[PATCH] firmware: ti_sci: fix the secure_hdr in do_xfer

Wed Jan 24 18:37:23 CET 2024

On Jan 24, 2024 at 10:39:10 -0600, Nishanth Menon wrote:
> On 18:38-20240124, Dhruva Gole wrote:
> > On Jan 24, 2024 at 16:42:12 +0530, Kamlesh Gurudasani wrote:
> > > Dhruva Gole <d-gole at ti.com> writes:
> > > 
> > > > The secure_hdr needs to be 0 init-ed however this was never being put
> > > > into the secure_buf, leading to possibility of the first 4 bytes of
> > > > secure_buf being possibly garbage.
> > > >
> > > > Fix this by initialising the secure_hdr itself to the secure_buf
> > > > location, thus when we make it 0, it automatically ensures the first 4
> > > > bytes are 0.
> > > >
> > > > Fixes: 32cd25128bd849 ("firmware: Add basic support for TI System Control Interface (TI SCI)")
> > > > Signed-off-by: Dhruva Gole <d-gole at ti.com>
> > > > ---
> > > >
> > > > Boot tested for sanity on AM62x SK
> > > > https://gist.github.com/DhruvaG2000/724ceba3a0db03f4b0bff47de1160074
> > > >
> > > > Cc: Nishanth Menon <nm at ti.com>
> > > > Cc: Tom Rini <trini at konsulko.com>
> > > >
> > > >  drivers/firmware/ti_sci.c | 6 +++---
> > > >  1 file changed, 3 insertions(+), 3 deletions(-)
> > > >
> > > > diff --git a/drivers/firmware/ti_sci.c b/drivers/firmware/ti_sci.c
> > > > index f5f659c11274..83ee8401a731 100644
> > > > --- a/drivers/firmware/ti_sci.c
> > > > +++ b/drivers/firmware/ti_sci.c
> > > > @@ -236,13 +236,13 @@ static int ti_sci_do_xfer(struct ti_sci_info *info,
> > > >  {
> > > >  	struct k3_sec_proxy_msg *msg = &xfer->tx_message;
> > > >  	u8 secure_buf[info->desc->max_msg_size];
> > > > -	struct ti_sci_secure_msg_hdr secure_hdr;
> > > > +	struct ti_sci_secure_msg_hdr *secure_hdr = (struct ti_sci_secure_msg_hdr *)secure_buf;
> > > >  	int ret;
> > > >  
> > > >  	if (info->is_secure) {
> > > >  		/* ToDo: get checksum of the entire message */
> > > > -		secure_hdr.checksum = 0;
> > > > -		secure_hdr.reserved = 0;
> > > > +		secure_hdr->checksum = 0;
> > > > +		secure_hdr->reserved = 0;
> > > >  		memcpy(&secure_buf[sizeof(secure_hdr)],xfer->tx_message.buf,
> > > secure_hdr is pointer now, the value may be same but (struct
> > > ti_sci_secure_msg_hdr) would make more sense
> > 
> > Good catch Kamlesh! I have sent a new revision addressing this.
> > 
> 
> Makes no sense why we have secure API support in U-Boot. what is using
> this?

In my understanding of generic K3 boot flow, things like proc_boot and
even applying or removing of firewalls will need a secure channel to
talk to TIFS right? From my understanding secure host can only talk to
TIFS and make such requests hence secure API.

-- 
Best regards,
Dhruva Gole <d-gole at ti.com>