[U-Boot] [PATCH v3 25/25] tpm: allow Sandbox to run TPMv2.x commands

Simon Glass sjg at chromium.org
Thu May 3 02:32:55 UTC 2018


Hi Miquel,

On 2 May 2018 at 02:59, Miquel Raynal <miquel.raynal at bootlin.com> wrote:
> Sandbx is run in userspace. What is done in baremetal applications like
> U-Boot is using an address in memory which is supposedly free to load
> and store data to it. The user interaction in U-Boot's shell works like
> that and it is hard to find another way to transfer a 'buffer' from one
> side to the other. It is always possible to fill an environment
> variable, but not that easy to use.
>
> Of course our Linux distributions do not allow such salvage accesses and
> Sandbox will simply be killed. To avoid such scenario, it is possible,
> when compiling the Sandbox driver, to allocate some memory so the
> pointer that is given does not point to an unauthorized area anymore.
> This just give the possibility to run all the TPM commands without
> killing Sandbox.
>

map_sysmem() and map_to_sysmem() are supposed to handle this, assuming
I understand the problem correctly.

Regards,
Simon


More information about the U-Boot mailing list