[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v1 3/5] xen/arm: platforms: Add NXP S32CC platform code

To: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
From: Julien Grall <julien@xxxxxxx>
Date: Mon, 16 Sep 2024 22:04:13 +0100
Cc: Andrei Cherechesu <andrei.cherechesu@xxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "S32@xxxxxxx" <S32@xxxxxxx>, Andrei Cherechesu <andrei.cherechesu@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
Delivery-date: Mon, 16 Sep 2024 21:04:24 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi,

On 13/09/2024 08:43, Julien Grall wrote:

On 12/09/2024 23:44, Stefano Stabellini wrote:
On Thu, 12 Sep 2024, Bertrand Marquis wrote:
Hi Andrei,
On 11 Sep 2024, at 23:05, Andrei Cherechesu<andrei.cherechesu@xxxxxxxxxxx> wrote:
Hi Julien, Stefano,
On 11/09/2024 08:19, Stefano Stabellini wrote:
On Tue, 10 Sep 2024, Julien Grall wrote:
Hi,

On 10/09/2024 15:34, Andrei Cherechesu (OSS) wrote:
From: Andrei Cherechesu <andrei.cherechesu@xxxxxxx>

Added support for NXP S32CC platforms (S32G2, S32G3, S32R45),
which need SCMI over SMC calls forwarded to the firmware
running at EL3 (TF-A). Linux relies on the SCMI Platform
for system services such as clocking, reset, etc.
Is it SMCI as in the Arm spec? If so, this should not be platformspecific.
Yes, it is SCMI as defined by Arm. I agree it shouldn't be platformspecific.
Furthermore, I was under the impression that we can't blindly forward
everything from a domain to the firmware. While it might beokayish for dom0,you also seem to give access to all the domains on the system isit intended?
In our case, only Dom0 has access to the SCMI mailbox. Hence, theother unprivileged domains are not aware of SCMI and do not make anySCMI requests to FW.
Anyway, there is a series on the ML to add a mediator for SCMI inXen (see[1]). I think it would be preferable to focus on getting it mergedas it would
benefit everyone and increase the security posture (we couldrestrict access).
I also asked a few months ago on the ML in a virtio related threadif there are any updates regardingSCMI awareness for Xen and guests, then Stefano CCed Bertrand, buthe did not comment [0].
I'm curious why the SCMI mediator patch series did not progress.
[0]https://lore.kernel.org/xen-devel/alpine.DEB.2.22.394.2401111627360.3675@ubuntu-linux-20-04-desktop/
Sorry it seems i missed that one.
There are several initiatives ongoing to investigate the globalproblem of clock handling and more specifically
SCMI "sharing".
The SCMI protocol contains some features to have virtual channels andthe question is how to make a transportthat is hypervisor agnostic to prevent to require the hypervisors tohave to "decode" SCMI messages.
Virtio-scmi is not really used for clock management per say at themoment and more specifically I do not
think it is a good solution to manage clocks of non virtio devices.
In Soafee and in Linaro people are looking at using FF-A as atansport for SCMI.The idea would be that the hypervisor is configuring the virtual SCMIchannels using FF-A as a transportand then VMs are using FF-A to communicate with an SCMI server(probably sitting in secure world, at
least as a proxy). This is an investigation for now.
Requiring Xen to act as a mediator is also a solution but mightrequire a lot of platform specific code
which i think we should prevent.
For now having a solution in Xen where SCMI calls through SMC areonly allowed by Dom0 is the only
short term solution I think.
+1
I am open to go this way. But I would like the commit message to containsome details on whether this will always work fine for dom0 (this wouldtell whether the feature can be supported or needs to be inexperimental/tech preview).
At least my main concern is anything to do with RAM. On Matrix, Bertrandsuggested that none of the messages should contain addresses. What aboutthe transport? Is it using buffer? If so, are they fixed?
Brief looking at Linux, there are multiple DT compatible. IIUC, we wouldonly support "arm,scmi-smc" with the implementation. If so, maybe weshould check the DT.

Some clarifications as I was asked on Matrix. The issue described inthis patch is not specific to SCMI. So I think the SCMI trapping &forward should be part of common code. If it we are not sure whether itis safe, then it should be protected by CONFIG_EXPERT or CONFIG_UNSUPPORTED.

I hope this clarifies what I would like. Not sure if the others agreethough.


Cheers,

--
Julien Grall

Follow-Ups:
- Re: [PATCH v1 3/5] xen/arm: platforms: Add NXP S32CC platform code
  - From: Stefano Stabellini

References:
- [PATCH v1 0/5] xen/arm: Add support for S32CC platforms and LINFlexD UART
  - From: Andrei Cherechesu (OSS)
- [PATCH v1 3/5] xen/arm: platforms: Add NXP S32CC platform code
  - From: Andrei Cherechesu (OSS)
- Re: [PATCH v1 3/5] xen/arm: platforms: Add NXP S32CC platform code
  - From: Julien Grall
- Re: [PATCH v1 3/5] xen/arm: platforms: Add NXP S32CC platform code
  - From: Stefano Stabellini
- Re: [PATCH v1 3/5] xen/arm: platforms: Add NXP S32CC platform code
  - From: Andrei Cherechesu
- Re: [PATCH v1 3/5] xen/arm: platforms: Add NXP S32CC platform code
  - From: Bertrand Marquis
- Re: [PATCH v1 3/5] xen/arm: platforms: Add NXP S32CC platform code
  - From: Stefano Stabellini
- Re: [PATCH v1 3/5] xen/arm: platforms: Add NXP S32CC platform code
  - From: Julien Grall

Prev by Date: Re: [PATCH v1 5/5] xen/arm: Enable workaround for Cortex-A53 erratum #1530924
Next by Date: Re: [PATCH] ioreq: don't wrongly claim "success" in ioreq_send_buffered()
Previous by thread: Re: [PATCH v1 3/5] xen/arm: platforms: Add NXP S32CC platform code
Next by thread: Re: [PATCH v1 3/5] xen/arm: platforms: Add NXP S32CC platform code
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.