[Skiboot] [RFC PATCH 0/8] PEF support in Skiboot
stewart at flamingspork.com
Fri Sep 6 02:38:05 AEST 2019
On Thu, Sep 5, 2019, at 6:29 AM, Ryan Grimm wrote:
> With these patches, Skiboot comes up in secure mode, loads and initializes the
> Ultravisor (UV) in secure memory, and then performs ultracalls for XSCOMs.
> They have been tested in Mambo, BML, and Hostboot. In their current state they
> boot in Mambo and BML but require some hacks for Hostboot because Skiboot tries
> to probe OCC areas which are in secure memory.
Is there a patch to fix that? Or at least to skip over a bunch of things if booting with UV enabled?
> Some TODOs:
> -documentation, how about we put something in doc/ultravisor.rst?
yes! as well as documenting all the device tree bindings and if/how an OS needs to deal with them, there should certainly be some overview of what an Ultravisor is, and how skiboot and an OS interact with it.
> -clean up device tree names. Claudio got some feedback from Michael about
> removing ibm,uv from the child nodes of ibm,ultravisor and we plan on doing it.
> -OCC patches, currently in development
> -security and integrity checks on the UV image
certainly a must. This really shouldn't be hard though.
More information about the Skiboot