| Message ID | 20240130115847.860345-2-d-gole@ti.com |
|---|---|
| State | Superseded |
| Delegated to: | Tom Rini |
| Headers | show |
| Series | firmware: ti_sci: zero the secure_hdr in do_xfer | expand |
On 17:28-20240130, Dhruva Gole wrote: > The ti_sci driver in U-Boot has support for secure_msg as part of it's > do_xfer function. This let's U-boot send secure messages during boot up. > > The protocol to send such secure messages is described as part of the > struct ti_sci_secure_msg_hdr. As part of this, there are 2 fields for > checksum and reserved that occupy the first 4 bytes of any secure > message. This is called as the secure_hdr. > > As of now, the secure_hdr needs to be 0 init-ed before sending secure > messages. However the existing code was never putting the zero-inited vars > into the secure_buf, leading to possibility of the first 4 bytes of > secure_buf being possibly garbage. > > Fix this by initialising the secure_hdr itself to the secure_buf > location, thus when we make secure_hdr members 0, it automatically ensures > the first 4 bytes of secure_buf are 0. > > Fixes: 32cd25128bd849 ("firmware: Add basic support for TI System Control Interface (TI SCI)") > Cc: Nishanth Menon <nm@ti.com> > Cc: Andrew Davis <afd@ti.com> > Cc: Manorit Chawdhry <m-chawdhry@ti.com> > Signed-off-by: Dhruva Gole <d-gole@ti.com> > --- > drivers/firmware/ti_sci.c | 12 ++++++------ > 1 file changed, 6 insertions(+), 6 deletions(-) > > diff --git a/drivers/firmware/ti_sci.c b/drivers/firmware/ti_sci.c > index 6e9f93e9a302..49d2696a6d09 100644 > --- a/drivers/firmware/ti_sci.c > +++ b/drivers/firmware/ti_sci.c > @@ -236,21 +236,21 @@ static int ti_sci_do_xfer(struct ti_sci_info *info, > { > struct k3_sec_proxy_msg *msg = &xfer->tx_message; > u8 secure_buf[info->desc->max_msg_size]; > - struct ti_sci_secure_msg_hdr secure_hdr; > + struct ti_sci_secure_msg_hdr *secure_hdr = (struct ti_sci_secure_msg_hdr *)secure_buf; > int ret; > > if (info->is_secure) { > /* ToDo: get checksum of the entire message */ > - secure_hdr.checksum = 0; > - secure_hdr.reserved = 0; I was thinking originally just adding memcpy(secure_buf, secure_hdr, sizeof(secure_hdr)) would save all the churn.. but anyways.. we save allocating secure_hdr struct.. not a big saving, but better code anyways.. > - memcpy(&secure_buf[sizeof(secure_hdr)], xfer->tx_message.buf, > + secure_hdr->checksum = 0; > + secure_hdr->reserved = 0; > + memcpy(&secure_buf[sizeof(struct ti_sci_secure_msg_hdr)], xfer->tx_message.buf, > xfer->tx_message.len); here and below: s/sizeof(var)/sizeof(*var) instead of sizeof(struct ... ) is probably all the change we need? rather than converting it to sizeof(struct ..)? same below. this would allow (theoretically), that the structure name to change for secure_hdr and there would be less churn? not that it matters here.. just a style thing.. Either way: Reviewed-by: Nishanth Menon <nm@ti.com> > > xfer->tx_message.buf = (u32 *)secure_buf; > - xfer->tx_message.len += sizeof(secure_hdr); > + xfer->tx_message.len += sizeof(struct ti_sci_secure_msg_hdr); > > if (xfer->rx_len) > - xfer->rx_len += sizeof(secure_hdr); > + xfer->rx_len += sizeof(struct ti_sci_secure_msg_hdr); > } > > /* Send the message */ > -- > 2.34.1 >
diff --git a/drivers/firmware/ti_sci.c b/drivers/firmware/ti_sci.c index 6e9f93e9a302..49d2696a6d09 100644 --- a/drivers/firmware/ti_sci.c +++ b/drivers/firmware/ti_sci.c @@ -236,21 +236,21 @@ static int ti_sci_do_xfer(struct ti_sci_info *info, { struct k3_sec_proxy_msg *msg = &xfer->tx_message; u8 secure_buf[info->desc->max_msg_size]; - struct ti_sci_secure_msg_hdr secure_hdr; + struct ti_sci_secure_msg_hdr *secure_hdr = (struct ti_sci_secure_msg_hdr *)secure_buf; int ret; if (info->is_secure) { /* ToDo: get checksum of the entire message */ - secure_hdr.checksum = 0; - secure_hdr.reserved = 0; - memcpy(&secure_buf[sizeof(secure_hdr)], xfer->tx_message.buf, + secure_hdr->checksum = 0; + secure_hdr->reserved = 0; + memcpy(&secure_buf[sizeof(struct ti_sci_secure_msg_hdr)], xfer->tx_message.buf, xfer->tx_message.len); xfer->tx_message.buf = (u32 *)secure_buf; - xfer->tx_message.len += sizeof(secure_hdr); + xfer->tx_message.len += sizeof(struct ti_sci_secure_msg_hdr); if (xfer->rx_len) - xfer->rx_len += sizeof(secure_hdr); + xfer->rx_len += sizeof(struct ti_sci_secure_msg_hdr); } /* Send the message */
The ti_sci driver in U-Boot has support for secure_msg as part of it's do_xfer function. This let's U-boot send secure messages during boot up. The protocol to send such secure messages is described as part of the struct ti_sci_secure_msg_hdr. As part of this, there are 2 fields for checksum and reserved that occupy the first 4 bytes of any secure message. This is called as the secure_hdr. As of now, the secure_hdr needs to be 0 init-ed before sending secure messages. However the existing code was never putting the zero-inited vars into the secure_buf, leading to possibility of the first 4 bytes of secure_buf being possibly garbage. Fix this by initialising the secure_hdr itself to the secure_buf location, thus when we make secure_hdr members 0, it automatically ensures the first 4 bytes of secure_buf are 0. Fixes: 32cd25128bd849 ("firmware: Add basic support for TI System Control Interface (TI SCI)") Cc: Nishanth Menon <nm@ti.com> Cc: Andrew Davis <afd@ti.com> Cc: Manorit Chawdhry <m-chawdhry@ti.com> Signed-off-by: Dhruva Gole <d-gole@ti.com> --- drivers/firmware/ti_sci.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)