Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Julius Werner]

> - fuller implementation with more features

Is that a good thing? Didn't we just have a long discussion eschewing
a heavy-handed, bulky hand-off block design in favor of more simple
and flexible structures? I think simplicity is key for this and the
bl_aux_params are trying to be about as simple as they can possibly
get. Particularly in a situation like this where many different
projects will need to implement this independently, any extra clutter
(like versioning, an apparently unused(?) flags field, checksumming)
adds unnecessary extra friction that's best to avoid. (You can *do*
all these things like adding an extra checksum over the whole thing
with bl_aux_params by just defining an extra tag for it, of course,
but none of them are required for platforms for which they don't make
sense.)

> - has comments / more documentation

Is there anything in particular you feel is missing from the
bl_aux_params comments?

> - easily supports everything in one block instead of a linked list (easier to 
> allocate)

I don't understand how this is easier, in fact I see it as a big
drawback. The bl_aux_params design allows structures to be allocated
wherever -- in the easiest case you can just define them as global
variables in the earlier stage (in the respective files that deal with
each tag) and then chain those together. You *can* of course also
allocate them in a contiguous block from a special memory area, and if
you're planning to pass this across more than one stage boundary
that's probably the better choice. But not all platforms have that
requirement, and this design allows them the flexibility to choose.
The coreboot platforms only care about the BL2->BL31 transition, so
why should they switch to a design that forces us to set up an extra
contiguous-block allocator for no good reason?

> - avoids 64-bit tags/size which seem quite unnecessary

Well, earlier there were some concerns about possible tag collisions,
so I think the extra space doesn't hurt to alleviate those fears.
Having 64 bits allows us to split the tag space into many separate
ranges that can then be allocated from independently -- for example,
we could just say that the top 2^63 tags are available for private
vendor tags generated as random numbers (like a GUID). (Your bloblist
seems to waste space on things like a "spare" field instead, so in the
end both implementations still come out to the same overhead per tag,
and bloblist has additional overhead for the header at the front.)

> - ability to link to another bloblist (do we really need this?)

FWIW you can do this by default with bl_aux_params because they're not
required to be contiguous.

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Simon Glass]

Hi François,

On Thu, 15 Jul 2021 at 08:25, François Ozog 
wrote:

>
>
> On Sat, 10 Jul 2021 at 01:07, Julius Werner  wrote:
>
>> > - "bloblist" is a general term for concept of linked list and it's not
>> exactly U-boot implementation. The proposed solution will cause some degree
>> of changes in all the participating projects. For backward compatibility
>> issue, we have already though about it and proposed to have build configs
>> which will be enabled by platform integrators.
>>
>> Okay, let's gather the requirements and then decide how the existing
>> system needs to be expanded to meet them. Please keep me in the loop
>> on those discussions.
>>
>> > > U-Boot has an established mechanism which is used in particular on
>> all chrome
>> > > books in both x86 and Arm environments.  I have the impression that
>> > > U-Boot is the typical BL33 so I would import the mechanism into TFA,
>> > > not the other way round.
>>
>> There has been no Chromebook (x86 or Arm) shipping with U-Boot since
>> 2013 (before TF-A existed). In fact, Chromebooks are all running
>> coreboot today and using the bl_aux_params mechanism (it's 3 SoC
>> vendors, more than 3 SoCs, but the parameter code is shared at the
>> vendor level), and one of my concerns here is trying to limit
>> disruption to those existing setups. I don't have enough data to say
>> what the "typical" boot flow among all TF-A devices in existence is,
>> but at least for the millions of Chromebooks out there it is coreboot
>> + TF-A, not U-Boot.
>>
> My bad! I candidly inferred from Chromebook reference in U-Boot and
> Simon's VBE proposal that U-Boot was used.
>

This is a bit off-topic, but it is somewhat in the reverse. U-Boot's
verified boot (2014 I think) uses the crypto from Chromium OS (which I
think came from Android at some point). VBE is an attempt to provide a
standard boot flow for U-Boot devices and is again heavily influenced by
Chromium OS. U-Boot does ship on most Chromebooks (oddly enough, not the
ARM ones!) but just as an alternate bootloader and is not used in the
verified-boot flow. I won't get into the details of how the Chroimum OS
replacement came about, as that is way off topic!

To me, bl_aux_params is a pretty limited. I am looking here:
https://github.com/ARM-software/arm-trusted-firmware/blob/master/include/export/lib/bl_aux_params/bl_aux_params_exp.h

Is that the right place?

There is not a huge amount of code in TF-A that uses it (mediatek and
rockchip?) so I don't see a problem with updating it, given the benefits of
interoperability.

In fact, having taken a bit of a look, my view is that U-Boot's bloblist is
a much better starting point for this effort:

- fuller implementation with more features
- has comments / more documentation
- easily supports everything in one block instead of a linked list (easier
to allocate)
- avoids 64-bit tags/size which seem quite unnecessary
- has unit tests

plus some minor points I won't mention. So I think it is worth the pain to
switch TF-A over.

Perhaps we can gather the requirements that are needed for this? So far I
am aware of:

- devicetree bob tag
- vendor-private tag area
- ability to link to another bloblist (do we really need this?)

Regards,
Simon

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[François Ozog]

On Sat, 10 Jul 2021 at 01:07, Julius Werner  wrote:

> > - "bloblist" is a general term for concept of linked list and it's not
> exactly U-boot implementation. The proposed solution will cause some degree
> of changes in all the participating projects. For backward compatibility
> issue, we have already though about it and proposed to have build configs
> which will be enabled by platform integrators.
>
> Okay, let's gather the requirements and then decide how the existing
> system needs to be expanded to meet them. Please keep me in the loop
> on those discussions.
>
> > > U-Boot has an established mechanism which is used in particular on all
> chrome
> > > books in both x86 and Arm environments.  I have the impression that
> > > U-Boot is the typical BL33 so I would import the mechanism into TFA,
> > > not the other way round.
>
> There has been no Chromebook (x86 or Arm) shipping with U-Boot since
> 2013 (before TF-A existed). In fact, Chromebooks are all running
> coreboot today and using the bl_aux_params mechanism (it's 3 SoC
> vendors, more than 3 SoCs, but the parameter code is shared at the
> vendor level), and one of my concerns here is trying to limit
> disruption to those existing setups. I don't have enough data to say
> what the "typical" boot flow among all TF-A devices in existence is,
> but at least for the millions of Chromebooks out there it is coreboot
> + TF-A, not U-Boot.
>
My bad! I candidly inferred from Chromebook reference in U-Boot and Simon's
VBE proposal that U-Boot was used.


-- 
François-Frédéric Ozog | *Director Business Development*
T: +33.67221.6485
francois.o...@linaro.org | Skype: ffozog

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Julius Werner]

> - "bloblist" is a general term for concept of linked list and it's not 
> exactly U-boot implementation. The proposed solution will cause some degree 
> of changes in all the participating projects. For backward compatibility 
> issue, we have already though about it and proposed to have build configs 
> which will be enabled by platform integrators.

Okay, let's gather the requirements and then decide how the existing
system needs to be expanded to meet them. Please keep me in the loop
on those discussions.

> > U-Boot has an established mechanism which is used in particular on all 
> > chrome
> > books in both x86 and Arm environments.  I have the impression that
> > U-Boot is the typical BL33 so I would import the mechanism into TFA,
> > not the other way round.

There has been no Chromebook (x86 or Arm) shipping with U-Boot since
2013 (before TF-A existed). In fact, Chromebooks are all running
coreboot today and using the bl_aux_params mechanism (it's 3 SoC
vendors, more than 3 SoCs, but the parameter code is shared at the
vendor level), and one of my concerns here is trying to limit
disruption to those existing setups. I don't have enough data to say
what the "typical" boot flow among all TF-A devices in existence is,
but at least for the millions of Chromebooks out there it is coreboot
+ TF-A, not U-Boot.

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Manish Pandey2]

Please find my replies

To Julius's question:
Just to clarify: are you using "bloblist" as a general term for the concept of 
a simple linked list of tagged data blobs, or to refer specifically to the 
U-Boot implementation with that name? The existing TF-A implementation 
(bl_aux_params) is basically identical in concept to the U-Boot bloblist, but 
not binary compatible. Are we talking about just keeping that, or throwing it 
away in order to reimplement the exact structure U-Boot is using? (I would 
prefer to keep the bl_aux_params as they are to avoid disrupting existing uses, 
of course. Making backwards-incompatible changes to an interface that passes 
across multiple repos and firmware components is always a big pain.)
- "bloblist" is a general term for concept of linked list and it's not exactly 
U-boot implementation. The proposed solution will cause some degree of changes 
in all the participating projects. For backward compatibility issue, we have 
already though about it and proposed to have build configs which will be 
enabled by platform integrators.

To Daniel's question:
In short are you confident adopting a mantra of "it doesn't exist unless it's 
upstreamed" is sufficient?
- "If it is not upstreamed we don't know if it exists or not?", Since we can't 
know/control what all are hidden in closed sources, so we are only 
concentrating on open sources.

Finally, We are trying to solve a problem(in a standard way) which is already 
solved in different projects differently. To have a common solution acceptable 
to all, changes in participating projects are inevitable. Once we get agreement 
in principle, we should be ready to have some changes in the codebase. The TF-A 
project is willing to put effort to put something out there that will enable 
other projects, but we need some degree of assurances that proposed changes 
will be accepted in other projects also.


Thanks
Manish

From: Daniel Thompson 
Sent: 09 July 2021 11:07
To: François Ozog 
Cc: Julius Werner ; Ed Stuber 
; Boot Architecture Mailman List 
; undefined ; Harb 
Abdulhamid OS ; Simon Glass 
; Arjun Khare ; U-Boot Mailing 
List ; t...@lists.trustedfirmware.org 
; Paul Isaac's ; Ron 
Minnich ; Moe Ammar ; Manish 
Pandey2 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

On Fri, Jul 09, 2021 at 09:05:09AM +0200, François Ozog wrote:
> Le ven. 9 juil. 2021 à 03:09, Julius Werner  a écrit :
>
> > > Of course every project would like not to change...
> > >
> > > For TF-A I wonder whether it will/should in fact use devicetree if there
> > is a lot of complex data? TBD, I suppose.
> >
> > Okay, sorry, now I'm a bit confused -- I thought the discussion in
> > this thread was about which parameter hand-off mechanism to use *for
> > TF-A*? Or did it shift to discuss other projects in the meantime (I
> > didn't always follow it closely)? I think it started with the UEFI
> > guys wanting to implement a HOB format to interface with TF-A, and I
> > think we now concluded that they're okay with using a simple parameter
> > list instead (and wrapping their custom HOBs into a parameter blob
> > that contains their UUID and everything else in the data part).
> >
> > So for TF-A, if the decision is that we want a parameter list, I think
> > it makes sense to keep using the format that has already been there
> > and in use for several years, and define new tags for the UEFI HOB use
> > case in that. I don't really see a reason to switch TF-A and all other
> > projects currently interfacing with it that way (e.g. coreboot) to
> > something only used by U-Boot right now, if they're practically
> > identical in concept.
>
> Looking at bl_au_params: used by 3 SoCs to deal with gpio and serial.

I presume this analysis only covers those SoCs where someone (vendor,
customer, community) has upstreamed their TF-A implementation?

It is only relatively recently[1] that the TF-A CLA requirements that
inhibited upstreaming were relaxed. Additionally the current silicon
supply crunch is forcing board designers to second (third and forth)
source critical components which can drive usage of firmware parameter
passing.

In short are you confident adopting a mantra of "it doesn't exist
unless it's upstreamed" is sufficient?


Daniel.


[1] Perhaps not that recent if measured in years... but certainly
recent relative to firmware life cycles!


> Migration may not be that a big effort (handful lines of code?).  The
> key thing is that the biggest consumer of them are BL33 and a little
> bit by some OS drivers (OS itself shall not be a consumer).  U-Boot
> has an established mechanism which is used in particular on all chrome
> books in both x86 and Arm environments.  I have the impression that
> U-Boot is the typical BL33 so I would import the mechanism into TFA,
> not the other way round.  EDK2 has typically its own code for TFA
> matters and may just import BL31, so 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Daniel Thompson]

On Fri, Jul 09, 2021 at 09:05:09AM +0200, François Ozog wrote:
> Le ven. 9 juil. 2021 à 03:09, Julius Werner  a écrit :
> 
> > > Of course every project would like not to change...
> > >
> > > For TF-A I wonder whether it will/should in fact use devicetree if there
> > is a lot of complex data? TBD, I suppose.
> >
> > Okay, sorry, now I'm a bit confused -- I thought the discussion in
> > this thread was about which parameter hand-off mechanism to use *for
> > TF-A*? Or did it shift to discuss other projects in the meantime (I
> > didn't always follow it closely)? I think it started with the UEFI
> > guys wanting to implement a HOB format to interface with TF-A, and I
> > think we now concluded that they're okay with using a simple parameter
> > list instead (and wrapping their custom HOBs into a parameter blob
> > that contains their UUID and everything else in the data part).
> >
> > So for TF-A, if the decision is that we want a parameter list, I think
> > it makes sense to keep using the format that has already been there
> > and in use for several years, and define new tags for the UEFI HOB use
> > case in that. I don't really see a reason to switch TF-A and all other
> > projects currently interfacing with it that way (e.g. coreboot) to
> > something only used by U-Boot right now, if they're practically
> > identical in concept.
> 
> Looking at bl_au_params: used by 3 SoCs to deal with gpio and serial.

I presume this analysis only covers those SoCs where someone (vendor,
customer, community) has upstreamed their TF-A implementation?

It is only relatively recently[1] that the TF-A CLA requirements that
inhibited upstreaming were relaxed. Additionally the current silicon
supply crunch is forcing board designers to second (third and forth)
source critical components which can drive usage of firmware parameter
passing.

In short are you confident adopting a mantra of "it doesn't exist
unless it's upstreamed" is sufficient?


Daniel.


[1] Perhaps not that recent if measured in years... but certainly
recent relative to firmware life cycles!


> Migration may not be that a big effort (handful lines of code?).  The
> key thing is that the biggest consumer of them are BL33 and a little
> bit by some OS drivers (OS itself shall not be a consumer).  U-Boot
> has an established mechanism which is used in particular on all chrome
> books in both x86 and Arm environments.  I have the impression that
> U-Boot is the typical BL33 so I would import the mechanism into TFA,
> not the other way round.  EDK2 has typically its own code for TFA
> matters and may just import BL31, so it does not appear a priority in
> that decision. But I may be wrong…
> 
> >
> > --
> François-Frédéric Ozog | *Director Business Development* T:
> +33.67221.6485 francois.o...@linaro.org | Skype: ffozog
> ___ boot-architecture
> mailing list boot-architect...@lists.linaro.org
> https://lists.linaro.org/mailman/listinfo/boot-architecture

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[François Ozog]

Le ven. 9 juil. 2021 à 03:09, Julius Werner  a écrit :

> > Of course every project would like not to change...
> >
> > For TF-A I wonder whether it will/should in fact use devicetree if there
> is a lot of complex data? TBD, I suppose.
>
> Okay, sorry, now I'm a bit confused -- I thought the discussion in
> this thread was about which parameter hand-off mechanism to use *for
> TF-A*? Or did it shift to discuss other projects in the meantime (I
> didn't always follow it closely)? I think it started with the UEFI
> guys wanting to implement a HOB format to interface with TF-A, and I
> think we now concluded that they're okay with using a simple parameter
> list instead (and wrapping their custom HOBs into a parameter blob
> that contains their UUID and everything else in the data part).
>
> So for TF-A, if the decision is that we want a parameter list, I think
> it makes sense to keep using the format that has already been there
> and in use for several years, and define new tags for the UEFI HOB use
> case in that. I don't really see a reason to switch TF-A and all other
> projects currently interfacing with it that way (e.g. coreboot) to
> something only used by U-Boot right now, if they're practically
> identical in concept.

Looking at bl_au_params: used by 3 SoCs to deal with gpio and serial.
Migration may not be that a big effort (handful lines of code?).
The key thing is that the biggest consumer of them are BL33 and a little
bit by some OS drivers (OS itself shall not be a consumer).
U-Boot has an established mechanism which is used in particular on all
chrome books in both x86 and Arm environments.
I have the impression that U-Boot is the typical BL33 so I would import the
mechanism into TFA, not the other way round.
EDK2 has typically its own code for TFA matters and may just import BL31,
so it does not appear a priority in that decision. But I may be wrong…

>
> --
François-Frédéric Ozog | *Director Business Development*
T: +33.67221.6485
francois.o...@linaro.org | Skype: ffozog

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Julius Werner]

> Of course every project would like not to change...
>
> For TF-A I wonder whether it will/should in fact use devicetree if there is a 
> lot of complex data? TBD, I suppose.

Okay, sorry, now I'm a bit confused -- I thought the discussion in
this thread was about which parameter hand-off mechanism to use *for
TF-A*? Or did it shift to discuss other projects in the meantime (I
didn't always follow it closely)? I think it started with the UEFI
guys wanting to implement a HOB format to interface with TF-A, and I
think we now concluded that they're okay with using a simple parameter
list instead (and wrapping their custom HOBs into a parameter blob
that contains their UUID and everything else in the data part).

So for TF-A, if the decision is that we want a parameter list, I think
it makes sense to keep using the format that has already been there
and in use for several years, and define new tags for the UEFI HOB use
case in that. I don't really see a reason to switch TF-A and all other
projects currently interfacing with it that way (e.g. coreboot) to
something only used by U-Boot right now, if they're practically
identical in concept.

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Simon Glass]

Hi Julius,

On Thu, 8 Jul 2021 at 15:56, Julius Werner  wrote:

> Thank you all for your feedback.
>>
>> It appears that in theory we are all happy with using bloblist with few
>> implementation details which needs to be taken care of during
>> implementation.
>>
>
> Just to clarify: are you using "bloblist" as a general term for the
> concept of a simple linked list of tagged data blobs, or to refer
> specifically to the U-Boot implementation with that name? The existing TF-A
> implementation (bl_aux_params) is basically identical in concept to the
> U-Boot bloblist, but not binary compatible. Are we talking about just
> keeping that, or throwing it away in order to reimplement the exact
> structure U-Boot is using? (I would prefer to keep the bl_aux_params as
> they are to avoid disrupting existing uses, of course. Making
> backwards-incompatible changes to an interface that passes across multiple
> repos and firmware components is always a big pain.)
>

My understanding is that it is U-Boot's bloblist, since it is the lynchpin
here, but perhaps with some changes to support features it may lack. It has
been in U-Boot for a couple of years and is supported in TPL, SPL and
U-Boot proper. It has a good set of unit tests and should be easy enough to
lift into other projects. Note that it is not really a linked list, though
that is one of the extensions proposed.

Of course every project would like not to change...

For TF-A I wonder whether it will/should in fact use devicetree if there is
a lot of complex data? TBD, I suppose.

Regards,
Simon

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Julius Werner]

>
> Thank you all for your feedback.
>
> It appears that in theory we are all happy with using bloblist with few
> implementation details which needs to be taken care of during
> implementation.
>

Just to clarify: are you using "bloblist" as a general term for the concept
of a simple linked list of tagged data blobs, or to refer specifically to
the U-Boot implementation with that name? The existing TF-A implementation
(bl_aux_params) is basically identical in concept to the U-Boot bloblist,
but not binary compatible. Are we talking about just keeping that, or
throwing it away in order to reimplement the exact structure U-Boot is
using? (I would prefer to keep the bl_aux_params as they are to avoid
disrupting existing uses, of course. Making backwards-incompatible changes
to an interface that passes across multiple repos and firmware components
is always a big pain.)

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[François Ozog]

On Thu, 8 Jul 2021 at 13:19, Manish Pandey2  wrote:

> Hi,
>
> Thank you all for your feedback.
>
> It appears that in theory we are all happy with using bloblist with few
> implementation details which needs to be taken care of during
> implementation.
>
> Few comments:
>
> > After all discussions, I now support Simon proposal to use existing
> bloblist: it does the job, is already upstream in key projects (core
> boot, U-Boot), is supported on x86 and Arm.
>  - Agree
>
> >They always have a tag, but one of the tags can be BLOBLISTT_UUID
> indicating it is for private use. But we should not allow this for passing
> across a boundary, so that no software needs to deal with >UUID unless it
> is UEFI / private code. So, basically what Francios says below.
> - We can't stop it passing across a boundry if both consumer and producers
> are private code.
>
Yes. badly worded. Blob list can't be part of standard contract. Following
a conversation with Mark Doran, Samer and I are introducing an ECR on EFI
spec that will make it clear that UEFI HOB list is not part of the EFI
interface for OSes.

>
> >We may have to deal with super small SRAM (256KB) and thus we can assume
> the bloblist will be a single region of blobs. So I would add a
> BLOBLISTT_CONTINUATION which would be a pointer >from the SRAM bloblist to
> a DRAM backed bloblist.
> - Agree
>
> >Re devicetree, how about we use bloblist for simple things, but use a
> devicetree (perhaps in the bloblist) once SDRAM is available. Blobs that
> were created pre-SDRAM can continue to be passed on, >but anything created
> after SDRAM is available should use devicetree? This would ensure that
> complex structures use devicetree rather than C structs, which are of
> course harder to extend / describe.
> - Disagree, this will break the original purpose of having a standard
> which is boundry agnostic.
>
As Alex stated, we can use the binary representation facility without using
any bindings. It could be said the same with AML and ACPI. AML could be
used outside ACPI because it is a very flexible data representation. I make
a clear distinction between FDT data representation and "Device Tree for
hardware description". The FDT data representation as AML can be used in a
complete different contexts outside firmware. Much like ProtoBufs.
So using this does not defeat agnosticism.

>
> Thanks
> Manish
>
> --
> *From:* François Ozog 
> *Sent:* 17 June 2021 20:47
> *To:* Simon Glass 
> *Cc:* Arjun Khare ; Boot Architecture Mailman
> List ; Ed Stuber <
> edstu...@amperecomputing.com>; Harb Abdulhamid OS <
> abdulha...@os.amperecomputing.com>; Joanna Farley ;
> Madhukar Pappireddy ; Manish Pandey2 <
> manish.pand...@arm.com>; Moe Ammar ; Okash
> Khawaja ; Paul Isaac's ;
> Ron Minnich ; U-Boot Mailing List <
> u-boot@lists.denx.de>; t...@lists.trustedfirmware.org <
> t...@lists.trustedfirmware.org>
> *Subject:* Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for
> information passing between boot stages
>
>
>
> Le jeu. 17 juin 2021 à 21:38, Simon Glass  a écrit :
>
> Hi,
>
> On Fri, 11 Jun 2021 at 05:52, François Ozog 
> wrote:
>
>
>
> On Thu, 10 Jun 2021 at 23:57, Manish Pandey2 
> wrote:
>
> Hi Everyone,
>
> I have tried to conclude the discussions we had in two of the TF-A tech
> forum sessions and on mailing list.
>
> The problem we are trying to solve is already solved in different projects
> in different ways, the purpose of these discussions was to come up with a
> standard way which can be adopted widely.
> Considering that many Firmware projects are not DT aware its better to
> avoid its usage and use simple C structures for wider acceptance. Based on
> the discussions following design came up as most acceptable solution
>
>- Use list of pre-defined C data structures(blobs) to pass
>information, let's call it bloblist
>- Only bootloaders stages will participate
>- Blobs will be identified by either tags or UUIDs
>
> They always have a tag, but one of the tags can be BLOBLISTT_UUID
> indicating it is for private use. But we should not allow this for passing
> across a boundary, so that no software needs to deal with UUID unless it is
> UEFI / private code. So, basically what Francios says below.
>
>
>-
>- Pass pointer to the bloblist head through x0
>- Existing usage of x0 will be translated into a blob
>
> After all discussions, I now support Simon proposal to use existing
> bloblist: it does the job, is already upstream in key projects (core boot,
> U-Boot), is supported on x86 and Arm.
>
> I would think of a few additions on the bloblist_rec:
>
> struct bloblist_rec 
> 
>  {
>   u32 
>  
> tag 
> ;
>   u32 
> 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Manish Pandey2]

Hi,

Thank you all for your feedback.

It appears that in theory we are all happy with using bloblist with few 
implementation details which needs to be taken care of during implementation.

Few comments:

> After all discussions, I now support Simon proposal to use existing bloblist: 
> it does the job, is already upstream in key projects (core boot, U-Boot), is 
> supported on x86 and Arm.
 - Agree

>They always have a tag, but one of the tags can be BLOBLISTT_UUID indicating 
>it is for private use. But we should not allow this for passing across a 
>boundary, so that no software needs to deal with >UUID unless it is UEFI / 
>private code. So, basically what Francios says below.
- We can't stop it passing across a boundry if both consumer and producers are 
private code.

>We may have to deal with super small SRAM (256KB) and thus we can assume the 
>bloblist will be a single region of blobs. So I would add a 
>BLOBLISTT_CONTINUATION which would be a pointer >from the SRAM bloblist to a 
>DRAM backed bloblist.
- Agree

>Re devicetree, how about we use bloblist for simple things, but use a 
>devicetree (perhaps in the bloblist) once SDRAM is available. Blobs that were 
>created pre-SDRAM can continue to be passed on, >but anything created after 
>SDRAM is available should use devicetree? This would ensure that complex 
>structures use devicetree rather than C structs, which are of course harder to 
>extend / describe.
- Disagree, this will break the original purpose of having a standard which is 
boundry agnostic.

Thanks
Manish


From: François Ozog 
Sent: 17 June 2021 20:47
To: Simon Glass 
Cc: Arjun Khare ; Boot Architecture Mailman List 
; Ed Stuber ; 
Harb Abdulhamid OS ; Joanna Farley 
; Madhukar Pappireddy ; 
Manish Pandey2 ; Moe Ammar ; 
Okash Khawaja ; Paul Isaac's ; 
Ron Minnich ; U-Boot Mailing List ; 
t...@lists.trustedfirmware.org 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages



Le jeu. 17 juin 2021 à 21:38, Simon Glass 
mailto:s...@chromium.org>> a écrit :
Hi,

On Fri, 11 Jun 2021 at 05:52, François Ozog 
mailto:francois.o...@linaro.org>> wrote:


On Thu, 10 Jun 2021 at 23:57, Manish Pandey2 
mailto:manish.pand...@arm.com>> wrote:
Hi Everyone,

I have tried to conclude the discussions we had in two of the TF-A tech forum 
sessions and on mailing list.

The problem we are trying to solve is already solved in different projects in 
different ways, the purpose of these discussions was to come up with a standard 
way which can be adopted widely.
Considering that many Firmware projects are not DT aware its better to avoid 
its usage and use simple C structures for wider acceptance. Based on the 
discussions following design came up as most acceptable solution

  *   Use list of pre-defined C data structures(blobs) to pass information, 
let's call it bloblist
  *   Only bootloaders stages will participate
  *   Blobs will be identified by either tags or UUIDs

They always have a tag, but one of the tags can be BLOBLISTT_UUID indicating it 
is for private use. But we should not allow this for passing across a boundary, 
so that no software needs to deal with UUID unless it is UEFI / private code. 
So, basically what Francios says below.

  *
  *   Pass pointer to the bloblist head through x0
  *   Existing usage of x0 will be translated into a blob

After all discussions, I now support Simon proposal to use existing bloblist: 
it does the job, is already upstream in key projects (core boot, U-Boot), is 
supported on x86 and Arm.

I would think of a few additions on the bloblist_rec:


struct 
bloblist_rec
 {

u32 
tag;

u32 
hdr_size;

u32 
size;

u32 
spare;
};

enum 
bloblist_tag_t
 {

BLOBLISTT_NONE
 = 0,

/* Vendor-specific tags are permitted here */

BLOBLISTT_EC_HOSTEVENT,
  /* Chromium OS EC host-event mask */

We can give these each a value (=1, =2) so it is clear.

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[François Ozog]

Le lun. 21 juin 2021 à 12:32, Alexander Graf  a écrit :

>
> On 20.05.21 18:42, Simon Glass wrote:
> > Hi,
> >
> > Re Jeremy's comment:
> >> Using DT to pass platform info at this level is sort of crazy on an ACPI
> >> machine which won't have native DTs. Meaning there is an additional
> >> level of unnecessary indirection that needs to be converted back into a
> >> format which can be utilized by AML and other parts of the ACPI stack.
> > U-Boot has to generate part of the ACPI tables programmatically, using
> info
> > from the DT to do so. In other words, U-Boot supports DT but must also
> > support generating AML, etc. I don't see a particular problem with that.
> >
> > I don't think it makes any sense to use ACPI tables to pass data between
> > boot phases, but if that is being proposed, I'd like to understand the
> > reason. I also wonder why people are using UEFI on rpi, but that's a
> > different topic.
>
>
> Reading the conversation, I believe the main confusion is about what
> "use DT to pass data" means.
>
> There are fundamentally two ways to think of this:
>
> 1) Take a standard Linux device tree as input. Use exactly that to pass
> data between stages. Go through the LKML to define pre-Linux bindings.
> Implement a full DT parser to enumerate hardware.
>
> 2) Use DT purely as opaque data transfer mechanism and reuse simple
> parts (directories, compatible strings, etc) but leave out the
> complicated ones (recursive #address-cells, interrupt-map, etc). Use it
> to pass data privately between components. Be self-consistent,
> self-documenting and self-backwards-compatible.
>
>
> Which one of them do you mean Simon? I'd be super happy to see option 2.
> DT as a data container is so much nicer than opaque binary blobs. At the
> same time, I can see how people feel like option 1 would tie them into
> an ecosystem dependency they don't want to be in.

thanks for making that crisply. Option 2 is addressing nicely backward and
forward compatibility.

>
>
> Thanks,
>
> Alex
>
> ___
> boot-architecture mailing list
> boot-architect...@lists.linaro.org
> https://lists.linaro.org/mailman/listinfo/boot-architecture
>
-- 
François-Frédéric Ozog | *Director Linaro Edge & Fog Computing Group*
T: +33.67221.6485
francois.o...@linaro.org | Skype: ffozog

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Alexander Graf]

On 20.05.21 18:42, Simon Glass wrote:

Hi,

Re Jeremy's comment:

Using DT to pass platform info at this level is sort of crazy on an ACPI
machine which won't have native DTs. Meaning there is an additional
level of unnecessary indirection that needs to be converted back into a
format which can be utilized by AML and other parts of the ACPI stack.

U-Boot has to generate part of the ACPI tables programmatically, using info
from the DT to do so. In other words, U-Boot supports DT but must also
support generating AML, etc. I don't see a particular problem with that.

I don't think it makes any sense to use ACPI tables to pass data between
boot phases, but if that is being proposed, I'd like to understand the
reason. I also wonder why people are using UEFI on rpi, but that's a
different topic.



Reading the conversation, I believe the main confusion is about what 
"use DT to pass data" means.


There are fundamentally two ways to think of this:

1) Take a standard Linux device tree as input. Use exactly that to pass 
data between stages. Go through the LKML to define pre-Linux bindings. 
Implement a full DT parser to enumerate hardware.


2) Use DT purely as opaque data transfer mechanism and reuse simple 
parts (directories, compatible strings, etc) but leave out the 
complicated ones (recursive #address-cells, interrupt-map, etc). Use it 
to pass data privately between components. Be self-consistent, 
self-documenting and self-backwards-compatible.



Which one of them do you mean Simon? I'd be super happy to see option 2. 
DT as a data container is so much nicer than opaque binary blobs. At the 
same time, I can see how people feel like option 1 would tie them into 
an ecosystem dependency they don't want to be in.



Thanks,

Alex

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[François Ozog]

+Loic from ST for 32bits perspective.

Le ven. 18 juin 2021 à 19:17, Tom Rini  a écrit :

> On Thu, Jun 17, 2021 at 04:45:48PM -0700, raghu.ncst...@icloud.com wrote:
>
> [snip]
> > I also think it is incorrect to partition platforms into what
> u-boot/linux boot/embdedded systems do and what “UEFI/private code” does.
> UEFI is a huge part of the ARM eco-system and is being used fairly
> extensively and supported across different markets and is not private code.
>
> I don't think "u-boot/linux boot/embedded systems" vs "UEFI/private
> code" is the right distinction.  It's "device tree/related" vs
> "ACPI/related" as the difference between U-Boot (for example) and EDK II
> (for another example) on aarch64 booting a system via EFI is that U-Boot
> is likely to be passing in a device tree (setting aside what we can do
> on x86 as a digression) and EDK II being likely to pass ACPI/related.
> In both cases we can quite easily be talking about all of the data
> having been written to persistent flash and automatically passed along.
>
> To riff on a phrase, U-Boot can be quite boring too.
>
> --
> Tom
>
-- 
François-Frédéric Ozog | *Director Linaro Edge & Fog Computing Group*
T: +33.67221.6485
francois.o...@linaro.org | Skype: ffozog

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Simon Glass]

Hi Raghu,

The thing is, devicetree is already used widely on ARM and it is hard to
see a good alternative. Using a C struct to describe something complicated
is a pain. Take a look at the x86 setup.bin stuff, or the binary block that
PowerPC used to pass to linux. Even the 'atag' tagged structure that ARM
used before devicetree provides an example of the limitations of this
approach. Look also at the huge tables of data passed to Intel's binary
blobs (which are just chunks of UEFI, by the way) and passed back to the
firmware framework, sometimes hundreds of fields across a dozen or more
HOBs. C structs are good for simple things, particularly if they are not
going to need to expand a lot, but devicetree provides more flexible data
types and sizes, schema, human readability, expansion, tooling,
future-proofing, etc. I really feel that this is self-evident, but I'm
happy to go into more detail about why.

If some projects don't want to use devicetree for complex structures,
that's OK. They can do their own thing and avoid talking across boundaries
to other projects. When they have a need to pass complex info in a standard
way to other projects once SDRAM is up, they can see whether adopting
devicetree is worth it.

As I mentioned, "Blobs that were created pre-SDRAM can continue to be
passed on". The proposal is just that we should not *create* new data in a
blob once SDRAM is running. So we don't need to "take data from a bloblist
and patch it in a devicetree".

There seems to be no benefit or need for a UUID where open collaboration is
desired; in fact it appears to be designed for the opposite. The 'killer'
argument provided for UUID is it allows people to allocate them in
isolation without any reference to another project, which is exactly the
opposite of open collaboration... So long as UUID is not *required* in any
of the structures passed through the open firmware components, it seems OK
to have it as an option. But it should not be *required* by ATF, etc.
Specifically, U-Boot should be able to parse and generate bloblists without
any UUID code. Further to that, it wouldn't
make sense to use UUID to pass info from ATF to UEFI just because it is
UEFI. Why not just use a tag? We have to allocate it anyway...

As to market segments, again, why? If we have a simple but sufficient
solution, why not use that everywhere?

I am not sure how to respond to the part about UEFI not being private code;
perhaps we just have different meanings of the word. Where is the project
with all the boards supported by UEFI? U-Boot supports about 1300 with all
sorts of vendors collaborating on advancing open firmware, over two
decades. In any case that seems like a different topic. We don't need to
discuss the merits of the different development models to come to an
agreement on how to pass info between components, open or not.

Regards,
SImon

On Thu, 17 Jun 2021 at 17:45,  wrote:

> My take: Don’t force device tree on platforms. Lets not make decisions
> about whether SDRAM is sufficient to expose device tree, that is assuming
> size may be the only problem with device tree. Some platforms don’t want to
> use device tree just like some platforms don’t want to use UUID’s(which
> b.t.w does not necessarily mean private use as was explained during the
> TF-A forums).
>
> I support ARM’s proposal that partitions the problem based on market
> segments and allows different platforms to choose what is right for them,
> that includes the ability to use UUID if a platform so chooses AND across
> boundaries. I wouldn’t vote for the proposal below about using bloblist for
> simple things and device tree for other complex things based on SRAM/SDRAM
> etc. that complicates things further. What if you need to pass information
> from the bloblist to later boot stages? Do we take data from bloblist and
> patch it into a device tree?
>
>
>
> I also think it is incorrect to partition platforms into what u-boot/linux
> boot/embdedded systems do and what “UEFI/private code” does. UEFI is a huge
> part of the ARM eco-system and is being used fairly extensively and
> supported across different markets and is not private code.
>
>
>
> Thanks
>
> -Raghu
>
>
>
> *From:* TF-A  *On Behalf Of *François
> Ozog via TF-A
> *Sent:* Thursday, June 17, 2021 12:57 PM
> *To:* Simon Glass 
> *Cc:* Ed Stuber ; Boot Architecture Mailman
> List ; Harb Abdulhamid OS <
> abdulha...@os.amperecomputing.com>; U-Boot Mailing List <
> u-boot@lists.denx.de>; Arjun Khare ;
> t...@lists.trustedfirmware.org; Paul Isaac's ;
> Ron Minnich ; Moe Ammar 
> *Subject:* Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for
> information passing between boot stages
>
>
>
>
>
>
>
> Le jeu. 17 juin 2021 à 21:38, Simon Glass  a écrit :
>
> Hi,
>
>
>
> On Fri, 11 Jun 2021 at 05:52, François Ozog 
> wrote:
>
>
>
>
>
> On Thu, 10 Jun 2021 at 23:57, Manish Pandey2 
> wrote:
>
> Hi Everyone,
>
>
>
> I have tried to conclude the discussions we had in two of the TF-A tech
> forum 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Tom Rini]

On Thu, Jun 17, 2021 at 04:45:48PM -0700, raghu.ncst...@icloud.com wrote:

[snip]
> I also think it is incorrect to partition platforms into what u-boot/linux 
> boot/embdedded systems do and what “UEFI/private code” does. UEFI is a huge 
> part of the ARM eco-system and is being used fairly extensively and supported 
> across different markets and is not private code.

I don't think "u-boot/linux boot/embedded systems" vs "UEFI/private
code" is the right distinction.  It's "device tree/related" vs
"ACPI/related" as the difference between U-Boot (for example) and EDK II
(for another example) on aarch64 booting a system via EFI is that U-Boot
is likely to be passing in a device tree (setting aside what we can do
on x86 as a digression) and EDK II being likely to pass ACPI/related.
In both cases we can quite easily be talking about all of the data
having been written to persistent flash and automatically passed along.

To riff on a phrase, U-Boot can be quite boring too.

-- 
Tom


signature.asc
Description: PGP signature

RE: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[raghu.ncstate]

My take: Don’t force device tree on platforms. Lets not make decisions about 
whether SDRAM is sufficient to expose device tree, that is assuming size may be 
the only problem with device tree. Some platforms don’t want to use device tree 
just like some platforms don’t want to use UUID’s(which b.t.w does not 
necessarily mean private use as was explained during the TF-A forums).

I support ARM’s proposal that partitions the problem based on market segments 
and allows different platforms to choose what is right for them, that includes 
the ability to use UUID if a platform so chooses AND across boundaries. I 
wouldn’t vote for the proposal below about using bloblist for simple things and 
device tree for other complex things based on SRAM/SDRAM etc. that complicates 
things further. What if you need to pass information from the bloblist to later 
boot stages? Do we take data from bloblist and patch it into a device tree?

 

I also think it is incorrect to partition platforms into what u-boot/linux 
boot/embdedded systems do and what “UEFI/private code” does. UEFI is a huge 
part of the ARM eco-system and is being used fairly extensively and supported 
across different markets and is not private code.

 

Thanks

-Raghu

 

From: TF-A  On Behalf Of François Ozog 
via TF-A
Sent: Thursday, June 17, 2021 12:57 PM
To: Simon Glass 
Cc: Ed Stuber ; Boot Architecture Mailman List 
; Harb Abdulhamid OS 
; U-Boot Mailing List 
; Arjun Khare ; 
t...@lists.trustedfirmware.org; Paul Isaac's ; Ron 
Minnich ; Moe Ammar 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

 

 

 

Le jeu. 17 juin 2021 à 21:38, Simon Glass mailto:s...@chromium.org> > a écrit :

Hi,

 

On Fri, 11 Jun 2021 at 05:52, François Ozog mailto:francois.o...@linaro.org> > wrote:

 

 

On Thu, 10 Jun 2021 at 23:57, Manish Pandey2 mailto:manish.pand...@arm.com> > wrote:

Hi Everyone,

 

I have tried to conclude the discussions we had in two of the TF-A tech forum 
sessions and on mailing list.

 

The problem we are trying to solve is already solved in different projects in 
different ways, the purpose of these discussions was to come up with a standard 
way which can be adopted widely.

Considering that many Firmware projects are not DT aware its better to avoid 
its usage and use simple C structures for wider acceptance. Based on the 
discussions following design came up as most acceptable solution

*   Use list of pre-defined C data structures(blobs) to pass information, 
let's call it bloblist
*   Only bootloaders stages will participate
*   Blobs will be identified by either tags or UUIDs

They always have a tag, but one of the tags can be BLOBLISTT_UUID indicating it 
is for private use. But we should not allow this for passing across a boundary, 
so that no software needs to deal with UUID unless it is UEFI / private code. 
So, basically what Francios says below.

*
*   Pass pointer to the bloblist head through x0
*   Existing usage of x0 will be translated into a blob

After all discussions, I now support Simon proposal to use existing bloblist: 
it does the job, is already upstream in key projects (core boot, U-Boot), is 
supported on x86 and Arm. 

 

I would think of a few additions on the bloblist_rec:

 

struct  

 bloblist_rec {
   
 
u32  
 
tag;
   
 
u32  

 hdr_size;
   
 
u32 size;
   
 
u32  
 
spare;
};
enum  

 bloblist_tag_t {


 BLOBLISTT_NONE = 0,
 
   /* Vendor-specific tags are permitted here */


 BLOBLISTT_EC_HOSTEVENT,   /* Chromium OS EC host-event mask */

 

We can give these each a value (=1, =2) so it is clear. 



 BLOBLISTT_SPL_HANDOFF,/* Hand-off info from SPL */


 BLOBLISTT_VBOOT_CTX,  /* Chromium OS verified boot context */

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[François Ozog]

Le jeu. 17 juin 2021 à 21:38, Simon Glass  a écrit :

> Hi,
>
> On Fri, 11 Jun 2021 at 05:52, François Ozog 
> wrote:
>
>>
>>
>> On Thu, 10 Jun 2021 at 23:57, Manish Pandey2 
>> wrote:
>>
>>> Hi Everyone,
>>>
>>> I have tried to conclude the discussions we had in two of the TF-A tech
>>> forum sessions and on mailing list.
>>>
>>> The problem we are trying to solve is already solved in different
>>> projects in different ways, the purpose of these discussions was to come up
>>> with a standard way which can be adopted widely.
>>> Considering that many Firmware projects are not DT aware its better to
>>> avoid its usage and use simple C structures for wider acceptance. Based on
>>> the discussions following design came up as most acceptable solution
>>>
>>>- Use list of pre-defined C data structures(blobs) to pass
>>>information, let's call it bloblist
>>>- Only bootloaders stages will participate
>>>- Blobs will be identified by either tags or UUIDs
>>>
>>> They always have a tag, but one of the tags can be BLOBLISTT_UUID
> indicating it is for private use. But we should not allow this for passing
> across a boundary, so that no software needs to deal with UUID unless it is
> UEFI / private code. So, basically what Francios says below.
>
>>
>>>-
>>>- Pass pointer to the bloblist head through x0
>>>- Existing usage of x0 will be translated into a blob
>>>
>>> After all discussions, I now support Simon proposal to use existing
>> bloblist: it does the job, is already upstream in key projects (core boot,
>> U-Boot), is supported on x86 and Arm.
>>
>> I would think of a few additions on the bloblist_rec:
>>
>> struct bloblist_rec 
>> 
>>  {
>>  u32 
>>  
>> tag 
>> ;
>>  u32 
>>  
>> hdr_size 
>> ;
>>  u32 
>>  
>> size;
>>  u32 
>>  
>> spare 
>> ;};
>>
>> enum bloblist_tag_t 
>> 
>>  {
>>  BLOBLISTT_NONE 
>> 
>>  = 0,
>>
>>  /* Vendor-specific tags are permitted here */
>>  BLOBLISTT_EC_HOSTEVENT 
>> ,
>>  /* Chromium OS EC host-event mask */
>>
>>
> We can give these each a value (=1, =2) so it is clear.
>
>>  BLOBLISTT_SPL_HANDOFF 
>> ,
>>/* Hand-off info from SPL */
>>  BLOBLISTT_VBOOT_CTX 
>> ,
>>/* Chromium OS verified boot context */
>>  BLOBLISTT_VBOOT_HANDOFF 
>> ,
>>/* Chromium OS internal handoff info */
>>  /*   * Advanced Configuration and Power Interface Global 
>> Non-Volatile* Sleeping table. This forms part of the ACPI tables 
>> passed to Linux.   */
>>  BLOBLISTT_ACPI_GNVS 
>> ,
>>  BLOBLISTT_INTEL_VBT 
>> ,
>>/* Intel Video-BIOS table */
>>  BLOBLISTT_TPM2_TCG_LOG 
>> ,
>>  /* TPM v2 log space */
>>  BLOBLISTT_TCPA_LOG 
>> ,
>>  /* TPM log space */
>>  BLOBLISTT_ACPI_TABLES 
>> ,
>>/* ACPI tables for x86 */
>>  BLOBLISTT_SMBIOS_TABLES 
>> ,
>>/* SMBIOS tables for x86 */
>>
>> How about:
>
> BLOBLISTT_LOCAL = 0xf000u   /* values in this space are for local use
> during development */
>
>>  BLOBLISTT_COUNT 
>> };
>>
>> I would add a BLOBLISTT_UUID for all proprietary things that people want
>> 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Simon Glass]

Hi,

On Fri, 11 Jun 2021 at 05:52, François Ozog 
wrote:

>
>
> On Thu, 10 Jun 2021 at 23:57, Manish Pandey2 
> wrote:
>
>> Hi Everyone,
>>
>> I have tried to conclude the discussions we had in two of the TF-A tech
>> forum sessions and on mailing list.
>>
>> The problem we are trying to solve is already solved in different
>> projects in different ways, the purpose of these discussions was to come up
>> with a standard way which can be adopted widely.
>> Considering that many Firmware projects are not DT aware its better to
>> avoid its usage and use simple C structures for wider acceptance. Based on
>> the discussions following design came up as most acceptable solution
>>
>>- Use list of pre-defined C data structures(blobs) to pass
>>information, let's call it bloblist
>>- Only bootloaders stages will participate
>>- Blobs will be identified by either tags or UUIDs
>>
>> They always have a tag, but one of the tags can be BLOBLISTT_UUID
indicating it is for private use. But we should not allow this for passing
across a boundary, so that no software needs to deal with UUID unless it is
UEFI / private code. So, basically what Francios says below.

>
>>-
>>- Pass pointer to the bloblist head through x0
>>- Existing usage of x0 will be translated into a blob
>>
>> After all discussions, I now support Simon proposal to use existing
> bloblist: it does the job, is already upstream in key projects (core boot,
> U-Boot), is supported on x86 and Arm.
>
> I would think of a few additions on the bloblist_rec:
>
> struct bloblist_rec 
> 
>  {
>   u32 
>  
> tag 
> ;
>   u32 
>  
> hdr_size 
> ;
>   u32 
>  
> size;
>   u32 
>  
> spare 
> ;};
>
> enum bloblist_tag_t 
> 
>  {
>   BLOBLISTT_NONE 
> 
>  = 0,
>
>   /* Vendor-specific tags are permitted here */
>   BLOBLISTT_EC_HOSTEVENT 
> ,
>  /* Chromium OS EC host-event mask */
>
>
We can give these each a value (=1, =2) so it is clear.

>   BLOBLISTT_SPL_HANDOFF 
> ,
>/* Hand-off info from SPL */
>   BLOBLISTT_VBOOT_CTX 
> ,
>/* Chromium OS verified boot context */
>   BLOBLISTT_VBOOT_HANDOFF 
> ,
>/* Chromium OS internal handoff info */
>   /*   * Advanced Configuration and Power Interface Global 
> Non-Volatile* Sleeping table. This forms part of the ACPI tables 
> passed to Linux.   */
>   BLOBLISTT_ACPI_GNVS 
> ,
>   BLOBLISTT_INTEL_VBT 
> ,
>/* Intel Video-BIOS table */
>   BLOBLISTT_TPM2_TCG_LOG 
> ,
>  /* TPM v2 log space */
>   BLOBLISTT_TCPA_LOG 
> ,
>  /* TPM log space */
>   BLOBLISTT_ACPI_TABLES 
> ,
>/* ACPI tables for x86 */
>   BLOBLISTT_SMBIOS_TABLES 
> ,
>/* SMBIOS tables for x86 */
>
> How about:

BLOBLISTT_LOCAL = 0xf000u   /* values in this space are for local use
during development */

>   BLOBLISTT_COUNT 
> };
>
> I would add a BLOBLISTT_UUID for all proprietary things that people want
> to add. Using private space in a 64 bit field does not make the thing open.
> So by using this tag, we know exactly the nature of the blob. Negotiating
> for 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[François Ozog]

On Thu, 10 Jun 2021 at 23:57, Manish Pandey2  wrote:

> Hi Everyone,
>
> I have tried to conclude the discussions we had in two of the TF-A tech
> forum sessions and on mailing list.
>
> The problem we are trying to solve is already solved in different projects
> in different ways, the purpose of these discussions was to come up with a
> standard way which can be adopted widely.
> Considering that many Firmware projects are not DT aware its better to
> avoid its usage and use simple C structures for wider acceptance. Based on
> the discussions following design came up as most acceptable solution
>
>- Use list of pre-defined C data structures(blobs) to pass
>information, let's call it bloblist
>- Only bootloaders stages will participate
>- Blobs will be identified by either tags or UUIDs
>- Pass pointer to the bloblist head through x0
>- Existing usage of x0 will be translated into a blob
>
> After all discussions, I now support Simon proposal to use existing
bloblist: it does the job, is already upstream in key projects (core boot,
U-Boot), is supported on x86 and Arm.

I would think of a few additions on the bloblist_rec:

struct bloblist_rec

{
u32 

tag 
;
u32 

hdr_size 
;
u32 

size;
u32 

spare 
;};

enum bloblist_tag_t

{
BLOBLISTT_NONE

= 0,

/* Vendor-specific tags are permitted here */
BLOBLISTT_EC_HOSTEVENT
,
/*
Chromium OS EC host-event mask */
BLOBLISTT_SPL_HANDOFF
,
 /*
Hand-off info from SPL */
BLOBLISTT_VBOOT_CTX
,
   /*
Chromium OS verified boot context */
BLOBLISTT_VBOOT_HANDOFF
,
   /*
Chromium OS internal handoff info */
/*   * Advanced Configuration and Power Interface Global 
Non-Volatile   
* Sleeping table. This forms part of the ACPI tables passed to Linux.   
*/
BLOBLISTT_ACPI_GNVS
,
BLOBLISTT_INTEL_VBT
,
   /*
Intel Video-BIOS table */
BLOBLISTT_TPM2_TCG_LOG
,
/*
TPM v2 log space */
BLOBLISTT_TCPA_LOG
,
/*
TPM log space */
BLOBLISTT_ACPI_TABLES
,
 /*
ACPI tables for x86 */
BLOBLISTT_SMBIOS_TABLES
,
   /*
SMBIOS tables for x86 */

BLOBLISTT_COUNT
};

I would add a BLOBLISTT_UUID for all proprietary things that people want to
add. Using private space in a 64 bit field does not make the thing open. So
by using this tag, we know exactly the nature of the blob. Negotiating for
adding a new tag is a good open governance process.

We may have to deal with super small SRAM (256KB) and thus we can assume
the bloblist will be a single region of blobs. So I would add a
BLOBLISTT_CONTINUATION which would be a pointer from the SRAM bloblist to a
DRAM backed bloblist.

Other tags to consider: PSCI interface details, DRAM information, SCMI
stuff, Secure SRAM and DRAM information...



>- Going forward we would provide core changes to demonstrate this
>design on various TF-A boundries, BL1<->BL2, BL2<->BL31 and
>BL31<->BL33(only BL31 part)
>
>
> Please share your thoughts if you disagree to the proposed solution.
>
> Also, refer to attached 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Joanna Farley]

+ TF-A list that got dropped (again)!

Joanna

From: Joanna Farley 
Date: Wednesday, 2 June 2021 at 15:29
To: Madhukar Pappireddy , Okash Khawaja 
, Simon Glass 
Cc: Harb Abdulhamid OS , Boot Architecture 
Mailman List , Ed Stuber 
, Arjun Khare , 
U-Boot Mailing List , Paul Isaac's 
, Ron Minnich , Moe Ammar 

Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages


Hi Everyone,



The Manish Pandy and  Madhukar Pappireddy of the TF-A team are planning to host 
another TF-A Tech Forum this Thursday to continue the live discussion.



Here is their agenda:

On tech forum this week, we would like to continue discussions on HOB list 
design.

The topics which we would like to cover is

1. Evaluate different proposals of passing information through boot phases.

2. If we don't get an agreement on one solution fit for all then we would try 
to get consensus for Infra segment platform(to solve original problem mentioned 
by Harb)

3. Try to get an agreement on size of tags and how "hybrid and tag only" HOB 
list can co-exist together?



Details of the call are:



==



TF-A Tech Forum

WhenEvery 2 weeks from 16:00 to 17:00 on Thursday United Kingdom Time

Calendar  t...@lists.trustedfirmware.org

Who  •  Bill Fletcher- creator

•  t...@lists.trustedfirmware.org



We run an open technical forum call for anyone to participate and it is not 
restricted to Trusted Firmware project members. It will operate under the 
guidance of the TF TSC.



Feel free to forward this invite to colleagues. Invites are via the TF-A 
mailing list and also published on the Trusted Firmware website. Details are 
here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/



Trusted Firmware is inviting you to a scheduled Zoom meeting.



Join Zoom Meeting

https://zoom.us/j/9159704974



Meeting ID: 915 970 4974



One tap mobile

+16465588656,,9159704974# US (New York)

+16699009128,,9159704974# US (San Jose)



Dial by your location

+1 646 558 8656 US (New York)

+1 669 900 9128 US (San Jose)

877 853 5247 US Toll-free

888 788 0099 US Toll-free

Meeting ID: 915 970 4974

Find your local number: https://zoom.us/u/ad27hc6t7h









Joanna















On 19/05/2021, 03:50, "Madhukar Pappireddy"  wrote:



Attached slides presented by Manish in the TF-A tech forum.





-Original Message-

From: TF-A  On Behalf Of Madhukar 
Pappireddy via TF-A

Sent: Tuesday, May 18, 2021 8:59 PM

To: Joanna Farley ; Okash Khawaja 
; Simon Glass 

Cc: Harb Abdulhamid OS ; Boot 
Architecture Mailman List ; Ed Stuber 
; Arjun Khare ; 
U-Boot Mailing List ; t...@lists.trustedfirmware.org; 
Paul Isaac's ; Ron Minnich ; Moe 
Ammar 

Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages



Hi,



I tried to summarize the discussions in the previous TF-A tech forum 
regarding the proposal to adopt Hand-off Blocks (HOBs) for passing information 
along the boot chain. I am certain I could not capture all suggestions/concerns 
brought up during the call. I apologize if I missed and/or misinterpreted any 
comments and would appreciate it if everyone could share their thoughts in 
response to this email thread.



The idea is to share information to other boot phases:

> Dynamic information: Created during runtime. Shared in the form of a 
chain of blobs(built as a linked list of C structure objects i.e., HOB list).

> Static information: Known at compile time. Historically, shared through 
the use of Device Tree/ACPI tables



Both the above requirements are common in many ecosystems and need to 
co-exist.



There are broadly 3 problems to solve:

1. Format of HOB structures: It looks like the consensus is that we could 
use existing mechanisms for this (BL_AUX_PARAM in TF-A or bloblist in u-boot).

2. Identification of HOB list entries: There is a debate about whether tags 
would suffice or if the HOB list producer and consumer would depend on 
UUID/GUIDs for identifying a specific HOB structure. Another suggestion was to 
use a hybrid approach. Reserve a single tag ID for identifying/constructing a 
HOB structure that further leverages UUID based identifier. This way, the 
generic HOB list doesn't need to support UUIDs and can work with tags.

3. The design contract for the static interface between two boot phases: 
The problem at hand is whether to pass a pointer to a HOB list or a device tree 
blob through the general-purpose registers for configuration hand-off between 
two boot phases. Some proposals that came up:

> Proposal 1: Always pass a pointer to the device tree blob through 
the GP register and capture the pointer to the HOB list as a property of a node 
that is uniquely identifiable by the downstream boot phase. This 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Joanna Farley]

Hi Everyone,



The Manish Pandy and  Madhukar Pappireddy of the TF-A team are planning to host 
another TF-A Tech Forum this Thursday to continue the live discussion.



Here is their agenda:

On tech forum this week, we would like to continue discussions on HOB list 
design.

The topics which we would like to cover is

1. Evaluate different proposals of passing information through boot phases.

2. If we don't get an agreement on one solution fit for all then we would try 
to get consensus for Infra segment platform(to solve original problem mentioned 
by Harb)

3. Try to get an agreement on size of tags and how "hybrid and tag only" HOB 
list can co-exist together?



Details of the call are:



==



TF-A Tech Forum

WhenEvery 2 weeks from 16:00 to 17:00 on Thursday United Kingdom Time

Calendar  t...@lists.trustedfirmware.org

Who  •  Bill Fletcher- creator

•  t...@lists.trustedfirmware.org



We run an open technical forum call for anyone to participate and it is not 
restricted to Trusted Firmware project members. It will operate under the 
guidance of the TF TSC.



Feel free to forward this invite to colleagues. Invites are via the TF-A 
mailing list and also published on the Trusted Firmware website. Details are 
here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/



Trusted Firmware is inviting you to a scheduled Zoom meeting.



Join Zoom Meeting

https://zoom.us/j/9159704974



Meeting ID: 915 970 4974



One tap mobile

+16465588656,,9159704974# US (New York)

+16699009128,,9159704974# US (San Jose)



Dial by your location

+1 646 558 8656 US (New York)

+1 669 900 9128 US (San Jose)

877 853 5247 US Toll-free

888 788 0099 US Toll-free

Meeting ID: 915 970 4974

Find your local number: https://zoom.us/u/ad27hc6t7h









Joanna















On 19/05/2021, 03:50, "Madhukar Pappireddy"  
wrote:



Attached slides presented by Manish in the TF-A tech forum.





-Original Message-

From: TF-A  On Behalf Of Madhukar 
Pappireddy via TF-A

Sent: Tuesday, May 18, 2021 8:59 PM

To: Joanna Farley ; Okash Khawaja 
; Simon Glass 

Cc: Harb Abdulhamid OS ; Boot 
Architecture Mailman List ; Ed Stuber 
; Arjun Khare ; 
U-Boot Mailing List ; t...@lists.trustedfirmware.org; 
Paul Isaac's ; Ron Minnich ; Moe 
Ammar 

Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages



Hi,



I tried to summarize the discussions in the previous TF-A tech forum 
regarding the proposal to adopt Hand-off Blocks (HOBs) for passing information 
along the boot chain. I am certain I could not capture all suggestions/concerns 
brought up during the call. I apologize if I missed and/or misinterpreted any 
comments and would appreciate it if everyone could share their thoughts in 
response to this email thread.



The idea is to share information to other boot phases:

> Dynamic information: Created during runtime. Shared in the form of a 
chain of blobs(built as a linked list of C structure objects i.e., HOB list).

> Static information: Known at compile time. Historically, shared through 
the use of Device Tree/ACPI tables



Both the above requirements are common in many ecosystems and need to 
co-exist.



There are broadly 3 problems to solve:

1. Format of HOB structures: It looks like the consensus is that we could 
use existing mechanisms for this (BL_AUX_PARAM in TF-A or bloblist in u-boot).

2. Identification of HOB list entries: There is a debate about whether tags 
would suffice or if the HOB list producer and consumer would depend on 
UUID/GUIDs for identifying a specific HOB structure. Another suggestion was to 
use a hybrid approach. Reserve a single tag ID for identifying/constructing a 
HOB structure that further leverages UUID based identifier. This way, the 
generic HOB list doesn't need to support UUIDs and can work with tags.

3. The design contract for the static interface between two boot phases: 
The problem at hand is whether to pass a pointer to a HOB list or a device tree 
blob through the general-purpose registers for configuration hand-off between 
two boot phases. Some proposals that came up:

> Proposal 1: Always pass a pointer to the device tree blob through 
the GP register and capture the pointer to the HOB list as a property of a node 
that is uniquely identifiable by the downstream boot phase. This needs to 
define a device tree binding such that producer and consumer agree on the 
information passed.

> Proposal 2: Pass a pointer to a generic container through the GP 
register that can be interpreted appropriately by both boot loaders(i.e., 
producer and consumer of the boot info). This container can either be a dtb or 
a HOB list which can be simply inferred by checking for a magic header that 
indicates 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Simon Glass]

Hi,

Re Jeremy's comment:
> Using DT to pass platform info at this level is sort of crazy on an ACPI
> machine which won't have native DTs. Meaning there is an additional
> level of unnecessary indirection that needs to be converted back into a
> format which can be utilized by AML and other parts of the ACPI stack.

U-Boot has to generate part of the ACPI tables programmatically, using info
from the DT to do so. In other words, U-Boot supports DT but must also
support generating AML, etc. I don't see a particular problem with that.

I don't think it makes any sense to use ACPI tables to pass data between
boot phases, but if that is being proposed, I'd like to understand the
reason. I also wonder why people are using UEFI on rpi, but that's a
different topic.

I favour using a bloblist with 32-bit tags and simple C structs for the
early phases, say up to U-Boot SPL, where there is limited memory and CPU
power. For passing larger, more complex and future-proof data in later boot
stages (e.g. SPL onwards, loading optee, TF-A, remoteproc) , put a DT in
the bloblist and add the info there.The DT can use the normal compatible
string Julian refers to, which is a proven solution to the identification
problem.

I suggest UEFI should add libfdt if needed, rather than spreading the
obfuscating and opaque UUIDs further than they need to go The compiled size
of libfdt is much smaller than people realise. I believe UUIDs solve a
problem that we should not encourage in a collaborative firmware
environment.

Regards,
Simon



On Thu, 20 May 2021 at 04:34, Julian Hall  wrote:

> Hi,
>
> My interest in boot information passing is from the perspective of a
> down-boot-chain consumer.  From this perspective,  I have the following
> preferences:
>
> 1) Whatever information passing mechanism is used (e.g. HOB or DT), we use
> a common object identification scheme that may be used with either
> mechanism.  This helps to decouple components that consume information from
> the actual delivery method.
>
> 2) A hierarchical naming scheme is used (e.g. like the DT 'compatible'
> string).  This has the following benefits:
> a. Scales well as the naming authority can be delegated to
> different organisations.
> b. Clear traceability to the defining authority.
> c. No reliance on a central register of IDs.
> d. New IDs can be freely defined without much ceremony.
> e. Names can be meaningful and easy to understand.
> f. The hierarchical structure may be exploited if necessary to
> include things like family, version, instance number or any other structure
> that makes sense to the naming authority.
>
> Just my two cents worth.
>
> Best regards,
> Julian
>
>
> -Original Message-
> From: TF-A  On Behalf Of Madhukar
> Pappireddy via TF-A
> Sent: 19 May 2021 02:59
> To: Joanna Farley ; Okash Khawaja <
> okash.khaw...@gmail.com>; Simon Glass 
> Cc: Harb Abdulhamid OS ; Boot
> Architecture Mailman List ; Ed Stuber
> ; Arjun Khare ;
> U-Boot Mailing List ; t...@lists.trustedfirmware.org;
> Paul Isaac's ; Ron Minnich ;
> Moe Ammar 
> Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for
> information passing between boot stages
>
> Hi,
>
> I tried to summarize the discussions in the previous TF-A tech forum
> regarding the proposal to adopt Hand-off Blocks (HOBs) for passing
> information along the boot chain. I am certain I could not capture all
> suggestions/concerns brought up during the call. I apologize if I missed
> and/or misinterpreted any comments and would appreciate it if everyone
> could share their thoughts in response to this email thread.
>
> The idea is to share information to other boot phases:
> > Dynamic information: Created during runtime. Shared in the form of a
> chain of blobs(built as a linked list of C structure objects i.e., HOB
> list).
> > Static information: Known at compile time. Historically, shared through
> the use of Device Tree/ACPI tables
>
> Both the above requirements are common in many ecosystems and need to
> co-exist.
>
> There are broadly 3 problems to solve:
> 1. Format of HOB structures: It looks like the consensus is that we could
> use existing mechanisms for this (BL_AUX_PARAM in TF-A or bloblist in
> u-boot).
> 2. Identification of HOB list entries: There is a debate about whether
> tags would suffice or if the HOB list producer and consumer would depend on
> UUID/GUIDs for identifying a specific HOB structure. Another suggestion was
> to use a hybrid approach. Reserve a single tag ID for
> identifying/constructing a HOB structure that further leverages UUID based
> identifier. This way, the generic HOB list doesn't need to support UUIDs
> and can work with tags.
> 3. The design contract for the static interface between two boot phases:
> The problem at hand is whether to pass a pointer to a HOB list or a device
> tree blob through the general-purpose registers for configuration hand-off
> between two boot phases. Some 

RE: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Julian Hall]

Hi,

My interest in boot information passing is from the perspective of a 
down-boot-chain consumer.  From this perspective,  I have the following 
preferences:

1) Whatever information passing mechanism is used (e.g. HOB or DT), we use a 
common object identification scheme that may be used with either mechanism.  
This helps to decouple components that consume information from the actual 
delivery method.

2) A hierarchical naming scheme is used (e.g. like the DT 'compatible' string). 
 This has the following benefits:
a. Scales well as the naming authority can be delegated to different 
organisations.
b. Clear traceability to the defining authority.
c. No reliance on a central register of IDs.
d. New IDs can be freely defined without much ceremony.
e. Names can be meaningful and easy to understand.
f. The hierarchical structure may be exploited if necessary to include 
things like family, version, instance number or any other structure that makes 
sense to the naming authority.

Just my two cents worth.

Best regards,
Julian


-Original Message-
From: TF-A  On Behalf Of Madhukar 
Pappireddy via TF-A
Sent: 19 May 2021 02:59
To: Joanna Farley ; Okash Khawaja 
; Simon Glass 
Cc: Harb Abdulhamid OS ; Boot Architecture 
Mailman List ; Ed Stuber 
; Arjun Khare ; 
U-Boot Mailing List ; t...@lists.trustedfirmware.org; 
Paul Isaac's ; Ron Minnich ; Moe 
Ammar 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

Hi,

I tried to summarize the discussions in the previous TF-A tech forum regarding 
the proposal to adopt Hand-off Blocks (HOBs) for passing information along the 
boot chain. I am certain I could not capture all suggestions/concerns brought 
up during the call. I apologize if I missed and/or misinterpreted any comments 
and would appreciate it if everyone could share their thoughts in response to 
this email thread.

The idea is to share information to other boot phases:
> Dynamic information: Created during runtime. Shared in the form of a chain of 
> blobs(built as a linked list of C structure objects i.e., HOB list).
> Static information: Known at compile time. Historically, shared through the 
> use of Device Tree/ACPI tables

Both the above requirements are common in many ecosystems and need to co-exist.

There are broadly 3 problems to solve:
1. Format of HOB structures: It looks like the consensus is that we could use 
existing mechanisms for this (BL_AUX_PARAM in TF-A or bloblist in u-boot).
2. Identification of HOB list entries: There is a debate about whether tags 
would suffice or if the HOB list producer and consumer would depend on 
UUID/GUIDs for identifying a specific HOB structure. Another suggestion was to 
use a hybrid approach. Reserve a single tag ID for identifying/constructing a 
HOB structure that further leverages UUID based identifier. This way, the 
generic HOB list doesn't need to support UUIDs and can work with tags.
3. The design contract for the static interface between two boot phases: The 
problem at hand is whether to pass a pointer to a HOB list or a device tree 
blob through the general-purpose registers for configuration hand-off between 
two boot phases. Some proposals that came up:
> Proposal 1: Always pass a pointer to the device tree blob through the 
GP register and capture the pointer to the HOB list as a property of a node 
that is uniquely identifiable by the downstream boot phase. This needs to 
define a device tree binding such that producer and consumer agree on the 
information passed.
> Proposal 2: Pass a pointer to a generic container through the GP 
register that can be interpreted appropriately by both boot loaders(i.e., 
producer and consumer of the boot info). This container can either be a dtb or 
a HOB list which can be simply inferred by checking for a magic header that 
indicates if the buffer appears to be a flattened device tree.
> One another concern that was brought up offline is to make sure we 
don't break current design contracts between various boot loader phases in 
TF-A. Many of the general-purpose registers have a designated purpose such as 
to share configurations between BL images( such as firmware config dtb, SoC 
config dtb, Non trusted firmware config dtb, memory layout, entry point info, 
etc.).

If I am not mistaken, a single design may not fit the needs of every 
segment(client, Infra, embedded) and the forum is open to solutions tailored 
for individual segments. Joanna will be sending a follow up email with more 
information about future TF-A tech forums that serves as a platform for further 
discussions.

Thanks,
Madhukar

-Original Message-
From: TF-A  On Behalf Of Joanna Farley 
via TF-A
Sent: Sunday, May 16, 2021 5:19 AM
To: Okash Khawaja ; Simon Glass 
Cc: Harb Abdulhamid OS ; Boot Architecture 
Mailman List ; 
t...@lists.trustedfirmware.org; Ed Stuber ; Arjun 
Khare ; 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[François Ozog]

Le mer. 19 mai 2021 à 03:58, Madhukar Pappireddy via TF-A <
t...@lists.trustedfirmware.org> a écrit :

> Hi,
>
> I tried to summarize the discussions in the previous TF-A tech forum
> regarding the proposal to adopt Hand-off Blocks (HOBs) for passing
> information along the boot chain. I am certain I could not capture all
> suggestions/concerns brought up during the call. I apologize if I missed
> and/or misinterpreted any comments and would appreciate it if everyone
> could share their thoughts in response to this email thread.
>
> The idea is to share information to other boot phases:
> > Dynamic information: Created during runtime. Shared in the form of a
> chain of blobs(built as a linked list of C structure objects i.e., HOB
> list).
> > Static information: Known at compile time. Historically, shared through
> the use of Device Tree/ACPI tables
>
> Both the above requirements are common in many ecosystems and need to
> co-exist.
>
> There are broadly 3 problems to solve:
> 1. Format of HOB structures: It looks like the consensus is that we could
> use existing mechanisms for this (BL_AUX_PARAM in TF-A or bloblist in
> u-boot).
> 2. Identification of HOB list entries: There is a debate about whether
> tags would suffice or if the HOB list producer and consumer would depend on
> UUID/GUIDs for identifying a specific HOB structure. Another suggestion was
> to use a hybrid approach. Reserve a single tag ID for
> identifying/constructing a HOB structure that further leverages UUID based
> identifier. This way, the generic HOB list doesn't need to support UUIDs
> and can work with tags.
> 3. The design contract for the static interface between two boot phases:
> The problem at hand is whether to pass a pointer to a HOB list or a device
> tree blob through the general-purpose registers for configuration hand-off
> between two boot phases. Some proposals that came up:
> > Proposal 1: Always pass a pointer to the device tree blob
> through the GP register and capture the pointer to the HOB list as a
> property of a node that is uniquely identifiable by the downstream boot
> phase. This needs to define a device tree binding such that producer and
> consumer agree on the information passed.
> > Proposal 2: Pass a pointer to a generic container through the GP
> register that can be interpreted appropriately by both boot loaders(i.e.,
> producer and consumer of the boot info). This container can either be a dtb
> or a HOB list which can be simply inferred by checking for a magic header
> that indicates if the buffer appears to be a flattened device tree.
> > One another concern that was brought up offline is to make sure
> we don't break current design contracts between various boot loader phases
> in TF-A. Many of the general-purpose registers have a designated purpose
> such as to share configurations between BL images( such as firmware config
> dtb, SoC config dtb, Non trusted firmware config dtb, memory layout, entry
> point info, etc.).
>
there should be another paragraph:
4. Requirements for data representation.
I’ll take two concrete examples related to DIMM slot population and
reporting.
6 years ago (can’t be sure) only DRAM modules could be fitted into DIMM
slots. And then came NVDIMM and flash as DIMM (invented by Diablo
technologies: 1TB of flash on a DIMM with a few MB as IO buffers and
control registers - those memory regions where the only addressable DRAM).
In both cases all firmware chain had to be changed to cope with them. If we
had used self descriptive information passing (CBOR, DT, AML) for DIMM slot
population and not C structure the journey would have been much simpler
with forward and backward compatibility as a major side effect.
So for data representation , I would concur with previous Ron Minnich
@googke comment that we should be using self descriptive information rather
than C structures.

>
> If I am not mistaken, a single design may not fit the needs of every
> segment(client, Infra, embedded) and the forum is open to solutions
> tailored for individual segments. Joanna will be sending a follow up email
> with more information about future TF-A tech forums that serves as a
> platform for further discussions.
>
> Thanks,
> Madhukar
>
> -Original Message-
> From: TF-A  On Behalf Of Joanna
> Farley via TF-A
> Sent: Sunday, May 16, 2021 5:19 AM
> To: Okash Khawaja ; Simon Glass  >
> Cc: Harb Abdulhamid OS ; Boot
> Architecture Mailman List ;
> t...@lists.trustedfirmware.org; Ed Stuber ;
> Arjun Khare ; U-Boot Mailing List <
> u-boot@lists.denx.de>; Paul Isaac's ; Ron Minnich
> ; Moe Ammar 
> Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for
> information passing between boot stages
>
> Apologies I failed with the recording. Manish/Madhu will reply early next
> week with the slides and some notes to help with a follow up session which
> we hope to hold this Thursday. Invite and agenda will also be sent out
> early next week.
>
> Thanks

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[François Ozog]

Le mer. 19 mai 2021 à 23:51, Jeremy Linton via TF-A <
t...@lists.trustedfirmware.org> a écrit :

> On 5/18/21 8:59 PM, Madhukar Pappireddy via TF-A wrote:
> > Hi,
> >
> > I tried to summarize the discussions in the previous TF-A tech forum
> regarding the proposal to adopt Hand-off Blocks (HOBs) for passing
> information along the boot chain. I am certain I could not capture all
> suggestions/concerns brought up during the call. I apologize if I missed
> and/or misinterpreted any comments and would appreciate it if everyone
> could share their thoughts in response to this email thread.
> >
> > The idea is to share information to other boot phases:
> >> Dynamic information: Created during runtime. Shared in the form of a
> chain of blobs(built as a linked list of C structure objects i.e., HOB
> list).
> >> Static information: Known at compile time. Historically, shared through
> the use of Device Tree/ACPI tables
> >
> > Both the above requirements are common in many ecosystems and need to
> co-exist.
> >
> > There are broadly 3 problems to solve:
> > 1. Format of HOB structures: It looks like the consensus is that we
> could use existing mechanisms for this (BL_AUX_PARAM in TF-A or bloblist in
> u-boot).
> > 2. Identification of HOB list entries: There is a debate about whether
> tags would suffice or if the HOB list producer and consumer would depend on
> UUID/GUIDs for identifying a specific HOB structure. Another suggestion was
> to use a hybrid approach. Reserve a single tag ID for
> identifying/constructing a HOB structure that further leverages UUID based
> identifier. This way, the generic HOB list doesn't need to support UUIDs
> and can work with tags.
> > 3. The design contract for the static interface between two boot phases:
> The problem at hand is whether to pass a pointer to a HOB list or a device
> tree blob through the general-purpose registers for configuration hand-off
> between two boot phases. Some proposals that came up:
> >   > Proposal 1: Always pass a pointer to the device tree blob
> through the GP register and capture the pointer to the HOB list as a
> property of a node that is uniquely identifiable by the downstream boot
> phase. This needs to define a device tree binding such that producer and
> consumer agree on the information passed.
>
>
> Using DT to pass platform info at this level is sort of crazy on an ACPI
> machine which won't have native DTs. Meaning there is an additional
> level of unnecessary indirection that needs to be converted back into a
> format which can be utilized by AML and other parts of the ACPI stack.

I would love the BL33 becomes a product maker (using  a board vendor
product) decision: using EDK2, U-Boot, LinuxBoot or even Xen directly as
BL33.
If this is a goal , then there will be a need for a translation layer
between the firmware framework (tfa, core boot, uboot SPL) formats and the
non secure firmware format.
If this is not a goal then I agree that passing a DT in an ACPI system is
suboptimal. That said there is a UEFI PI HOB that is a DT container and
used in existing systems. And conversely, in systems with complex MDIO or
other hardware without ACPI representation (serdes), it does not make sense
to bring ACPI stuff.
The easiest path is to not give a choice of BL33 and have a format for each
“realm”: DT or ACPI.


>
> Its also helpful to look at what has become of the rpi4 uefi port, where
> the DT is actually dynamic (or provided by the user, complete with HAT
> overlays) and fed into the lower level firmware and propagated up
> through the system.  The result has frequently been subtle bugs or boot
> failures because the DT provided by the rpi foundation as part of their
> low level firwmare+kernel stack is modified by their low level firwmare,
> and it differs from the DT in mainline linux. So more than once we have
> discovered that there isn't a single DT that can be boot both the
> current firmware and a current mainline linux. In the past there was
> even an option to use one DT for the firmware and an entirely seperate
> one for linux, but that was removed when it bacame apparent you couldn't
> have the lower level firmwaer say modifying MMIO windows for the PCIe
> subsystem and not propogate that into the other user supplied DT.
>
ACPI shows that firmware provided hardware description makes life easier.
That’s why Arm SystemReady-IR states that it should be the case for DT too.
RPI4 and beaglebone have had different strategies and each with good and
bad things. The Linaro  Device Tree Evolution open project is tackling
diverse aspects of DT including proper handling hats, and other runtime
adaptations.

>
> At this point the uefi firmware on the rpi will provide a DT if asked,
> but it doesn't parse it nor does anything in the AML. Instead everything
> is done directly against the hardware, even when the HW registers aren't
> well documented.That is in large parts because the AML requirements are
> a lot different than what is 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Jeremy Linton]

On 5/18/21 8:59 PM, Madhukar Pappireddy via TF-A wrote:

Hi,

I tried to summarize the discussions in the previous TF-A tech forum regarding 
the proposal to adopt Hand-off Blocks (HOBs) for passing information along the 
boot chain. I am certain I could not capture all suggestions/concerns brought 
up during the call. I apologize if I missed and/or misinterpreted any comments 
and would appreciate it if everyone could share their thoughts in response to 
this email thread.
  
The idea is to share information to other boot phases:

Dynamic information: Created during runtime. Shared in the form of a chain of 
blobs(built as a linked list of C structure objects i.e., HOB list).
Static information: Known at compile time. Historically, shared through the use 
of Device Tree/ACPI tables
  
Both the above requirements are common in many ecosystems and need to co-exist.
  
There are broadly 3 problems to solve:

1. Format of HOB structures: It looks like the consensus is that we could use 
existing mechanisms for this (BL_AUX_PARAM in TF-A or bloblist in u-boot).
2. Identification of HOB list entries: There is a debate about whether tags 
would suffice or if the HOB list producer and consumer would depend on 
UUID/GUIDs for identifying a specific HOB structure. Another suggestion was to 
use a hybrid approach. Reserve a single tag ID for identifying/constructing a 
HOB structure that further leverages UUID based identifier. This way, the 
generic HOB list doesn't need to support UUIDs and can work with tags.
3. The design contract for the static interface between two boot phases: The 
problem at hand is whether to pass a pointer to a HOB list or a device tree 
blob through the general-purpose registers for configuration hand-off between 
two boot phases. Some proposals that came up:
> Proposal 1: Always pass a pointer to the device tree blob through the 
GP register and capture the pointer to the HOB list as a property of a node that 
is uniquely identifiable by the downstream boot phase. This needs to define a 
device tree binding such that producer and consumer agree on the information 
passed.



Using DT to pass platform info at this level is sort of crazy on an ACPI 
machine which won't have native DTs. Meaning there is an additional 
level of unnecessary indirection that needs to be converted back into a 
format which can be utilized by AML and other parts of the ACPI stack.


Its also helpful to look at what has become of the rpi4 uefi port, where
the DT is actually dynamic (or provided by the user, complete with HAT 
overlays) and fed into the lower level firmware and propagated up 
through the system.  The result has frequently been subtle bugs or boot 
failures because the DT provided by the rpi foundation as part of their 
low level firwmare+kernel stack is modified by their low level firwmare, 
and it differs from the DT in mainline linux. So more than once we have 
discovered that there isn't a single DT that can be boot both the 
current firmware and a current mainline linux. In the past there was 
even an option to use one DT for the firmware and an entirely seperate 
one for linux, but that was removed when it bacame apparent you couldn't 
have the lower level firmwaer say modifying MMIO windows for the PCIe 
subsystem and not propogate that into the other user supplied DT.


At this point the uefi firmware on the rpi will provide a DT if asked, 
but it doesn't parse it nor does anything in the AML. Instead everything 
is done directly against the hardware, even when the HW registers aren't 
well documented.That is in large parts because the AML requirements are 
a lot different than what is provided in the DT.





> Proposal 2: Pass a pointer to a generic container through the GP 
register that can be interpreted appropriately by both boot loaders(i.e., producer 
and consumer of the boot info). This container can either be a dtb or a HOB list 
which can be simply inferred by checking for a magic header that indicates if the 
buffer appears to be a flattened device tree.
> One another concern that was brought up offline is to make sure we 
don't break current design contracts between various boot loader phases in TF-A. 
Many of the general-purpose registers have a designated purpose such as to share 
configurations between BL images( such as firmware config dtb, SoC config dtb, Non 
trusted firmware config dtb, memory layout, entry point info, etc.).

If I am not mistaken, a single design may not fit the needs of every 
segment(client, Infra, embedded) and the forum is open to solutions tailored 
for individual segments. Joanna will be sending a follow up email with more 
information about future TF-A tech forums that serves as a platform for further 
discussions.

Thanks,
Madhukar

-Original Message-
From: TF-A  On Behalf Of Joanna Farley 
via TF-A
Sent: Sunday, May 16, 2021 5:19 AM
To: Okash Khawaja ; Simon Glass 
Cc: Harb Abdulhamid OS ; Boot Architecture 

RE: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Madhukar Pappireddy]

Hi,

I tried to summarize the discussions in the previous TF-A tech forum regarding 
the proposal to adopt Hand-off Blocks (HOBs) for passing information along the 
boot chain. I am certain I could not capture all suggestions/concerns brought 
up during the call. I apologize if I missed and/or misinterpreted any comments 
and would appreciate it if everyone could share their thoughts in response to 
this email thread.
 
The idea is to share information to other boot phases:
> Dynamic information: Created during runtime. Shared in the form of a chain of 
> blobs(built as a linked list of C structure objects i.e., HOB list). 
> Static information: Known at compile time. Historically, shared through the 
> use of Device Tree/ACPI tables
 
Both the above requirements are common in many ecosystems and need to co-exist. 
 
There are broadly 3 problems to solve:
1. Format of HOB structures: It looks like the consensus is that we could use 
existing mechanisms for this (BL_AUX_PARAM in TF-A or bloblist in u-boot).
2. Identification of HOB list entries: There is a debate about whether tags 
would suffice or if the HOB list producer and consumer would depend on 
UUID/GUIDs for identifying a specific HOB structure. Another suggestion was to 
use a hybrid approach. Reserve a single tag ID for identifying/constructing a 
HOB structure that further leverages UUID based identifier. This way, the 
generic HOB list doesn't need to support UUIDs and can work with tags.
3. The design contract for the static interface between two boot phases: The 
problem at hand is whether to pass a pointer to a HOB list or a device tree 
blob through the general-purpose registers for configuration hand-off between 
two boot phases. Some proposals that came up:
> Proposal 1: Always pass a pointer to the device tree blob through the 
GP register and capture the pointer to the HOB list as a property of a node 
that is uniquely identifiable by the downstream boot phase. This needs to 
define a device tree binding such that producer and consumer agree on the 
information passed.
> Proposal 2: Pass a pointer to a generic container through the GP 
register that can be interpreted appropriately by both boot loaders(i.e., 
producer and consumer of the boot info). This container can either be a dtb or 
a HOB list which can be simply inferred by checking for a magic header that 
indicates if the buffer appears to be a flattened device tree.
> One another concern that was brought up offline is to make sure we 
don't break current design contracts between various boot loader phases in 
TF-A. Many of the general-purpose registers have a designated purpose such as 
to share configurations between BL images( such as firmware config dtb, SoC 
config dtb, Non trusted firmware config dtb, memory layout, entry point info, 
etc.).

If I am not mistaken, a single design may not fit the needs of every 
segment(client, Infra, embedded) and the forum is open to solutions tailored 
for individual segments. Joanna will be sending a follow up email with more 
information about future TF-A tech forums that serves as a platform for further 
discussions. 

Thanks,
Madhukar

-Original Message-
From: TF-A  On Behalf Of Joanna Farley 
via TF-A
Sent: Sunday, May 16, 2021 5:19 AM
To: Okash Khawaja ; Simon Glass 
Cc: Harb Abdulhamid OS ; Boot Architecture 
Mailman List ; 
t...@lists.trustedfirmware.org; Ed Stuber ; Arjun 
Khare ; U-Boot Mailing List ; 
Paul Isaac's ; Ron Minnich ; Moe 
Ammar 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

Apologies I failed with the recording. Manish/Madhu will reply early next week 
with the slides and some notes to help with a follow up session which we hope 
to hold this Thursday. Invite and agenda will also be sent out early next week.

Thanks

Joanna 

On 14/05/2021, 13:30, "TF-A on behalf of Okash Khawaja via TF-A" 
 wrote:

Hi,

Do we have slides and video from last week's discussion?

Thanks,
Okash


On Wed, May 5, 2021 at 11:52 PM Simon Glass via TF-A
 wrote:
>
> Hi Harb,
>
> Thanks for the idea. I am still not completely sure what benefit UUID 
provides to an open project. I'd like to propose something different, more in 
the spirit of open collaboration. I also worry that the word 'standard' seems 
to be a synonym for UUIDs, UEFI, etc., i.e. enabling/preferring closed-source 
firmware and the continued decline of open-source projects. It really should 
not be.
>
> So I suggest: Use simple integer IDs and reserve some area for 'private' 
use.  If you want to collaborate across projects outside your company, you 
either need to allocate a 'public' ID or agree privately between the parties 
which private ID to use.
>
> This means that the default and easiest option is for collaboration and a 
public ID, with private ones (whose purpose may be secret) reserved just for 
private use.
 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Joanna Farley]

Looks t...@lists.trustedfirmware.org got dropped. Adding that back in.

Joanna

On 19/05/2021, 15:33, "Joanna Farley"  wrote:

It’s a bit short notice to host another TF-A Tech-forum call on this 
tomorrow for a live debate as well as Manish who led the call last time is not 
available this week. So I propose our next TF-A Techforum session on Thursday 
3rd June at 4pm BST and between now and then email discussions can possibly be 
pursued.

From a TF-A perspective we want to help facilitate a number of 
segments/use-cases we heard about as Madhu mentions below.  As such any 
enablement we can provide in TF-A common code would be good to identify that 
contributors to other segments/use-cases can build upon in shared platform code 
in TF-A or elsewhere outside the TF-A repository of that works better for those 
segments/use-cases.

Thanks

Joanna

On 19/05/2021, 03:50, "Madhukar Pappireddy"  
wrote:

Attached slides presented by Manish in the TF-A tech forum.


-Original Message-
From: TF-A  On Behalf Of 
Madhukar Pappireddy via TF-A
Sent: Tuesday, May 18, 2021 8:59 PM
To: Joanna Farley ; Okash Khawaja 
; Simon Glass 
Cc: Harb Abdulhamid OS ; Boot 
Architecture Mailman List ; Ed Stuber 
; Arjun Khare ; 
U-Boot Mailing List ; t...@lists.trustedfirmware.org; 
Paul Isaac's ; Ron Minnich ; Moe 
Ammar 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

Hi,

I tried to summarize the discussions in the previous TF-A tech forum 
regarding the proposal to adopt Hand-off Blocks (HOBs) for passing information 
along the boot chain. I am certain I could not capture all suggestions/concerns 
brought up during the call. I apologize if I missed and/or misinterpreted any 
comments and would appreciate it if everyone could share their thoughts in 
response to this email thread.

The idea is to share information to other boot phases:
> Dynamic information: Created during runtime. Shared in the form of a 
chain of blobs(built as a linked list of C structure objects i.e., HOB list).
> Static information: Known at compile time. Historically, shared 
through the use of Device Tree/ACPI tables

Both the above requirements are common in many ecosystems and need to 
co-exist.

There are broadly 3 problems to solve:
1. Format of HOB structures: It looks like the consensus is that we 
could use existing mechanisms for this (BL_AUX_PARAM in TF-A or bloblist in 
u-boot).
2. Identification of HOB list entries: There is a debate about whether 
tags would suffice or if the HOB list producer and consumer would depend on 
UUID/GUIDs for identifying a specific HOB structure. Another suggestion was to 
use a hybrid approach. Reserve a single tag ID for identifying/constructing a 
HOB structure that further leverages UUID based identifier. This way, the 
generic HOB list doesn't need to support UUIDs and can work with tags.
3. The design contract for the static interface between two boot 
phases: The problem at hand is whether to pass a pointer to a HOB list or a 
device tree blob through the general-purpose registers for configuration 
hand-off between two boot phases. Some proposals that came up:
> Proposal 1: Always pass a pointer to the device tree blob 
through the GP register and capture the pointer to the HOB list as a property 
of a node that is uniquely identifiable by the downstream boot phase. This 
needs to define a device tree binding such that producer and consumer agree on 
the information passed.
> Proposal 2: Pass a pointer to a generic container through the 
GP register that can be interpreted appropriately by both boot loaders(i.e., 
producer and consumer of the boot info). This container can either be a dtb or 
a HOB list which can be simply inferred by checking for a magic header that 
indicates if the buffer appears to be a flattened device tree.
> One another concern that was brought up offline is to make 
sure we don't break current design contracts between various boot loader phases 
in TF-A. Many of the general-purpose registers have a designated purpose such 
as to share configurations between BL images( such as firmware config dtb, SoC 
config dtb, Non trusted firmware config dtb, memory layout, entry point info, 
etc.).

If I am not mistaken, a single design may not fit the needs of every 
segment(client, Infra, embedded) and the forum is open to solutions tailored 
for individual segments. Joanna will be sending a follow up email with more 
information about future TF-A tech forums that serves as a platform for further 
discussions.

Thanks,
Madhukar

-Original Message-
From: TF-A  On Behalf Of Joanna 
Farley via TF-A
Sent: Sunday, May 16, 2021 5:19 AM
To: Okash Khawaja ; Simon 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Joanna Farley]

It’s a bit short notice to host another TF-A Tech-forum call on this tomorrow 
for a live debate as well as Manish who led the call last time is not available 
this week. So I propose our next TF-A Techforum session on Thursday 3rd June at 
4pm BST and between now and then email discussions can possibly be pursued.

From a TF-A perspective we want to help facilitate a number of 
segments/use-cases we heard about as Madhu mentions below.  As such any 
enablement we can provide in TF-A common code would be good to identify that 
contributors to other segments/use-cases can build upon in shared platform code 
in TF-A or elsewhere outside the TF-A repository of that works better for those 
segments/use-cases.

Thanks

Joanna

On 19/05/2021, 03:50, "Madhukar Pappireddy"  
wrote:

Attached slides presented by Manish in the TF-A tech forum.


-Original Message-
From: TF-A  On Behalf Of Madhukar 
Pappireddy via TF-A
Sent: Tuesday, May 18, 2021 8:59 PM
To: Joanna Farley ; Okash Khawaja 
; Simon Glass 
Cc: Harb Abdulhamid OS ; Boot 
Architecture Mailman List ; Ed Stuber 
; Arjun Khare ; 
U-Boot Mailing List ; t...@lists.trustedfirmware.org; 
Paul Isaac's ; Ron Minnich ; Moe 
Ammar 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

Hi,

I tried to summarize the discussions in the previous TF-A tech forum 
regarding the proposal to adopt Hand-off Blocks (HOBs) for passing information 
along the boot chain. I am certain I could not capture all suggestions/concerns 
brought up during the call. I apologize if I missed and/or misinterpreted any 
comments and would appreciate it if everyone could share their thoughts in 
response to this email thread.

The idea is to share information to other boot phases:
> Dynamic information: Created during runtime. Shared in the form of a 
chain of blobs(built as a linked list of C structure objects i.e., HOB list).
> Static information: Known at compile time. Historically, shared through 
the use of Device Tree/ACPI tables

Both the above requirements are common in many ecosystems and need to 
co-exist.

There are broadly 3 problems to solve:
1. Format of HOB structures: It looks like the consensus is that we could 
use existing mechanisms for this (BL_AUX_PARAM in TF-A or bloblist in u-boot).
2. Identification of HOB list entries: There is a debate about whether tags 
would suffice or if the HOB list producer and consumer would depend on 
UUID/GUIDs for identifying a specific HOB structure. Another suggestion was to 
use a hybrid approach. Reserve a single tag ID for identifying/constructing a 
HOB structure that further leverages UUID based identifier. This way, the 
generic HOB list doesn't need to support UUIDs and can work with tags.
3. The design contract for the static interface between two boot phases: 
The problem at hand is whether to pass a pointer to a HOB list or a device tree 
blob through the general-purpose registers for configuration hand-off between 
two boot phases. Some proposals that came up:
> Proposal 1: Always pass a pointer to the device tree blob through 
the GP register and capture the pointer to the HOB list as a property of a node 
that is uniquely identifiable by the downstream boot phase. This needs to 
define a device tree binding such that producer and consumer agree on the 
information passed.
> Proposal 2: Pass a pointer to a generic container through the GP 
register that can be interpreted appropriately by both boot loaders(i.e., 
producer and consumer of the boot info). This container can either be a dtb or 
a HOB list which can be simply inferred by checking for a magic header that 
indicates if the buffer appears to be a flattened device tree.
> One another concern that was brought up offline is to make sure 
we don't break current design contracts between various boot loader phases in 
TF-A. Many of the general-purpose registers have a designated purpose such as 
to share configurations between BL images( such as firmware config dtb, SoC 
config dtb, Non trusted firmware config dtb, memory layout, entry point info, 
etc.).

If I am not mistaken, a single design may not fit the needs of every 
segment(client, Infra, embedded) and the forum is open to solutions tailored 
for individual segments. Joanna will be sending a follow up email with more 
information about future TF-A tech forums that serves as a platform for further 
discussions.

Thanks,
Madhukar

-Original Message-
From: TF-A  On Behalf Of Joanna 
Farley via TF-A
Sent: Sunday, May 16, 2021 5:19 AM
To: Okash Khawaja ; Simon Glass 
Cc: Harb Abdulhamid OS ; Boot 
Architecture Mailman List ; 
t...@lists.trustedfirmware.org; Ed Stuber ; Arjun 
Khare ; U-Boot Mailing List ; 
Paul Isaac's ; Ron Minnich ; Moe 
Ammar 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Joanna Farley]

Apologies I failed with the recording. Manish/Madhu will reply early next week 
with the slides and some notes to help with a follow up session which we hope 
to hold this Thursday. Invite and agenda will also be sent out early next week.

Thanks

Joanna 

On 14/05/2021, 13:30, "TF-A on behalf of Okash Khawaja via TF-A" 
 wrote:

Hi,

Do we have slides and video from last week's discussion?

Thanks,
Okash


On Wed, May 5, 2021 at 11:52 PM Simon Glass via TF-A
 wrote:
>
> Hi Harb,
>
> Thanks for the idea. I am still not completely sure what benefit UUID 
provides to an open project. I'd like to propose something different, more in 
the spirit of open collaboration. I also worry that the word 'standard' seems 
to be a synonym for UUIDs, UEFI, etc., i.e. enabling/preferring closed-source 
firmware and the continued decline of open-source projects. It really should 
not be.
>
> So I suggest: Use simple integer IDs and reserve some area for 'private' 
use.  If you want to collaborate across projects outside your company, you 
either need to allocate a 'public' ID or agree privately between the parties 
which private ID to use.
>
> This means that the default and easiest option is for collaboration and a 
public ID, with private ones (whose purpose may be secret) reserved just for 
private use.
>
> Regards,
> Simon
>
> On Wed, 5 May 2021 at 11:42, Harb Abdulhamid OS 
 wrote:
>>
>> Hey Folks,
>>
>> We wanted to put out a middle-ground proposal to help guide the 
discussion on the call tomorrow.
>>
>>
>>
>> A proposal that we have been discussing offline involves reserving a 
single tag ID for the purpose of construction UEFI PI HOB List structure, and 
that tag would be used to identify a HOB-specific structure that does leverage 
UUID based identifier.  This will eliminate the burden of having to support 
UUID as the tag, and this enables projects that require UUID based identifiers 
for the broad range of HOB structures that need to be produced during the 
booting of the platform.  Once we have a tag for a HOB list, this will enable 
various HOB producers that can add/extend the HOB list in TF-A code (or even 
pre-TF-A code), with a HOB consumer for that UUID/GUID on the other side (i.e. 
whatever the BL33 image is booting on that platform).
>>
>>
>>
>> Essentially, the idea is if someone would like to support HOB structures 
in a standard way using TF-A, they would wrap it up in a BL_AUX_PARAM/BLOB 
structure (whatever the group decides) and the way we identify the structure as 
a HOB list is with this new reserved tag.
>>
>>
>>
>> Hopefully that makes sense and less contentious.  Look forward to 
discuss this further on the call.
>>
>>
>>
>> Thanks,
>>
>> --Harb
>>
>>
>>
>> From: Manish Pandey2 
>> Sent: Friday, April 30, 2021 8:14 AM
>> To: François Ozog 
>> Cc: Simon Glass ; Julius Werner 
; Harb Abdulhamid OS ; 
Boot Architecture Mailman List ; 
t...@lists.trustedfirmware.org; U-Boot Mailing List ; 
Paul Isaac's ; Ron Minnich 
>> Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages
>>
>>
>>
>> Hi All,
>>
>>
>>
>> Please find invite for next TF-A Tech Forum session to continue our 
discussions on HOB implementation, feel free to forward it to others.
>>
>>
>>
>> The next TF-A Tech Forum is scheduled for Thu 6th May 2021 16:00 – 17:00 
(BST).
>>
>>
>>
>> Agenda:
>>
>> Discussion Session: Static and Dynamic Information Handling in TF-A
>>
>> Lead by Manish Pandey and Madhukar Pappireddy
>>
>> · There is ongoing mailing lists discussion[1] related with 
adopting a mechanism to pass information through boot stages.
>>
>> The requirement is two-fold:
>>
>> 1.  Passing static information(config files)
>>
>> 2.  Passing dynamic information (Hob list)
>>
>> In the upcoming TF-A tech forum, we can start with a discussion on 
dynamic information passing and if time permits, we can cover static 
information passing. The purpose of the call is to have an open discussion and 
continue the discussion from the trusted-substrate call[2] done earlier. We 
would like to understand the various requirements and possible ways to 
implement it in TF-A in a generalized way so that it can work with other 
Firmware projects.
>>
>>
>>
>> The two specific item which we would like to discuss are:
>>
>> 1.  HOB format: TF-A/u-boot both has an existing bloblist 
implementation, which uses tag values. Question, can this be enhanced to use 
hybrid values(Tag and UUID) both?
>>
>> 2.  Standardization on Physical register use to pass base of HoB 
data structure.
>>
>> References:
>>
>> [1] 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Okash Khawaja]

Hi,

Do we have slides and video from last week's discussion?

Thanks,
Okash


On Wed, May 5, 2021 at 11:52 PM Simon Glass via TF-A
 wrote:
>
> Hi Harb,
>
> Thanks for the idea. I am still not completely sure what benefit UUID 
> provides to an open project. I'd like to propose something different, more in 
> the spirit of open collaboration. I also worry that the word 'standard' seems 
> to be a synonym for UUIDs, UEFI, etc., i.e. enabling/preferring closed-source 
> firmware and the continued decline of open-source projects. It really should 
> not be.
>
> So I suggest: Use simple integer IDs and reserve some area for 'private' use. 
>  If you want to collaborate across projects outside your company, you either 
> need to allocate a 'public' ID or agree privately between the parties which 
> private ID to use.
>
> This means that the default and easiest option is for collaboration and a 
> public ID, with private ones (whose purpose may be secret) reserved just for 
> private use.
>
> Regards,
> Simon
>
> On Wed, 5 May 2021 at 11:42, Harb Abdulhamid OS 
>  wrote:
>>
>> Hey Folks,
>>
>> We wanted to put out a middle-ground proposal to help guide the discussion 
>> on the call tomorrow.
>>
>>
>>
>> A proposal that we have been discussing offline involves reserving a single 
>> tag ID for the purpose of construction UEFI PI HOB List structure, and that 
>> tag would be used to identify a HOB-specific structure that does leverage 
>> UUID based identifier.  This will eliminate the burden of having to support 
>> UUID as the tag, and this enables projects that require UUID based 
>> identifiers for the broad range of HOB structures that need to be produced 
>> during the booting of the platform.  Once we have a tag for a HOB list, this 
>> will enable various HOB producers that can add/extend the HOB list in TF-A 
>> code (or even pre-TF-A code), with a HOB consumer for that UUID/GUID on the 
>> other side (i.e. whatever the BL33 image is booting on that platform).
>>
>>
>>
>> Essentially, the idea is if someone would like to support HOB structures in 
>> a standard way using TF-A, they would wrap it up in a BL_AUX_PARAM/BLOB 
>> structure (whatever the group decides) and the way we identify the structure 
>> as a HOB list is with this new reserved tag.
>>
>>
>>
>> Hopefully that makes sense and less contentious.  Look forward to discuss 
>> this further on the call.
>>
>>
>>
>> Thanks,
>>
>> --Harb
>>
>>
>>
>> From: Manish Pandey2 
>> Sent: Friday, April 30, 2021 8:14 AM
>> To: François Ozog 
>> Cc: Simon Glass ; Julius Werner ; 
>> Harb Abdulhamid OS ; Boot Architecture 
>> Mailman List ; 
>> t...@lists.trustedfirmware.org; U-Boot Mailing List ; 
>> Paul Isaac's ; Ron Minnich 
>> Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
>> information passing between boot stages
>>
>>
>>
>> Hi All,
>>
>>
>>
>> Please find invite for next TF-A Tech Forum session to continue our 
>> discussions on HOB implementation, feel free to forward it to others.
>>
>>
>>
>> The next TF-A Tech Forum is scheduled for Thu 6th May 2021 16:00 – 17:00 
>> (BST).
>>
>>
>>
>> Agenda:
>>
>> Discussion Session: Static and Dynamic Information Handling in TF-A
>>
>> Lead by Manish Pandey and Madhukar Pappireddy
>>
>> · There is ongoing mailing lists discussion[1] related with adopting 
>> a mechanism to pass information through boot stages.
>>
>> The requirement is two-fold:
>>
>> 1.  Passing static information(config files)
>>
>> 2.  Passing dynamic information (Hob list)
>>
>> In the upcoming TF-A tech forum, we can start with a discussion on dynamic 
>> information passing and if time permits, we can cover static information 
>> passing. The purpose of the call is to have an open discussion and continue 
>> the discussion from the trusted-substrate call[2] done earlier. We would 
>> like to understand the various requirements and possible ways to implement 
>> it in TF-A in a generalized way so that it can work with other Firmware 
>> projects.
>>
>>
>>
>> The two specific item which we would like to discuss are:
>>
>> 1.  HOB format: TF-A/u-boot both has an existing bloblist 
>> implementation, which uses tag values. Question, can this be enhanced to use 
>> hybrid values(Tag and UUID) both?
>>
>> 2.  Standardization on Physical register use to pass base of HoB data 
>> structure.
>>
>> References:
>>
>> [1] https://lists.trustedfirmware.org/pipermail/tf-a/2021-April/001069.html
>>
>> [2] 
>> https://linaro-org.zoom.us/rec/share/zjfHeMIumkJhirLCVQYTHR6ftaqyWvF_0klgQnHTqzgA5Wav0qOO8n7SAM0yj-Hg.mLyFkVJNB1vDKqw_
>>  Passcode: IPn+5q%
>>
>>
>>
>> Thanks
>>
>>
>>
>> Joanna
>>
>>
>>
>> You have been invited to the following event.
>>
>> TF-A Tech Forum
>>
>> When
>>
>> Every 2 weeks from 16:00 to 17:00 on Thursday United Kingdom Time
>>
>> Calendar
>>
>> t...@lists.trustedfirmware.org
>>
>> Who
>>
>> •
>>
>> Bill Fletcher- creator
>>
>> •
>>
>> t...@lists.trustedfirmware.org
>>
>> more details »

RE: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Harb Abdulhamid OS]

Hey Folks,
We wanted to put out a middle-ground proposal to help guide the discussion on 
the call tomorrow.

A proposal that we have been discussing offline involves reserving a single tag 
ID for the purpose of construction UEFI PI HOB List structure, and that tag 
would be used to identify a HOB-specific structure that does leverage UUID 
based identifier.  This will eliminate the burden of having to support UUID as 
the tag, and this enables projects that require UUID based identifiers for the 
broad range of HOB structures that need to be produced during the booting of 
the platform.  Once we have a tag for a HOB list, this will enable various HOB 
producers that can add/extend the HOB list in TF-A code (or even pre-TF-A 
code), with a HOB consumer for that UUID/GUID on the other side (i.e. whatever 
the BL33 image is booting on that platform).

Essentially, the idea is if someone would like to support HOB structures in a 
standard way using TF-A, they would wrap it up in a BL_AUX_PARAM/BLOB structure 
(whatever the group decides) and the way we identify the structure as a HOB 
list is with this new reserved tag.

Hopefully that makes sense and less contentious.  Look forward to discuss this 
further on the call.

Thanks,
--Harb

From: Manish Pandey2 
Sent: Friday, April 30, 2021 8:14 AM
To: François Ozog 
Cc: Simon Glass ; Julius Werner ; Harb 
Abdulhamid OS ; Boot Architecture Mailman 
List ; t...@lists.trustedfirmware.org; 
U-Boot Mailing List ; Paul Isaac's 
; Ron Minnich 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

Hi All,

Please find invite for next TF-A Tech Forum session to continue our discussions 
on HOB implementation, feel free to forward it to others.



The next TF-A Tech Forum is scheduled for Thu 6th May 2021 16:00 – 17:00 (BST).



Agenda:

  *   Discussion Session: Static and Dynamic Information Handling in TF-A

 *   Lead by Manish Pandey and Madhukar Pappireddy

• There is ongoing mailing lists discussion[1] related with adopting a 
mechanism to pass information through boot stages.

The requirement is two-fold:

1.  Passing static information(config files)

2.  Passing dynamic information (Hob list)

In the upcoming TF-A tech forum, we can start with a discussion on dynamic 
information passing and if time permits, we can cover static information 
passing. The purpose of the call is to have an open discussion and continue the 
discussion from the trusted-substrate call[2] done earlier. We would like to 
understand the various requirements and possible ways to implement it in TF-A 
in a generalized way so that it can work with other Firmware projects.



The two specific item which we would like to discuss are:

1.  HOB format: TF-A/u-boot both has an existing bloblist implementation, 
which uses tag values. Question, can this be enhanced to use hybrid values(Tag 
and UUID) both?

2.  Standardization on Physical register use to pass base of HoB data 
structure.

References:

[1] https://lists.trustedfirmware.org/pipermail/tf-a/2021-April/001069.html

[2] 
https://linaro-org.zoom.us/rec/share/zjfHeMIumkJhirLCVQYTHR6ftaqyWvF_0klgQnHTqzgA5Wav0qOO8n7SAM0yj-Hg.mLyFkVJNB1vDKqw_
 Passcode: IPn+5q%



Thanks



Joanna



You have been invited to the following event.
TF-A Tech Forum

When

Every 2 weeks from 16:00 to 17:00 on Thursday United Kingdom Time

Calendar

t...@lists.trustedfirmware.org

Who

•

Bill Fletcher- creator

•

t...@lists.trustedfirmware.org

more details 
»



We run an open technical forum call for anyone to participate and it is not 
restricted to Trusted Firmware project members. It will operate under the 
guidance of the TF TSC.



Feel free to forward this invite to colleagues. Invites are via the TF-A 
mailing list and also published on the Trusted Firmware website. Details are 
here: 
https://www.trustedfirmware.org/meetings/tf-a-technical-forum/



Trusted Firmware is inviting you to a scheduled Zoom meeting.



Join Zoom Meeting

https://zoom.us/j/9159704974



Meeting ID: 915 970 4974



One tap mobile

+16465588656,,9159704974# US (New York)

+16699009128,,9159704974# US (San Jose)



Dial by your location

+1 646 558 8656 US (New York)

+1 669 900 9128 US (San Jose)

877 853 5247 US Toll-free

888 788 0099 US Toll-free

Meeting ID: 915 970 4974

Find your local number: 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Simon Glass]

Hi Harb,

Thanks for the idea. I am still not completely sure what benefit UUID
provides to an open project. I'd like to propose something different, more
in the spirit of open collaboration. I also worry that the word 'standard'
seems to be a synonym for UUIDs, UEFI, etc., i.e. enabling/preferring
closed-source firmware and the continued decline of open-source projects.
It really should not be.

So I suggest: Use simple integer IDs and reserve some area for 'private'
use.  If you want to collaborate across projects outside your company, you
either need to allocate a 'public' ID or agree privately between the
parties which private ID to use.

This means that the default and easiest option is for collaboration and a
public ID, with private ones (whose purpose may be secret) reserved just
for private use.

Regards,
Simon

On Wed, 5 May 2021 at 11:42, Harb Abdulhamid OS <
abdulha...@os.amperecomputing.com> wrote:

> Hey Folks,
>
> We wanted to put out a middle-ground proposal to help guide the discussion
> on the call tomorrow.
>
>
>
> A proposal that we have been discussing offline involves reserving a
> single tag ID for the purpose of construction UEFI PI HOB List structure,
> and that tag would be used to identify a HOB-specific structure that does
> leverage UUID based identifier.  This will eliminate the burden of having
> to support UUID as the tag, and this enables projects that require UUID
> based identifiers for the broad range of HOB structures that need to be
> produced during the booting of the platform.  Once we have a tag for a HOB
> list, this will enable various HOB producers that can add/extend the HOB
> list in TF-A code (or even pre-TF-A code), with a HOB consumer for that
> UUID/GUID on the other side (i.e. whatever the BL33 image is booting on
> that platform).
>
>
>
> Essentially, the idea is if someone would like to support HOB structures
> in a standard way using TF-A, they would wrap it up in a BL_AUX_PARAM/BLOB
> structure (whatever the group decides) and the way we identify the
> structure as a HOB list is with this new reserved tag.
>
>
>
> Hopefully that makes sense and less contentious.  Look forward to discuss
> this further on the call.
>
>
>
> Thanks,
>
> --Harb
>
>
>
> *From:* Manish Pandey2 
> *Sent:* Friday, April 30, 2021 8:14 AM
> *To:* François Ozog 
> *Cc:* Simon Glass ; Julius Werner ;
> Harb Abdulhamid OS ; Boot Architecture
> Mailman List ;
> t...@lists.trustedfirmware.org; U-Boot Mailing List ;
> Paul Isaac's ; Ron Minnich 
> *Subject:* Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for
> information passing between boot stages
>
>
>
> Hi All,
>
>
>
> *Please find invite for next TF-A Tech Forum session to continue our
> discussions on HOB implementation, feel free to forward it to others.*
>
>
>
> The next TF-A Tech Forum is scheduled for Thu 6th May 2021 16:00 – 17:00
> (BST).
>
>
>
> Agenda:
>
>- Discussion Session: Static and Dynamic Information Handling in TF-A
>
>
>- Lead by Manish Pandey and Madhukar Pappireddy
>
> · There is ongoing mailing lists discussion[1] related with
> adopting a mechanism to pass information through boot stages.
>
> The requirement is two-fold:
>
> 1.  Passing static information(config files)
>
> 2.  Passing dynamic information (Hob list)
>
> In the upcoming TF-A tech forum, we can start with a discussion on dynamic
> information passing and if time permits, we can cover static information
> passing. The purpose of the call is to have an open discussion and continue
> the discussion from the trusted-substrate call[2] done earlier. We would
> like to understand the various requirements and possible ways to implement
> it in TF-A in a generalized way so that it can work with other Firmware
> projects.
>
>
>
> The two specific item which we would like to discuss are:
>
> 1.  HOB format: TF-A/u-boot both has an existing bloblist
> implementation, which uses tag values. Question, can this be enhanced to
> use hybrid values(Tag and UUID) both?
>
> 2.  Standardization on Physical register use to pass base of HoB data
> structure.
>
> References:
>
> [1]
> https://lists.trustedfirmware.org/pipermail/tf-a/2021-April/001069.html
>
> [2]
> https://linaro-org.zoom.us/rec/share/zjfHeMIumkJhirLCVQYTHR6ftaqyWvF_0klgQnHTqzgA5Wav0qOO8n7SAM0yj-Hg.mLyFkVJNB1vDKqw_
>  Passcode: IPn+5q%
>
>
>
> Thanks
>
>
>
> Joanna
>
>
> *You have been invited to the following event.* TF-A Tech Forum
>
> When
>
> Every 2 weeks from 16:00 to 17:00 on Thursday United Kingdom Time
>
> Calendar
>
> t...@lists.trustedfirmware.org
>
> Who
>
> •
>
> Bill Fletcher- creator
>
> •
>
> t...@lists.trustedfirmware.org
>
> *more details »
> *
>
>
>
> 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Manish Pandey2]

Hi All,

Please find invite for next TF-A Tech Forum session to continue our discussions 
on HOB implementation, feel free to forward it to others.



The next TF-A Tech Forum is scheduled for Thu 6th May 2021 16:00 – 17:00 (BST).



Agenda:

  *   Discussion Session: Static and Dynamic Information Handling in TF-A
 *   Lead by Manish Pandey and Madhukar Pappireddy

· There is ongoing mailing lists discussion[1] related with adopting a 
mechanism to pass information through boot stages.

The requirement is two-fold:

1.  Passing static information(config files)

2.  Passing dynamic information (Hob list)

In the upcoming TF-A tech forum, we can start with a discussion on dynamic 
information passing and if time permits, we can cover static information 
passing. The purpose of the call is to have an open discussion and continue the 
discussion from the trusted-substrate call[2] done earlier. We would like to 
understand the various requirements and possible ways to implement it in TF-A 
in a generalized way so that it can work with other Firmware projects.



The two specific item which we would like to discuss are:

  1.  HOB format: TF-A/u-boot both has an existing bloblist implementation, 
which uses tag values. Question, can this be enhanced to use hybrid values(Tag 
and UUID) both?
  2.  Standardization on Physical register use to pass base of HoB data 
structure.

References:

[1] https://lists.trustedfirmware.org/pipermail/tf-a/2021-April/001069.html

[2] 
https://linaro-org.zoom.us/rec/share/zjfHeMIumkJhirLCVQYTHR6ftaqyWvF_0klgQnHTqzgA5Wav0qOO8n7SAM0yj-Hg.mLyFkVJNB1vDKqw_
 Passcode: IPn+5q%



Thanks



Joanna



You have been invited to the following event.
TF-A Tech Forum

When

Every 2 weeks from 16:00 to 17:00 on Thursday United Kingdom Time

Calendar

t...@lists.trustedfirmware.org

Who

•

Bill Fletcher- creator

•

t...@lists.trustedfirmware.org

more details 
»



We run an open technical forum call for anyone to participate and it is not 
restricted to Trusted Firmware project members. It will operate under the 
guidance of the TF TSC.



Feel free to forward this invite to colleagues. Invites are via the TF-A 
mailing list and also published on the Trusted Firmware website. Details are 
here: 
https://www.trustedfirmware.org/meetings/tf-a-technical-forum/



Trusted Firmware is inviting you to a scheduled Zoom meeting.



Join Zoom Meeting

https://zoom.us/j/9159704974



Meeting ID: 915 970 4974



One tap mobile

+16465588656,,9159704974# US (New York)

+16699009128,,9159704974# US (San Jose)



Dial by your location

+1 646 558 8656 US (New York)

+1 669 900 9128 US (San Jose)

877 853 5247 US Toll-free

888 788 0099 US Toll-free

Meeting ID: 915 970 4974

Find your local number: 
https://zoom.us/u/ad27hc6t7h


From: François Ozog 
Sent: 08 April 2021 16:50
To: Manish Pandey2 
Cc: Simon Glass ; Julius Werner ; Harb 
Abdulhamid OS ; Boot Architecture Mailman 
List ; t...@lists.trustedfirmware.org 
; U-Boot Mailing List ; 
Paul Isaac's ; Ron Minnich 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

Hi

here is the meeting recording:
https://linaro-org.zoom.us/rec/share/zjfHeMIumkJhirLCVQYTHR6ftaqyWvF_0klgQnHTqzgA5Wav0qOO8n7SAM0yj-Hg.mLyFkVJNB1vDKqw_
 Passcode: IPn+5q%z

I am really sorry about the confusion related to the meeting time. I have now 
understood: the Collaborate portal uses a specific calendar which is tied to 
US/Chicago timezone while the actual Google Calendar is tied to Central Europe 
timezone. I am going to drop the Collaborate portal and use a shared Google 
calendar (it should be visible on the 
trusted-substrate.org page).

I'll try to summarize what I learnt and highlight my view on what can be next 
steps in a future mail.

Cheers

FF

On Thu, 8 Apr 2021 at 13:56, Manish Pandey2 via TF-A 
mailto:t...@lists.trustedfirmware.org>> wrote:
Hi,

From TF-A project point of view, we prefer to use existing mechanism to pass 
parameters across boot stages using linked list of tagged elements (as 
suggested by Julius). It has support for both generic and SiP-specific tags. 
Having said that, it does not stop partners to introduce 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[François Ozog]

Hi,

I promised to send my summary of Trusted Substrate architecture council
call on HOBs, here it is:

Topics where there seem to be consensus



   - Scope include diverse firmware flows (U-Boot/SPL, TFA, CoreBoot…) on
   difference architectures (Arm, RiscV)
   - Definitions: The Hand Over Function is the firmware component that
   hands off to the booted payload = {OS/Hypervisor/Grub/Shim}.
   - Hand Over Function can be EDK2, U-Boot or LinuxBoot.
   - The HOF, through ACPI or DT is responsible to describe what shall be
   controlled and partly how (some parameters)
   - *There is information that can only be discovered at runtime and needs
   to be conveyed through the HOF to the booted payload.*


   - The proposal is to convey that dynamic information in the form of
   HandOverBlocks (HOBs) whose format is yet to be defined and built as a
   linked list of objects. The other proposal to use call backs (mmc calls or
   equivalent) from HOF to firmware is rejected. In Arm architecture, that
   choice does not preclude some firmware components to use SCMI calls into
   SCP to obtain authoritative information.


   - The firmware components shall not care about what is the actual
   HOF:the format is standard regardless if HOF is EDK2, U-Boot or LinuxBoot.
   In TF-A words, the HOBs become part of the input ABI for BL33.



Characteristics to consider about HOBs:

   - HOBs can be built by very early components and must fit into highly
   constrained SRAM
   - A HOB may be passed between different firmware components, secure and
   non-secure.
   - A HOB can be built by secure and non-secure firmware components
   - An information can have a single format: no alternative representation
   is allowed. In other words if the information is passed as a data structure
   it cannot be represented by a DT fragment by another implementation and
   conversely.



Topics that need more discussion



   - HOBs need a way to be identified: UUID, ID, hybrid (like Platform
   Initialization).


*My views: the hybrid allows constraints firmware components to be using
simple IDs and richer components may want leverage UUIDs (same as Platform
Initialization).*



   - HOB format: binary information; just static structure or flatten
   device tree fragments/overlays.


*My views: again hybrid approach seem very efficient. Static structures for
memory information, DT fragment for device assignment (for non-secure
partitions or for secure world / secure partitions). Typically I would
imagine a UUID HOB with a DT fragment seems just good. This is actually
implemented like that with Platform Initialization:*

*HOBs are identified by a simple ID, out of IDs are
EFI_HOB_RESOURCE_DESCRIPTOR for DRAM description and EFI_HOB_GUID_TYPE that
contains something identified by a GUID. There is a GUID used in the
context of EDK2 to actually contain a DT fragment today.*


Cheers


FF

On Mon, 12 Apr 2021 at 16:49, Mark Kettenis  wrote:

> > From: Simon Glass 
> > Date: Fri, 9 Apr 2021 06:19:08 +1200
> >
> > Here are a few thoughts on UUIDs.
> > Why a UUID/GUID is probably not the answer
> >
> > sjg, 30-Mar-21
> > Code is for humans
> >
> > Code should be readable, so far as possible.
> >
> > This is not readable:
> >
> > #define FSP_HOB_RESOURCE_OWNER_SMM_PEI_SMRAM_GUID \
> >
> > EFI_GUID(0x6dadf1d1, 0xd4cc, 0x4910, \
> >
> > 0xbb, 0x6e, 0x82, 0xb1, 0xfd, 0x80, 0xff, 0x3d)
> >
> > This is readable:
> >
> > enum {
> >
> > BLOBLISTT_SPL_HANDOFF = 123,
> >
> > };
> > UUID is more like a hash than a sequence number
>
> No kidding.  Try figuring out what an ACPI ASL methods like _DSM and
> _OSC are supposed to do when trying to figure out what the code is
> supposed to do.
>
> They're terrible to grep for in source code since there is no uniform
> way to format them in the code.
>
> And then there is the issue of byte order of course.
> ___
> boot-architecture mailing list
> boot-architect...@lists.linaro.org
> https://lists.linaro.org/mailman/listinfo/boot-architecture
>


-- 
François-Frédéric Ozog | *Director Linaro Edge & Fog Computing Group*
T: +33.67221.6485
francois.o...@linaro.org | Skype: ffozog

RE: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Harb Abdulhamid OS]

Manish, Simon,

  *   The U-boot bloblist mentioned by Simon is conceptually similar to what 
TF-A is using,  if there is consensus of using bloblist/taglist then TF-A tag 
list may be enhanced to take best of both the implementations.

Honestly, “conceptually similar” is not good enough and feels like a 
frustratingly dismissive response to the concerns we are raising.  The whole 
point of starting this thread is because we *know* the existing TF-A mechanisms 
don’t work for the datacenter market segment for various reasons that we called 
out below.

We have a specific set of requirements that the existing framework does not 
really meet.  And that was not for a lack of trying after many years of trying 
to make TF-A framework work on ARMv8 Server SoC’s.


  *   Regarding usage of either UUID or tag, I echo the sentiments of Simon and 
Julius to keep it simple and use tag values.

I think you might be misunderstanding the problem UUIDs solve.  We are talking 
about implementing early BL phases (BL1 – BL31) that can support a broad range 
of BL33 flavors with the same silicon (EDK2, AptioV, CoreBoot, LinuxBoot, or 
other future boot loaders).

These structures we are talking about may not be defined by the SiP, and just 
saying we have SiP specific tags is not good enough.

These maybe many different structures that we need to pass from BL1/BL2/BL31 to 
BL33 that could be defined by one of many different standards bodies (e.g. ARM, 
JEDEC, TCG, UEFI, PCI SIG, CXL, etc.).

If we use tags, then we must agree on who owns/dictates the tag list, and how 
we add/claim tags for vendor specific purposes and avoid tag collisions.

I have not heard a solution to that without establishing some owner / standards 
body to allocate tags.  Until we do, tags are not going to work for the types 
of platform/system agnostic features we must support.

We can’t just hand-wave this problem away, because it is a real and major 
problem that exists on highly configurable systems.


  *   Looking forward to having further discussions on zoom call today.

Looks like there was a mix up on the zoom call time… so look forward to the 
follow up.

Hopefully we can try to sort things out at the next opportunity.

Thanks,
--Harb

From: Manish Pandey2 
Sent: Thursday, April 8, 2021 7:56 AM
To: Simon Glass ; Julius Werner 
Cc: Harb Abdulhamid OS ; Boot Architecture 
Mailman List ; 
t...@lists.trustedfirmware.org; U-Boot Mailing List ; 
Paul Isaac's ; Ron Minnich 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

Hi,

From TF-A project point of view, we prefer to use existing mechanism to pass 
parameters across boot stages using linked list of tagged elements (as 
suggested by Julius). It has support for both generic and SiP-specific tags. 
Having said that, it does not stop partners to introduce new mechanisms 
suitable for their usecase in platform port initially and later move to generic 
code if its suitable for other platforms.

To start with, Ampere can introduce a platform specific implementation of 
memory tag(speed/NUMA topology etc) which can be evaluated and discussed for 
generalization in future. The tag will be populated in BL2 stage and can be 
forwarded to further stages(and to BL33) by passing the head of list pointer in 
one of the registers. Initially any register can be used but going forward a 
standardization will be needed.

The U-boot bloblist mentioned by Simon is conceptually similar to what TF-A is 
using,  if there is consensus of using bloblist/taglist then TF-A tag list may 
be enhanced to take best of both the implementations.

One of the potential problems of having structure used in different projects is 
maintainability, this can be avoided by having a single copy of these 
structures in TF-A (kept inside "include/export" which intended to be used by 
other projects.)

Regarding usage of either UUID or tag, I echo the sentiments of Simon and 
Julius to keep it simple and use tag values.

Looking forward to having further discussions on zoom call today.

Thanks
Manish P


From: TF-A 
mailto:tf-a-boun...@lists.trustedfirmware.org>>
 on behalf of Julius Werner via TF-A 
mailto:t...@lists.trustedfirmware.org>>
Sent: 25 March 2021 02:43
To: Simon Glass mailto:s...@chromium.org>>
Cc: Harb Abdulhamid OS 
mailto:abdulha...@os.amperecomputing.com>>; 
Boot Architecture Mailman List 
mailto:boot-architect...@lists.linaro.org>>;
 t...@lists.trustedfirmware.org 
mailto:t...@lists.trustedfirmware.org>>; U-Boot 
Mailing List mailto:u-boot@lists.denx.de>>; Paul Isaac's 
mailto:paul.isa...@linaro.org>>; Ron Minnich 
mailto:rminn...@google.com>>
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

Just want to point out that TF-A currently already supports a (very simple) 
mechanism like this:

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Julius Werner]

> These structures we are talking about may not be defined by the SiP, and
just saying we have SiP specific tags is not good enough.


There is enough room in 64-bits to create separate tag spaces for every
kind of category you can think of. (In fact, we could also just let every
vendor allocate their globally unique tags instead if we prefer that model.
We're not going to have more than 4 billion entities working on this
together, and none of them will need more than 4 billion types of tags.)


> If we use tags, then we must agree on who owns/dictates the tag list, and
> how we add/claim tags for vendor specific purposes and avoid tag
> collisions.
>
>
>
> I have not heard a solution to that without establishing some owner /
> standards body to allocate tags.  Until we do, tags are not going to work
> for the types of platform/system agnostic features we must support.
>

Why not just define the tags in the TF-A upstream repository? Like Simon
said, TF-A needs to maintain a list of them anyway to be able to interpret
them, so why not just make that list the global authoritative source? This
doesn't need to be some complicated bureaucracy. The TF-A headers defining
this are written in a way that they can directly be included from other C
code bases without include dependency issues (e.g. as a Git submodule, or
by just copying them verbatim and resyncing regularly... this is the
include/export thing Manish mentioned). I think that model actually makes
coordination much easier than if a bunch of different projects needed
to manually reimplement the same structure definitions tied to UUIDs.

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Mark Kettenis]

> From: Simon Glass 
> Date: Fri, 9 Apr 2021 06:19:08 +1200
> 
> Here are a few thoughts on UUIDs.
> Why a UUID/GUID is probably not the answer
> 
> sjg, 30-Mar-21
> Code is for humans
> 
> Code should be readable, so far as possible.
> 
> This is not readable:
> 
> #define FSP_HOB_RESOURCE_OWNER_SMM_PEI_SMRAM_GUID \
> 
> EFI_GUID(0x6dadf1d1, 0xd4cc, 0x4910, \
> 
> 0xbb, 0x6e, 0x82, 0xb1, 0xfd, 0x80, 0xff, 0x3d)
> 
> This is readable:
> 
> enum {
> 
> BLOBLISTT_SPL_HANDOFF = 123,
> 
> };
> UUID is more like a hash than a sequence number

No kidding.  Try figuring out what an ACPI ASL methods like _DSM and
_OSC are supposed to do when trying to figure out what the code is
supposed to do.

They're terrible to grep for in source code since there is no uniform
way to format them in the code.

And then there is the issue of byte order of course.

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Simon Glass]

Hi Harb,

On Fri, 9 Apr 2021 at 05:24, Harb Abdulhamid OS <
abdulha...@os.amperecomputing.com> wrote:

> Manish, Simon,
>
>- The U-boot bloblist mentioned by Simon is conceptually similar to
>what TF-A is using,  if there is consensus of using bloblist/taglist then
>TF-A tag list may be enhanced to take best of both the implementations.
>
>
>
> Honestly, “conceptually similar” is not good enough and feels like a
> frustratingly dismissive response to the concerns we are raising.  The
> whole point of starting this thread is because we **know** the existing
> TF-A mechanisms don’t work for the datacenter market segment for various
> reasons that we called out below.
>
>
>
> We have a specific set of requirements that the existing framework does
> not really meet.  And that was not for a lack of trying after many years of
> trying to make TF-A framework work on ARMv8 Server SoC’s.
>
>
>
>- Regarding usage of either UUID or tag, I echo the sentiments of
>Simon and Julius to keep it simple and use tag values.
>
>
>
> I think you might be misunderstanding the problem UUIDs solve.  We are
> talking about implementing early BL phases (BL1 – BL31) that can support a
> broad range of BL33 flavors with the same silicon (EDK2, AptioV, CoreBoot,
> LinuxBoot, or other future boot loaders).
>
>
>
> These structures we are talking about may not be defined by the SiP, and
> just saying we have SiP specific tags is not good enough.
>
>
>
> These maybe many different structures that we need to pass from
> BL1/BL2/BL31 to BL33 that could be defined by one of many different
> standards bodies (e.g. ARM, JEDEC, TCG, UEFI, PCI SIG, CXL, etc.).
>
>
>
> If we use tags, then we must agree on who owns/dictates the tag list, and
> how we add/claim tags for vendor specific purposes and avoid tag
> collisions.
>
>
>
> I have not heard a solution to that without establishing some owner /
> standards body to allocate tags.  Until we do, tags are not going to work
> for the types of platform/system agnostic features we must support.
>
>
>
> We can’t just hand-wave this problem away, because it is a real and major
> problem that exists on highly configurable systems.
>

Is this really the only problem? I think that is easy to solve with a
github repo containing some documentation and a few owners. How do you
solve the opposite problem with UUID, that of not knowing what the UUID is
supposed to mean? You still need to put it somewhere and agree on the
values, don't you? How about for this project we come up with a list of
UUIDs in existence, and allocate them a number?



Here are a few thoughts on UUIDs.
Why a UUID/GUID is probably not the answer

sjg, 30-Mar-21
Code is for humans

Code should be readable, so far as possible.

This is not readable:

#define FSP_HOB_RESOURCE_OWNER_SMM_PEI_SMRAM_GUID \

EFI_GUID(0x6dadf1d1, 0xd4cc, 0x4910, \

0xbb, 0x6e, 0x82, 0xb1, 0xfd, 0x80, 0xff, 0x3d)

This is readable:

enum {

BLOBLISTT_SPL_HANDOFF = 123,

};
UUID is more like a hash than a sequence number

   -

   we use them with git
   -

   although the short form is provided
   -

   why use a hash to identify something?

Yes, distributed allocation is useful...

   -

   But not that useful
   -

   We have ways to shared IDs, e.g. a github pull request
   -

   It should not define the entire approach

...but it comes across as just obfuscation

   -

   How can anyone tell what this value is in a debugger, or in memory, etc.?

#define FSP_NON_VOLATILE_STORAGE_HOB_GUID

0x721acf02, 0x4d77, 0x4c2a, 0xb3, 0xdc, 0x27, 0x0b, 0x7b, 0xa9, 0xe4, 0xb0)

#define FSP_VARIABLE_NV_DATA_HOB_GUID

EFI_GUID(0xa034147d, 0x690c, 0x4154, 0x8d, 0xe6, 0xc0, 0x44, 0x64, 0x1d,
0xe9, 0x42)

#define FSP_BOOTLOADER_TEMP_MEM_HOB_GUID

EFI_GUID(0xbbcff46c, 0xc8d3, 0x4113, 0x89, 0x85, 0xb9, 0xd4, 0xf3, 0xb3,
0xf6, 0x4e)

#define FSP_HOB_RESOURCE_OWNER_FSP_GUID

EFI_GUID(0x69a79759, 0x1373, 0x4367, 0xa6, 0xc4, 0xc7, 0xf5, 0x9e, 0xfd,
0x98, 0x6e)

#define FSP_HOB_RESOURCE_OWNER_TSEG_GUID

EFI_GUID(0xd038747c, 0xd00c, 0x4980, 0xb3, 0x19, 0x49, 0x01, 0x99, 0xa4,
0x7d, 0x55)

#define FSP_HOB_RESOURCE_OWNER_GRAPHICS_GUID

EFI_GUID(0x9c7c3aa7, 0x5332, 0x4917, 0x82, 0xb9, 0x56, 0xa5, 0xf3, 0xe6,
0x2a, 0x07)

   -

Not discoverable

   -

   I found this UUID in the code; what does it mean?
   -

   Who even owns it?
   -

   There is no central register so we don't know
   -

   More obfuscation

Inefficient and overkill

We don't need or want 16 bytes for a unique identifier in a shared project.
It is about 10^38. Modern SoCs cannot keep that in a register and there is
no C int type to represent it on most common hardware todayl Having to
check that adds time and code to no benefit. In early boot, space and time
are particularly precious.
Value has no intrinsic meaning and is hard to lookup

Each one of these entries is 16 bytes long. At least people might get to
learn an int value (16d or 6fe) but a UUID remains gibberish even after
looking at them for 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[François Ozog]

Hi

here is the meeting recording:
https://linaro-org.zoom.us/rec/share/zjfHeMIumkJhirLCVQYTHR6ftaqyWvF_0klgQnHTqzgA5Wav0qOO8n7SAM0yj-Hg.mLyFkVJNB1vDKqw_
Passcode: IPn+5q%z

I am really sorry about the confusion related to the meeting time. I have
now understood: the Collaborate portal uses a specific calendar which is
tied to US/Chicago timezone while the actual Google Calendar is tied to
Central Europe timezone. I am going to drop the Collaborate portal and use
a shared Google calendar (it should be visible on the trusted-substrate.org
page).

I'll try to summarize what I learnt and highlight my view on what can be
next steps in a future mail.

Cheers

FF

On Thu, 8 Apr 2021 at 13:56, Manish Pandey2 via TF-A <
t...@lists.trustedfirmware.org> wrote:

> Hi,
>
> From TF-A project point of view, we prefer to use existing mechanism to
> pass parameters across boot stages using linked list of tagged elements (as
> suggested by Julius). It has support for both generic and SiP-specific
> tags. Having said that, it does not stop partners to introduce new
> mechanisms suitable for their usecase in platform port initially and later
> move to generic code if its suitable for other platforms.
>
> To start with, Ampere can introduce a platform specific implementation of
> memory tag(speed/NUMA topology etc) which can be evaluated and discussed
> for generalization in future. The tag will be populated in BL2 stage and
> can be forwarded to further stages(and to BL33) by passing the head of list
> pointer in one of the registers. Initially any register can be used but
> going forward a standardization will be needed.
>
> The U-boot bloblist mentioned by Simon is conceptually similar to what
> TF-A is using,  if there is consensus of using bloblist/taglist then TF-A
> tag list may be enhanced to take best of both the implementations.
>
> One of the potential problems of having structure used in different
> projects is maintainability, this can be avoided by having a single copy of
> these structures in TF-A (kept inside "include/export" which intended to be
> used by other projects.)
>
> Regarding usage of either UUID or tag, I echo the sentiments of Simon and
> Julius to keep it simple and use tag values.
>
> Looking forward to having further discussions on zoom call today.
>
> Thanks
> Manish P
>
> --
> *From:* TF-A  on behalf of Julius
> Werner via TF-A 
> *Sent:* 25 March 2021 02:43
> *To:* Simon Glass 
> *Cc:* Harb Abdulhamid OS ; Boot
> Architecture Mailman List ;
> t...@lists.trustedfirmware.org ; U-Boot
> Mailing List ; Paul Isaac's ;
> Ron Minnich 
> *Subject:* Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for
> information passing between boot stages
>
> Just want to point out that TF-A currently already supports a (very
> simple) mechanism like this:
>
>
> https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/include/export/lib/bl_aux_params/bl_aux_params_exp.h
>
> https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/lib/bl_aux_params/bl_aux_params.c
>
> https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/plat/rockchip/common/params_setup.c
>
> It's just a linked list of tagged elements. The tag space is split into
> TF-A-wide generic tags and SiP-specific tags (with plenty of room to spare
> if more areas need to be defined -- a 64-bit tag can fit a lot). This is
> currently being used by some platforms that run coreboot in place of
> BL1/BL2, to pass information from coreboot (BL2) to BL31.
>
> I would echo Simon's sentiment of keeping this as simple as possible and
> avoiding complicated and bloated data structures with UUIDs. You usually
> want to parse something like this as early as possible in the passed-to
> firmware stage, particularly if the structure encodes information about the
> debug console (like it does for the platforms I mentioned above). For
> example, in BL31 this basically means doing it right after moving from
> assembly to C in bl31_early_platform_setup2() to get the console up before
> running anything else. At that point in the BL31 initialization, the MMU
> and caches are disabled, so data accesses are pretty expensive and you
> don't want to spend a lot of parsing effort or calculate complicated
> checksums or the like. You just want something extremely simple where you
> ideally have to touch every data word only once.
>
> On Wed, Mar 24, 2021 at 5:06 PM Simon Glass via TF-A <
> t...@lists.trustedfirmware.org> wrote:
>
> Hi Harb,
>
> On Wed, 24 Mar 2021 at 11:39, Harb Abdulhamid OS <
> abdulha...@os.amperecomputing.com> wrote:
>
> Hello Folks,
>
> Appreciate the feedback and replies on this.  Glad to see that there is
> interest in this topic. 
>
>
>
> I try to address the comments/feedback from Francois and Simon below….
>
>
>
> @François Ozog  – happy to discuss this on a
> zoom call.  I will make that time slot 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Manish Pandey2]

Hi,

From TF-A project point of view, we prefer to use existing mechanism to pass 
parameters across boot stages using linked list of tagged elements (as 
suggested by Julius). It has support for both generic and SiP-specific tags. 
Having said that, it does not stop partners to introduce new mechanisms 
suitable for their usecase in platform port initially and later move to generic 
code if its suitable for other platforms.

To start with, Ampere can introduce a platform specific implementation of 
memory tag(speed/NUMA topology etc) which can be evaluated and discussed for 
generalization in future. The tag will be populated in BL2 stage and can be 
forwarded to further stages(and to BL33) by passing the head of list pointer in 
one of the registers. Initially any register can be used but going forward a 
standardization will be needed.

The U-boot bloblist mentioned by Simon is conceptually similar to what TF-A is 
using,  if there is consensus of using bloblist/taglist then TF-A tag list may 
be enhanced to take best of both the implementations.

One of the potential problems of having structure used in different projects is 
maintainability, this can be avoided by having a single copy of these 
structures in TF-A (kept inside "include/export" which intended to be used by 
other projects.)

Regarding usage of either UUID or tag, I echo the sentiments of Simon and 
Julius to keep it simple and use tag values.

Looking forward to having further discussions on zoom call today.

Thanks
Manish P


From: TF-A  on behalf of Julius Werner 
via TF-A 
Sent: 25 March 2021 02:43
To: Simon Glass 
Cc: Harb Abdulhamid OS ; Boot Architecture 
Mailman List ; 
t...@lists.trustedfirmware.org ; U-Boot Mailing 
List ; Paul Isaac's ; Ron Minnich 

Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

Just want to point out that TF-A currently already supports a (very simple) 
mechanism like this:

https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/include/export/lib/bl_aux_params/bl_aux_params_exp.h
https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/lib/bl_aux_params/bl_aux_params.c
https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/plat/rockchip/common/params_setup.c

It's just a linked list of tagged elements. The tag space is split into 
TF-A-wide generic tags and SiP-specific tags (with plenty of room to spare if 
more areas need to be defined -- a 64-bit tag can fit a lot). This is currently 
being used by some platforms that run coreboot in place of BL1/BL2, to pass 
information from coreboot (BL2) to BL31.

I would echo Simon's sentiment of keeping this as simple as possible and 
avoiding complicated and bloated data structures with UUIDs. You usually want 
to parse something like this as early as possible in the passed-to firmware 
stage, particularly if the structure encodes information about the debug 
console (like it does for the platforms I mentioned above). For example, in 
BL31 this basically means doing it right after moving from assembly to C in 
bl31_early_platform_setup2() to get the console up before running anything 
else. At that point in the BL31 initialization, the MMU and caches are 
disabled, so data accesses are pretty expensive and you don't want to spend a 
lot of parsing effort or calculate complicated checksums or the like. You just 
want something extremely simple where you ideally have to touch every data word 
only once.

On Wed, Mar 24, 2021 at 5:06 PM Simon Glass via TF-A 
mailto:t...@lists.trustedfirmware.org>> wrote:
Hi Harb,

On Wed, 24 Mar 2021 at 11:39, Harb Abdulhamid OS 
mailto:abdulha...@os.amperecomputing.com>> 
wrote:

Hello Folks,

Appreciate the feedback and replies on this.  Glad to see that there is 
interest in this topic. 



I try to address the comments/feedback from Francois and Simon below….



@François Ozog – happy to discuss this on a 
zoom call.  I will make that time slot work, and will be available to attend 
April 8, 4pm CT.



Note that I’m using the term “HOB” here more generically, as there are 
typically vendor specific structures beyond the resource descriptor HOB, which 
provides only a small subset of the information that needs to be passed between 
the boot phases.



The whole point here is to provide mechanism to develop firmware that we can 
build ARM Server SoC’s that support *any* BL33 payload (e.g. EDK2, AptioV, 
CoreBoot, and maybe even directly boot strapping LinuxBoot at some point).   In 
other-words, we are trying to come up with a TF-A that would be completely 
agnostic to the implementation of BL33 (i.e. BL33 is built completely 
independently by a separate entity – e.g. an ODM/OEM).



Keep in mind, in the server/datacenter market segment we are not building 
vertically integrated 

RE: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[raghu.ncstate]

Hi Julius,

 

>> that doesn't care that much about boot speed, why wouldn't you just use FDT?

[RK]I think you answered this question yourself.  “there may not be a 
one-size-fits-all solution”. Can we use it? Yes! Do we want to use it, probably 
not, in a given context. UEFI HOB I think would fall in between for complexity 
and flexibility and you yourself said “They are intentionally on opposite ends 
of the complexity spectrum”. Two opposite ends may not fit the bill. There are 
perceptions around FDT too, just as there are perceptions around UEFI HOB. 
Bloblist, is also in-between the two complexity spectrums and I think it was 
said that may turn out to be acceptable with potential tweaks to tag assignment 
etc. To quote earlier emails:

I understand the versatility of DT, but I see two major problems with DT:

*   DT requires more complicated parsing to get properties, and even more 
complex to dynamically set properties – this HOB structures may need to be 
generated in boot phases where DDR is not available, and therefore we will be 
extremely memory constrained.
*   DT is probably overkill for this purpose – We really just want a list 
of pointers to simple C structures that code cast (e.g. JEDEC SPD data blob)

 

>> but then why would we replace it with a different mechanism that also has 
>> complexity and performance problems?

>> and it should certainly be flexible enough to fill your needs

[RK] I concede that this is your view but others may view UEFI HOB’s as not as 
complex and more performant than FDT. You may not agree with this assessment, 
but we can agree to disagree. Also, having this debate in itself proves that 
there are folks that think what is currently in TF-A does not meet needs of 
more than few ARM platform vendors. You assumption that FDT should be flexible 
enough to fill our needs is incorrect.

 

>> and maybe that's okay, but it does add maintenance burden to TF-A to support 
>> so many different things and we should at least consider if the UEFI part 
>> couldn't just translate its stuff into an FDT instead.

[RK] Agree. EDK2 has been around a lot longer and changing all of EDK2 to use 
FDT is likely a harder path and larger effort. Incorporating UEFI compatibility 
into TF-A(given that it runs before UEFI starts) has general ARM adoption 
benefits in many market segments that you may not work on or care about. As for 
maintenance burden, sure, anything that you add has extra burden but if the 
benefits outweigh the burden, we should consider it, and obviously I think it 
does. If the options are well managed, I think we should be fine burden wise.

 

>> I think only UEFI users would really gain any benefit from that, and that 
>> mechanism would only end up getting used by UEFI platforms (which again, 
>> maybe that's okay, but I'm just saying I don't think this is going to become 
>> some great new "one HOB format to rule them all" >>design if it doesn't do 
>> anything better than the established FDT format already does).

[RK] I don’t think the intent of the proposal was “one HOB format to rule them 
all”. Perhaps you should read the earlier emails again. It only explains why 
FDT may not work for certain market segments and why HOB may be useful and a 
better fit in UEFI platforms.  I wouldn’t dismiss the benefit to UEFI users as 
they are just as much a part of the ARM ecosystem as users of any other boot 
loader.

 

>> Not really, it was just the simplest flexible design I could come up with at 
>> the point. The APIs upstream is in the TF-A repo and coreboot (and other 
>> software) can include it from there.

[RK] Not trying to find fault at all with the design. Just saying it may not 
work very well the way it is today for some systems and may be perfect for 
other systems!

 

Thanks

Raghu

 

From: Julius Werner  
Sent: Monday, March 29, 2021 4:48 PM
To: raghu.ncst...@icloud.com
Cc: Julius Werner ; Simon Glass ; Harb 
Abdulhamid OS ; Boot Architecture Mailman 
List ; U-Boot Mailing List 
; Paul Isaac's ; Ron Minnich 

Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

 

Hi Raghu,

 

It appears there are opinions you carry around UUID being complicated, bloated, 
code being an eyesore, parsing these lists early with MMU/Caches disabled, 
calculating checksums etc. While there is certainly a LOT of truth to those 
statements, these concerns need to be put into context and may not necessarily 
apply to all platforms running TF-A. Standardization and interoperability may 
be valued more on some platforms and some of the bloat and performance issues 
may be worth those tradeoffs. Some of these concerns may not even apply on 
powerful CPU’s and SoC’s with lots of memory. Also a quick grep for “uuid” in 
the TF-A repository shows that there is significant use of UUID’s for FIP, some 
SMC’s, secure partitions etc so use of UUID is not something new to TF-A.

 

Granted, I understand that 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Julius Werner]

Hi Raghu,


> It appears there are opinions you carry around UUID being complicated,
> bloated, code being an eyesore, parsing these lists early with MMU/Caches
> disabled, calculating checksums etc. While there is certainly a LOT of
> truth to those statements, these concerns need to be put into context and
> may not necessarily apply to all platforms running TF-A. Standardization
> and interoperability may be valued more on some platforms and some of the
> bloat and performance issues may be worth those tradeoffs. Some of these
> concerns may not even apply on powerful CPU’s and SoC’s with lots of
> memory. Also a quick grep for “uuid” in the TF-A repository shows that
> there is significant use of UUID’s for FIP, some SMC’s, secure partitions
> etc so use of UUID is not something new to TF-A.
>

Granted, I understand that different platforms have different requirements,
and there may not be a one-size-fits-all solution for this. But if you have
a system with a powerful CPU and lots of memory that doesn't care that much
about boot speed, why wouldn't you just use FDT? I thought FDT is already
established on many platforms to pass information between TF-A boot stages
today, and it should certainly be flexible enough to fill your needs. Most
of the earlier discussion in this thread seemed to focus on people wanting
a different mechanism besides FDT because FDT is complex and not performant
enough for all use cases, but then why would we replace it with a different
mechanism that also has complexity and performance problems?

Basically, as far as I'm aware there are two established mechanisms to pass
data between boot stages in TF-A today (some platforms, like Rockchip's,
even support both of them at once): passing an FDT and the bl_aux_params
linked list. They are intentionally on opposite ends of the complexity
spectrum because different platforms can have different needs. The question
is really just whether we need to add a third one, and whether that offers
anything that the other two can't already cover. I guess we can support the
exact UEFI HOB format just to make things easier for UEFI users, and maybe
that's okay, but it does add maintenance burden to TF-A to support so many
different things and we should at least consider if the UEFI part couldn't
just translate its stuff into an FDT instead. But mainly, the way this
thread started it sounded more like "we want to standardize on a new HOB
format that will be used by everyone", and for that goal, I think sticking
with what we have would make a lot more sense for TF-A. If UEFI HOB support
was added in addition then I think only UEFI users would really gain any
benefit from that, and that mechanism would only end up getting used by
UEFI platforms (which again, maybe that's okay, but I'm just saying I don't
think this is going to become some great new "one HOB format to rule them
all" design if it doesn't do anything better than the established FDT
format already does).


> Does the method mentioned below allow you to create a dynamic list of
> arbitrary lengths and NOT lists of lengths decided at compile time? It
> appears that it is mainly being used on lists fixed at compile time.
>

The bl_aux_params list elements don't need to have a fixed size. The only
common thing about each element is the tag (and the next pointer),
everything else (including size) is tag-specific. You can just define a new
tag where the next uint64_t after the next pointer defines the size of the
rest of the element or something like that. Heck, you can even have the
list element contain pointers to other random stuff in memory that isn't
directly part of the list. (The whole thing is not consecutive in memory
anyway. It's not designed to be a serializable, persistent thing like an
FDT blob, just something that a calling bootloader stage can quickly
assemble in its own memory right before handoff and that will only stay
valid until the next stage is done parsing it and starts reusing available
memory for its own purposes.)


> Clearly the solution below was tailored to coreboot.
>
>
Not really, it was just the simplest flexible design I could come up with
at the point. The APIs upstream is in the TF-A repo and coreboot (and other
software) can include it from there.

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Simon Glass]

Hi Grant,
On Mon, 29 Mar 2021 at 23:19, Grant Likely  wrote:
>
>
>
> On 29/03/2021 08:42, Simon Glass wrote:
>  > Hi Raghu,
>  >
>  > On Sat, 27 Mar 2021 at 03:59,  wrote:
>  >
>  >> Julius, Simon,
>  >>
>  >>
>  >>
>  >> It appears there are opinions you carry around UUID being complicated,
>  >> bloated, code being an eyesore, parsing these lists early with
> MMU/Caches
>  >> disabled, calculating checksums etc. While there is certainly a LOT of
>  >> truth to those statements, these concerns need to be put into
> context and
>  >> may not necessarily apply to all platforms running TF-A. Standardization
>  >> and interoperability may be valued more on some platforms and some
> of the
>  >> bloat and performance issues may be worth those tradeoffs. Some of these
>  >> concerns may not even apply on powerful CPU’s and SoC’s with lots of
>  >> memory. Also a quick grep for “uuid” in the TF-A repository shows that
>  >> there is significant use of UUID’s for FIP, some SMC’s, secure
> partitions
>  >> etc so use of UUID is not something new to TF-A.
>  >>
>  >
>  > Fair enough. I hope, though, that if we can agree on a simple
>  > implementation like bloblist, then it becomes the standard and we can
> move
>  > away from the problems you mention with UUIDs.
>
> Ummm... I don't follow. How are UUIDs either complex or bloated? A UUIDs
> is simply a 128 bit number that is matched using a fixed length compare.
>
> What I like about the UUID scheme is it has collision avoidance built
> in, and it is adopted across multiple projects.

It's partly the UUIDs and partly the code that results (see earlier in
thread). But this is off-topic really, so I won't continue here.

- Simon

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Grant Likely]

On 29/03/2021 08:42, Simon Glass wrote:
> Hi Raghu,
>
> On Sat, 27 Mar 2021 at 03:59,  wrote:
>
>> Julius, Simon,
>>
>>
>>
>> It appears there are opinions you carry around UUID being complicated,
>> bloated, code being an eyesore, parsing these lists early with
MMU/Caches
>> disabled, calculating checksums etc. While there is certainly a LOT of
>> truth to those statements, these concerns need to be put into
context and
>> may not necessarily apply to all platforms running TF-A. Standardization
>> and interoperability may be valued more on some platforms and some
of the
>> bloat and performance issues may be worth those tradeoffs. Some of these
>> concerns may not even apply on powerful CPU’s and SoC’s with lots of
>> memory. Also a quick grep for “uuid” in the TF-A repository shows that
>> there is significant use of UUID’s for FIP, some SMC’s, secure
partitions
>> etc so use of UUID is not something new to TF-A.
>>
>
> Fair enough. I hope, though, that if we can agree on a simple
> implementation like bloblist, then it becomes the standard and we can
move
> away from the problems you mention with UUIDs.

Ummm... I don't follow. How are UUIDs either complex or bloated? A UUIDs
is simply a 128 bit number that is matched using a fixed length compare.

What I like about the UUID scheme is it has collision avoidance built
in, and it is adopted across multiple projects.

g.
IMPORTANT NOTICE: The contents of this email and any attachments are 
confidential and may also be privileged. If you are not the intended recipient, 
please notify the sender immediately and do not disclose the contents to any 
other person, use it for any purpose, or store or copy the information in any 
medium. Thank you.

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Simon Glass]

Hi Raghu,

On Sat, 27 Mar 2021 at 03:59,  wrote:

> Julius, Simon,
>
>
>
> It appears there are opinions you carry around UUID being complicated,
> bloated, code being an eyesore, parsing these lists early with MMU/Caches
> disabled, calculating checksums etc. While there is certainly a LOT of
> truth to those statements, these concerns need to be put into context and
> may not necessarily apply to all platforms running TF-A. Standardization
> and interoperability may be valued more on some platforms and some of the
> bloat and performance issues may be worth those tradeoffs. Some of these
> concerns may not even apply on powerful CPU’s and SoC’s with lots of
> memory. Also a quick grep for “uuid” in the TF-A repository shows that
> there is significant use of UUID’s for FIP, some SMC’s, secure partitions
> etc so use of UUID is not something new to TF-A.
>

Fair enough. I hope, though, that if we can agree on a simple
implementation like bloblist, then it becomes the standard and we can move
away from the problems you mention with UUIDs.

I do find it odd, but even the latest SoCs often seem to start up in a mode
with limited memory and not at full speed. I also find that many projects
don't care a whit about boot speed, but others care a lot.


>
>
> While there are many ways to solve the same problem, there are also
> potential dis-advantages to something like the mechanism pointed out below.
> For example, this is yet another solution to an already solved problem. If
> we use UEFI hob’s, the code and problem has been solved for decades and
> there is code re-use possible and that **potentially**(opinions may vary)
> is better for security as there have been eyes on it for long and is more
> stable.(I’m very aware UEFI is not the gold standard for security, but
> again, it is a blanket statement to say all UEFI code is bad).
>

I've not looked at UEFI code recently...I think it was 6 years ago. It
really was not something I wondered to get involved in. I suspect it has
improved a lot. The HOB data structure is not that complicated (apart from
the UUIDs) and not all that different to bloblist. But turning it around,
wouldn't you prefer to use some simple code that is easy to read and has a
good set of unit tests?


> Does the method mentioned below allow you to create a dynamic list of
> arbitrary lengths and NOT lists of lengths decided at compile time? It
> appears that it is mainly being used on lists fixed at compile time.
>

Well the API does allow any length to be created:

void *bloblist_add(uint tag, int size, int align);

Typically the data structures are defined across boundaries though, such
that (e.g.) a C struct is shared. I suppose the length might change if you
are passing a console log.


> What about interoperability with UEFI? Coreboot is great for
> platforms/companies that use it but what about platforms that **must**
> use UEFI for various reasons? Do we need a conversion from the method below
> to a UEFI HOB if BL33 is UEFI? Clearly the solution below was tailored to
> coreboot.
>

Turning that around, must all open-source platforms use UEFI
features, APIs, data structures, etc? It could be useful for UEFI to learn
a bit about interoperability and fit in with some of the open-source
solutions. BTW the bloblist is actually a U-Boot thing, although yes indeed
it is inspired by open-source.


>
>
> We can support multiple ways in the same code base through build and run
> time options and a platform should be free to make calls on whether the
> problems you mentioned below really apply or not. What is a pain to
> do(having co-ordination with multiple companies vs vendor defined
> tags/UUID’s) is also subjective and whether or not it is overstated is
> matter of opinion/context.
>
>
>
> I think it may be best to discuss this in the call and understand the
> requirements fully. It may turn out that what you have proposed below works
> anyway 
>

Yes OK. I am not sure I can attend tomorrow's call, but we'll see.

Regards,
Simon

>
>
>
>
> Thanks
>
> Raghu
>
>
>
> *From:* TF-A  *On Behalf Of *Julius
> Werner via TF-A
> *Sent:* Wednesday, March 24, 2021 7:44 PM
> *To:* Simon Glass 
> *Cc:* Harb Abdulhamid OS ; Boot
> Architecture Mailman List ;
> t...@lists.trustedfirmware.org; U-Boot Mailing List ;
> Paul Isaac's ; Ron Minnich 
> *Subject:* Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for
> information passing between boot stages
>
>
>
> Just want to point out that TF-A currently already supports a (very
> simple) mechanism like this:
>
>
>
>
> https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/include/export/lib/bl_aux_params/bl_aux_params_exp.h
>
>
> https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/lib/bl_aux_params/bl_aux_params.c
>
>
> https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/plat/rockchip/common/params_setup.c
>
>
>
> It's just 

RE: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[raghu.ncstate]

Julius, Simon,

 

It appears there are opinions you carry around UUID being complicated, bloated, 
code being an eyesore, parsing these lists early with MMU/Caches disabled, 
calculating checksums etc. While there is certainly a LOT of truth to those 
statements, these concerns need to be put into context and may not necessarily 
apply to all platforms running TF-A. Standardization and interoperability may 
be valued more on some platforms and some of the bloat and performance issues 
may be worth those tradeoffs. Some of these concerns may not even apply on 
powerful CPU’s and SoC’s with lots of memory. Also a quick grep for “uuid” in 
the TF-A repository shows that there is significant use of UUID’s for FIP, some 
SMC’s, secure partitions etc so use of UUID is not something new to TF-A.

 

While there are many ways to solve the same problem, there are also potential 
dis-advantages to something like the mechanism pointed out below. For example, 
this is yet another solution to an already solved problem. If we use UEFI 
hob’s, the code and problem has been solved for decades and there is code 
re-use possible and that *potentially*(opinions may vary) is better for 
security as there have been eyes on it for long and is more stable.(I’m very 
aware UEFI is not the gold standard for security, but again, it is a blanket 
statement to say all UEFI code is bad).

Does the method mentioned below allow you to create a dynamic list of arbitrary 
lengths and NOT lists of lengths decided at compile time? It appears that it is 
mainly being used on lists fixed at compile time.

What about interoperability with UEFI? Coreboot is great for 
platforms/companies that use it but what about platforms that *must* use UEFI 
for various reasons? Do we need a conversion from the method below to a UEFI 
HOB if BL33 is UEFI? Clearly the solution below was tailored to coreboot.

 

We can support multiple ways in the same code base through build and run time 
options and a platform should be free to make calls on whether the problems you 
mentioned below really apply or not. What is a pain to do(having co-ordination 
with multiple companies vs vendor defined tags/UUID’s) is also subjective and 
whether or not it is overstated is matter of opinion/context.

 

I think it may be best to discuss this in the call and understand the 
requirements fully. It may turn out that what you have proposed below works 
anyway 

 

 

Thanks

Raghu

 

From: TF-A  On Behalf Of Julius Werner 
via TF-A
Sent: Wednesday, March 24, 2021 7:44 PM
To: Simon Glass 
Cc: Harb Abdulhamid OS ; Boot Architecture 
Mailman List ; 
t...@lists.trustedfirmware.org; U-Boot Mailing List ; 
Paul Isaac's ; Ron Minnich 
Subject: Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for 
information passing between boot stages

 

Just want to point out that TF-A currently already supports a (very simple) 
mechanism like this:

 

https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/include/export/lib/bl_aux_params/bl_aux_params_exp.h

https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/lib/bl_aux_params/bl_aux_params.c

https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/plat/rockchip/common/params_setup.c

 

It's just a linked list of tagged elements. The tag space is split into 
TF-A-wide generic tags and SiP-specific tags (with plenty of room to spare if 
more areas need to be defined -- a 64-bit tag can fit a lot). This is currently 
being used by some platforms that run coreboot in place of BL1/BL2, to pass 
information from coreboot (BL2) to BL31.

 

I would echo Simon's sentiment of keeping this as simple as possible and 
avoiding complicated and bloated data structures with UUIDs. You usually want 
to parse something like this as early as possible in the passed-to firmware 
stage, particularly if the structure encodes information about the debug 
console (like it does for the platforms I mentioned above). For example, in 
BL31 this basically means doing it right after moving from assembly to C in 
bl31_early_platform_setup2() to get the console up before running anything 
else. At that point in the BL31 initialization, the MMU and caches are 
disabled, so data accesses are pretty expensive and you don't want to spend a 
lot of parsing effort or calculate complicated checksums or the like. You just 
want something extremely simple where you ideally have to touch every data word 
only once.

 

On Wed, Mar 24, 2021 at 5:06 PM Simon Glass via TF-A 
mailto:t...@lists.trustedfirmware.org> > wrote:

Hi Harb,

 

On Wed, 24 Mar 2021 at 11:39, Harb Abdulhamid OS 
mailto:abdulha...@os.amperecomputing.com> > 
wrote:

Hello Folks,

Appreciate the feedback and replies on this.  Glad to see that there is 
interest in this topic. 

 

I try to address the comments/feedback from Francois and Simon below….

 

 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Julius Werner]

Just want to point out that TF-A currently already supports a (very simple)
mechanism like this:

https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/include/export/lib/bl_aux_params/bl_aux_params_exp.h
https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/lib/bl_aux_params/bl_aux_params.c
https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/master/plat/rockchip/common/params_setup.c

It's just a linked list of tagged elements. The tag space is split into
TF-A-wide generic tags and SiP-specific tags (with plenty of room to spare
if more areas need to be defined -- a 64-bit tag can fit a lot). This is
currently being used by some platforms that run coreboot in place of
BL1/BL2, to pass information from coreboot (BL2) to BL31.

I would echo Simon's sentiment of keeping this as simple as possible and
avoiding complicated and bloated data structures with UUIDs. You usually
want to parse something like this as early as possible in the passed-to
firmware stage, particularly if the structure encodes information about the
debug console (like it does for the platforms I mentioned above). For
example, in BL31 this basically means doing it right after moving from
assembly to C in bl31_early_platform_setup2() to get the console up before
running anything else. At that point in the BL31 initialization, the MMU
and caches are disabled, so data accesses are pretty expensive and you
don't want to spend a lot of parsing effort or calculate complicated
checksums or the like. You just want something extremely simple where you
ideally have to touch every data word only once.

On Wed, Mar 24, 2021 at 5:06 PM Simon Glass via TF-A <
t...@lists.trustedfirmware.org> wrote:

> Hi Harb,
>
> On Wed, 24 Mar 2021 at 11:39, Harb Abdulhamid OS <
> abdulha...@os.amperecomputing.com> wrote:
>
>> Hello Folks,
>>
>> Appreciate the feedback and replies on this.  Glad to see that there is
>> interest in this topic. 
>>
>>
>>
>> I try to address the comments/feedback from Francois and Simon below….
>>
>>
>>
>> @François Ozog  – happy to discuss this on a
>> zoom call.  I will make that time slot work, and will be available to
>> attend April 8, 4pm CT.
>>
>>
>>
>> Note that I’m using the term “HOB” here more generically, as there are
>> typically vendor specific structures beyond the resource descriptor HOB,
>> which provides only a small subset of the information that needs to be
>> passed between the boot phases.
>>
>>
>>
>> The whole point here is to provide mechanism to develop firmware that we
>> can build ARM Server SoC’s that support **any** BL33 payload (e.g. EDK2,
>> AptioV, CoreBoot, and maybe even directly boot strapping LinuxBoot at some
>> point).   In other-words, we are trying to come up with a TF-A that would
>> be completely agnostic to the implementation of BL33 (i.e. BL33 is built
>> completely independently by a separate entity – e.g. an ODM/OEM).
>>
>>
>>
>> Keep in mind, in the server/datacenter market segment we are not building
>> vertically integrated systems with a single entity compiling
>> firmware/software stacks like most folks in TF-A have become use to.  There
>> are two categories of higher level firmware code blobs in the
>> server/datacenter model:
>>
>>1. “SoC” or “silicon” firmware – in TF-A this may map to BL1, BL2,
>>BL31, and **possibly** one or more BL32 instances
>>2. “Platform” or “board” firmware – in TF-A this may map to BL33 and *
>>*possibly** one or more BL32 instances.
>>
>>
>>
>> Even the platform firmware stack could be further fragmented by having
>> multiple entities involved in delivering the entire firmware stack: IBVs,
>> ODMs, OEMs, CSPs, and possibly even device vendor code.
>>
>>
>>
>> To support a broad range of platform designs with a broad range of memory
>> devices, we need a crisp and clear contract between the SoC firmware that
>> initializes memory (e.g. BL2) and how that platform boot firmware (e.g.
>> BL33) gathers information about what memory that was initialized, at what
>> speeds, NUMA topology, and many other relevant information that needs to be
>> known and comprehended by the platform firmware and eventually by the
>> platform software.
>>
>>
>>
>> I understand the versatility of DT, but I see two major problems with DT:
>>
>>- DT requires more complicated parsing to get properties, and even
>>more complex to dynamically set properties – this HOB structures may need
>>to be generated in boot phases where DDR is not available, and therefore 
>> we
>>will be extremely memory constrained.
>>- DT is probably overkill for this purpose – We really just want a
>>list of pointers to simple C structures that code cast (e.g. JEDEC SPD 
>> data
>>blob)
>>
>>
>>
>> I think that we should not mix the efforts around DT/ACPI specs with what
>> we are doing here, because those specs and concepts were developed for a
>> 

Re: [TF-A] Proposal: TF-A to adopt hand-off blocks (HOBs) for information passing between boot stages

[Simon Glass]

Hi Harb,

On Wed, 24 Mar 2021 at 11:39, Harb Abdulhamid OS <
abdulha...@os.amperecomputing.com> wrote:

> Hello Folks,
>
> Appreciate the feedback and replies on this.  Glad to see that there is
> interest in this topic. 
>
>
>
> I try to address the comments/feedback from Francois and Simon below….
>
>
>
> @François Ozog  – happy to discuss this on a
> zoom call.  I will make that time slot work, and will be available to
> attend April 8, 4pm CT.
>
>
>
> Note that I’m using the term “HOB” here more generically, as there are
> typically vendor specific structures beyond the resource descriptor HOB,
> which provides only a small subset of the information that needs to be
> passed between the boot phases.
>
>
>
> The whole point here is to provide mechanism to develop firmware that we
> can build ARM Server SoC’s that support **any** BL33 payload (e.g. EDK2,
> AptioV, CoreBoot, and maybe even directly boot strapping LinuxBoot at some
> point).   In other-words, we are trying to come up with a TF-A that would
> be completely agnostic to the implementation of BL33 (i.e. BL33 is built
> completely independently by a separate entity – e.g. an ODM/OEM).
>
>
>
> Keep in mind, in the server/datacenter market segment we are not building
> vertically integrated systems with a single entity compiling
> firmware/software stacks like most folks in TF-A have become use to.  There
> are two categories of higher level firmware code blobs in the
> server/datacenter model:
>
>1. “SoC” or “silicon” firmware – in TF-A this may map to BL1, BL2,
>BL31, and **possibly** one or more BL32 instances
>2. “Platform” or “board” firmware – in TF-A this may map to BL33 and *
>*possibly** one or more BL32 instances.
>
>
>
> Even the platform firmware stack could be further fragmented by having
> multiple entities involved in delivering the entire firmware stack: IBVs,
> ODMs, OEMs, CSPs, and possibly even device vendor code.
>
>
>
> To support a broad range of platform designs with a broad range of memory
> devices, we need a crisp and clear contract between the SoC firmware that
> initializes memory (e.g. BL2) and how that platform boot firmware (e.g.
> BL33) gathers information about what memory that was initialized, at what
> speeds, NUMA topology, and many other relevant information that needs to be
> known and comprehended by the platform firmware and eventually by the
> platform software.
>
>
>
> I understand the versatility of DT, but I see two major problems with DT:
>
>- DT requires more complicated parsing to get properties, and even
>more complex to dynamically set properties – this HOB structures may need
>to be generated in boot phases where DDR is not available, and therefore we
>will be extremely memory constrained.
>- DT is probably overkill for this purpose – We really just want a
>list of pointers to simple C structures that code cast (e.g. JEDEC SPD data
>blob)
>
>
>
> I think that we should not mix the efforts around DT/ACPI specs with what
> we are doing here, because those specs and concepts were developed for a
> completely different purpose (i.e. abstractions needed for OS / RTOS
> software, and not necessarily suitable for firmware-to-firmware hand-offs).
>
>
>
> Frankly, I would personally push back pretty hard on defining SMC’s for
> something that should be one way information passing.  Every SMC we add is
> another attack vector to the secure world and an increased burden on the
> folks that have to do security auditing and threat analysis.  I see no
> benefit in exposing these boot/HOB/BOB structures at run-time via SMC
> calls.
>
>
>
> Please do let me know if you disagree and why.  Look forward to discussing
> on this thread or on the call.
>
>
>
> @Simon Glass- Thanks for the pointer to bloblist.
> I briefly reviewed and it seems like a good baseline for what we may be
> looking for.
>
>
>
> That being said, I would say that there is some benefit in having some
> kind of unique identifiers (e.g. UUID or some unique signature) so that we
> can tie standardized data structures (based on some future TBD specs) to a
> particular ID.  For example, if the TPM driver in BL33 is looking for the
> TPM structure in the HOB/BOB list, and may not care about the other data
> blobs.  The driver needs a way to identify and locate the blob it cares
> about.
>

The tag is intended to serve that purpose, although perhaps it should
switch from an auto-allocating enum to one with explicit values for each
entry and a range for 'local' use.

>
>
> I guess we can achieve this with the tag, but the problem with tag when
> you have eco-system with a lot of parties doing parallel development, you
> can end up with tag collisions and folks fighting about who has rights to
> what tag values.  We would need some official process for folks to register
> tags for whatever new structures we define, or maybe some tag range for
> vendor specific structures.  This comes with a lot of pain