Hi Miquel,
On 2 May 2018 at 02:59, Miquel Raynal miquel.raynal@bootlin.com wrote:
Sandbx is run in userspace. What is done in baremetal applications like U-Boot is using an address in memory which is supposedly free to load and store data to it. The user interaction in U-Boot's shell works like that and it is hard to find another way to transfer a 'buffer' from one side to the other. It is always possible to fill an environment variable, but not that easy to use.
Of course our Linux distributions do not allow such salvage accesses and Sandbox will simply be killed. To avoid such scenario, it is possible, when compiling the Sandbox driver, to allocate some memory so the pointer that is given does not point to an unauthorized area anymore. This just give the possibility to run all the TPM commands without killing Sandbox.
map_sysmem() and map_to_sysmem() are supposed to handle this, assuming I understand the problem correctly.
Regards, Simon