16:06 <AntonioND> hey! I think I've spent enough time cleaning the port and it's in a fairly decent shape. there are still things to be done, but I think that it is useful enough in its current state to replace the binary blob. if anyone wants to review it: https://github.com/ARM-software/arm-trusted-firmware/pull/1616 I will have to leave the channel in 20 min, but I'll be back tonight at some point if someone has any comments (or leave them in the

16:06 <AntonioND> PR!)

16:25 <lvrp16> AntonioND: very nice

16:25 <lvrp16> wish it was for GXL XD

16:53 <wens> amlogic keeps putting out S905xyz chips, so confusing

17:13 <ldevulder> AntonioND, is it possible to adapt if for s905x? I know there are different in some point but also close in other

17:14 <ldevulder> but very good work! A new step for something completely opensource!

17:14 <AntonioND> i have no idea, tbh. to begin with, I don't know if you can replace bl31 in any board with that soc

17:14 <AntonioND> if you can... in theory it should be easy to adapt

17:14 <AntonioND> and thanks!

17:16 <narmstrong> For only cpu related stuff, s905 and s905x should be very close

17:16 <narmstrong> It’s worth trying

17:17 <narmstrong> Bl2 would be very different, bl30 also, but bl31 would be very similar

17:18 <AntonioND> the first step is to see if trusted board boot is enabled or not. Just look for any of the strings that are shown during boot and modify it

17:18 <AntonioND> that's what I did for the odroid c2

17:18 <AntonioND> if that can be done, adapting it should be easy

17:19 <AntonioND> the only board I have at home is the odroid, that's why I have only done it for it

17:39 <poulecaca> AntonioND: ldevulder IIUC bl3* binary are aes-256-cbc encrypted. So changing a string won't do I guess.

17:41 <AntonioND> odroid c2 is really nice in that way. I haven't checked bl2 or bl1, but I'd say that they aren't signed either. in any case, I don't care much about them, I mostly care about having open runtime software

17:41 <AntonioND> having a closed source bootloader in rom or in the sd card makes very little difference

17:42 <AntonioND> bl31 and bl30 are the two main problems

17:52 <AntonioND> in any case, I'd be interested in similar boards without trusted boot, so yeah, if there is any, please tell me

17:53 <AntonioND> however after https://fredericb.info/2016/10/amlogic-s905-soc-bypassing-not-so.html I suppose that they are more careful

18:05 <poulecaca> on the other hand on baylibre's uboot git repository (https://github.com/BayLibre/u-boot) it seems that uses a binary aml_encrypt_gxl to sign a bl2.bin which at first glance seems to be genuine aarch64 binary. So I guess It could be possible to sign anything ?

18:07 <vagrantc> there was also an attempt at replacing some of the signing stuff with https://github.com/afaerber/meson-tools/

18:09 <poulecaca> ah nice news

18:13 <AntonioND> https://github.com/BayLibre/u-boot/blob/d76a053c52c6600ab8efc512f2fdf9b0ff15f5d5/board/amlogic/p212/README#L53

18:13 <AntonioND> it does look like it

18:19 <vagrantc> /20/20

18:19 <narmstrong> Replacing bl32 would be a nightmare since it handles all the ddr init stuff

18:19 <narmstrong> *bl2

18:21 <narmstrong> Bl30 looks doable, but you need to figure out how to load the bl301 binary to the scp

18:26 <narmstrong> poulecaca: i think you can sign anything with the amlogic tools

18:27 <narmstrong> I’m not sure about the bl31, I think you need to convert it to a .img

18:27 <poulecaca> narmstrong: seems so, I havn't tested yet though. But was planning to.

18:27 <narmstrong> But all this is in the amlogic u-boot code...

18:29 <narmstrong> AntonioND: the binaries they ship are the ones used for trusted boot for actual products, the aml_encrypt_gxl can be used to do a full trusted + encrypted boot with the correct args

18:29 <narmstrong> I suppose they can ship custom ones for big customers, but basic products use these by default

18:30 <afaerber> poulecaca, gxl is not yet implemented in the tool, but contributions welcome

18:37 <poulecaca> afaerber: nice job reversing amlogic header. It seems you are using the SHA256 signing tricks from https://fredericb.info/2016/10/amlogic-s905-soc-bypassing-not-so.html. Am I right ?

18:57 <AntonioND> yes, bl2 would be hell, and you don't really get much out of it

18:57 <AntonioND> ddr drivers are magic code anyway

18:57 <AntonioND> loading bl30 should be easy, you just need to replace the bl30 they give you

18:58 <AntonioND> and yeah, thanks narmstrong, that explanation makes sense

18:59 <AntonioND> also, as far as I know, the differences between gxbb and gxl are quite small, and they don't really affect the firmware

18:59 <AntonioND> it is likely that the same binary could run in both

19:02 <AntonioND> also I've just realized I've been loading the wrong dtb all this time

20:43 <ldevulder> AntonioND, I will try to test your ATF code on s905x one of these days :)

21:28 <AntonioND> thanks, ldevulder. it may work. if it does, I will rename things there. maybe think of a new folder structure

21:28 <AntonioND> because it wouldn't make sense then to have gxbb for both

21:28 <AntonioND> at least there should be an alias

21:33 <AntonioND> so how different are the different gxl devices?