L.S.,
Adriana is proposing [0] a method for DT based platforms that boot
without EFI to expose the SMBIOS tables via the /chosen DT node.
There appears to be consensus between the stakeholders in the u-boot
and linux communities that this is a reasonable thing to do, and it
looks like this is going to be adopted soon.
Adriana has kindly agreed to contributing the u-boot side
implementation as well, so all the pieces will be there in terms of
code.
What is lacking is a contribution to the DMTF spec, which currently
only permits the EFI config table method for non-x86 systems. So some
wording should be added to paragraph 5.2.2 (SMBIOS 3.9 [1])
It currently reads
On non-UEFI systems, the 64-bit SMBIOS Entry Point structure can be
located by application software by searching for the anchor-string on
paragraph (16-byte) boundaries within the physical memory address
range 000F0000h to 000FFFFFh.
Given that this makes sense only on x86 systems, I suggest we rephrase
this along the lines of
On non-UEFI systems, the 64-bit SMBIOS Entry Point structure can be
located by application software
- on x86 systems only, by searching for the anchor-string on paragraph
(16-byte) boundaries within the physical memory address range
000F0000h to 000FFFFFh,
- on DT based systems, by obtaining the physical memory address of the
structure from the /chosen/smbios3-entrypoint property in the device
tree.
Maybe Rob can suggest a normative reference to be added to section 2?
Thanks,
Ard.
[0] https://lore.kernel.org/all/CAERbo5z6BzHqQxXdxPxmxE_eDR7GGGbt3A8kB0gQiWFBE-…
[1] https://www.dmtf.org/sites/default/files/standards/documents/DSP0134_3.9.0.…
On Fri, 31 Oct 2025 at 11:10, adriana <adriana(a)arista.com> wrote:
>
> Some bootloaders like U-boot, particularly for the ARM architecture,
> provide SMBIOS/DMI tables at a specific memory address. However, these
> systems often do not boot using a full UEFI environment, which means the
> kernel's standard EFI DMI scanner cannot find these tables.
>
> This series adds support for the kernel to find these tables by
> reading the associated property from the Device Tree /chosen node. The
> bootloader can specify the physical addresses using the property
> "linux,smbios3-entrypoint".
>
> The first patch introduces the device tree binding documentation for this
> new ABI, and the second patch implements the driver logic in dmi_scan.c.
>
> Changes in v4:
> - Renamed linux,smbios3-table.yaml file, removed mention of ARM/ARM64
> (Patch 1/2).
> - Drop the second definition of dmi_scan_from_dt() and fold checking
> for CONFIG_OF (Patch 2/2).
> - Drop unnecessary goto on the success case (Patch 2/2).
> - Replace magic number for entrypoint size with SMBIOS3_ENTRY_POINT_SIZE
> definition (Patch 2/2).
>
> Changes in v3:
> - Removed linux,smbios-table property, only keep the SMBIOSv3 property
> (Patch 1/2).
> - Search DT for linux,smbios3-table only, removed the code searching
> for the previous property (Patch 2/2).
>
> Changes in v2:
> - Add missing Device Tree binding documentation (Patch 1/2).
> - Split the original patch into a 2-part series (binding + driver).
> - (No functional changes to the driver code in patch 2/2).
>
> adriana (2):
> dt-bindings: firmware: Add binding for SMBIOS /chosen properties
> drivers: firmware: dmi_scan: Add support for reading SMBIOS from DT
>
For the series,
Reviewed-by: Ard Biesheuvel <ardb(a)kernel.org>
I can take the second patch, but bindings need to go in separately IIRC.
Rob?
> .../firmware/linux,smbios3-entrypoint.yaml | 25 +++++++++
> drivers/firmware/dmi_scan.c | 54 +++++++++++++++++++
> 2 files changed, 79 insertions(+)
> create mode 100644 Documentation/devicetree/bindings/firmware/linux,smbios3-entrypoint.yaml
>
> --
> 2.51.0
>
On Thu, 23 Oct 2025 at 16:48, Adriana Nicolae <adriana(a)arista.com> wrote:
>
> On Thu, Oct 23, 2025 at 4:54 PM Ard Biesheuvel <ardb(a)kernel.org> wrote:
> >
> > (cc Ilias)
> >
> > On Thu, 23 Oct 2025 at 15:34, Adriana Nicolae <adriana(a)arista.com> wrote:
> > >
> > > On Thu, Oct 23, 2025 at 11:21 AM Ard Biesheuvel <ardb(a)kernel.org> wrote:
> > > >
> > > > On Thu, 23 Oct 2025 at 04:21, Adriana Nicolae <adriana(a)arista.com> wrote:
> > > > >
> > > > > On Wed, Oct 22, 2025 at 11:19 PM Rob Herring <robh(a)kernel.org> wrote:
> > > > > >
> > > > > > On Wed, Oct 22, 2025 at 04:45:25AM -0700, adriana wrote:
> > > > > > > Some bootloaders like U-boot, particularly for the ARM architecture,
> > > > > > > provide SMBIOS/DMI tables at a specific memory address. However, these
> > > > > > > systems often do not boot using a full UEFI environment, which means the
> > > > > > > kernel's standard EFI DMI scanner cannot find these tables.
> > > > > >
> > > > > > I thought u-boot is a pretty complete UEFI implementation now. If
> > > > > > there's standard way for UEFI to provide this, then that's what we
> > > > > > should be using. I know supporting this has been discussed in context of
> > > > > > EBBR spec, but no one involved in that has been CC'ed here.
> > > > >
> > > > > Regarding the use of UEFI, the non UEFI boot is used on Broadcom iProc which
> > > > > boots initially into a Hardware Security Module which validates U-boot and then
> > > > > loads it. This specific path does not utilize U-Boot's UEFI
> > > > > implementation or the
> > > > > standard UEFI boot services to pass tables like SMBIOS.
> > > > >
> > > >
> > > > What prevents this HSM validated copy of u-boot from loading the kernel via EFI?
> > > The vendor's U-Boot configuration for this specific secure boot path
> > > (involving the
> > > HSM) explicitly disables the CMD_BOOTEFI option due to security
> > > mitigations, only
> > > a subset of U-boot commands are whitelisted. We could patch the U-boot
> > > to include
> > > that but it is preferable to follow the vendor's recommandations and
> > > just patch U-boot
> > > to fill that memory location with SMBIOS address or directly with the
> > > entry point.
> >
> > And what security mitigations are deemed needed for the EFI code? You
> > are aware that avoiding EFI boot means that the booting kernel keeps
> > all memory protections disabled for longer than it would otherwise. Is
> > this allowlisting based on simply minimizing the code footprint?
> >
> From the information I have, it might be just minimizing the footprint
> but the vendor's U-Boot configuration for this specific path
> explicitly disables the CMD_BOOTEFI option. While the vendor cites
> security mitigations for this configuration, the specific details
> could be a set of mitigation removing different boot methods and some
> memory access commands.
>
> The core issue is that this non-EFI boot path is the vendor-validated
> configuration. Enabling EFI would deviate from this setup, require
> significant revalidation, and could impact vendor support. Modifying
> U-Boot to populate the DT is a contained change without modifying the
> U-boot vendor configuration.
>
I'm not sure I follow why changing U-Boot's code would not require
revalidation if simply changing its build configuration without
modifying the source code would require that.
> Beyond our specific vendor constraints, this DT method might be used
> by any other non-UEFI arm system needing to expose SMBIOS tables to
> the kernel.
>
Fair point. So let's do this properly: get buy-in from the U-Boot
folks and contribute your u-boot changes as well. And ideally, we'd
get this into the DMTF spec but if you are not set up for that (I
think you might need to be a member to be able to contribute), we can
find some ARM folks who are.