Re: [PATCH mvebu + mvebu/dt64 4/4] arm64: dts: marvell: armada-37xx: move firmware node to generic dtsi file

From: "Marek Behún" <kabel@kernel.org>
To: Andrew Lunn <andrew@lunn.ch>
Cc: Gregory CLEMENT <gregory.clement@bootlin.com>,
	linux-arm-kernel@lists.infradead.org, pali@kernel.org,
	stable@vger.kernel.org
Subject: Re: [PATCH mvebu + mvebu/dt64 4/4] arm64: dts: marvell: armada-37xx: move firmware node to generic dtsi file
Date: Fri, 12 Mar 2021 16:17:04 +0100	[thread overview]
Message-ID: <20210312161704.5e575906@kernel.org> (raw)
In-Reply-To: <YEt/Ll08M1cwgGR/@lunn.ch>

On Fri, 12 Mar 2021 15:48:14 +0100
Andrew Lunn <andrew@lunn.ch> wrote:

> On Fri, Mar 12, 2021 at 10:10:27AM +0100, Marek Behún wrote:
> > On Fri, 12 Mar 2021 09:58:34 +0100
> > Gregory CLEMENT <gregory.clement@bootlin.com> wrote:
> >   
> > > Hello Marek,
> > >   
> > > > From: Pali Rohár <pali@kernel.org>
> > > >
> > > > Move the turris-mox-rwtm firmware node from Turris MOX' device tree into
> > > > the generic armada-37xx.dtsi file.    
> > > 
> > > I disagree with this patch. This firmware is specific to Turris MOX so
> > > it is not something that should be exposed to all the Armada 3700 based
> > > boards.
> > > 
> > > If you want you still can create an dtsi for this and include it when
> > > needed.
> > > 
> > > Gregory  
> > 
> > Gregory, we are planning to send pull-request for TF-A documentation,
> > adding information that people can compile the firmware with CZ.NIC's
> > firmware.
> > 
> > Since this firmware exposes HW random number generator, it is
> > possible that people will start using it for espressobin.
> > 
> > In that case this won't be specific for Turris MOX anymore.  
> 
> Part of the problem is that it looks specific to the Turris MOX.
> 
> But please help me understand the big picture first.  How is the
> firmware distributed? Is the binary part of linux-firmware? How does
> it get loaded? Does the firmware contain anything which is specific to
> the Turris MOX? Could the hardware number generator part be split out
> into a more generic sounding name blob?
> 
>      Andrew

Hello Andrew,

The WTMI firmware is loaded before kernel. This firmware is loaded by
BootROM, and it is this firmware that does DDR training before loading
TF-A + U-Boot.

For example for ESPRESSObin you have several repositories you need to
create a final flash-image.bin containing this WTMI firmware + TF-A +
U-Boot. These repositories are:
  trusted-firmware-a (contains documentation how to build all this)
  A3700-utils-marvell
  u-boot
  mv-ddr-marvell
From these sources you are able to create a final flash-image.bin that
you can flash onto the SPI-NOR (or eMMC or other devices which A3720
can boot from).

The A3700-utils-marvell repository contains the code of the WTMI
firmware.

On Turris MOX this is a little bit different, because
- we have implemented the WTMI firmware differently (more mailbox
  commands, HW crypto, ...)
- it supports retrieving MOX board information (MAC addresses, serial
  number) stored in eFuses (this information is stored in a specific
  way that in only true for MOX)
- the firmware binary must be signed by our private key in order to
  boot on MOX.

  This is because the secure firmware has access to an ECDSA engine
  with a private key storage in eFuses (each MOX has its own private
  key generated and stored into the eFuses when manufactured)
  In order to disallow hackers to somehow extract the private key,
  the firmware must be signed so that they cannot load arbitrary
  firmware into the secure processor.

BUT
- since this firmware is able to provide HWRNG, we wanted to make it
  available for other Armada 3720 boards
- we updated the code so that users can build it for non-MOX devices
- it does not have to be signed for other devices
- it does not contain MOX specific stuff for non-MOX devices

So currently when users build the flash-image.bin binary containing
WTMI firmware, they are using code from A3700-utils-marvell. This code
is split into 2 parts:
- sys_init - does HW and DDR initialization and execution of an "app"
- efuse - default "app" which is loaded by sys_init
The way it is written is that user can select a different "app" when
building, and we have updated Turris MOX firmware code to be loadable
as this "app" for sys_init. (And we have renamed it from "Turris MOX
secure firmware" to "CZ.NIC's Armada 3720 secure firmware").

> Could the hardware number generator part be split out into a more
> generic sounding name blob?

It basically is. As I have written above, when users build the
flash-image.bin with CZ.NIC's firmware, the prompt does not say
anything about Turris MOX. Instead it says something like
  CZ.NIC's Armada 3720 Secure Firmware version build date
  Running on ESPRESSObin
and currently provides only the random number generator command.

So theoretically the turris-mox-rwtm driver can be renamed into
something else and we can add a different compatible in order not to
sound so turris-mox specific.

Marek

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel