Request for hosting a boot-firmware repository in u-boot git (denx and GitHub)
Peter Robinson
pbrobinson at gmail.com
Fri Jun 21 00:29:29 CEST 2024
On Thu, 20 Jun 2024 at 23:22, Quentin Schulz <quentin.schulz at cherry.de> wrote:
>
> Hi Nishanth Menon,
>
> +Cc Kever from Rockchip as maintainer of the arch in U-Boot
> +Cc Heiko as maintainer of many things Rockchip in many projects
>
> On 6/20/24 11:35 PM, Nishanth Menon wrote:
> > Hi Team,
> >
> > We have briefly discussed this topic on IRC[1]. I would like to
> > propose a new boot-firmware repository similar to the Linux-firmware
> > repository under the aegis of u-boot hosting.
> >
> > In addition to TI, it looks like some NXP[2] and Rockchip[3]
> > platforms seem to require additional closed-source/open-source
> > binaries to have a complete bootable image. Distribution rights and
> > locations of these binaries are challenging, and there needs to be a
> > standard for how and where they are hosted for end users.
> >
> > Further, looking ahead to future architectures:
> > * IP firmware: More and more IP vendors are embedding their own
> > "specialized controllers" and require firmware for the operation
> > (similar to Rockchip's DDR controller, I guess),
> > * boot stage firmware: Additional stages of the boot process involve
> > vendor intermediate firmware, such as power configuration.
> > * Security enclave binaries: While I see a few folks trying to have an
> > open-source s/w architecture, many PKA and PQC systems still require
> > prop binaries for IP reasons.
> >
> > NOTE: I am not judging any company(including TI) for reasons why some
> > firmware is proprietary, but I hate to have the end users and other
> > system (distro) maintainers have to deal with hell trying to make the
> > life of end users easy to live with.
> >
> > In the case of TI's K3 architecture devices, we have two binary blobs
> > that are critical for the boot process.
> >
> > 1. TIFS Firmware / DMSC firmware[4]—This is the security enclave
> > firmware. It is often encrypted, and sources are not public (due to
> > various business/regulatory reasons).
> > 2. DM Firmware[5] - There is a source in public in some cases and
> > binary only in others - essentially limited function binary to be
> > put up in the device management uC. In cases where the source is
> > available, the build procedure is, in my personal opinion, pretty
> > arcane, and even though in theory it is practical, in practice, not
> > friendly - efforts are going to simplify it, even probably integrate
> > it with a more opensource ecosystem, but that is talking "look at the
> > tea leaves" stuff.
> > 3. Low Power Management (LPM) binaries: tifs stub: another encrypted
> > binary that gives the tifs system context restore logic before
> > retrieving tifs firmware and a corresponding DM restoration binary.
> >
> > All told, this is not unlike the situation that necessitated the
> > creation of a Linux firmware repository.
> >
> > Options that I see:
> >
> > 1. Let the status quo be - SoC vendors maintain random locations and
> > random rules to maintain boot firmware.
> > 2. Ask Linux-firmware to host the binaries in a single canonical
> > location
> > 3. Host a boot-firmware repository - u-boot repo may be the more
> > logical location.
> >
> > * (1) isn't the correct answer.
> >
> > * (2) Though I haven't seen any policy from the Linux-firmware
> > community mandating anything of the form, the binaries we are talking
> > of may not belong to Linux-firmware as they aren't strictly speaking
> > something Linux kernel will load (since the bootloader has that
> > responsibility), and in some cases may not even directly talk to
> > (security enclave or DDR firmware stuff). I am adding Josh to this
> > mail to see if he has any opinions on the topic (but keeping
> > from cross posting on linux-firmware list, unless folks feel it is
> > OK).
> >
> > On (3):
> > Proposal:
> >
> > * Create a boot firmware repository in Denx and/or GitHub (if
> > financials are a hurdle, I hope we can solve it as a community).
> > * Limit binaries only to those consumed part of the u-boot scope.
> >
> > * Limit binaries only to those that do not have an opensource project
> > (Trusted Firmware-A/M, OP-TEE, etc..) or depend entirely on vendor
> > source or are binary only in nature (subject to licensing terms below)
>
> FYI, on Rockchip, there are currently three blobs **we** use on Aarch64
> (i have only worked with RK3399, PX30 and RK3588, so they may be more :) ):
> - DDR bin/TPL no clue what this actually is under the hood. I think
> most SoCs do not get an open-source DDR init in U-Boot sadly, therefore
> mandatory until it isn't,
> - BL31, mandatory on Aarch64, a blob that is an old TF-A (v2.2/2.3 I
> don't remember anymore). I don't know the state for all SoCs, but I can
> say the RK3399, PX30 and RK3568 have an open one, RK3588 is one the way
> (but considering the RK3568 and RK3588 were released years ago, BL31
> blob is mandatory for a while),
rk3568 is now upstream, there was a PR upstream for this for some
time, similar to rk3588, albeit not as long as rk56x. In some cases
the issue here is the speed of review of upstream ATF. I don't think
that means it should go into something like this.
> - BL32, OP-TEE. I don't think we support it upstream for Aarch64 (I
> think there was some issue around the binary format being different than
> the upstream OP-TEE?). Don't know the state for Aarch32 SoCs though.
These are generally optional, at least for rockchip
> - I vaguely remember something about a miniloader but have no clue
> what is its use as I've never had to use it, mentioning it anyway.
I rarely use this, it's generally needed for maskrom and recovery of
devices. I don't think they need to go into this sort of repo as
they're generally not needed for core booting of the rockchips
devices.
> So, BL31 and BL32 are blobs but based on open-source projects with
> "weak" licensing requirements. This means "Limit binaries only to those
> that do not have an opensource project" is maybe not the correct wording
> (or it is and then we can only have the DDR bin there, which isn't
> necessarily a win since we would have to fetch the binaries from some
> other places as well).
>
> FYI, the DDR bin is printing stuff on the console, so we had to modify
> it (with a tool from Rockchip) to remove the gibberish breaking the
> terminal by setting the appropriate controller, mux and baudrate (for
> our products, there's no one size fits all :) ). The question is how to
> handle this since we cannot realistically store every possible
> permutation of that binary for each UART controller, mux of UART
> controller and baudrate (the only parameters **we** modify, but there
> are tons of others).
I think those sort of things should be mostly quiet TBH.
More information about the U-Boot
mailing list