feat: add Battery FFA service + MCTP-via-PL011 EC relay#74
Open
dymk wants to merge 2 commits into
Open
Conversation
Adds a new qemu-sp-uart workspace member: a minimal blocking PL011 MMIO driver for the SP-side ec_uart device-region (mapped at 0x60030000 in the SP DTS manifest). Public API: - Pl011Uart::new(base: u64) -> Self (unsafe, RawMmio backend) - Pl011Uart::from_mmio(mmio: M) -> Self (generic, for tests) - read_byte_blocking() -> Result<u8, Error> (busy-spin, no cap) - read_byte_with_iteration_cap(cap: u32) -> Result<u8, Error> - write_bytes(&[u8]) -> Result<(), Error> Includes 5 host-side unit tests using a mock Mmio backend.
dymk
requested review from
RobertZ2011,
jerrysxie,
makubacki,
maxperga-msft and
williampMSFT
There was a problem hiding this comment.
Pull request overview
This PR introduces SP-side infrastructure to proxy FFA service requests to an external EC over MCTP serial framing carried on a PL011 UART (QEMU SBSA secure partition use-case), and adds an initial Battery service built on that relay. It also wires in new workspace members/dependencies and updates cargo-vet/cargo-deny configuration accordingly.
Changes:
- Add new
qemu-sp-uartcrate providing a minimal no_std, polled PL011 MMIO UART driver (with host-side unit tests via a mock MMIO backend). - Add
ec-service-lib::services::ec_relay(ODP-over-MCTP relay + UART transport abstraction) andec-service-lib::services::battery(GetBst proxy service using the relay). - Update workspace/dependency lockfiles and supply-chain policy (cargo-vet imports/exemptions, cargo-deny advisory ignore).
Reviewed changes
Copilot reviewed 10 out of 12 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
supply-chain/imports.lock |
Updates cargo-vet import lock to include newly introduced dependency audit entries. |
supply-chain/config.toml |
Updates cargo-vet exemptions for new/updated dependencies (incl. MCTP/serial transitive deps). |
qemu-sp-uart/src/lib.rs |
Implements the PL011 MMIO UART driver plus mock-based unit tests. |
qemu-sp-uart/README.md |
Documents the UART crate’s scope, API, base-address contract, and safety requirements. |
qemu-sp-uart/Cargo.toml |
Declares the new workspace crate metadata and lint configuration. |
ec-service-lib/src/services/mod.rs |
Registers/exports the new Battery service and relay types. |
ec-service-lib/src/services/ec_relay.rs |
Adds the ODP-over-MCTP relay, transport traits, and MCTP serial transport implementation. |
ec-service-lib/src/services/battery.rs |
Adds Battery FFA service implementation using the relay, plus a host wire-format gate test. |
ec-service-lib/Cargo.toml |
Adds mctp-rs dependency, optional qemu-sp-uart, and host-only dev-deps for wire-format tests. |
deny.toml |
Adds a cargo-deny advisory ignore for paste (transitive). |
Cargo.toml |
Adds qemu-sp-uart workspace member and new git-sourced workspace dependencies (mctp-rs, embedded-services crates). |
Cargo.lock |
Updates lockfile for new crates and dependency version bumps introduced by the relay stack. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…11 to EC)
Add the SP-side infrastructure for relaying FFA service requests to the
EC over MCTP/serial (PL011 UART), and implement the Battery service as
the first consumer.
New modules:
- ec_relay: generic relay that encodes service requests as MCTP
messages, sends over PL011 to EC, reads responses
- battery: Battery FFA service handler, routes GetBst through ec_relay
Also updates supply-chain exemptions for new git-sourced deps.
dymk
force-pushed
the
dymk/phase-36-ec-battery-mctp-ffa
branch
from
87528a4 to
4ad4aca
Compare
philgweber
reviewed
May 22, 2026
|
|
||
| /// Unbounded blocking read of one byte. Busy-spins until | ||
| /// `UARTFR.RXFE` clears. | ||
| pub fn read_byte_blocking(&mut self) -> Result<u8, Error> { |
Collaborator
There was a problem hiding this comment.
We should add a read_byte with timeout and primarily use that as SP is usually on a single CPU and no scheduler. We ran into forever loops if EC was not attached and responding on the O6 demo. This is fine to get the service up and running, but will need to add error handling and recovery at some point.
philgweber
approved these changes
May 22, 2026
kurtjd
reviewed
May 22, 2026
| /// Minimal UART surface [`MctpSerialTransport`] needs. Implemented for | ||
| /// `qemu_sp_uart::Pl011Uart<M>` behind the `qemu-pl011` feature; in | ||
| /// tests, a Vec-backed mock substitutes. | ||
| pub trait UartIo { |
Member
There was a problem hiding this comment.
Have you considered using the existing embedded-io trait: https://docs.rs/embedded-io/latest/embedded_io/
This is typically implemented by many HALs for uart drivers (and is, for example, what the uart-service on the EC side is generic over).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds Battery FFA service infrastructure and MCTP-via-PL011 EC relay to
ec-service-lib, plus a minimal PL011 MMIO UART driver crate. The wiring intoqemu-ec-sp's message loop (replacing the existing stub Battery handler) is done in the platform integration PR that updates the submodule pointer.New crates
qemu-sp-uart— Minimal PL011 MMIO UART driver for the secure partition (polled mode, no interrupts).Changes to existing crates
ec-service-lib— Newec_relaymodule: generic ODP-over-MCTP relay infrastructure withMctpSerialTransport. Newbatteryservice module backed by the relay. QEMU PL011 UART support is gated behind theqemu-pl011feature for clean layering.Architecture
Scope note
This PR delivers the library-side implementation. The platform wiring (replacing
qemu-sp's stub Battery with the relay-backed version) happens in theodp-platform-qemu-sbsaintegration PR that updates themod/secure-servicessubmodule pointer.