > partitions, but it is not allowed to write a blank GPT or
> erase the
> > > system
> > > > partition.
> > > >
> > > > I think the EBBR spec should focus on defining exactly what
> restrictions
> > > on
> > > > the OS are, and how the restrictions are communicated. Then OS
> vendors
> > > have
> > > > a fighting chance of supporting the restricted platforms well.
> > > >
> > > > Ultimately though this is a guide and the OS could choose to
> ignore the
> > > > restrictions... in which case it gets to keep the unbootable
> brick when
> > > it
> > > > does. :-)
> > >
> > > Agree with all above.
> > >
> > > Also I think we can turn at least part of the original issue into a
> > > concrete question.
> > >
> > > We have a SOC with some magic values hard coded into its boot
> ROM. The
> > > System Firmware author wants to ship it with the following GPT
> on the
> > > shared eMMC.
> > >
> > > LBA0 Protective MBR
> > > LBA1 Primary GPT header
> > > LBA2..18001 Reserved, mixture of dead space and a system firmware
> > > loaded by Boot rom
> > > LBA18002 Start of partition arrray (Entry 1, 2, 3, 4)
> > > ...
> > > LBA18033 End of partition arrray
> > > LBA18034 Start of allocatable partition space
> > > LBA-33..-1 End of disk is labelled as normal
> > >
> > > (or in a shorter GPT jargon form, a system where
> PartitionEntryLBA is
> > > 18002).
> > >
> > > Is such a system EBBR compliant? If yes, should it be?
> > >
> > > I would say it is not EBBR compliant because it does not follow
> EFI spec
> > and we mandate it in EBBR.
>
> Sure, if there is language in the EFI spec that prohibits this then the
> answer is a no brainer.
>
> Assuming you've found such language could you quote your references? ;-)
>
> Oups! I thought of GPT Header being at 18002.....
> as you push the firstUsableLBA... it seems to be valid in that EFI
> compliant and hence EBBR compliant ;-)
>
> That said to get the GPT Partition move, the spec patch to table 20 is
> not impressive:
> image.png
> - set to 0x000001 (ie...
> + the LBA to the GPT partition header
The position of the GPT *HEADER* in Daniel's example is LBA 1 and should
not be changed to stay UEFI compliant.
Daniel moved the first GPT *TABLE* whose position is defined in the GPT
header and this is UEFI compliant.
Best regards
Heinrich
>
>
> Daniel.
>
>
> > Is the use case "valid"? I think it is valid because when you deal
> with
> > immutable BootROM you don't want complex code, GPT may evolve so
> that you
> > would have to evolve the BootROM...
> > If we conclude this is a valid use case (and not creating ugly
> legacy to
> > deal with in the future), we need a clean reservation in EFI so
> that GPT
> > can start at an arbitrary LBA as 18002.
> > enhancing the protective MBR semantics does not seem too complex to
> > achieve.
> > Can we list SoCs that have similar characteristic?
> >
> > >
> > > Daniel.
> > >
> > >
> > > PS 18002 is arbitrary but I think the example is sufficient in this
> > > form and it was easier to diagram with a concrete number.
> > >
> >
> >
> > --
> > François-Frédéric Ozog | *Director Linaro Edge & Fog Computing Group*
> > T: +33.67221.6485
> > francois.ozog(a)linaro.org <mailto:francois.ozog@linaro.org> |
> Skype: ffozog
>
>
>
> --
>
> François-Frédéric Ozog | /Director Linaro Edge & Fog Computing Group/
> T: +33.67221.6485
> francois.ozog(a)linaro.org <mailto:francois.ozog@linaro.org> | Skype: ffozog
>
>
Hi,
yet another email to spam you more....
I propose to have an Android DT overlay presentation next call and add
topics that may arise from the list. Should you think we should
discuss a particular topic, please respond to this mail thread.
Cordially,
Francois-Frederic
Hi,
Please find below the May 27th agenda:
- Project overall: FF (5 minutes)
- EBBR spec / DT stuff advances (mail thread): Grant (10 minutes)
- dynamic parts of device trees presentation: Heinrich (30 minutes)
- DTviewer presentation and demo: CVS (15 minutes)
Scratch pad notes and agenda can be found here:
https://docs.google.com/document/d/1GfYYph_XKt1LHuCs1w9kjvyyYYw1R7AH3dlZwIX…
--
FF
PS: I bcc'ed different lists until we have everyone on the
boot-architecture mailing list. Please make sure you are on this list.
The work addressed in DT Evolution project spans many operating
systems, boot firmwares, trust environments and processor
architectures.
UEFI 2.8 Errata A changed RuntimeServiceSupported value to be passed via
an EFI_RT_PROPERTIES_TABLE instead of via a runtime variable.
This is a breaking change and we should do a new EBBR release in short
order to keep EBBR up to date with what is in UEFI. However, real world
impact is minimal. U-Boot has already converted to the new method, and
Linux only ever implemented the EFI_RT_PROPERTIES_TABLE method.
Cc: Andrei Warkentin <awarkentin(a)vmware.com>
Cc: Francois Ozog <francois.ozog(a)linaro.org>
Cc: Ard Biesheuvel <ardb(a)kernel.org>
Signed-off-by: Grant Likely <grant.likely(a)arm.com>
---
source/chapter2-uefi.rst | 7 ++++---
source/references.rst | 6 +++---
2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/source/chapter2-uefi.rst b/source/chapter2-uefi.rst
index 82b1a42..c42691b 100644
--- a/source/chapter2-uefi.rst
+++ b/source/chapter2-uefi.rst
@@ -9,7 +9,7 @@ platforms.
UEFI Version
============
-This document uses version 2.8 of the UEFI specification [UEFI]_.
+This document uses version 2.8 Errata A of the UEFI specification [UEFI]_.
UEFI Compliance
===============
@@ -111,7 +111,7 @@ during both boot services and runtime services.
However, it isn't always practical for all EFI_RUNTIME_SERVICES functions
to be callable during runtime services due to hardware limitations.
If any EFI_RUNTIME_SERVICES functions are only available during boot services
-then firmware shall provide the global `RuntimeServicesSupported` variable to
+then firmware shall provide the `EFI_RT_PROPERTIES_TABLE` to
indicate which functions are available during runtime services.
Functions that are not available during runtime services shall return
EFI_UNSUPPORTED.
@@ -202,7 +202,8 @@ If a platform does not implement modifying non-volatile variables with
SetVariable() after ExitBootServices(),
then firmware shall return EFI_UNSUPPORTED for any call to SetVariable(),
and must advertise that SetVariable() isn't available during runtime services
-via the `RuntimeServicesSupported` variable as defined in [UEFI]_ § 8.1.
+via the `RuntimeServicesSupported` value in the `EFI_RT_PROPERTIES_TABLE`
+as defined in [UEFI]_ § 4.6.
EFI applications can read `RuntimeServicesSupported` to determine if calls
to SetVariable() need to be performed before calling ExitBootServices().
diff --git a/source/references.rst b/source/references.rst
index d901bb1..1eb0509 100644
--- a/source/references.rst
+++ b/source/references.rst
@@ -20,6 +20,6 @@
<https://static.docs.arm.com/den0044/b/DEN0044B_Server_Base_Boot_Requirement…>`_
8 March 2016, `Arm Limited <http://arm.com>`_
-.. [UEFI] `Unified Extensable Firmware Interface Specification v2.8
- <http://www.uefi.org/sites/default/files/resources/UEFI_Spec_2_8_final.pdf>`_,
- March 2019, `UEFI Forum <http://www.uefi.org>`_
+.. [UEFI] `Unified Extensable Firmware Interface Specification v2.8 Errata A
+ <https://uefi.org/sites/default/files/resources/UEFI_Spec_2_8_A_Feb14.pdf>`_,
+ February 2020, `UEFI Forum <http://www.uefi.org>`_
--
2.20.1
Hi all,
I'm considering doing a quick point-release for EBBR to address the
change to RuntimeServicesSupported in UEFI 2.8 Errata A. From 2.8final
to 2.8_A, RuntimeServicesSupported changed from being a variable to data
in a system table entry. U-Boot and Linux have been updated to the UEFI
method. EBBR needs to be changed to match.
There are patches on this list under discussion now. Once that is
complete and the patches merged, how does everyone feel about an EBBR
v1.0.1 release before the end of May?
At this moment, the v1.0.1 changes would include:
e47952b (HEAD -> master, glikely/master) Specify details of how a DTB is
passed to the OS
c155e96 Update spec to address UEFI 2.8 Errata A
7fad894 (origin/master, origin/HEAD) Fix all UEFI references to be the
same version
498cad2 trivial: Fix typo in chater 3 title
2c40029 Merge pull request #43 from orangecms/link-to-linux-doc
1e51a1e Update link to Linux docs which changed to rst
be7ddfa Update CONTRIBUTING.rst
763aed0 Update CONTRIBUTING.rst
All of the above can be found queued up at http://github.com/glikely/ebbr
g.
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
Hi,
Following the presentation byt Joakim:
https://docs.google.com/presentation/d/1CvKBBZ33ggzyhP2ub8iZ410I_KGrFjHftZL…
The following does **NOT** represent consensus. I'd like to use those
statements to trigger discussion:
- a DTB (say osDTB) is passed from firmware to "downstream" OS;
firmware can't use that DTB (read/write) after that event (Grant -
separate active discussion thread in boot-architecture mailing list)
- that osDTB is distinct from any DTBes that are used by firmware
components. All may still be derived from a single repository (Joakim)
- osDTB can be the result of applying programmatic fixups by diverse
firmware components or by providing separate overlays to be merged
later (last firmware component in the boot chain or by the OS itself),
or by directly merging overlays (FF)
- there are provisions in U-Boot to "sign" pieces of osDTB (Simon)
- we need policies on what can be updated on osDTB, who can do it and
how to verify them (Grant)
- We don't want private keys in device so sign parts of osDTBs
- there are no tools in Linux to deal with overlays (Heinrich), so for
the moment we need firmware to aggregate any overlays into osDTB (FF)
Cordially,
Francois-Frederic
Hi,
please find the meeting notes:
https://docs.google.com/document/d/1bz3BfVlXvvHO-kKC0Y1N2SGqPjlxe5eu3dM8sKU…
As a reminder:
there will be two calls per month:
- 2nd wednesday 2pm UTC
- 4th wednesday 2pm UTC
2pm UTC currently corresponds to 7am PST / 4pm CET.
Call to be added to your agendas if you did not received it by mail:
Device Tree Evolution forum calls.
- 2nd Wednesday of the month prime focus: system device tree and RTOS tools.
- 4th Wednesday of the month prime focus: device tree life cycle,
overlays, authentication and unified repository
Those calls are public. Participants are advised they should not
introduce topics that relate to confidential matters.
https://zoom.us/j/97895025968?pwd=N0JWWFBqY0Npdi9RY2JIOFc1ZzI0UT09
join by phone: https://zoom.us/u/asu8Yfroy
meeting ID: 978 9502 5968
Password: 270935
Cordially,
François-Frédéric
None of the relevent specs (EFI, DT, EBBR) specify the GUID for passing
a DTB. Add it to the EBBR document so it is documented somewhere
relevant.
Fixes: #45
Cc: Andrei Warkentin <awarkentin(a)vmware.com>
Cc: Francois Ozog <francois.ozog(a)linaro.org>
Signed-off-by: Grant Likely <grant.likely(a)arm.com>
---
source/chapter2-uefi.rst | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/source/chapter2-uefi.rst b/source/chapter2-uefi.rst
index f6a5802..cf2f652 100644
--- a/source/chapter2-uefi.rst
+++ b/source/chapter2-uefi.rst
@@ -86,6 +86,16 @@ tables.
- An Advanced Configuration and Power Interface [ACPI]_ table, or
- a Devicetree [DTSPEC]_ system description
+A Devicetree system description MUST be provided in Flattened Devicetree (DTB)
+format version 17 or higher.
+The following GUID must be used in the EFT system table to identify the DTB.
+
+.. code-block:: c
+
+ #define EFI_DTB_GUID \
+ EFI_GUID(0xb1b621d5, 0xf19c, 0x41a5, \
+ 0x83, 0x0b, 0xd9, 0x15, 0x2c, 0x69, 0xaa, 0xe0)
+
As stated above, EBBR systems must not provide both ACPI and Devicetree
tables at the same time.
Systems that support both interfaces must provide a configuration
--
2.20.1
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
Hi,
As per the results of the poll
(https://docs.google.com/spreadsheets/d/1WdsXgUoS3naL_-5eap1e_Sd9t0PM60s0Ljs…),
there will be two calls per month:
- 2nd wednesday 2pm UTC
- 4th wednesday 2pm UTC
2pm UTC currently corresponds to 7am PST / 4pm CET.
Call to be added to your agendas if you did not received it by mail:
Device Tree Evolution forum calls.
- 2nd Wednesday of the month prime focus: system device tree and RTOS tools.
- 4th Wednesday of the month prime focus: device tree life cycle,
overlays, authentication and unified repository
Those calls are public. Participants are advised they should not
introduce topics that relate to confidential matters.
https://zoom.us/j/97895025968?pwd=N0JWWFBqY0Npdi9RY2JIOFc1ZzI0UT09
join by phone: https://zoom.us/u/asu8Yfroy
meeting ID: 978 9502 5968
Password: 270935
Cordially,
François-Frédéric Ozog, Linaro
