[U-Boot] [PATCH v3 25/25] tpm: allow Sandbox to run TPMv2.x commands
Miquel Raynal
miquel.raynal at bootlin.com
Thu May 3 12:56:04 UTC 2018
Hi Simon,
On Wed, 2 May 2018 20:32:55 -0600, Simon Glass <sjg at chromium.org> wrote:
> Hi Miquel,
>
> On 2 May 2018 at 02:59, Miquel Raynal <miquel.raynal at bootlin.com> wrote:
> > Sandbx is run in userspace. What is done in baremetal applications like
> > U-Boot is using an address in memory which is supposedly free to load
> > and store data to it. The user interaction in U-Boot's shell works like
> > that and it is hard to find another way to transfer a 'buffer' from one
> > side to the other. It is always possible to fill an environment
> > variable, but not that easy to use.
> >
> > Of course our Linux distributions do not allow such salvage accesses and
> > Sandbox will simply be killed. To avoid such scenario, it is possible,
> > when compiling the Sandbox driver, to allocate some memory so the
> > pointer that is given does not point to an unauthorized area anymore.
> > This just give the possibility to run all the TPM commands without
> > killing Sandbox.
> >
>
> map_sysmem() and map_to_sysmem() are supposed to handle this, assuming
> I understand the problem correctly.
Thank you very much for this, I searched a better solution to handle
it, even asked on #u-boot but ended using these horrible hacks.
I will drop this patch and integrate the map_*sysmem() functions as and
when appropriate.
Thanks,
Miquèl
--
Miquel Raynal, Bootlin (formerly Free Electrons)
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the U-Boot
mailing list