Adding EFI runtime support to the Arm's FF-A bus
Abdellatif El Khlifi
abdellatif.elkhlifi at arm.com
Mon Dec 18 18:01:56 CET 2023
Hi Mark,
On Thu, Dec 14, 2023 at 05:47:42PM +0100, Mark Kettenis wrote:
> > Date: Thu, 14 Dec 2023 15:53:46 +0000
> > From: Abdellatif El Khlifi <abdellatif.elkhlifi at arm.com>
>
> Hi Abdellatif,
>
> > Hi guys,
> >
> > I'd like to ask for advice regarding adding EFI RT support to the Arm's FF-A bus
> > in U-Boot.
> >
> > The objective is to enable the FF-A messaging APIs in EFI RT to be
> > used for comms with the secure world. This will help getting/setting
> > EFI variables through FF-A.
> >
> > The existing FF-A APIs in U-Boot call the DM APIs (which are not available at RT).
> >
> > Two possible solutions:
> >
> > 1/ having the entire U-Boot in RT space (as Simon stated in this discussion[1])
>
> I don't think this is a terribly good idea. With this approach orders
> of magnitude more code will be present in kernel address space one the
> OS kernel is running and calling into the EFI runtime. Including code
> that may access hardware devices that are now under OS control. It
> will be nigh impossible to audit all that code and make sure that only
> a safe subset of it gets called. So...
>
> >
> > 2/ Create an RT variant for the FF-A APIs needed.
> > These RT variant don't call the DM APIs
> > (e.g: ffa_mm_communicate_runtime, ffa_sync_send_receive_runtime, ...)
> >
> > What do you recommend please ?
>
> ...this is what I would recommend. Preferably in a way that refactors
> the code such that the low-level functionality is shared between the
> DM and non-DM APIs.
That's my preferred solution, thanks.
Cheers,
Abdellatif
More information about the U-Boot
mailing list