[PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Ard Biesheuvel]

This series proposed an alternative approach to the series sent out by
Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
special PCD, as well as some other if() conditionals.

The primary difference is that this series defines and implements
MmServicesTableLib in such a way that the traditional SMM drivers
can use it as well. This is appropriate, considering that the PI
spec has rebranded traditional SMM as one implementation of the generic
MM framework.

Patch #1 is based on Jagadeesh's patch, and introduces the MmServicesTableLib
library class, but for all SMM flavours, not only for standalone MM.

Patch #2 implements MmServicesTableLib for traditional SMM implementations.

Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
driver that invoke boot services are separated from the core SMM pieces.

Patch #4 implements FaultTolerantWriteSmm for the standalone MM environment.

Patches #5 and #6 do the same, respectively, for the variable runtime driver.

This approach minimizes the delta, and thus the maintenance burden, between
the traditional SMM and standalone MM drivers, while not resorting to runtime
checks or other conditionals in the code to implement logic that should be
decided at build time.

Note that this series only covers part of the work contributed by Jagadeesh.
This series focuses on the MdePkg and MdeModulePkg changes that affect shared
code.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
Cc: Achin Gupta <Achin.Gupta@arm.com>
Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
Cc: Sami Mujawar <Sami.Mujawar@arm.com>

Ard Biesheuvel (5):
  MdePkg: implement MmServicesTableLib based on traditional SMM
  MdeModulePkg/FaultTolerantWriteDxe: factor out boot service accesses
  MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version
  MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses
  MdeModulePkg/VariableRuntimeDxe: implement standalone MM version

Jagadeesh Ujja (1):
  MdePkg/Include: add MmServicesTableLib header file

 MdeModulePkg/MdeModulePkg.dsc                 |   1 +
 .../FaultTolerantWrite.h                      |  22 ++-
 .../FaultTolerantWriteDxe.c                   |  31 ++++
 .../FaultTolerantWriteSmm.c                   |  54 +++----
 .../FaultTolerantWriteSmm.inf                 |   5 +-
 .../FaultTolerantWriteSmmCommon.h             |  31 ++++
 .../FaultTolerantWriteSmmDxe.c                |   1 +
 .../FaultTolerantWriteStandaloneMm.c          |  70 +++++++++
 .../FaultTolerantWriteStandaloneMm.inf        |  90 ++++++++++++
 .../FaultTolerantWriteTraditionalMm.c         |  94 ++++++++++++
 .../UpdateWorkingBlock.c                      |  10 +-
 .../Variable/RuntimeDxe/TcgMorLockSmm.c       |  18 +--
 .../Universal/Variable/RuntimeDxe/Variable.h  |  50 +++++++
 .../Variable/RuntimeDxe/VariableSmm.c         |  59 +++-----
 .../Variable/RuntimeDxe/VariableSmm.inf       |   5 +-
 .../RuntimeDxe/VariableStandaloneMm.c         |  69 +++++++++
 .../RuntimeDxe/VariableStandaloneMm.inf       | 135 ++++++++++++++++++
 .../RuntimeDxe/VariableTraditionalMm.c        | 114 +++++++++++++++
 MdePkg/Include/Library/MmServicesTableLib.h   |  25 ++++
 .../MmServicesTableLib/MmServicesTableLib.c   |  63 ++++++++
 .../MmServicesTableLib/MmServicesTableLib.inf |  45 ++++++
 .../MmServicesTableLib/MmServicesTableLib.uni |  22 +++
 MdePkg/MdePkg.dec                             |   4 +
 MdePkg/MdePkg.dsc                             |   1 +
 24 files changed, 916 insertions(+), 103 deletions(-)
 create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
 create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
 create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
 create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
 create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
 create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
 create mode 100644 MdePkg/Include/Library/MmServicesTableLib.h
 create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
 create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
 create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni

-- 
2.17.1

[PATCH] BaseTools/GenFds: permit stripped MM_CORE_STANDALONE binaries

[Ard Biesheuvel]

The standalone MM core is executed in place, and resides in a
separate execution context which may be space constrained.
Since code and data may be mapped with different attributes for
security reasons, the PE/COFF binary could have a section
alignment of 4 KB.

This means that any relocation data is not only useless, but it
will also take up 4 KB of valuable space.

So add support for the RELOCS_STRIPPED attribute on FFS files of
this type, so that we can get rid of the .reloc section altogether.
Combined with the FIXED attribute (which enables an optimization
in GenFfs that strips redundant padding) and a TE type binary, this
gets rid of all the needless padding around the standalone MM core
binary.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 BaseTools/Source/Python/GenFds/EfiSection.py      | 2 +-
 BaseTools/Source/Python/GenFds/FdfParser.py       | 2 +-
 BaseTools/Source/Python/GenFds/FfsInfStatement.py | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/BaseTools/Source/Python/GenFds/EfiSection.py b/BaseTools/Source/Python/GenFds/EfiSection.py
index f8573b5c7d1b..0be176ec8ae1 100644
--- a/BaseTools/Source/Python/GenFds/EfiSection.py
+++ b/BaseTools/Source/Python/GenFds/EfiSection.py
@@ -68,7 +68,7 @@ class EfiSection (EfiSectionClassObject):
             StringData = FfsInf.__ExtendMacro__(self.StringData)
             ModuleNameStr = FfsInf.__ExtendMacro__('$(MODULE_NAME)')
             NoStrip = True
-            if FfsInf.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM) and SectionType in (BINARY_FILE_TYPE_TE, BINARY_FILE_TYPE_PE32):
+            if FfsInf.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE) and SectionType in (BINARY_FILE_TYPE_TE, BINARY_FILE_TYPE_PE32):
                 if FfsInf.KeepReloc is not None:
                     NoStrip = FfsInf.KeepReloc
                 elif FfsInf.KeepRelocFromRule is not None:
diff --git a/BaseTools/Source/Python/GenFds/FdfParser.py b/BaseTools/Source/Python/GenFds/FdfParser.py
index e000228d2f6c..de0b166030e7 100644
--- a/BaseTools/Source/Python/GenFds/FdfParser.py
+++ b/BaseTools/Source/Python/GenFds/FdfParser.py
@@ -2589,7 +2589,7 @@ class FdfParser:
     #
     @staticmethod
     def _FileCouldHaveRelocFlag (FileType):
-        if FileType in {SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, 'PEI_DXE_COMBO'}:
+        if FileType in {SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE, 'PEI_DXE_COMBO'}:
             return True
         else:
             return False
diff --git a/BaseTools/Source/Python/GenFds/FfsInfStatement.py b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
index c1073c96e9aa..d4c61c074963 100644
--- a/BaseTools/Source/Python/GenFds/FfsInfStatement.py
+++ b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
@@ -901,7 +901,7 @@ class FfsInfStatement(FfsInfStatementClassObject):
     #   @retval string       File name of the generated section file
     #
     def __GenComplexFileSection__(self, Rule, FvChildAddr, FvParentAddr, IsMakefile = False):
-        if self.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM):
+        if self.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE):
             if Rule.KeepReloc is not None:
                 self.KeepRelocFromRule = Rule.KeepReloc
         SectFiles = []
-- 
2.17.1

Re: [PATCH] BaseTools/GenFds: permit stripped MM_CORE_STANDALONE binaries

[Feng, Bob C]

Reviewed-by: Bob Feng <bob.c.feng@intel.com> 

-----Original Message-----
From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org] 
Sent: Friday, January 4, 2019 2:28 AM
To: edk2-devel@lists.01.org
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney, Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>; Thomas Panakamattam Abraham <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>; Feng, Bob C <bob.c.feng@intel.com>
Subject: [PATCH] BaseTools/GenFds: permit stripped MM_CORE_STANDALONE binaries

The standalone MM core is executed in place, and resides in a separate execution context which may be space constrained.
Since code and data may be mapped with different attributes for security reasons, the PE/COFF binary could have a section alignment of 4 KB.

This means that any relocation data is not only useless, but it will also take up 4 KB of valuable space.

So add support for the RELOCS_STRIPPED attribute on FFS files of this type, so that we can get rid of the .reloc section altogether.
Combined with the FIXED attribute (which enables an optimization in GenFfs that strips redundant padding) and a TE type binary, this gets rid of all the needless padding around the standalone MM core binary.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 BaseTools/Source/Python/GenFds/EfiSection.py      | 2 +-
 BaseTools/Source/Python/GenFds/FdfParser.py       | 2 +-
 BaseTools/Source/Python/GenFds/FfsInfStatement.py | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/BaseTools/Source/Python/GenFds/EfiSection.py b/BaseTools/Source/Python/GenFds/EfiSection.py
index f8573b5c7d1b..0be176ec8ae1 100644
--- a/BaseTools/Source/Python/GenFds/EfiSection.py
+++ b/BaseTools/Source/Python/GenFds/EfiSection.py
@@ -68,7 +68,7 @@ class EfiSection (EfiSectionClassObject):
             StringData = FfsInf.__ExtendMacro__(self.StringData)
             ModuleNameStr = FfsInf.__ExtendMacro__('$(MODULE_NAME)')
             NoStrip = True
-            if FfsInf.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM) and SectionType in (BINARY_FILE_TYPE_TE, BINARY_FILE_TYPE_PE32):
+            if FfsInf.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE) and SectionType in (BINARY_FILE_TYPE_TE, BINARY_FILE_TYPE_PE32):
                 if FfsInf.KeepReloc is not None:
                     NoStrip = FfsInf.KeepReloc
                 elif FfsInf.KeepRelocFromRule is not None:
diff --git a/BaseTools/Source/Python/GenFds/FdfParser.py b/BaseTools/Source/Python/GenFds/FdfParser.py
index e000228d2f6c..de0b166030e7 100644
--- a/BaseTools/Source/Python/GenFds/FdfParser.py
+++ b/BaseTools/Source/Python/GenFds/FdfParser.py
@@ -2589,7 +2589,7 @@ class FdfParser:
     #
     @staticmethod
     def _FileCouldHaveRelocFlag (FileType):
-        if FileType in {SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, 'PEI_DXE_COMBO'}:
+        if FileType in {SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE, 'PEI_DXE_COMBO'}:
             return True
         else:
             return False
diff --git a/BaseTools/Source/Python/GenFds/FfsInfStatement.py b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
index c1073c96e9aa..d4c61c074963 100644
--- a/BaseTools/Source/Python/GenFds/FfsInfStatement.py
+++ b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
@@ -901,7 +901,7 @@ class FfsInfStatement(FfsInfStatementClassObject):
     #   @retval string       File name of the generated section file
     #
     def __GenComplexFileSection__(self, Rule, FvChildAddr, FvParentAddr, IsMakefile = False):
-        if self.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM):
+        if self.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE):
             if Rule.KeepReloc is not None:
                 self.KeepRelocFromRule = Rule.KeepReloc
         SectFiles = []
--
2.17.1

[PATCH 1/6] MdePkg/Include: add MmServicesTableLib header file

[Ard Biesheuvel]

From: Jagadeesh Ujja <jagadeesh.ujja@arm.com>

SMM has been rebranded as MM, and can be implemented in traditional
mode or standalone mode, using the same prototype for the services
table. Expose this table via MmServicesTableLib, permitting the
respective implementations to expose a traditional or standalone
version.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 MdePkg/Include/Library/MmServicesTableLib.h | 25 ++++++++++++++++++++
 MdePkg/MdePkg.dec                           |  4 ++++
 2 files changed, 29 insertions(+)

diff --git a/MdePkg/Include/Library/MmServicesTableLib.h b/MdePkg/Include/Library/MmServicesTableLib.h
new file mode 100644
index 000000000000..12bd01e98641
--- /dev/null
+++ b/MdePkg/Include/Library/MmServicesTableLib.h
@@ -0,0 +1,25 @@
+/** @file
+  Provides a service to retrieve a pointer to the Standalone MM Services Table.
+  Only available to Standalone MM module types.
+
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __MM_SERVICES_TABLE_LIB_H__
+#define __MM_SERVICES_TABLE_LIB_H__
+
+#include <PiMm.h>
+
+extern EFI_MM_SYSTEM_TABLE         *gMmst;
+
+#endif
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 712bd46dd3d3..a7383b6daafb 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -243,6 +243,10 @@ [LibraryClasses]
   ##
   SafeIntLib|Include/Library/SafeIntLib.h
 
+  ## @libraryclass Provides a service to retrieve a pointer to the Standalone MM Services Table.
+  #                Only available to MM_STANDALONE, SMM/DXE Combined and SMM module types.
+  MmServicesTableLib|Include/Library/MmServicesTableLib.h
+
 [LibraryClasses.IA32, LibraryClasses.X64]
   ##  @libraryclass  Abstracts both S/W SMI generation and detection.
   ##
-- 
2.17.1

Re: [PATCH 1/6] MdePkg/Include: add MmServicesTableLib header file

[Zeng, Star]

Hi Ard,

Some feedback added inline.

On 2019/1/4 2:28, Ard Biesheuvel wrote:
> From: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> 
> SMM has been rebranded as MM, and can be implemented in traditional
> mode or standalone mode, using the same prototype for the services
> table. Expose this table via MmServicesTableLib, permitting the
> respective implementations to expose a traditional or standalone
> version.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>   MdePkg/Include/Library/MmServicesTableLib.h | 25 ++++++++++++++++++++
>   MdePkg/MdePkg.dec                           |  4 ++++
>   2 files changed, 29 insertions(+)
> 
> diff --git a/MdePkg/Include/Library/MmServicesTableLib.h b/MdePkg/Include/Library/MmServicesTableLib.h
> new file mode 100644
> index 000000000000..12bd01e98641
> --- /dev/null
> +++ b/MdePkg/Include/Library/MmServicesTableLib.h
> @@ -0,0 +1,25 @@
> +/** @file
> +  Provides a service to retrieve a pointer to the Standalone MM Services Table.
> +  Only available to Standalone MM module types.

This line should be "Only available to MM_STANDALONE, SMM/DXE Combined 
and SMM module types." to match the comments added in MdePkg.dec for 
this library class, right?

With it handled, Reviewed-by: Star Zeng <star.zeng@intel.com>

Thanks,
Star
> +
> +Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
> +
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD License
> +which accompanies this distribution.  The full text of the license may be found at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#ifndef __MM_SERVICES_TABLE_LIB_H__
> +#define __MM_SERVICES_TABLE_LIB_H__
> +
> +#include <PiMm.h>
> +
> +extern EFI_MM_SYSTEM_TABLE         *gMmst;
> +
> +#endif
> diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
> index 712bd46dd3d3..a7383b6daafb 100644
> --- a/MdePkg/MdePkg.dec
> +++ b/MdePkg/MdePkg.dec
> @@ -243,6 +243,10 @@ [LibraryClasses]
>     ##
>     SafeIntLib|Include/Library/SafeIntLib.h
>   
> +  ## @libraryclass Provides a service to retrieve a pointer to the Standalone MM Services Table.
> +  #                Only available to MM_STANDALONE, SMM/DXE Combined and SMM module types.
> +  MmServicesTableLib|Include/Library/MmServicesTableLib.h
> +
>   [LibraryClasses.IA32, LibraryClasses.X64]
>     ##  @libraryclass  Abstracts both S/W SMI generation and detection.
>     ##
> 

[PATCH 2/6] MdePkg: implement MmServicesTableLib based on traditional SMM

[Ard Biesheuvel]

The definitions of the rebranded MM protocol stack were chosen such
that the existing SMM based core drivers can be reused. So let's
implement MmServicesTableLib based on gEfiMmBaseProtocolGuid, which
is simply gEfiSmmBase2ProtocolGuid under the hood.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c   | 63 ++++++++++++++++++++
 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf | 45 ++++++++++++++
 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni | 22 +++++++
 MdePkg/MdePkg.dsc                                        |  1 +
 4 files changed, 131 insertions(+)

diff --git a/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
new file mode 100644
index 000000000000..f41d25e59805
--- /dev/null
+++ b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
@@ -0,0 +1,63 @@
+/** @file
+  MM Services Table Library.
+
+  Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php.
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiMm.h>
+#include <Protocol/MmBase.h>
+#include <Library/MmServicesTableLib.h>
+#include <Library/DebugLib.h>
+
+EFI_MM_SYSTEM_TABLE   *gMmst             = NULL;
+
+/**
+  The constructor function caches the pointer of SMM Services Table.
+
+  @param  ImageHandle   The firmware allocated handle for the EFI image.
+  @param  SystemTable   A pointer to the EFI System Table.
+
+  @retval EFI_SUCCESS   The constructor always returns EFI_SUCCESS.
+
+**/
+EFI_STATUS
+EFIAPI
+MmServicesTableLibConstructor (
+  IN EFI_HANDLE        ImageHandle,
+  IN EFI_SYSTEM_TABLE  *SystemTable
+  )
+{
+  EFI_STATUS              Status;
+  EFI_MM_BASE_PROTOCOL    *InternalMmBase;
+
+  InternalMmBase = NULL;
+  //
+  // Retrieve MM Base Protocol,  Do not use gBS from UefiBootServicesTableLib on purpose
+  // to prevent inclusion of gBS, gST, and gImageHandle from SMM Drivers unless the
+  // MM driver explicity declares that dependency.
+  //
+  Status = SystemTable->BootServices->LocateProtocol (
+                                        &gEfiMmBaseProtocolGuid,
+                                        NULL,
+                                        (VOID **)&InternalMmBase
+                                        );
+  ASSERT_EFI_ERROR (Status);
+  ASSERT (InternalMmBase != NULL);
+
+  //
+  // We are in MM, retrieve the pointer to MM System Table
+  //
+  InternalMmBase->GetMmstLocation (InternalMmBase, &gMmst);
+  ASSERT (gMmst != NULL);
+
+  return EFI_SUCCESS;
+}
diff --git a/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
new file mode 100644
index 000000000000..4418cc2f1464
--- /dev/null
+++ b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
@@ -0,0 +1,45 @@
+## @file
+# MM Services Table Library.
+#
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
+#
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution. The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php.
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x0001001B
+  BASE_NAME                      = MmServicesTableLib
+  MODULE_UNI_FILE                = MmServicesTableLib.uni
+  FILE_GUID                      = 9508ECFD-66D1-4B4C-9415-F25F0FFF9E93
+  MODULE_TYPE                    = DXE_SMM_DRIVER
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = MmServicesTableLib|DXE_SMM_DRIVER
+  PI_SPECIFICATION_VERSION       = 0x00010032
+  CONSTRUCTOR                    = MmServicesTableLibConstructor
+
+#
+#  VALID_ARCHITECTURES           = IA32 X64 ARM AARCH64
+#
+
+[Sources]
+  MmServicesTableLib.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+
+[LibraryClasses]
+  DebugLib
+
+[Protocols]
+  gEfiMmBaseProtocolGuid                      ## CONSUMES
+
+[Depex]
+  gEfiMmBaseProtocolGuid
diff --git a/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
new file mode 100644
index 000000000000..2b2c7e14024c
--- /dev/null
+++ b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
@@ -0,0 +1,22 @@
+// /** @file
+// MM Services Table Library.
+//
+// MM Services Table Library.
+//
+// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution. The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php.
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "MM Services Table Library"
+
+#string STR_MODULE_DESCRIPTION          #language en-US "MM Services Table Library."
+
diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc
index d43ffe4deb49..428b14e6a4e0 100644
--- a/MdePkg/MdePkg.dsc
+++ b/MdePkg/MdePkg.dsc
@@ -141,6 +141,7 @@ [Components.IA32, Components.X64]
   MdePkg/Library/BaseRngLib/BaseRngLib.inf
   MdePkg/Library/SmmPciExpressLib/SmmPciExpressLib.inf
   MdePkg/Library/SmiHandlerProfileLibNull/SmiHandlerProfileLibNull.inf
+  MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
 
 [Components.EBC]
   MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
-- 
2.17.1

Re: [PATCH 2/6] MdePkg: implement MmServicesTableLib based on traditional SMM

[Wang, Jian J]

Ard,

Regards,
Jian


> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Friday, January 04, 2019 2:28 AM
> To: edk2-devel@lists.01.org
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek
> <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney,
> Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta
> <Achin.Gupta@arm.com>; Thomas Panakamattam Abraham
> <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> Subject: [PATCH 2/6] MdePkg: implement MmServicesTableLib based on
> traditional SMM
> 
> The definitions of the rebranded MM protocol stack were chosen such
> that the existing SMM based core drivers can be reused. So let's
> implement MmServicesTableLib based on gEfiMmBaseProtocolGuid, which
> is simply gEfiSmmBase2ProtocolGuid under the hood.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>  MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c   | 63
> ++++++++++++++++++++
>  MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf | 45
> ++++++++++++++
>  MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni | 22 +++++++
>  MdePkg/MdePkg.dsc                                        |  1 +
>  4 files changed, 131 insertions(+)
> 
> diff --git a/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
> b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
> new file mode 100644
> index 000000000000..f41d25e59805
> --- /dev/null
> +++ b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
> @@ -0,0 +1,63 @@
> +/** @file
> +  MM Services Table Library.
> +
> +  Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
> +  Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD
> License
> +  which accompanies this distribution.  The full text of the license may be found
> at
> +  http://opensource.org/licenses/bsd-license.php.
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiMm.h>
> +#include <Protocol/MmBase.h>
> +#include <Library/MmServicesTableLib.h>
> +#include <Library/DebugLib.h>
> +
> +EFI_MM_SYSTEM_TABLE   *gMmst             = NULL;
> +
> +/**
> +  The constructor function caches the pointer of SMM Services Table.
> +
> +  @param  ImageHandle   The firmware allocated handle for the EFI image.
> +  @param  SystemTable   A pointer to the EFI System Table.
> +
> +  @retval EFI_SUCCESS   The constructor always returns EFI_SUCCESS.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +MmServicesTableLibConstructor (
> +  IN EFI_HANDLE        ImageHandle,
> +  IN EFI_SYSTEM_TABLE  *SystemTable
> +  )
> +{
> +  EFI_STATUS              Status;
> +  EFI_MM_BASE_PROTOCOL    *InternalMmBase;
> +
> +  InternalMmBase = NULL;
> +  //
> +  // Retrieve MM Base Protocol,  Do not use gBS from
> UefiBootServicesTableLib on purpose
> +  // to prevent inclusion of gBS, gST, and gImageHandle from SMM Drivers
> unless the
> +  // MM driver explicity declares that dependency.
> +  //
> +  Status = SystemTable->BootServices->LocateProtocol (
> +                                        &gEfiMmBaseProtocolGuid,
> +                                        NULL,
> +                                        (VOID **)&InternalMmBase
> +                                        );
> +  ASSERT_EFI_ERROR (Status);
> +  ASSERT (InternalMmBase != NULL);
> +
> +  //
> +  // We are in MM, retrieve the pointer to MM System Table
> +  //
> +  InternalMmBase->GetMmstLocation (InternalMmBase, &gMmst);
> +  ASSERT (gMmst != NULL);
> +
> +  return EFI_SUCCESS;
> +}
> diff --git a/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> new file mode 100644
> index 000000000000..4418cc2f1464
> --- /dev/null
> +++ b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> @@ -0,0 +1,45 @@
> +## @file
> +# MM Services Table Library.
> +#
> +# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
> +# Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
> +#
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD
> License
> +#  which accompanies this distribution. The full text of the license may be found
> at
> +#  http://opensource.org/licenses/bsd-license.php.
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS OR IMPLIED.
> +#
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x0001001B
> +  BASE_NAME                      = MmServicesTableLib
> +  MODULE_UNI_FILE                = MmServicesTableLib.uni
> +  FILE_GUID                      = 9508ECFD-66D1-4B4C-9415-F25F0FFF9E93
> +  MODULE_TYPE                    = DXE_SMM_DRIVER
> +  VERSION_STRING                 = 1.0
> +  LIBRARY_CLASS                  = MmServicesTableLib|DXE_SMM_DRIVER
> +  PI_SPECIFICATION_VERSION       = 0x00010032
> +  CONSTRUCTOR                    = MmServicesTableLibConstructor
> +
> +#
> +#  VALID_ARCHITECTURES           = IA32 X64 ARM AARCH64
> +#
> +
> +[Sources]
> +  MmServicesTableLib.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +
> +[LibraryClasses]
> +  DebugLib
> +
> +[Protocols]
> +  gEfiMmBaseProtocolGuid                      ## CONSUMES
> +
> +[Depex]
> +  gEfiMmBaseProtocolGuid
> diff --git a/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
> b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
> new file mode 100644
> index 000000000000..2b2c7e14024c
> --- /dev/null
> +++ b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
> @@ -0,0 +1,22 @@
> +// /** @file
> +// MM Services Table Library.
> +//
> +// MM Services Table Library.
> +//

Looks like there's a duplicate line above.

> +// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
> +// Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
> +//
> +// This program and the accompanying materials
> +// are licensed and made available under the terms and conditions of the BSD
> License
> +// which accompanies this distribution. The full text of the license may be
> found at
> +// http://opensource.org/licenses/bsd-license.php.
> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> BASIS,
> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS OR IMPLIED.
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT             #language en-US "MM Services Table
> Library"
> +
> +#string STR_MODULE_DESCRIPTION          #language en-US "MM Services Table
> Library."
> +
> diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc
> index d43ffe4deb49..428b14e6a4e0 100644
> --- a/MdePkg/MdePkg.dsc
> +++ b/MdePkg/MdePkg.dsc
> @@ -141,6 +141,7 @@ [Components.IA32, Components.X64]
>    MdePkg/Library/BaseRngLib/BaseRngLib.inf
>    MdePkg/Library/SmmPciExpressLib/SmmPciExpressLib.inf
>    MdePkg/Library/SmiHandlerProfileLibNull/SmiHandlerProfileLibNull.inf
> +  MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> 
>  [Components.EBC]
>    MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
> --
> 2.17.1

Re: [PATCH 2/6] MdePkg: implement MmServicesTableLib based on traditional SMM

[Zeng, Star]

Hi Ard,

Another minor feedback.

On 2019/1/10 14:14, Zeng, Star wrote:
> Hi Ard,
> 
> Some minor feedback added inline.
> 
> On 2019/1/4 2:28, Ard Biesheuvel wrote:
>> The definitions of the rebranded MM protocol stack were chosen such
>> that the existing SMM based core drivers can be reused. So let's
>> implement MmServicesTableLib based on gEfiMmBaseProtocolGuid, which
>> is simply gEfiSmmBase2ProtocolGuid under the hood.
> 
> Good commit log.
> 
>>
>> Contributed-under: TianoCore Contribution Agreement 1.1
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> ---
>>   MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c   | 63 
>> ++++++++++++++++++++
>>   MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf | 45 
>> ++++++++++++++
>>   MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni | 22 +++++++
>>   MdePkg/MdePkg.dsc                                        |  1 +
>>   4 files changed, 131 insertions(+)
>>
>> diff --git a/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c 
>> b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
>> new file mode 100644
>> index 000000000000..f41d25e59805
>> --- /dev/null
>> +++ b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
>> @@ -0,0 +1,63 @@
>> +/** @file
>> +  MM Services Table Library.
>> +
>> +  Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>> +  Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
>> +  This program and the accompanying materials
>> +  are licensed and made available under the terms and conditions of 
>> the BSD License
>> +  which accompanies this distribution.  The full text of the license 
>> may be found at
>> +  http://opensource.org/licenses/bsd-license.php.
>> +
>> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS 
>> OR IMPLIED.
>> +
>> +**/
>> +
>> +#include <PiMm.h>
>> +#include <Protocol/MmBase.h>
>> +#include <Library/MmServicesTableLib.h>
>> +#include <Library/DebugLib.h>
>> +
>> +EFI_MM_SYSTEM_TABLE   *gMmst             = NULL;
>> +
>> +/**
>> +  The constructor function caches the pointer of SMM Services Table.

Use "MM" instead of "SMM" here?

Thanks,
Star

>> +
>> +  @param  ImageHandle   The firmware allocated handle for the EFI image.
>> +  @param  SystemTable   A pointer to the EFI System Table.
>> +
>> +  @retval EFI_SUCCESS   The constructor always returns EFI_SUCCESS.
>> +
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +MmServicesTableLibConstructor (
>> +  IN EFI_HANDLE        ImageHandle,
>> +  IN EFI_SYSTEM_TABLE  *SystemTable
>> +  )
>> +{
>> +  EFI_STATUS              Status;
>> +  EFI_MM_BASE_PROTOCOL    *InternalMmBase;
>> +
>> +  InternalMmBase = NULL;
>> +  //
>> +  // Retrieve MM Base Protocol,  Do not use gBS from 
>> UefiBootServicesTableLib on purpose
>> +  // to prevent inclusion of gBS, gST, and gImageHandle from SMM 
>> Drivers unless the
>> +  // MM driver explicity declares that dependency.
>> +  //
>> +  Status = SystemTable->BootServices->LocateProtocol (
>> +                                        &gEfiMmBaseProtocolGuid,
>> +                                        NULL,
>> +                                        (VOID **)&InternalMmBase
>> +                                        );
>> +  ASSERT_EFI_ERROR (Status);
>> +  ASSERT (InternalMmBase != NULL);
>> +
>> +  //
>> +  // We are in MM, retrieve the pointer to MM System Table
>> +  //
>> +  InternalMmBase->GetMmstLocation (InternalMmBase, &gMmst);
>> +  ASSERT (gMmst != NULL);
>> +
>> +  return EFI_SUCCESS;
>> +}
>> diff --git a/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf 
>> b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>> new file mode 100644
>> index 000000000000..4418cc2f1464
>> --- /dev/null
>> +++ b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>> @@ -0,0 +1,45 @@
>> +## @file
>> +# MM Services Table Library.
>> +#
>> +# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>> +# Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
>> +#
>> +#  This program and the accompanying materials
>> +#  are licensed and made available under the terms and conditions of 
>> the BSD License
>> +#  which accompanies this distribution. The full text of the license 
>> may be found at
>> +#  http://opensource.org/licenses/bsd-license.php.
>> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS 
>> OR IMPLIED.
>> +#
>> +#
>> +##
>> +
>> +[Defines]
>> +  INF_VERSION                    = 0x0001001B
>> +  BASE_NAME                      = MmServicesTableLib
>> +  MODULE_UNI_FILE                = MmServicesTableLib.uni
>> +  FILE_GUID                      = 9508ECFD-66D1-4B4C-9415-F25F0FFF9E93
>> +  MODULE_TYPE                    = DXE_SMM_DRIVER
>> +  VERSION_STRING                 = 1.0
>> +  LIBRARY_CLASS                  = MmServicesTableLib|DXE_SMM_DRIVER
>> +  PI_SPECIFICATION_VERSION       = 0x00010032
>> +  CONSTRUCTOR                    = MmServicesTableLibConstructor
>> +
>> +#
>> +#  VALID_ARCHITECTURES           = IA32 X64 ARM AARCH64
>> +#
>> +
>> +[Sources]
>> +  MmServicesTableLib.c
>> +
>> +[Packages]
>> +  MdePkg/MdePkg.dec
>> +
>> +[LibraryClasses]
>> +  DebugLib
>> +
>> +[Protocols]
>> +  gEfiMmBaseProtocolGuid                      ## CONSUMES
>> +
>> +[Depex]
>> +  gEfiMmBaseProtocolGuid
>> diff --git a/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni 
>> b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
>> new file mode 100644
>> index 000000000000..2b2c7e14024c
>> --- /dev/null
>> +++ b/MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
>> @@ -0,0 +1,22 @@
>> +// /** @file
>> +// MM Services Table Library.
>> +//
>> +// MM Services Table Library.
> 
> How about adding "It implements MmServicesTableLib based on 
> gEfiMmBaseProtocolGuid, which is simply gEfiSmmBase2ProtocolGuid under 
> the hood." here to make the implementation more clear?
> 
> With Jian's feedback and this handled, Reviewed-by: Star Zeng 
> <star.zeng@intel.com>.
> 
> Thanks,
> Star
> 
>> +//
>> +// Copyright (c) 2009 - 2014, Intel Corporation. All rights 
>> reserved.<BR>
>> +// Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
>> +//
>> +// This program and the accompanying materials
>> +// are licensed and made available under the terms and conditions of 
>> the BSD License
>> +// which accompanies this distribution. The full text of the license 
>> may be found at
>> +// http://opensource.org/licenses/bsd-license.php.
>> +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>> +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS 
>> OR IMPLIED.
>> +//
>> +// **/
>> +
>> +
>> +#string STR_MODULE_ABSTRACT             #language en-US "MM Services 
>> Table Library"
>> +
>> +#string STR_MODULE_DESCRIPTION          #language en-US "MM Services 
>> Table Library."
>> +
>> diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc
>> index d43ffe4deb49..428b14e6a4e0 100644
>> --- a/MdePkg/MdePkg.dsc
>> +++ b/MdePkg/MdePkg.dsc
>> @@ -141,6 +141,7 @@ [Components.IA32, Components.X64]
>>     MdePkg/Library/BaseRngLib/BaseRngLib.inf
>>     MdePkg/Library/SmmPciExpressLib/SmmPciExpressLib.inf
>>     MdePkg/Library/SmiHandlerProfileLibNull/SmiHandlerProfileLibNull.inf
>> +  MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>>   [Components.EBC]
>>     MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
>>

[PATCH 3/6] MdeModulePkg/FaultTolerantWriteDxe: factor out boot service accesses

[Ard Biesheuvel]

In preparation of providing a standalone MM based FTW driver, move
the existing SMM driver to the new MM services table, and factor out
some pieces that are specific to the traditional driver, mainly
related to the use of UEFI boot services, which are not accessible
to standalone MM drivers.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 MdeModulePkg/MdeModulePkg.dsc                                                  |  1 +
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h              | 22 ++++-
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c           | 31 +++++++
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c           | 54 +++++------
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf         |  5 +-
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCommon.h     | 31 +++++++
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDxe.c        |  1 +
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c | 94 ++++++++++++++++++++
 MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c              | 10 +--
 9 files changed, 205 insertions(+), 44 deletions(-)

diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
index 5d042be3a862..ef3c144ed524 100644
--- a/MdeModulePkg/MdeModulePkg.dsc
+++ b/MdeModulePkg/MdeModulePkg.dsc
@@ -153,6 +153,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
   DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
   MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf
   SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
+  MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
   LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf
   SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
 
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h
index 844cf3bee04d..8d146264b129 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h
@@ -31,7 +31,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Library/UefiDriverEntryPoint.h>
 #include <Library/BaseMemoryLib.h>
 #include <Library/MemoryAllocationLib.h>
-#include <Library/UefiBootServicesTableLib.h>
 #include <Library/ReportStatusCodeLib.h>
 
 //
@@ -766,4 +765,25 @@ WriteWorkSpaceData (
   IN UINT8                              *Buffer
   );
 
+/**
+  Internal implementation of CRC32. Depending on the execution context
+  (traditional SMM or DXE vs standalone MM), this function is implemented
+  via a call to the CalculateCrc32 () boot service, or via a library
+  call.
+
+  If Buffer is NULL, then ASSERT().
+  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
+
+  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be computed.
+  @param[in]  Length       The number of bytes in the buffer Data.
+
+  @retval Crc32            The 32-bit CRC was computed for the data buffer.
+
+**/
+UINT32
+FtwCalculateCrc32 (
+  IN  VOID                         *Buffer,
+  IN  UINTN                        Length
+  );
+
 #endif
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c
index 094e40f9d86c..24e507104bbe 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c
@@ -51,6 +51,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 
 **/
 
+#include <Library/UefiBootServicesTableLib.h>
 #include "FaultTolerantWrite.h"
 EFI_EVENT                                 mFvbRegistration = NULL;
 
@@ -250,3 +251,33 @@ FaultTolerantWriteInitialize (
 
   return EFI_SUCCESS;
 }
+
+/**
+  Internal implementation of CRC32. Depending on the execution context
+  (traditional SMM or DXE vs standalone MM), this function is implemented
+  via a call to the CalculateCrc32 () boot service, or via a library
+  call.
+
+  If Buffer is NULL, then ASSERT().
+  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
+
+  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be computed.
+  @param[in]  Length       The number of bytes in the buffer Data.
+
+  @retval Crc32            The 32-bit CRC was computed for the data buffer.
+
+**/
+UINT32
+FtwCalculateCrc32 (
+  IN  VOID                         *Buffer,
+  IN  UINTN                        Length
+  )
+{
+  EFI_STATUS    Status;
+  UINT32        ReturnValue;
+
+  Status = gBS->CalculateCrc32 (Buffer, Length, &ReturnValue);
+  ASSERT_EFI_ERROR (Status);
+
+  return ReturnValue;
+}
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
index 481fea3f1fdf..e91d04e56d7c 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
@@ -54,14 +54,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 
 **/
 
-#include <PiSmm.h>
-#include <Library/SmmServicesTableLib.h>
-#include <Library/SmmMemLib.h>
+#include <PiMm.h>
+#include <Library/MmServicesTableLib.h>
 #include <Library/BaseLib.h>
 #include <Protocol/SmmSwapAddressRange.h>
 #include "FaultTolerantWrite.h"
 #include "FaultTolerantWriteSmmCommon.h"
-#include <Protocol/SmmEndOfDxe.h>
+#include <Protocol/MmEndOfDxe.h>
 
 EFI_EVENT                                 mFvbRegistration = NULL;
 EFI_FTW_DEVICE                            *mFtwDevice      = NULL;
@@ -92,7 +91,7 @@ FtwGetFvbByHandle (
   //
   // To get the SMM FVB protocol interface on the handle
   //
-  return gSmst->SmmHandleProtocol (
+  return gMmst->MmHandleProtocol (
                   FvBlockHandle,
                   &gEfiSmmFirmwareVolumeBlockProtocolGuid,
                   (VOID **) FvBlock
@@ -119,7 +118,7 @@ FtwGetSarProtocol (
   //
   // Locate Smm Swap Address Range protocol
   //
-  Status = gSmst->SmmLocateProtocol (
+  Status = gMmst->MmLocateProtocol (
                     &gEfiSmmSwapAddressRangeProtocolGuid,
                     NULL,
                     SarProtocol
@@ -158,7 +157,7 @@ GetFvbCountAndBuffer (
   BufferSize     = 0;
   *NumberHandles = 0;
   *Buffer        = NULL;
-  Status = gSmst->SmmLocateHandle (
+  Status = gMmst->MmLocateHandle (
                     ByProtocol,
                     &gEfiSmmFirmwareVolumeBlockProtocolGuid,
                     NULL,
@@ -174,7 +173,7 @@ GetFvbCountAndBuffer (
     return EFI_OUT_OF_RESOURCES;
   }
 
-  Status = gSmst->SmmLocateHandle (
+  Status = gMmst->MmLocateHandle (
                     ByProtocol,
                     &gEfiSmmFirmwareVolumeBlockProtocolGuid,
                     NULL,
@@ -336,8 +335,7 @@ SmmFaultTolerantWriteHandler (
   }
   CommBufferPayloadSize = TempCommBufferSize - SMM_FTW_COMMUNICATE_HEADER_SIZE;
 
-  if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
-    DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in SMRAM or overflow!\n"));
+  if (!FtwSmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
     return EFI_SUCCESS;
   }
 
@@ -525,13 +523,12 @@ FvbNotificationEvent (
   EFI_STATUS                              Status;
   EFI_SMM_FAULT_TOLERANT_WRITE_PROTOCOL   *FtwProtocol;
   EFI_HANDLE                              SmmFtwHandle;
-  EFI_HANDLE                              FtwHandle;
 
   //
   // Just return to avoid install SMM FaultTolerantWriteProtocol again
   // if SMM Fault Tolerant Write protocol had been installed.
   //
-  Status = gSmst->SmmLocateProtocol (
+  Status = gMmst->MmLocateProtocol (
                     &gEfiSmmFaultTolerantWriteProtocolGuid,
                     NULL,
                     (VOID **) &FtwProtocol
@@ -551,7 +548,7 @@ FvbNotificationEvent (
   //
   // Install protocol interface
   //
-  Status = gSmst->SmmInstallProtocolInterface (
+  Status = gMmst->MmInstallProtocolInterface (
                     &mFtwDevice->Handle,
                     &gEfiSmmFaultTolerantWriteProtocolGuid,
                     EFI_NATIVE_INTERFACE,
@@ -562,20 +559,13 @@ FvbNotificationEvent (
   ///
   /// Register SMM FTW SMI handler
   ///
-  Status = gSmst->SmiHandlerRegister (SmmFaultTolerantWriteHandler, &gEfiSmmFaultTolerantWriteProtocolGuid, &SmmFtwHandle);
+  Status = gMmst->MmiHandlerRegister (SmmFaultTolerantWriteHandler, &gEfiSmmFaultTolerantWriteProtocolGuid, &SmmFtwHandle);
   ASSERT_EFI_ERROR (Status);
 
   //
   // Notify the Ftw wrapper driver SMM Ftw is ready
   //
-  FtwHandle = NULL;
-  Status = gBS->InstallProtocolInterface (
-                  &FtwHandle,
-                  &gEfiSmmFaultTolerantWriteProtocolGuid,
-                  EFI_NATIVE_INTERFACE,
-                  NULL
-                  );
-  ASSERT_EFI_ERROR (Status);
+  FtwNotifySmmReady ();
 
   return EFI_SUCCESS;
 }
@@ -592,7 +582,7 @@ FvbNotificationEvent (
 **/
 EFI_STATUS
 EFIAPI
-SmmEndOfDxeCallback (
+MmEndOfDxeCallback (
   IN CONST EFI_GUID                       *Protocol,
   IN VOID                                 *Interface,
   IN EFI_HANDLE                           Handle
@@ -614,14 +604,12 @@ SmmEndOfDxeCallback (
 
 **/
 EFI_STATUS
-EFIAPI
-SmmFaultTolerantWriteInitialize (
-  IN EFI_HANDLE                           ImageHandle,
-  IN EFI_SYSTEM_TABLE                     *SystemTable
+MmFaultTolerantWriteInitialize (
+  VOID
   )
 {
   EFI_STATUS                              Status;
-  VOID                                    *SmmEndOfDxeRegistration;
+  VOID                                    *MmEndOfDxeRegistration;
 
   //
   // Allocate private data structure for SMM FTW protocol and do some initialization
@@ -634,17 +622,17 @@ SmmFaultTolerantWriteInitialize (
   //
   // Register EFI_SMM_END_OF_DXE_PROTOCOL_GUID notify function.
   //
-  Status = gSmst->SmmRegisterProtocolNotify (
-                    &gEfiSmmEndOfDxeProtocolGuid,
-                    SmmEndOfDxeCallback,
-                    &SmmEndOfDxeRegistration
+  Status = gMmst->MmRegisterProtocolNotify (
+                    &gEfiMmEndOfDxeProtocolGuid,
+                    MmEndOfDxeCallback,
+                    &MmEndOfDxeRegistration
                     );
   ASSERT_EFI_ERROR (Status);
 
   //
   // Register FvbNotificationEvent () notify function.
   //
-  Status = gSmst->SmmRegisterProtocolNotify (
+  Status = gMmst->MmRegisterProtocolNotify (
                     &gEfiSmmFirmwareVolumeBlockProtocolGuid,
                     FvbNotificationEvent,
                     &mFvbRegistration
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
index 606cc2266bda..1653365bc247 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
@@ -37,6 +37,7 @@ [Sources]
   FtwMisc.c
   UpdateWorkingBlock.c
   FaultTolerantWrite.c
+  FaultTolerantWriteTraditionalMm.c
   FaultTolerantWriteSmm.c
   FaultTolerantWrite.h
   FaultTolerantWriteSmmCommon.h
@@ -46,7 +47,7 @@ [Packages]
   MdeModulePkg/MdeModulePkg.dec
 
 [LibraryClasses]
-  SmmServicesTableLib
+  MmServicesTableLib
   MemoryAllocationLib
   BaseMemoryLib
   UefiDriverEntryPoint
@@ -73,7 +74,7 @@ [Protocols]
   ## PRODUCES
   ## UNDEFINED # SmiHandlerRegister
   gEfiSmmFaultTolerantWriteProtocolGuid
-  gEfiSmmEndOfDxeProtocolGuid                      ## CONSUMES
+  gEfiMmEndOfDxeProtocolGuid                      ## CONSUMES
 
 [FeaturePcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ## CONSUMES
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCommon.h b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCommon.h
index 8ad0015f3c9e..25b5f7c87326 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCommon.h
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCommon.h
@@ -77,4 +77,35 @@ typedef struct {
   UINT8                                 Data[1];
 } SMM_FTW_GET_LAST_WRITE_HEADER;
 
+/**
+  Entry point of the module
+**/
+EFI_STATUS
+MmFaultTolerantWriteInitialize (
+  VOID
+  );
+
+/**
+  This function check if the buffer is valid per processor architecture and not overlap with SMRAM.
+
+  @param Buffer  The buffer start address to be checked.
+  @param Length  The buffer length to be checked.
+
+  @retval TRUE  This buffer is valid per processor architecture and not overlap with SMRAM.
+  @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.
+**/
+BOOLEAN
+FtwSmmIsBufferOutsideSmmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  );
+
+/**
+  Notify the system that the SMM driver is ready
+**/
+VOID
+FtwNotifySmmReady (
+  VOID
+  );
+
 #endif
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDxe.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDxe.c
index 259e9365f483..8694b9254cde 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDxe.c
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDxe.c
@@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 
 **/
 
+#include <Library/UefiBootServicesTableLib.h>
 #include "FaultTolerantWriteSmmDxe.h"
 
 EFI_HANDLE                         mHandle                   = NULL;
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
new file mode 100644
index 000000000000..440dced37bf8
--- /dev/null
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
@@ -0,0 +1,94 @@
+/** @file
+
+  Parts of the SMM/MM implementation that are specific to traditional MM
+
+Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2018, Linaro, Ltd. All rights reserved. <BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/SmmMemLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include "FaultTolerantWrite.h"
+#include "FaultTolerantWriteSmmCommon.h"
+
+BOOLEAN
+FtwSmmIsBufferOutsideSmmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  )
+{
+  if (!SmmIsBufferOutsideSmmValid (Buffer, Length)) {
+    DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in SMRAM or overflow!\n"));
+    return FALSE;
+  }
+  return TRUE;
+}
+
+/**
+  Internal implementation of CRC32. Depending on the execution context
+  (traditional SMM or DXE vs standalone MM), this function is implemented
+  via a call to the CalculateCrc32 () boot service, or via a library
+  call.
+
+  If Buffer is NULL, then ASSERT().
+  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
+
+  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be computed.
+  @param[in]  Length       The number of bytes in the buffer Data.
+
+  @retval Crc32            The 32-bit CRC was computed for the data buffer.
+
+**/
+UINT32
+FtwCalculateCrc32 (
+  IN  VOID                         *Buffer,
+  IN  UINTN                        Length
+  )
+{
+  EFI_STATUS    Status;
+  UINT32        ReturnValue;
+
+  Status = gBS->CalculateCrc32 (Buffer, Length, &ReturnValue);
+  ASSERT_EFI_ERROR (Status);
+
+  return ReturnValue;
+}
+
+/**
+  Notify the system that the SMM driver is ready
+**/
+VOID
+FtwNotifySmmReady (
+  VOID
+  )
+{
+  EFI_HANDLE          FtwHandle;
+  EFI_STATUS          Status;
+
+  FtwHandle = NULL;
+  Status = gBS->InstallProtocolInterface (
+                  &FtwHandle,
+                  &gEfiSmmFaultTolerantWriteProtocolGuid,
+                  EFI_NATIVE_INTERFACE,
+                  NULL
+                  );
+  ASSERT_EFI_ERROR (Status);
+}
+
+EFI_STATUS
+EFIAPI
+SmmFaultTolerantWriteInitialize (
+  IN EFI_HANDLE            ImageHandle,
+  IN EFI_SYSTEM_TABLE      *SystemTable
+  )
+{
+  return MmFaultTolerantWriteInitialize ();
+}
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
index 50d3421b88bb..d09e9719cf05 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
@@ -29,8 +29,6 @@ InitializeLocalWorkSpaceHeader (
   VOID
   )
 {
-  EFI_STATUS                              Status;
-
   //
   // Check signature with gEdkiiWorkingBlockSignatureGuid.
   //
@@ -64,12 +62,8 @@ InitializeLocalWorkSpaceHeader (
   //
   // Calculate the Crc of woking block header
   //
-  Status = gBS->CalculateCrc32 (
-                  &mWorkingBlockHeader,
-                  sizeof (EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER),
-                  &mWorkingBlockHeader.Crc
-                  );
-  ASSERT_EFI_ERROR (Status);
+  mWorkingBlockHeader.Crc = FtwCalculateCrc32 (&mWorkingBlockHeader,
+                              sizeof (EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER));
 
   mWorkingBlockHeader.WorkingBlockValid    = FTW_VALID_STATE;
   mWorkingBlockHeader.WorkingBlockInvalid  = FTW_INVALID_STATE;
-- 
2.17.1

Re: [PATCH 3/6] MdeModulePkg/FaultTolerantWriteDxe: factor out boot service accesses

[Wang, Jian J]

Reviewed-by: Jian J Wang <jian.j.wang@intel.com>

> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Friday, January 04, 2019 2:28 AM
> To: edk2-devel@lists.01.org
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek
> <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney,
> Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta
> <Achin.Gupta@arm.com>; Thomas Panakamattam Abraham
> <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> Subject: [PATCH 3/6] MdeModulePkg/FaultTolerantWriteDxe: factor out boot
> service accesses
> 
> In preparation of providing a standalone MM based FTW driver, move
> the existing SMM driver to the new MM services table, and factor out
> some pieces that are specific to the traditional driver, mainly
> related to the use of UEFI boot services, which are not accessible
> to standalone MM drivers.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>  MdeModulePkg/MdeModulePkg.dsc                                                  |  1 +
>  MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h
> | 22 ++++-
>  MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c
> | 31 +++++++
>  MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
> | 54 +++++------
>  MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> |  5 +-
> 
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCom
> mon.h     | 31 +++++++
> 
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDxe.c
> |  1 +
> 
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditiona
> lMm.c | 94 ++++++++++++++++++++
>  MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
> | 10 +--
>  9 files changed, 205 insertions(+), 44 deletions(-)
> 
> diff --git a/MdeModulePkg/MdeModulePkg.dsc
> b/MdeModulePkg/MdeModulePkg.dsc
> index 5d042be3a862..ef3c144ed524 100644
> --- a/MdeModulePkg/MdeModulePkg.dsc
> +++ b/MdeModulePkg/MdeModulePkg.dsc
> @@ -153,6 +153,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
>    DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
> 
> MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemory
> AllocationLib.inf
> 
> SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTable
> Lib.inf
> +
> MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib
> .inf
>    LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf
>    SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
> 
> diff --git
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h
> index 844cf3bee04d..8d146264b129 100644
> --- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h
> @@ -31,7 +31,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY
> KIND, EITHER EXPRESS OR IMPLIED.
>  #include <Library/UefiDriverEntryPoint.h>
>  #include <Library/BaseMemoryLib.h>
>  #include <Library/MemoryAllocationLib.h>
> -#include <Library/UefiBootServicesTableLib.h>
>  #include <Library/ReportStatusCodeLib.h>
> 
>  //
> @@ -766,4 +765,25 @@ WriteWorkSpaceData (
>    IN UINT8                              *Buffer
>    );
> 
> +/**
> +  Internal implementation of CRC32. Depending on the execution context
> +  (traditional SMM or DXE vs standalone MM), this function is implemented
> +  via a call to the CalculateCrc32 () boot service, or via a library
> +  call.
> +
> +  If Buffer is NULL, then ASSERT().
> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
> +
> +  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be
> computed.
> +  @param[in]  Length       The number of bytes in the buffer Data.
> +
> +  @retval Crc32            The 32-bit CRC was computed for the data buffer.
> +
> +**/
> +UINT32
> +FtwCalculateCrc32 (
> +  IN  VOID                         *Buffer,
> +  IN  UINTN                        Length
> +  );
> +
>  #endif
> diff --git
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c
> index 094e40f9d86c..24e507104bbe 100644
> ---
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c
> +++
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c
> @@ -51,6 +51,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY
> KIND, EITHER EXPRESS OR IMPLIED.
> 
>  **/
> 
> +#include <Library/UefiBootServicesTableLib.h>
>  #include "FaultTolerantWrite.h"
>  EFI_EVENT                                 mFvbRegistration = NULL;
> 
> @@ -250,3 +251,33 @@ FaultTolerantWriteInitialize (
> 
>    return EFI_SUCCESS;
>  }
> +
> +/**
> +  Internal implementation of CRC32. Depending on the execution context
> +  (traditional SMM or DXE vs standalone MM), this function is implemented
> +  via a call to the CalculateCrc32 () boot service, or via a library
> +  call.
> +
> +  If Buffer is NULL, then ASSERT().
> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
> +
> +  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be
> computed.
> +  @param[in]  Length       The number of bytes in the buffer Data.
> +
> +  @retval Crc32            The 32-bit CRC was computed for the data buffer.
> +
> +**/
> +UINT32
> +FtwCalculateCrc32 (
> +  IN  VOID                         *Buffer,
> +  IN  UINTN                        Length
> +  )
> +{
> +  EFI_STATUS    Status;
> +  UINT32        ReturnValue;
> +
> +  Status = gBS->CalculateCrc32 (Buffer, Length, &ReturnValue);
> +  ASSERT_EFI_ERROR (Status);
> +
> +  return ReturnValue;
> +}
> diff --git
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
> index 481fea3f1fdf..e91d04e56d7c 100644
> ---
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
> +++
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
> @@ -54,14 +54,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY
> KIND, EITHER EXPRESS OR IMPLIED.
> 
>  **/
> 
> -#include <PiSmm.h>
> -#include <Library/SmmServicesTableLib.h>
> -#include <Library/SmmMemLib.h>
> +#include <PiMm.h>
> +#include <Library/MmServicesTableLib.h>
>  #include <Library/BaseLib.h>
>  #include <Protocol/SmmSwapAddressRange.h>
>  #include "FaultTolerantWrite.h"
>  #include "FaultTolerantWriteSmmCommon.h"
> -#include <Protocol/SmmEndOfDxe.h>
> +#include <Protocol/MmEndOfDxe.h>
> 
>  EFI_EVENT                                 mFvbRegistration = NULL;
>  EFI_FTW_DEVICE                            *mFtwDevice      = NULL;
> @@ -92,7 +91,7 @@ FtwGetFvbByHandle (
>    //
>    // To get the SMM FVB protocol interface on the handle
>    //
> -  return gSmst->SmmHandleProtocol (
> +  return gMmst->MmHandleProtocol (
>                    FvBlockHandle,
>                    &gEfiSmmFirmwareVolumeBlockProtocolGuid,
>                    (VOID **) FvBlock
> @@ -119,7 +118,7 @@ FtwGetSarProtocol (
>    //
>    // Locate Smm Swap Address Range protocol
>    //
> -  Status = gSmst->SmmLocateProtocol (
> +  Status = gMmst->MmLocateProtocol (
>                      &gEfiSmmSwapAddressRangeProtocolGuid,
>                      NULL,
>                      SarProtocol
> @@ -158,7 +157,7 @@ GetFvbCountAndBuffer (
>    BufferSize     = 0;
>    *NumberHandles = 0;
>    *Buffer        = NULL;
> -  Status = gSmst->SmmLocateHandle (
> +  Status = gMmst->MmLocateHandle (
>                      ByProtocol,
>                      &gEfiSmmFirmwareVolumeBlockProtocolGuid,
>                      NULL,
> @@ -174,7 +173,7 @@ GetFvbCountAndBuffer (
>      return EFI_OUT_OF_RESOURCES;
>    }
> 
> -  Status = gSmst->SmmLocateHandle (
> +  Status = gMmst->MmLocateHandle (
>                      ByProtocol,
>                      &gEfiSmmFirmwareVolumeBlockProtocolGuid,
>                      NULL,
> @@ -336,8 +335,7 @@ SmmFaultTolerantWriteHandler (
>    }
>    CommBufferPayloadSize = TempCommBufferSize -
> SMM_FTW_COMMUNICATE_HEADER_SIZE;
> 
> -  if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer,
> TempCommBufferSize)) {
> -    DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in
> SMRAM or overflow!\n"));
> +  if (!FtwSmmIsBufferOutsideSmmValid ((UINTN)CommBuffer,
> TempCommBufferSize)) {
>      return EFI_SUCCESS;
>    }
> 
> @@ -525,13 +523,12 @@ FvbNotificationEvent (
>    EFI_STATUS                              Status;
>    EFI_SMM_FAULT_TOLERANT_WRITE_PROTOCOL   *FtwProtocol;
>    EFI_HANDLE                              SmmFtwHandle;
> -  EFI_HANDLE                              FtwHandle;
> 
>    //
>    // Just return to avoid install SMM FaultTolerantWriteProtocol again
>    // if SMM Fault Tolerant Write protocol had been installed.
>    //
> -  Status = gSmst->SmmLocateProtocol (
> +  Status = gMmst->MmLocateProtocol (
>                      &gEfiSmmFaultTolerantWriteProtocolGuid,
>                      NULL,
>                      (VOID **) &FtwProtocol
> @@ -551,7 +548,7 @@ FvbNotificationEvent (
>    //
>    // Install protocol interface
>    //
> -  Status = gSmst->SmmInstallProtocolInterface (
> +  Status = gMmst->MmInstallProtocolInterface (
>                      &mFtwDevice->Handle,
>                      &gEfiSmmFaultTolerantWriteProtocolGuid,
>                      EFI_NATIVE_INTERFACE,
> @@ -562,20 +559,13 @@ FvbNotificationEvent (
>    ///
>    /// Register SMM FTW SMI handler
>    ///
> -  Status = gSmst->SmiHandlerRegister (SmmFaultTolerantWriteHandler,
> &gEfiSmmFaultTolerantWriteProtocolGuid, &SmmFtwHandle);
> +  Status = gMmst->MmiHandlerRegister (SmmFaultTolerantWriteHandler,
> &gEfiSmmFaultTolerantWriteProtocolGuid, &SmmFtwHandle);
>    ASSERT_EFI_ERROR (Status);
> 
>    //
>    // Notify the Ftw wrapper driver SMM Ftw is ready
>    //
> -  FtwHandle = NULL;
> -  Status = gBS->InstallProtocolInterface (
> -                  &FtwHandle,
> -                  &gEfiSmmFaultTolerantWriteProtocolGuid,
> -                  EFI_NATIVE_INTERFACE,
> -                  NULL
> -                  );
> -  ASSERT_EFI_ERROR (Status);
> +  FtwNotifySmmReady ();
> 
>    return EFI_SUCCESS;
>  }
> @@ -592,7 +582,7 @@ FvbNotificationEvent (
>  **/
>  EFI_STATUS
>  EFIAPI
> -SmmEndOfDxeCallback (
> +MmEndOfDxeCallback (
>    IN CONST EFI_GUID                       *Protocol,
>    IN VOID                                 *Interface,
>    IN EFI_HANDLE                           Handle
> @@ -614,14 +604,12 @@ SmmEndOfDxeCallback (
> 
>  **/
>  EFI_STATUS
> -EFIAPI
> -SmmFaultTolerantWriteInitialize (
> -  IN EFI_HANDLE                           ImageHandle,
> -  IN EFI_SYSTEM_TABLE                     *SystemTable
> +MmFaultTolerantWriteInitialize (
> +  VOID
>    )
>  {
>    EFI_STATUS                              Status;
> -  VOID                                    *SmmEndOfDxeRegistration;
> +  VOID                                    *MmEndOfDxeRegistration;
> 
>    //
>    // Allocate private data structure for SMM FTW protocol and do some
> initialization
> @@ -634,17 +622,17 @@ SmmFaultTolerantWriteInitialize (
>    //
>    // Register EFI_SMM_END_OF_DXE_PROTOCOL_GUID notify function.
>    //
> -  Status = gSmst->SmmRegisterProtocolNotify (
> -                    &gEfiSmmEndOfDxeProtocolGuid,
> -                    SmmEndOfDxeCallback,
> -                    &SmmEndOfDxeRegistration
> +  Status = gMmst->MmRegisterProtocolNotify (
> +                    &gEfiMmEndOfDxeProtocolGuid,
> +                    MmEndOfDxeCallback,
> +                    &MmEndOfDxeRegistration
>                      );
>    ASSERT_EFI_ERROR (Status);
> 
>    //
>    // Register FvbNotificationEvent () notify function.
>    //
> -  Status = gSmst->SmmRegisterProtocolNotify (
> +  Status = gMmst->MmRegisterProtocolNotify (
>                      &gEfiSmmFirmwareVolumeBlockProtocolGuid,
>                      FvbNotificationEvent,
>                      &mFvbRegistration
> diff --git
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> index 606cc2266bda..1653365bc247 100644
> ---
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> +++
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> @@ -37,6 +37,7 @@ [Sources]
>    FtwMisc.c
>    UpdateWorkingBlock.c
>    FaultTolerantWrite.c
> +  FaultTolerantWriteTraditionalMm.c
>    FaultTolerantWriteSmm.c
>    FaultTolerantWrite.h
>    FaultTolerantWriteSmmCommon.h
> @@ -46,7 +47,7 @@ [Packages]
>    MdeModulePkg/MdeModulePkg.dec
> 
>  [LibraryClasses]
> -  SmmServicesTableLib
> +  MmServicesTableLib
>    MemoryAllocationLib
>    BaseMemoryLib
>    UefiDriverEntryPoint
> @@ -73,7 +74,7 @@ [Protocols]
>    ## PRODUCES
>    ## UNDEFINED # SmiHandlerRegister
>    gEfiSmmFaultTolerantWriteProtocolGuid
> -  gEfiSmmEndOfDxeProtocolGuid                      ## CONSUMES
> +  gEfiMmEndOfDxeProtocolGuid                      ## CONSUMES
> 
>  [FeaturePcd]
>    gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ## CONSUMES
> diff --git
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCo
> mmon.h
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCo
> mmon.h
> index 8ad0015f3c9e..25b5f7c87326 100644
> ---
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCo
> mmon.h
> +++
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCo
> mmon.h
> @@ -77,4 +77,35 @@ typedef struct {
>    UINT8                                 Data[1];
>  } SMM_FTW_GET_LAST_WRITE_HEADER;
> 
> +/**
> +  Entry point of the module
> +**/
> +EFI_STATUS
> +MmFaultTolerantWriteInitialize (
> +  VOID
> +  );
> +
> +/**
> +  This function check if the buffer is valid per processor architecture and not
> overlap with SMRAM.
> +
> +  @param Buffer  The buffer start address to be checked.
> +  @param Length  The buffer length to be checked.
> +
> +  @retval TRUE  This buffer is valid per processor architecture and not overlap
> with SMRAM.
> +  @retval FALSE This buffer is not valid per processor architecture or overlap
> with SMRAM.
> +**/
> +BOOLEAN
> +FtwSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64                Length
> +  );
> +
> +/**
> +  Notify the system that the SMM driver is ready
> +**/
> +VOID
> +FtwNotifySmmReady (
> +  VOID
> +  );
> +
>  #endif
> diff --git
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDx
> e.c
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDx
> e.c
> index 259e9365f483..8694b9254cde 100644
> ---
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDx
> e.c
> +++
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDx
> e.c
> @@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY
> KIND, EITHER EXPRESS OR IMPLIED.
> 
>  **/
> 
> +#include <Library/UefiBootServicesTableLib.h>
>  #include "FaultTolerantWriteSmmDxe.h"
> 
>  EFI_HANDLE                         mHandle                   = NULL;
> diff --git
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditio
> nalMm.c
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditio
> nalMm.c
> new file mode 100644
> index 000000000000..440dced37bf8
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditio
> nalMm.c
> @@ -0,0 +1,94 @@
> +/** @file
> +
> +  Parts of the SMM/MM implementation that are specific to traditional MM
> +
> +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved. <BR>
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD
> License
> +which accompanies this distribution.  The full text of the license may be found
> at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS
> OR IMPLIED.
> +
> +**/
> +
> +#include <Library/SmmMemLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include "FaultTolerantWrite.h"
> +#include "FaultTolerantWriteSmmCommon.h"
> +
> +BOOLEAN
> +FtwSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64                Length
> +  )
> +{
> +  if (!SmmIsBufferOutsideSmmValid (Buffer, Length)) {
> +    DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in
> SMRAM or overflow!\n"));
> +    return FALSE;
> +  }
> +  return TRUE;
> +}
> +
> +/**
> +  Internal implementation of CRC32. Depending on the execution context
> +  (traditional SMM or DXE vs standalone MM), this function is implemented
> +  via a call to the CalculateCrc32 () boot service, or via a library
> +  call.
> +
> +  If Buffer is NULL, then ASSERT().
> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
> +
> +  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be
> computed.
> +  @param[in]  Length       The number of bytes in the buffer Data.
> +
> +  @retval Crc32            The 32-bit CRC was computed for the data buffer.
> +
> +**/
> +UINT32
> +FtwCalculateCrc32 (
> +  IN  VOID                         *Buffer,
> +  IN  UINTN                        Length
> +  )
> +{
> +  EFI_STATUS    Status;
> +  UINT32        ReturnValue;
> +
> +  Status = gBS->CalculateCrc32 (Buffer, Length, &ReturnValue);
> +  ASSERT_EFI_ERROR (Status);
> +
> +  return ReturnValue;
> +}
> +
> +/**
> +  Notify the system that the SMM driver is ready
> +**/
> +VOID
> +FtwNotifySmmReady (
> +  VOID
> +  )
> +{
> +  EFI_HANDLE          FtwHandle;
> +  EFI_STATUS          Status;
> +
> +  FtwHandle = NULL;
> +  Status = gBS->InstallProtocolInterface (
> +                  &FtwHandle,
> +                  &gEfiSmmFaultTolerantWriteProtocolGuid,
> +                  EFI_NATIVE_INTERFACE,
> +                  NULL
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +SmmFaultTolerantWriteInitialize (
> +  IN EFI_HANDLE            ImageHandle,
> +  IN EFI_SYSTEM_TABLE      *SystemTable
> +  )
> +{
> +  return MmFaultTolerantWriteInitialize ();
> +}
> diff --git
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
> index 50d3421b88bb..d09e9719cf05 100644
> --- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
> @@ -29,8 +29,6 @@ InitializeLocalWorkSpaceHeader (
>    VOID
>    )
>  {
> -  EFI_STATUS                              Status;
> -
>    //
>    // Check signature with gEdkiiWorkingBlockSignatureGuid.
>    //
> @@ -64,12 +62,8 @@ InitializeLocalWorkSpaceHeader (
>    //
>    // Calculate the Crc of woking block header
>    //
> -  Status = gBS->CalculateCrc32 (
> -                  &mWorkingBlockHeader,
> -                  sizeof (EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER),
> -                  &mWorkingBlockHeader.Crc
> -                  );
> -  ASSERT_EFI_ERROR (Status);
> +  mWorkingBlockHeader.Crc = FtwCalculateCrc32 (&mWorkingBlockHeader,
> +                              sizeof (EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER));
> 
>    mWorkingBlockHeader.WorkingBlockValid    = FTW_VALID_STATE;
>    mWorkingBlockHeader.WorkingBlockInvalid  = FTW_INVALID_STATE;
> --
> 2.17.1

Re: [PATCH 3/6] MdeModulePkg/FaultTolerantWriteDxe: factor out boot service accesses

[Zeng, Star]

Hi Ard,

Some minor feedback added inline.

On 2019/1/4 2:28, Ard Biesheuvel wrote:
> In preparation of providing a standalone MM based FTW driver, move
> the existing SMM driver to the new MM services table, and factor out
> some pieces that are specific to the traditional driver, mainly
> related to the use of UEFI boot services, which are not accessible
> to standalone MM drivers.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>   MdeModulePkg/MdeModulePkg.dsc                                                  |  1 +
>   MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h              | 22 ++++-
>   MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c           | 31 +++++++
>   MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c           | 54 +++++------
>   MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf         |  5 +-
>   MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCommon.h     | 31 +++++++
>   MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDxe.c        |  1 +
>   MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c | 94 ++++++++++++++++++++
>   MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c              | 10 +--
>   9 files changed, 205 insertions(+), 44 deletions(-)
> 
> diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
> index 5d042be3a862..ef3c144ed524 100644
> --- a/MdeModulePkg/MdeModulePkg.dsc
> +++ b/MdeModulePkg/MdeModulePkg.dsc
> @@ -153,6 +153,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
>     DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
>     MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf
>     SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
> +  MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>     LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf
>     SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
>   
> diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h
> index 844cf3bee04d..8d146264b129 100644
> --- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWrite.h
> @@ -31,7 +31,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
>   #include <Library/UefiDriverEntryPoint.h>
>   #include <Library/BaseMemoryLib.h>
>   #include <Library/MemoryAllocationLib.h>
> -#include <Library/UefiBootServicesTableLib.h>
>   #include <Library/ReportStatusCodeLib.h>
>   
>   //
> @@ -766,4 +765,25 @@ WriteWorkSpaceData (
>     IN UINT8                              *Buffer
>     );
>   
> +/**
> +  Internal implementation of CRC32. Depending on the execution context
> +  (traditional SMM or DXE vs standalone MM), this function is implemented
> +  via a call to the CalculateCrc32 () boot service, or via a library
> +  call.
> +
> +  If Buffer is NULL, then ASSERT().
> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
> +
> +  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be computed.
> +  @param[in]  Length       The number of bytes in the buffer Data.
> +
> +  @retval Crc32            The 32-bit CRC was computed for the data buffer.
> +
> +**/
> +UINT32
> +FtwCalculateCrc32 (
> +  IN  VOID                         *Buffer,
> +  IN  UINTN                        Length
> +  );
> +
>   #endif
> diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c
> index 094e40f9d86c..24e507104bbe 100644
> --- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.c
> @@ -51,6 +51,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
>   
>   **/
>   
> +#include <Library/UefiBootServicesTableLib.h>
>   #include "FaultTolerantWrite.h"
>   EFI_EVENT                                 mFvbRegistration = NULL;
>   
> @@ -250,3 +251,33 @@ FaultTolerantWriteInitialize (
>   
>     return EFI_SUCCESS;
>   }
> +
> +/**
> +  Internal implementation of CRC32. Depending on the execution context
> +  (traditional SMM or DXE vs standalone MM), this function is implemented
> +  via a call to the CalculateCrc32 () boot service, or via a library
> +  call.
> +
> +  If Buffer is NULL, then ASSERT().
> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
> +
> +  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be computed.
> +  @param[in]  Length       The number of bytes in the buffer Data.
> +
> +  @retval Crc32            The 32-bit CRC was computed for the data buffer.
> +
> +**/
> +UINT32
> +FtwCalculateCrc32 (
> +  IN  VOID                         *Buffer,
> +  IN  UINTN                        Length
> +  )
> +{
> +  EFI_STATUS    Status;
> +  UINT32        ReturnValue;
> +
> +  Status = gBS->CalculateCrc32 (Buffer, Length, &ReturnValue);
> +  ASSERT_EFI_ERROR (Status);
> +
> +  return ReturnValue;
> +}
> diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
> index 481fea3f1fdf..e91d04e56d7c 100644
> --- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
> @@ -54,14 +54,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
>   
>   **/
>   
> -#include <PiSmm.h>
> -#include <Library/SmmServicesTableLib.h>
> -#include <Library/SmmMemLib.h>
> +#include <PiMm.h>
> +#include <Library/MmServicesTableLib.h>
>   #include <Library/BaseLib.h>
>   #include <Protocol/SmmSwapAddressRange.h>
>   #include "FaultTolerantWrite.h"
>   #include "FaultTolerantWriteSmmCommon.h"
> -#include <Protocol/SmmEndOfDxe.h>
> +#include <Protocol/MmEndOfDxe.h>
>   
>   EFI_EVENT                                 mFvbRegistration = NULL;
>   EFI_FTW_DEVICE                            *mFtwDevice      = NULL;
> @@ -92,7 +91,7 @@ FtwGetFvbByHandle (
>     //
>     // To get the SMM FVB protocol interface on the handle
>     //
> -  return gSmst->SmmHandleProtocol (
> +  return gMmst->MmHandleProtocol (
>                     FvBlockHandle,
>                     &gEfiSmmFirmwareVolumeBlockProtocolGuid,
>                     (VOID **) FvBlock
> @@ -119,7 +118,7 @@ FtwGetSarProtocol (
>     //
>     // Locate Smm Swap Address Range protocol
>     //
> -  Status = gSmst->SmmLocateProtocol (
> +  Status = gMmst->MmLocateProtocol (
>                       &gEfiSmmSwapAddressRangeProtocolGuid,
>                       NULL,
>                       SarProtocol
> @@ -158,7 +157,7 @@ GetFvbCountAndBuffer (
>     BufferSize     = 0;
>     *NumberHandles = 0;
>     *Buffer        = NULL;
> -  Status = gSmst->SmmLocateHandle (
> +  Status = gMmst->MmLocateHandle (
>                       ByProtocol,
>                       &gEfiSmmFirmwareVolumeBlockProtocolGuid,
>                       NULL,
> @@ -174,7 +173,7 @@ GetFvbCountAndBuffer (
>       return EFI_OUT_OF_RESOURCES;
>     }
>   
> -  Status = gSmst->SmmLocateHandle (
> +  Status = gMmst->MmLocateHandle (
>                       ByProtocol,
>                       &gEfiSmmFirmwareVolumeBlockProtocolGuid,
>                       NULL,
> @@ -336,8 +335,7 @@ SmmFaultTolerantWriteHandler (
>     }
>     CommBufferPayloadSize = TempCommBufferSize - SMM_FTW_COMMUNICATE_HEADER_SIZE;
>   
> -  if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
> -    DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in SMRAM or overflow!\n"));

How about keeping the debug message printing code here (but not be in 
FtwSmmIsBufferOutsideSmmValid) to align the change for variable drivers?

> +  if (!FtwSmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
>       return EFI_SUCCESS;
>     }
>   
> @@ -525,13 +523,12 @@ FvbNotificationEvent (
>     EFI_STATUS                              Status;
>     EFI_SMM_FAULT_TOLERANT_WRITE_PROTOCOL   *FtwProtocol;
>     EFI_HANDLE                              SmmFtwHandle;
> -  EFI_HANDLE                              FtwHandle;
>   
>     //
>     // Just return to avoid install SMM FaultTolerantWriteProtocol again
>     // if SMM Fault Tolerant Write protocol had been installed.
>     //
> -  Status = gSmst->SmmLocateProtocol (
> +  Status = gMmst->MmLocateProtocol (
>                       &gEfiSmmFaultTolerantWriteProtocolGuid,
>                       NULL,
>                       (VOID **) &FtwProtocol
> @@ -551,7 +548,7 @@ FvbNotificationEvent (
>     //
>     // Install protocol interface
>     //
> -  Status = gSmst->SmmInstallProtocolInterface (
> +  Status = gMmst->MmInstallProtocolInterface (
>                       &mFtwDevice->Handle,
>                       &gEfiSmmFaultTolerantWriteProtocolGuid,
>                       EFI_NATIVE_INTERFACE,
> @@ -562,20 +559,13 @@ FvbNotificationEvent (
>     ///
>     /// Register SMM FTW SMI handler
>     ///
> -  Status = gSmst->SmiHandlerRegister (SmmFaultTolerantWriteHandler, &gEfiSmmFaultTolerantWriteProtocolGuid, &SmmFtwHandle);
> +  Status = gMmst->MmiHandlerRegister (SmmFaultTolerantWriteHandler, &gEfiSmmFaultTolerantWriteProtocolGuid, &SmmFtwHandle);
>     ASSERT_EFI_ERROR (Status);
>   
>     //
>     // Notify the Ftw wrapper driver SMM Ftw is ready
>     //
> -  FtwHandle = NULL;
> -  Status = gBS->InstallProtocolInterface (
> -                  &FtwHandle,
> -                  &gEfiSmmFaultTolerantWriteProtocolGuid,
> -                  EFI_NATIVE_INTERFACE,
> -                  NULL
> -                  );
> -  ASSERT_EFI_ERROR (Status);
> +  FtwNotifySmmReady ();
>   
>     return EFI_SUCCESS;
>   }
> @@ -592,7 +582,7 @@ FvbNotificationEvent (
>   **/
>   EFI_STATUS
>   EFIAPI
> -SmmEndOfDxeCallback (
> +MmEndOfDxeCallback (
>     IN CONST EFI_GUID                       *Protocol,
>     IN VOID                                 *Interface,
>     IN EFI_HANDLE                           Handle
> @@ -614,14 +604,12 @@ SmmEndOfDxeCallback (
>   
>   **/
>   EFI_STATUS
> -EFIAPI
> -SmmFaultTolerantWriteInitialize (
> -  IN EFI_HANDLE                           ImageHandle,
> -  IN EFI_SYSTEM_TABLE                     *SystemTable
> +MmFaultTolerantWriteInitialize (
> +  VOID
>     )
>   {
>     EFI_STATUS                              Status;
> -  VOID                                    *SmmEndOfDxeRegistration;
> +  VOID                                    *MmEndOfDxeRegistration;
>   
>     //
>     // Allocate private data structure for SMM FTW protocol and do some initialization
> @@ -634,17 +622,17 @@ SmmFaultTolerantWriteInitialize (
>     //
>     // Register EFI_SMM_END_OF_DXE_PROTOCOL_GUID notify function.
>     //
> -  Status = gSmst->SmmRegisterProtocolNotify (
> -                    &gEfiSmmEndOfDxeProtocolGuid,
> -                    SmmEndOfDxeCallback,
> -                    &SmmEndOfDxeRegistration
> +  Status = gMmst->MmRegisterProtocolNotify (
> +                    &gEfiMmEndOfDxeProtocolGuid,
> +                    MmEndOfDxeCallback,
> +                    &MmEndOfDxeRegistration
>                       );
>     ASSERT_EFI_ERROR (Status);
>   
>     //
>     // Register FvbNotificationEvent () notify function.
>     //
> -  Status = gSmst->SmmRegisterProtocolNotify (
> +  Status = gMmst->MmRegisterProtocolNotify (
>                       &gEfiSmmFirmwareVolumeBlockProtocolGuid,
>                       FvbNotificationEvent,
>                       &mFvbRegistration
> diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> index 606cc2266bda..1653365bc247 100644
> --- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> @@ -37,6 +37,7 @@ [Sources]
>     FtwMisc.c
>     UpdateWorkingBlock.c
>     FaultTolerantWrite.c
> +  FaultTolerantWriteTraditionalMm.c
>     FaultTolerantWriteSmm.c
>     FaultTolerantWrite.h
>     FaultTolerantWriteSmmCommon.h
> @@ -46,7 +47,7 @@ [Packages]
>     MdeModulePkg/MdeModulePkg.dec
>   
>   [LibraryClasses]
> -  SmmServicesTableLib
> +  MmServicesTableLib
>     MemoryAllocationLib
>     BaseMemoryLib
>     UefiDriverEntryPoint
> @@ -73,7 +74,7 @@ [Protocols]
>     ## PRODUCES
>     ## UNDEFINED # SmiHandlerRegister
>     gEfiSmmFaultTolerantWriteProtocolGuid
> -  gEfiSmmEndOfDxeProtocolGuid                      ## CONSUMES
> +  gEfiMmEndOfDxeProtocolGuid                      ## CONSUMES
>   
>   [FeaturePcd]
>     gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ## CONSUMES
> diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCommon.h b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCommon.h
> index 8ad0015f3c9e..25b5f7c87326 100644
> --- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCommon.h
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmCommon.h
> @@ -77,4 +77,35 @@ typedef struct {
>     UINT8                                 Data[1];
>   } SMM_FTW_GET_LAST_WRITE_HEADER;
>   
> +/**
> +  Entry point of the module
> +**/
> +EFI_STATUS
> +MmFaultTolerantWriteInitialize (
> +  VOID
> +  );
> +
> +/**
> +  This function check if the buffer is valid per processor architecture and not overlap with SMRAM.
> +
> +  @param Buffer  The buffer start address to be checked.
> +  @param Length  The buffer length to be checked.
> +
> +  @retval TRUE  This buffer is valid per processor architecture and not overlap with SMRAM.
> +  @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.
> +**/
> +BOOLEAN
> +FtwSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64                Length
> +  );
> +
> +/**
> +  Notify the system that the SMM driver is ready

How about using "SMM FTW driver" instead of "SMM driver" here and also 
for the implementations?

> +**/
> +VOID
> +FtwNotifySmmReady (
> +  VOID
> +  );
> +
>   #endif
> diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDxe.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDxe.c
> index 259e9365f483..8694b9254cde 100644
> --- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDxe.c
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmmDxe.c
> @@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
>   
>   **/
>   
> +#include <Library/UefiBootServicesTableLib.h>

It is not needed as FaultTolerantWriteSmmDxe.h has included it.

>   #include "FaultTolerantWriteSmmDxe.h"
>   
>   EFI_HANDLE                         mHandle                   = NULL;
> diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
> new file mode 100644
> index 000000000000..440dced37bf8
> --- /dev/null
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
> @@ -0,0 +1,94 @@
> +/** @file
> +
> +  Parts of the SMM/MM implementation that are specific to traditional MM
> +
> +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved. <BR>
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD License
> +which accompanies this distribution.  The full text of the license may be found at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Library/SmmMemLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include "FaultTolerantWrite.h"
> +#include "FaultTolerantWriteSmmCommon.h"
> +
> +BOOLEAN
> +FtwSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64                Length
> +  )
> +{
> +  if (!SmmIsBufferOutsideSmmValid (Buffer, Length)) {
> +    DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in SMRAM or overflow!\n"));

How about keeping the debug message printing code in 
FaultTolerantWriteSmm.c?

> +    return FALSE;
> +  }
> +  return TRUE;
> +}

Please add function comment header for it.

> +
> +/**
> +  Internal implementation of CRC32. Depending on the execution context
> +  (traditional SMM or DXE vs standalone MM), this function is implemented
> +  via a call to the CalculateCrc32 () boot service, or via a library
> +  call.
> +
> +  If Buffer is NULL, then ASSERT().
> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
> +
> +  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be computed.
> +  @param[in]  Length       The number of bytes in the buffer Data.
> +
> +  @retval Crc32            The 32-bit CRC was computed for the data buffer.
> +
> +**/
> +UINT32
> +FtwCalculateCrc32 (
> +  IN  VOID                         *Buffer,
> +  IN  UINTN                        Length
> +  )
> +{
> +  EFI_STATUS    Status;
> +  UINT32        ReturnValue;
> +
> +  Status = gBS->CalculateCrc32 (Buffer, Length, &ReturnValue);
> +  ASSERT_EFI_ERROR (Status);
> +
> +  return ReturnValue;
> +}
> +
> +/**
> +  Notify the system that the SMM driver is ready

How about using "SMM FTW driver" instead of "SMM driver" here?

> +**/
> +VOID
> +FtwNotifySmmReady (
> +  VOID
> +  )
> +{
> +  EFI_HANDLE          FtwHandle;
> +  EFI_STATUS          Status;
> +
> +  FtwHandle = NULL;
> +  Status = gBS->InstallProtocolInterface (
> +                  &FtwHandle,
> +                  &gEfiSmmFaultTolerantWriteProtocolGuid,
> +                  EFI_NATIVE_INTERFACE,
> +                  NULL
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +SmmFaultTolerantWriteInitialize (
> +  IN EFI_HANDLE            ImageHandle,
> +  IN EFI_SYSTEM_TABLE      *SystemTable
> +  )
> +{
> +  return MmFaultTolerantWriteInitialize ();
> +}

Please add function comment header for it.

Thanks,
Star
> diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
> index 50d3421b88bb..d09e9719cf05 100644
> --- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
> @@ -29,8 +29,6 @@ InitializeLocalWorkSpaceHeader (
>     VOID
>     )
>   {
> -  EFI_STATUS                              Status;
> -
>     //
>     // Check signature with gEdkiiWorkingBlockSignatureGuid.
>     //
> @@ -64,12 +62,8 @@ InitializeLocalWorkSpaceHeader (
>     //
>     // Calculate the Crc of woking block header
>     //
> -  Status = gBS->CalculateCrc32 (
> -                  &mWorkingBlockHeader,
> -                  sizeof (EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER),
> -                  &mWorkingBlockHeader.Crc
> -                  );
> -  ASSERT_EFI_ERROR (Status);
> +  mWorkingBlockHeader.Crc = FtwCalculateCrc32 (&mWorkingBlockHeader,
> +                              sizeof (EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER));
>   
>     mWorkingBlockHeader.WorkingBlockValid    = FTW_VALID_STATE;
>     mWorkingBlockHeader.WorkingBlockInvalid  = FTW_INVALID_STATE;
> 

[PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Ard Biesheuvel]

Implement a new version of the fault tolerant write driver that can
be used in the context of a standalone MM implementation.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c   | 70 +++++++++++++++
 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf | 90 ++++++++++++++++++++
 2 files changed, 160 insertions(+)

diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
new file mode 100644
index 000000000000..b6fbf6c64f8a
--- /dev/null
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
@@ -0,0 +1,70 @@
+/** @file
+
+  Parts of the SMM/MM implementation that are specific to standalone MM
+
+Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/SmmMemLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include "FaultTolerantWrite.h"
+#include "FaultTolerantWriteSmmCommon.h"
+
+BOOLEAN
+FtwSmmIsBufferOutsideSmmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  )
+{
+  return TRUE;
+}
+
+/**
+  Internal implementation of CRC32. Depending on the execution context
+  (standalone SMM or DXE vs standalone MM), this function is implemented
+  via a call to the CalculateCrc32 () boot service, or via a library
+  call.
+
+  If Buffer is NULL, then ASSERT().
+  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
+
+  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be computed.
+  @param[in]  Length       The number of bytes in the buffer Data.
+
+  @retval Crc32            The 32-bit CRC was computed for the data buffer.
+
+**/
+UINT32
+FtwCalculateCrc32 (
+  IN  VOID                         *Buffer,
+  IN  UINTN                        Length
+  )
+{
+  return CalculateCrc32 (Buffer, Length);
+}
+
+VOID
+FtwNotifySmmReady (
+  VOID
+  )
+{
+}
+
+EFI_STATUS
+EFIAPI
+StandaloneMmFaultTolerantWriteInitialize (
+  IN EFI_HANDLE            ImageHandle,
+  IN EFI_MM_SYSTEM_TABLE   *MmSystemTable
+  )
+{
+  return MmFaultTolerantWriteInitialize ();
+}
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
new file mode 100644
index 000000000000..99bd62ad5ceb
--- /dev/null
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
@@ -0,0 +1,90 @@
+ ## @file
+#   Fault Tolerant Write Smm Driver.
+#
+#   This driver installs SMM Fault Tolerant Write (FTW) protocol, which provides fault
+#   tolerant write capability in SMM environment for block devices. Its implementation
+#   depends on the full functionality SMM FVB protocol that support read, write/erase
+#   flash access.
+#
+# Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
+#
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution. The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x0001001A
+  BASE_NAME                      = FaultTolerantWriteStandaloneMm
+  FILE_GUID                      = 3aade4ec-63cc-4a48-a928-5a374dd463eb
+  MODULE_TYPE                    = MM_STANDALONE
+  VERSION_STRING                 = 1.0
+  PI_SPECIFICATION_VERSION       = 0x00010032
+  ENTRY_POINT                    = StandaloneMmFaultTolerantWriteInitialize
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = AARCH64
+#
+
+[Sources]
+  FtwMisc.c
+  UpdateWorkingBlock.c
+  FaultTolerantWrite.c
+  FaultTolerantWriteStandaloneMm.c
+  FaultTolerantWriteSmm.c
+  FaultTolerantWrite.h
+  FaultTolerantWriteSmmCommon.h
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  StandaloneMmPkg/StandaloneMmPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+  MemoryAllocationLib
+  MmServicesTableLib
+  PcdLib
+  ReportStatusCodeLib
+  StandaloneMmDriverEntryPoint
+
+[Guids]
+  #
+  # Signature in EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER
+  #
+  ## CONSUMES           ## GUID
+  ## PRODUCES           ## GUID
+  gEdkiiWorkingBlockSignatureGuid
+
+[Protocols]
+  gEfiSmmSwapAddressRangeProtocolGuid | gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable  ## SOMETIMES_CONSUMES
+  ## NOTIFY
+  ## CONSUMES
+  gEfiSmmFirmwareVolumeBlockProtocolGuid
+  ## PRODUCES
+  ## UNDEFINED # SmiHandlerRegister
+  gEfiSmmFaultTolerantWriteProtocolGuid
+  gEfiMmEndOfDxeProtocolGuid                       ## CONSUMES
+
+[FeaturePcd]
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ## CONSUMES
+
+[Pcd]
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase    ## SOMETIMES_CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64  ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize    ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase      ## SOMETIMES_CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64    ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize      ## CONSUMES
+
+[Depex]
+  TRUE
+
-- 
2.17.1

Re: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Wang, Jian J]

Ard,


Regards,
Jian


> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Friday, January 04, 2019 2:28 AM
> To: edk2-devel@lists.01.org
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek
> <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney,
> Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta
> <Achin.Gupta@arm.com>; Thomas Panakamattam Abraham
> <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> Subject: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement
> standalone MM version
> 
> Implement a new version of the fault tolerant write driver that can
> be used in the context of a standalone MM implementation.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> 
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandalon
> eMm.c   | 70 +++++++++++++++
> 
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandalon
> eMm.inf | 90 ++++++++++++++++++++
>  2 files changed, 160 insertions(+)
> 
> diff --git
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.c
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.c
> new file mode 100644
> index 000000000000..b6fbf6c64f8a
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.c
> @@ -0,0 +1,70 @@
> +/** @file
> +
> +  Parts of the SMM/MM implementation that are specific to standalone MM
> +
> +Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD
> License
> +which accompanies this distribution.  The full text of the license may be found
> at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS
> OR IMPLIED.
> +
> +**/
> +
> +#include <Library/SmmMemLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include "FaultTolerantWrite.h"
> +#include "FaultTolerantWriteSmmCommon.h"
> +
> +BOOLEAN
> +FtwSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64                Length
> +  )
> +{
> +  return TRUE;
> +}
> +
> +/**
> +  Internal implementation of CRC32. Depending on the execution context
> +  (standalone SMM or DXE vs standalone MM), this function is implemented
> +  via a call to the CalculateCrc32 () boot service, or via a library
> +  call.
> +
> +  If Buffer is NULL, then ASSERT().
> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
> +
> +  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be
> computed.
> +  @param[in]  Length       The number of bytes in the buffer Data.
> +
> +  @retval Crc32            The 32-bit CRC was computed for the data buffer.
> +
> +**/
> +UINT32
> +FtwCalculateCrc32 (
> +  IN  VOID                         *Buffer,
> +  IN  UINTN                        Length
> +  )
> +{
> +  return CalculateCrc32 (Buffer, Length);
> +}
> +
> +VOID
> +FtwNotifySmmReady (
> +  VOID
> +  )
> +{
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +StandaloneMmFaultTolerantWriteInitialize (
> +  IN EFI_HANDLE            ImageHandle,
> +  IN EFI_MM_SYSTEM_TABLE   *MmSystemTable
> +  )
> +{
> +  return MmFaultTolerantWriteInitialize ();
> +}
> diff --git
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.inf
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.inf
> new file mode 100644
> index 000000000000..99bd62ad5ceb
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.inf
> @@ -0,0 +1,90 @@
> + ## @file
> +#   Fault Tolerant Write Smm Driver.
> +#
> +#   This driver installs SMM Fault Tolerant Write (FTW) protocol, which provides
> fault
> +#   tolerant write capability in SMM environment for block devices. Its
> implementation
> +#   depends on the full functionality SMM FVB protocol that support read,
> write/erase
> +#   flash access.
> +#
> +# Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> +#
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD
> License
> +#  which accompanies this distribution. The full text of the license may be found
> at
> +#  http://opensource.org/licenses/bsd-license.php
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x0001001A
> +  BASE_NAME                      = FaultTolerantWriteStandaloneMm
> +  FILE_GUID                      = 3aade4ec-63cc-4a48-a928-5a374dd463eb
> +  MODULE_TYPE                    = MM_STANDALONE
> +  VERSION_STRING                 = 1.0
> +  PI_SPECIFICATION_VERSION       = 0x00010032
> +  ENTRY_POINT                    = StandaloneMmFaultTolerantWriteInitialize
> +
> +#
> +# The following information is for reference only and not required by the build
> tools.
> +#
> +#  VALID_ARCHITECTURES           = AARCH64
> +#
> +
> +[Sources]
> +  FtwMisc.c
> +  UpdateWorkingBlock.c
> +  FaultTolerantWrite.c
> +  FaultTolerantWriteStandaloneMm.c
> +  FaultTolerantWriteSmm.c
> +  FaultTolerantWrite.h
> +  FaultTolerantWriteSmmCommon.h
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +  StandaloneMmPkg/StandaloneMmPkg.dec
> +
> +[LibraryClasses]
> +  BaseLib
> +  BaseMemoryLib
> +  DebugLib
> +  MemoryAllocationLib
> +  MmServicesTableLib
> +  PcdLib
> +  ReportStatusCodeLib
> +  StandaloneMmDriverEntryPoint
> +
> +[Guids]
> +  #
> +  # Signature in EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER
> +  #
> +  ## CONSUMES           ## GUID
> +  ## PRODUCES           ## GUID
> +  gEdkiiWorkingBlockSignatureGuid
> +
> +[Protocols]
> +  gEfiSmmSwapAddressRangeProtocolGuid |
> gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable  ##
> SOMETIMES_CONSUMES
> +  ## NOTIFY
> +  ## CONSUMES
> +  gEfiSmmFirmwareVolumeBlockProtocolGuid
> +  ## PRODUCES
> +  ## UNDEFINED # SmiHandlerRegister
> +  gEfiSmmFaultTolerantWriteProtocolGuid

CONSUMES/PRODUCES is normally put in trailing comment.


> +  gEfiMmEndOfDxeProtocolGuid                       ## CONSUMES
> +
> +[FeaturePcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ##
> CONSUMES
> +
> +[Pcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase    ##
> SOMETIMES_CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64
> ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize    ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase      ##
> SOMETIMES_CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64    ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize      ##
> CONSUMES
> +
> +[Depex]
> +  TRUE
> +
> --
> 2.17.1

Re: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Wang, Jian J]

Forget the previous comment, multiple comments for usage are allowed in INF.

Reviewed-by: Jian J Wang <jian.j.wang@intel.com>


> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Wang,
> Jian J
> Sent: Thursday, January 10, 2019 9:42 AM
> To: Ard Biesheuvel <ard.biesheuvel@linaro.org>; edk2-devel@lists.01.org
> Cc: Wu, Hao A <hao.a.wu@intel.com>; Gao, Liming <liming.gao@intel.com>;
> Kinney, Michael D <michael.d.kinney@intel.com>; Laszlo Ersek
> <lersek@redhat.com>
> Subject: Re: [edk2] [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe:
> implement standalone MM version
> 
> Ard,
> 
> 
> Regards,
> Jian
> 
> 
> > -----Original Message-----
> > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> > Sent: Friday, January 04, 2019 2:28 AM
> > To: edk2-devel@lists.01.org
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek
> > <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney,
> > Michael D <michael.d.kinney@intel.com>; Gao, Liming
> <liming.gao@intel.com>;
> > Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> > Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta
> > <Achin.Gupta@arm.com>; Thomas Panakamattam Abraham
> > <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> > Subject: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement
> > standalone MM version
> >
> > Implement a new version of the fault tolerant write driver that can
> > be used in the context of a standalone MM implementation.
> >
> > Contributed-under: TianoCore Contribution Agreement 1.1
> > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > ---
> >
> >
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandalon
> > eMm.c   | 70 +++++++++++++++
> >
> >
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandalon
> > eMm.inf | 90 ++++++++++++++++++++
> >  2 files changed, 160 insertions(+)
> >
> > diff --git
> >
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> > oneMm.c
> >
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> > oneMm.c
> > new file mode 100644
> > index 000000000000..b6fbf6c64f8a
> > --- /dev/null
> > +++
> >
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> > oneMm.c
> > @@ -0,0 +1,70 @@
> > +/** @file
> > +
> > +  Parts of the SMM/MM implementation that are specific to standalone MM
> > +
> > +Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> > +Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
> > +This program and the accompanying materials
> > +are licensed and made available under the terms and conditions of the BSD
> > License
> > +which accompanies this distribution.  The full text of the license may be found
> > at
> > +http://opensource.org/licenses/bsd-license.php
> > +
> > +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> BASIS,
> > +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS
> > OR IMPLIED.
> > +
> > +**/
> > +
> > +#include <Library/SmmMemLib.h>
> > +#include <Library/UefiBootServicesTableLib.h>
> > +#include "FaultTolerantWrite.h"
> > +#include "FaultTolerantWriteSmmCommon.h"
> > +
> > +BOOLEAN
> > +FtwSmmIsBufferOutsideSmmValid (
> > +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> > +  IN UINT64                Length
> > +  )
> > +{
> > +  return TRUE;
> > +}
> > +
> > +/**
> > +  Internal implementation of CRC32. Depending on the execution context
> > +  (standalone SMM or DXE vs standalone MM), this function is implemented
> > +  via a call to the CalculateCrc32 () boot service, or via a library
> > +  call.
> > +
> > +  If Buffer is NULL, then ASSERT().
> > +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
> > +
> > +  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to
> be
> > computed.
> > +  @param[in]  Length       The number of bytes in the buffer Data.
> > +
> > +  @retval Crc32            The 32-bit CRC was computed for the data buffer.
> > +
> > +**/
> > +UINT32
> > +FtwCalculateCrc32 (
> > +  IN  VOID                         *Buffer,
> > +  IN  UINTN                        Length
> > +  )
> > +{
> > +  return CalculateCrc32 (Buffer, Length);
> > +}
> > +
> > +VOID
> > +FtwNotifySmmReady (
> > +  VOID
> > +  )
> > +{
> > +}
> > +
> > +EFI_STATUS
> > +EFIAPI
> > +StandaloneMmFaultTolerantWriteInitialize (
> > +  IN EFI_HANDLE            ImageHandle,
> > +  IN EFI_MM_SYSTEM_TABLE   *MmSystemTable
> > +  )
> > +{
> > +  return MmFaultTolerantWriteInitialize ();
> > +}
> > diff --git
> >
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> > oneMm.inf
> >
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> > oneMm.inf
> > new file mode 100644
> > index 000000000000..99bd62ad5ceb
> > --- /dev/null
> > +++
> >
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> > oneMm.inf
> > @@ -0,0 +1,90 @@
> > + ## @file
> > +#   Fault Tolerant Write Smm Driver.
> > +#
> > +#   This driver installs SMM Fault Tolerant Write (FTW) protocol, which
> provides
> > fault
> > +#   tolerant write capability in SMM environment for block devices. Its
> > implementation
> > +#   depends on the full functionality SMM FVB protocol that support read,
> > write/erase
> > +#   flash access.
> > +#
> > +# Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> > +#
> > +#  This program and the accompanying materials
> > +#  are licensed and made available under the terms and conditions of the BSD
> > License
> > +#  which accompanies this distribution. The full text of the license may be
> found
> > at
> > +#  http://opensource.org/licenses/bsd-license.php
> > +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> > BASIS,
> > +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> > EXPRESS OR IMPLIED.
> > +#
> > +##
> > +
> > +[Defines]
> > +  INF_VERSION                    = 0x0001001A
> > +  BASE_NAME                      = FaultTolerantWriteStandaloneMm
> > +  FILE_GUID                      = 3aade4ec-63cc-4a48-a928-5a374dd463eb
> > +  MODULE_TYPE                    = MM_STANDALONE
> > +  VERSION_STRING                 = 1.0
> > +  PI_SPECIFICATION_VERSION       = 0x00010032
> > +  ENTRY_POINT                    = StandaloneMmFaultTolerantWriteInitialize
> > +
> > +#
> > +# The following information is for reference only and not required by the
> build
> > tools.
> > +#
> > +#  VALID_ARCHITECTURES           = AARCH64
> > +#
> > +
> > +[Sources]
> > +  FtwMisc.c
> > +  UpdateWorkingBlock.c
> > +  FaultTolerantWrite.c
> > +  FaultTolerantWriteStandaloneMm.c
> > +  FaultTolerantWriteSmm.c
> > +  FaultTolerantWrite.h
> > +  FaultTolerantWriteSmmCommon.h
> > +
> > +[Packages]
> > +  MdePkg/MdePkg.dec
> > +  MdeModulePkg/MdeModulePkg.dec
> > +  StandaloneMmPkg/StandaloneMmPkg.dec
> > +
> > +[LibraryClasses]
> > +  BaseLib
> > +  BaseMemoryLib
> > +  DebugLib
> > +  MemoryAllocationLib
> > +  MmServicesTableLib
> > +  PcdLib
> > +  ReportStatusCodeLib
> > +  StandaloneMmDriverEntryPoint
> > +
> > +[Guids]
> > +  #
> > +  # Signature in EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER
> > +  #
> > +  ## CONSUMES           ## GUID
> > +  ## PRODUCES           ## GUID
> > +  gEdkiiWorkingBlockSignatureGuid
> > +
> > +[Protocols]
> > +  gEfiSmmSwapAddressRangeProtocolGuid |
> > gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable  ##
> > SOMETIMES_CONSUMES
> > +  ## NOTIFY
> > +  ## CONSUMES
> > +  gEfiSmmFirmwareVolumeBlockProtocolGuid
> > +  ## PRODUCES
> > +  ## UNDEFINED # SmiHandlerRegister
> > +  gEfiSmmFaultTolerantWriteProtocolGuid
> 
> CONSUMES/PRODUCES is normally put in trailing comment.
> 
> 
> > +  gEfiMmEndOfDxeProtocolGuid                       ## CONSUMES
> > +
> > +[FeaturePcd]
> > +  gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ##
> > CONSUMES
> > +
> > +[Pcd]
> > +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase
> ##
> > SOMETIMES_CONSUMES
> > +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64
> > ## CONSUMES
> > +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize
> ##
> > CONSUMES
> > +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase      ##
> > SOMETIMES_CONSUMES
> > +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64
> ##
> > CONSUMES
> > +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize      ##
> > CONSUMES
> > +
> > +[Depex]
> > +  TRUE
> > +
> > --
> > 2.17.1
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel

Re: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Zeng, Star]

On 2019/1/10 9:41, Wang, Jian J wrote:
> Ard,
> 
> 
> Regards,
> Jian
> 
> 
>> -----Original Message-----
>> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
>> Sent: Friday, January 04, 2019 2:28 AM
>> To: edk2-devel@lists.01.org
>> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek
>> <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney,
>> Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>;
>> Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
>> Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta
>> <Achin.Gupta@arm.com>; Thomas Panakamattam Abraham
>> <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
>> Subject: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement
>> standalone MM version
>>
>> Implement a new version of the fault tolerant write driver that can
>> be used in the context of a standalone MM implementation.
>>
>> Contributed-under: TianoCore Contribution Agreement 1.1
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> ---
>>
>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandalon
>> eMm.c   | 70 +++++++++++++++
>>
>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandalon
>> eMm.inf | 90 ++++++++++++++++++++
>>   2 files changed, 160 insertions(+)
>>
>> diff --git
>> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
>> oneMm.c
>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
>> oneMm.c
>> new file mode 100644
>> index 000000000000..b6fbf6c64f8a
>> --- /dev/null
>> +++
>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
>> oneMm.c
>> @@ -0,0 +1,70 @@
>> +/** @file
>> +
>> +  Parts of the SMM/MM implementation that are specific to standalone MM
>> +
>> +Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
>> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
>> +This program and the accompanying materials
>> +are licensed and made available under the terms and conditions of the BSD
>> License
>> +which accompanies this distribution.  The full text of the license may be found
>> at
>> +http://opensource.org/licenses/bsd-license.php
>> +
>> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS
>> OR IMPLIED.
>> +
>> +**/
>> +
>> +#include <Library/SmmMemLib.h>
>> +#include <Library/UefiBootServicesTableLib.h>
>> +#include "FaultTolerantWrite.h"
>> +#include "FaultTolerantWriteSmmCommon.h"
>> +
>> +BOOLEAN
>> +FtwSmmIsBufferOutsideSmmValid (
>> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
>> +  IN UINT64                Length
>> +  )
>> +{
>> +  return TRUE;
>> +}
>> +
>> +/**
>> +  Internal implementation of CRC32. Depending on the execution context
>> +  (standalone SMM or DXE vs standalone MM), this function is implemented
>> +  via a call to the CalculateCrc32 () boot service, or via a library
>> +  call.
>> +
>> +  If Buffer is NULL, then ASSERT().
>> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
>> +
>> +  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be
>> computed.
>> +  @param[in]  Length       The number of bytes in the buffer Data.
>> +
>> +  @retval Crc32            The 32-bit CRC was computed for the data buffer.
>> +
>> +**/
>> +UINT32
>> +FtwCalculateCrc32 (
>> +  IN  VOID                         *Buffer,
>> +  IN  UINTN                        Length
>> +  )
>> +{
>> +  return CalculateCrc32 (Buffer, Length);
>> +}
>> +
>> +VOID
>> +FtwNotifySmmReady (
>> +  VOID
>> +  )
>> +{
>> +}
>> +
>> +EFI_STATUS
>> +EFIAPI
>> +StandaloneMmFaultTolerantWriteInitialize (
>> +  IN EFI_HANDLE            ImageHandle,
>> +  IN EFI_MM_SYSTEM_TABLE   *MmSystemTable
>> +  )
>> +{
>> +  return MmFaultTolerantWriteInitialize ();
>> +}
>> diff --git
>> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
>> oneMm.inf
>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
>> oneMm.inf
>> new file mode 100644
>> index 000000000000..99bd62ad5ceb
>> --- /dev/null
>> +++
>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
>> oneMm.inf
>> @@ -0,0 +1,90 @@
>> + ## @file
>> +#   Fault Tolerant Write Smm Driver.
>> +#
>> +#   This driver installs SMM Fault Tolerant Write (FTW) protocol, which provides
>> fault
>> +#   tolerant write capability in SMM environment for block devices. Its
>> implementation
>> +#   depends on the full functionality SMM FVB protocol that support read,
>> write/erase
>> +#   flash access.
>> +#
>> +# Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
>> +#
>> +#  This program and the accompanying materials
>> +#  are licensed and made available under the terms and conditions of the BSD
>> License
>> +#  which accompanies this distribution. The full text of the license may be found
>> at
>> +#  http://opensource.org/licenses/bsd-license.php
>> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>> BASIS,
>> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>> EXPRESS OR IMPLIED.
>> +#
>> +##
>> +
>> +[Defines]
>> +  INF_VERSION                    = 0x0001001A
>> +  BASE_NAME                      = FaultTolerantWriteStandaloneMm
>> +  FILE_GUID                      = 3aade4ec-63cc-4a48-a928-5a374dd463eb
>> +  MODULE_TYPE                    = MM_STANDALONE
>> +  VERSION_STRING                 = 1.0
>> +  PI_SPECIFICATION_VERSION       = 0x00010032
>> +  ENTRY_POINT                    = StandaloneMmFaultTolerantWriteInitialize
>> +
>> +#
>> +# The following information is for reference only and not required by the build
>> tools.
>> +#
>> +#  VALID_ARCHITECTURES           = AARCH64
>> +#
>> +
>> +[Sources]
>> +  FtwMisc.c
>> +  UpdateWorkingBlock.c
>> +  FaultTolerantWrite.c
>> +  FaultTolerantWriteStandaloneMm.c
>> +  FaultTolerantWriteSmm.c
>> +  FaultTolerantWrite.h
>> +  FaultTolerantWriteSmmCommon.h
>> +
>> +[Packages]
>> +  MdePkg/MdePkg.dec
>> +  MdeModulePkg/MdeModulePkg.dec
>> +  StandaloneMmPkg/StandaloneMmPkg.dec
>> +
>> +[LibraryClasses]
>> +  BaseLib
>> +  BaseMemoryLib
>> +  DebugLib
>> +  MemoryAllocationLib
>> +  MmServicesTableLib
>> +  PcdLib
>> +  ReportStatusCodeLib
>> +  StandaloneMmDriverEntryPoint
>> +
>> +[Guids]
>> +  #
>> +  # Signature in EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER
>> +  #
>> +  ## CONSUMES           ## GUID
>> +  ## PRODUCES           ## GUID
>> +  gEdkiiWorkingBlockSignatureGuid
>> +
>> +[Protocols]
>> +  gEfiSmmSwapAddressRangeProtocolGuid |
>> gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable  ##
>> SOMETIMES_CONSUMES
>> +  ## NOTIFY
>> +  ## CONSUMES
>> +  gEfiSmmFirmwareVolumeBlockProtocolGuid
>> +  ## PRODUCES
>> +  ## UNDEFINED # SmiHandlerRegister
>> +  gEfiSmmFaultTolerantWriteProtocolGuid
> 
> CONSUMES/PRODUCES is normally put in trailing comment.

Jian,

If there is only one line usage comment for the GUID, it is normally put 
in trailing comment.

But there are two lines usage comments for this GUID, the style is correct.

Thanks,
Star

> 
> 
>> +  gEfiMmEndOfDxeProtocolGuid                       ## CONSUMES
>> +
>> +[FeaturePcd]
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ##
>> CONSUMES
>> +
>> +[Pcd]
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase    ##
>> SOMETIMES_CONSUMES
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64
>> ## CONSUMES
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize    ##
>> CONSUMES
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase      ##
>> SOMETIMES_CONSUMES
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64    ##
>> CONSUMES
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize      ##
>> CONSUMES
>> +
>> +[Depex]
>> +  TRUE
>> +
>> --
>> 2.17.1

Re: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Zeng, Star]

Hi Ard,

Some minor feedback added inline.

On 2019/1/4 2:28, Ard Biesheuvel wrote:
> Implement a new version of the fault tolerant write driver that can
> be used in the context of a standalone MM implementation.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>   MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c   | 70 +++++++++++++++
>   MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf | 90 ++++++++++++++++++++
>   2 files changed, 160 insertions(+)
> 
> diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
> new file mode 100644
> index 000000000000..b6fbf6c64f8a
> --- /dev/null
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
> @@ -0,0 +1,70 @@
> +/** @file
> +
> +  Parts of the SMM/MM implementation that are specific to standalone MM
> +
> +Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD License
> +which accompanies this distribution.  The full text of the license may be found at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Library/SmmMemLib.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include "FaultTolerantWrite.h"
> +#include "FaultTolerantWriteSmmCommon.h"
> +
> +BOOLEAN
> +FtwSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64                Length
> +  )
> +{
> +  return TRUE;
> +}

Please add function comment header for it, otherwise some coding style 
tool may report error.

> +
> +/**
> +  Internal implementation of CRC32. Depending on the execution context
> +  (standalone SMM or DXE vs standalone MM), this function is implemented
> +  via a call to the CalculateCrc32 () boot service, or via a library
> +  call.
> +
> +  If Buffer is NULL, then ASSERT().
> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
> +
> +  @param[in]  Buffer       A pointer to the buffer on which the 32-bit CRC is to be computed.
> +  @param[in]  Length       The number of bytes in the buffer Data.
> +
> +  @retval Crc32            The 32-bit CRC was computed for the data buffer.
> +
> +**/
> +UINT32
> +FtwCalculateCrc32 (
> +  IN  VOID                         *Buffer,
> +  IN  UINTN                        Length
> +  )
> +{
> +  return CalculateCrc32 (Buffer, Length);
> +}

Please add function comment header for it, otherwise some coding style 
tool may report error.

> +
> +VOID
> +FtwNotifySmmReady (
> +  VOID
> +  )
> +{
> +}

Please add function comment header for it, otherwise some coding style 
tool may report error.

Thanks,
Star

> +
> +EFI_STATUS
> +EFIAPI
> +StandaloneMmFaultTolerantWriteInitialize (
> +  IN EFI_HANDLE            ImageHandle,
> +  IN EFI_MM_SYSTEM_TABLE   *MmSystemTable
> +  )
> +{
> +  return MmFaultTolerantWriteInitialize ();
> +}
> diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
> new file mode 100644
> index 000000000000..99bd62ad5ceb
> --- /dev/null
> +++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
> @@ -0,0 +1,90 @@
> + ## @file
> +#   Fault Tolerant Write Smm Driver.
> +#
> +#   This driver installs SMM Fault Tolerant Write (FTW) protocol, which provides fault
> +#   tolerant write capability in SMM environment for block devices. Its implementation
> +#   depends on the full functionality SMM FVB protocol that support read, write/erase
> +#   flash access.
> +#
> +# Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> +#
> +#  This program and the accompanying materials
> +#  are licensed and made available under the terms and conditions of the BSD License
> +#  which accompanies this distribution. The full text of the license may be found at
> +#  http://opensource.org/licenses/bsd-license.php
> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x0001001A
> +  BASE_NAME                      = FaultTolerantWriteStandaloneMm
> +  FILE_GUID                      = 3aade4ec-63cc-4a48-a928-5a374dd463eb
> +  MODULE_TYPE                    = MM_STANDALONE
> +  VERSION_STRING                 = 1.0
> +  PI_SPECIFICATION_VERSION       = 0x00010032
> +  ENTRY_POINT                    = StandaloneMmFaultTolerantWriteInitialize
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = AARCH64
> +#
> +
> +[Sources]
> +  FtwMisc.c
> +  UpdateWorkingBlock.c
> +  FaultTolerantWrite.c
> +  FaultTolerantWriteStandaloneMm.c
> +  FaultTolerantWriteSmm.c
> +  FaultTolerantWrite.h
> +  FaultTolerantWriteSmmCommon.h
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +  StandaloneMmPkg/StandaloneMmPkg.dec
> +
> +[LibraryClasses]
> +  BaseLib
> +  BaseMemoryLib
> +  DebugLib
> +  MemoryAllocationLib
> +  MmServicesTableLib
> +  PcdLib
> +  ReportStatusCodeLib
> +  StandaloneMmDriverEntryPoint
> +
> +[Guids]
> +  #
> +  # Signature in EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER
> +  #
> +  ## CONSUMES           ## GUID
> +  ## PRODUCES           ## GUID
> +  gEdkiiWorkingBlockSignatureGuid
> +
> +[Protocols]
> +  gEfiSmmSwapAddressRangeProtocolGuid | gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable  ## SOMETIMES_CONSUMES
> +  ## NOTIFY
> +  ## CONSUMES
> +  gEfiSmmFirmwareVolumeBlockProtocolGuid
> +  ## PRODUCES
> +  ## UNDEFINED # SmiHandlerRegister
> +  gEfiSmmFaultTolerantWriteProtocolGuid
> +  gEfiMmEndOfDxeProtocolGuid                       ## CONSUMES
> +
> +[FeaturePcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ## CONSUMES
> +
> +[Pcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase    ## SOMETIMES_CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64  ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize    ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase      ## SOMETIMES_CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64    ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize      ## CONSUMES
> +
> +[Depex]
> +  TRUE
> +
> 

Re: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Zeng, Star]

Hi Ard,

Another minor feedback.

On 2019/1/10 14:47, Zeng, Star wrote:
> Hi Ard,
> 
> Some minor feedback added inline.
> 
> On 2019/1/4 2:28, Ard Biesheuvel wrote:
>> Implement a new version of the fault tolerant write driver that can
>> be used in the context of a standalone MM implementation.
>>
>> Contributed-under: TianoCore Contribution Agreement 1.1
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> ---
>>   
>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c   
>> | 70 +++++++++++++++
>>   
>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf 
>> | 90 ++++++++++++++++++++
>>   2 files changed, 160 insertions(+)

Please add it into MdeModulePkg.dsc for package build verification.

Thanks,
Star

>>
>> diff --git 
>> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c 
>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c 
>>
>> new file mode 100644
>> index 000000000000..b6fbf6c64f8a
>> --- /dev/null
>> +++ 
>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c 
>>
>> @@ -0,0 +1,70 @@
>> +/** @file
>> +
>> +  Parts of the SMM/MM implementation that are specific to standalone MM
>> +
>> +Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
>> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
>> +This program and the accompanying materials
>> +are licensed and made available under the terms and conditions of the 
>> BSD License
>> +which accompanies this distribution.  The full text of the license 
>> may be found at
>> +http://opensource.org/licenses/bsd-license.php
>> +
>> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR 
>> IMPLIED.
>> +
>> +**/
>> +
>> +#include <Library/SmmMemLib.h>
>> +#include <Library/UefiBootServicesTableLib.h>
>> +#include "FaultTolerantWrite.h"
>> +#include "FaultTolerantWriteSmmCommon.h"
>> +
>> +BOOLEAN
>> +FtwSmmIsBufferOutsideSmmValid (
>> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
>> +  IN UINT64                Length
>> +  )
>> +{
>> +  return TRUE;
>> +}
> 
> Please add function comment header for it, otherwise some coding style 
> tool may report error.
> 
>> +
>> +/**
>> +  Internal implementation of CRC32. Depending on the execution context
>> +  (standalone SMM or DXE vs standalone MM), this function is implemented
>> +  via a call to the CalculateCrc32 () boot service, or via a library
>> +  call.
>> +
>> +  If Buffer is NULL, then ASSERT().
>> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
>> +
>> +  @param[in]  Buffer       A pointer to the buffer on which the 
>> 32-bit CRC is to be computed.
>> +  @param[in]  Length       The number of bytes in the buffer Data.
>> +
>> +  @retval Crc32            The 32-bit CRC was computed for the data 
>> buffer.
>> +
>> +**/
>> +UINT32
>> +FtwCalculateCrc32 (
>> +  IN  VOID                         *Buffer,
>> +  IN  UINTN                        Length
>> +  )
>> +{
>> +  return CalculateCrc32 (Buffer, Length);
>> +}
> 
> Please add function comment header for it, otherwise some coding style 
> tool may report error.
> 
>> +
>> +VOID
>> +FtwNotifySmmReady (
>> +  VOID
>> +  )
>> +{
>> +}
> 
> Please add function comment header for it, otherwise some coding style 
> tool may report error.
> 
> Thanks,
> Star
> 
>> +
>> +EFI_STATUS
>> +EFIAPI
>> +StandaloneMmFaultTolerantWriteInitialize (
>> +  IN EFI_HANDLE            ImageHandle,
>> +  IN EFI_MM_SYSTEM_TABLE   *MmSystemTable
>> +  )
>> +{
>> +  return MmFaultTolerantWriteInitialize ();
>> +}
>> diff --git 
>> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf 
>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf 
>>
>> new file mode 100644
>> index 000000000000..99bd62ad5ceb
>> --- /dev/null
>> +++ 
>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf 
>>
>> @@ -0,0 +1,90 @@
>> + ## @file
>> +#   Fault Tolerant Write Smm Driver.
>> +#
>> +#   This driver installs SMM Fault Tolerant Write (FTW) protocol, 
>> which provides fault
>> +#   tolerant write capability in SMM environment for block devices. 
>> Its implementation
>> +#   depends on the full functionality SMM FVB protocol that support 
>> read, write/erase
>> +#   flash access.
>> +#
>> +# Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
>> +#
>> +#  This program and the accompanying materials
>> +#  are licensed and made available under the terms and conditions of 
>> the BSD License
>> +#  which accompanies this distribution. The full text of the license 
>> may be found at
>> +#  http://opensource.org/licenses/bsd-license.php
>> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS 
>> OR IMPLIED.
>> +#
>> +##
>> +
>> +[Defines]
>> +  INF_VERSION                    = 0x0001001A
>> +  BASE_NAME                      = FaultTolerantWriteStandaloneMm
>> +  FILE_GUID                      = 3aade4ec-63cc-4a48-a928-5a374dd463eb
>> +  MODULE_TYPE                    = MM_STANDALONE
>> +  VERSION_STRING                 = 1.0
>> +  PI_SPECIFICATION_VERSION       = 0x00010032
>> +  ENTRY_POINT                    = 
>> StandaloneMmFaultTolerantWriteInitialize
>> +
>> +#
>> +# The following information is for reference only and not required by 
>> the build tools.
>> +#
>> +#  VALID_ARCHITECTURES           = AARCH64
>> +#
>> +
>> +[Sources]
>> +  FtwMisc.c
>> +  UpdateWorkingBlock.c
>> +  FaultTolerantWrite.c
>> +  FaultTolerantWriteStandaloneMm.c
>> +  FaultTolerantWriteSmm.c
>> +  FaultTolerantWrite.h
>> +  FaultTolerantWriteSmmCommon.h
>> +
>> +[Packages]
>> +  MdePkg/MdePkg.dec
>> +  MdeModulePkg/MdeModulePkg.dec
>> +  StandaloneMmPkg/StandaloneMmPkg.dec
>> +
>> +[LibraryClasses]
>> +  BaseLib
>> +  BaseMemoryLib
>> +  DebugLib
>> +  MemoryAllocationLib
>> +  MmServicesTableLib
>> +  PcdLib
>> +  ReportStatusCodeLib
>> +  StandaloneMmDriverEntryPoint
>> +
>> +[Guids]
>> +  #
>> +  # Signature in EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER
>> +  #
>> +  ## CONSUMES           ## GUID
>> +  ## PRODUCES           ## GUID
>> +  gEdkiiWorkingBlockSignatureGuid
>> +
>> +[Protocols]
>> +  gEfiSmmSwapAddressRangeProtocolGuid | 
>> gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable  ## 
>> SOMETIMES_CONSUMES
>> +  ## NOTIFY
>> +  ## CONSUMES
>> +  gEfiSmmFirmwareVolumeBlockProtocolGuid
>> +  ## PRODUCES
>> +  ## UNDEFINED # SmiHandlerRegister
>> +  gEfiSmmFaultTolerantWriteProtocolGuid
>> +  gEfiMmEndOfDxeProtocolGuid                       ## CONSUMES
>> +
>> +[FeaturePcd]
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ## CONSUMES
>> +
>> +[Pcd]
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase    
>> ## SOMETIMES_CONSUMES
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64  
>> ## CONSUMES
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize    
>> ## CONSUMES
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase      
>> ## SOMETIMES_CONSUMES
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64    
>> ## CONSUMES
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize      
>> ## CONSUMES
>> +
>> +[Depex]
>> +  TRUE
>> +
>>

Re: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Ard Biesheuvel]

On Thu, 10 Jan 2019 at 08:30, Zeng, Star <star.zeng@intel.com> wrote:
>
> Hi Ard,
>
> Another minor feedback.
>
> On 2019/1/10 14:47, Zeng, Star wrote:
> > Hi Ard,
> >
> > Some minor feedback added inline.
> >
> > On 2019/1/4 2:28, Ard Biesheuvel wrote:
> >> Implement a new version of the fault tolerant write driver that can
> >> be used in the context of a standalone MM implementation.
> >>
> >> Contributed-under: TianoCore Contribution Agreement 1.1
> >> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> >> ---
> >>
> >> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
> >> | 70 +++++++++++++++
> >>
> >> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
> >> | 90 ++++++++++++++++++++
> >>   2 files changed, 160 insertions(+)
>
> Please add it into MdeModulePkg.dsc for package build verification.
>

Hello Star,

Thanks for all the feedback. I will respond in more detail later.

However, to the point raised here: it is not possible to add these
drivers to MdeModulePkg.dsc unless we add a dummy implementation of
StandaloneMmDriverEntryPoint to MdeModulePkg. Do you think we should
do that?


> >>
> >> diff --git
> >> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
> >> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
> >>
> >> new file mode 100644
> >> index 000000000000..b6fbf6c64f8a
> >> --- /dev/null
> >> +++
> >> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
> >>
> >> @@ -0,0 +1,70 @@
> >> +/** @file
> >> +
> >> +  Parts of the SMM/MM implementation that are specific to standalone MM
> >> +
> >> +Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> >> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
> >> +This program and the accompanying materials
> >> +are licensed and made available under the terms and conditions of the
> >> BSD License
> >> +which accompanies this distribution.  The full text of the license
> >> may be found at
> >> +http://opensource.org/licenses/bsd-license.php
> >> +
> >> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> >> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
> >> IMPLIED.
> >> +
> >> +**/
> >> +
> >> +#include <Library/SmmMemLib.h>
> >> +#include <Library/UefiBootServicesTableLib.h>
> >> +#include "FaultTolerantWrite.h"
> >> +#include "FaultTolerantWriteSmmCommon.h"
> >> +
> >> +BOOLEAN
> >> +FtwSmmIsBufferOutsideSmmValid (
> >> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> >> +  IN UINT64                Length
> >> +  )
> >> +{
> >> +  return TRUE;
> >> +}
> >
> > Please add function comment header for it, otherwise some coding style
> > tool may report error.
> >
> >> +
> >> +/**
> >> +  Internal implementation of CRC32. Depending on the execution context
> >> +  (standalone SMM or DXE vs standalone MM), this function is implemented
> >> +  via a call to the CalculateCrc32 () boot service, or via a library
> >> +  call.
> >> +
> >> +  If Buffer is NULL, then ASSERT().
> >> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
> >> +
> >> +  @param[in]  Buffer       A pointer to the buffer on which the
> >> 32-bit CRC is to be computed.
> >> +  @param[in]  Length       The number of bytes in the buffer Data.
> >> +
> >> +  @retval Crc32            The 32-bit CRC was computed for the data
> >> buffer.
> >> +
> >> +**/
> >> +UINT32
> >> +FtwCalculateCrc32 (
> >> +  IN  VOID                         *Buffer,
> >> +  IN  UINTN                        Length
> >> +  )
> >> +{
> >> +  return CalculateCrc32 (Buffer, Length);
> >> +}
> >
> > Please add function comment header for it, otherwise some coding style
> > tool may report error.
> >
> >> +
> >> +VOID
> >> +FtwNotifySmmReady (
> >> +  VOID
> >> +  )
> >> +{
> >> +}
> >
> > Please add function comment header for it, otherwise some coding style
> > tool may report error.
> >
> > Thanks,
> > Star
> >
> >> +
> >> +EFI_STATUS
> >> +EFIAPI
> >> +StandaloneMmFaultTolerantWriteInitialize (
> >> +  IN EFI_HANDLE            ImageHandle,
> >> +  IN EFI_MM_SYSTEM_TABLE   *MmSystemTable
> >> +  )
> >> +{
> >> +  return MmFaultTolerantWriteInitialize ();
> >> +}
> >> diff --git
> >> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
> >> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
> >>
> >> new file mode 100644
> >> index 000000000000..99bd62ad5ceb
> >> --- /dev/null
> >> +++
> >> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
> >>
> >> @@ -0,0 +1,90 @@
> >> + ## @file
> >> +#   Fault Tolerant Write Smm Driver.
> >> +#
> >> +#   This driver installs SMM Fault Tolerant Write (FTW) protocol,
> >> which provides fault
> >> +#   tolerant write capability in SMM environment for block devices.
> >> Its implementation
> >> +#   depends on the full functionality SMM FVB protocol that support
> >> read, write/erase
> >> +#   flash access.
> >> +#
> >> +# Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> >> +#
> >> +#  This program and the accompanying materials
> >> +#  are licensed and made available under the terms and conditions of
> >> the BSD License
> >> +#  which accompanies this distribution. The full text of the license
> >> may be found at
> >> +#  http://opensource.org/licenses/bsd-license.php
> >> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> >> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS
> >> OR IMPLIED.
> >> +#
> >> +##
> >> +
> >> +[Defines]
> >> +  INF_VERSION                    = 0x0001001A
> >> +  BASE_NAME                      = FaultTolerantWriteStandaloneMm
> >> +  FILE_GUID                      = 3aade4ec-63cc-4a48-a928-5a374dd463eb
> >> +  MODULE_TYPE                    = MM_STANDALONE
> >> +  VERSION_STRING                 = 1.0
> >> +  PI_SPECIFICATION_VERSION       = 0x00010032
> >> +  ENTRY_POINT                    =
> >> StandaloneMmFaultTolerantWriteInitialize
> >> +
> >> +#
> >> +# The following information is for reference only and not required by
> >> the build tools.
> >> +#
> >> +#  VALID_ARCHITECTURES           = AARCH64
> >> +#
> >> +
> >> +[Sources]
> >> +  FtwMisc.c
> >> +  UpdateWorkingBlock.c
> >> +  FaultTolerantWrite.c
> >> +  FaultTolerantWriteStandaloneMm.c
> >> +  FaultTolerantWriteSmm.c
> >> +  FaultTolerantWrite.h
> >> +  FaultTolerantWriteSmmCommon.h
> >> +
> >> +[Packages]
> >> +  MdePkg/MdePkg.dec
> >> +  MdeModulePkg/MdeModulePkg.dec
> >> +  StandaloneMmPkg/StandaloneMmPkg.dec
> >> +
> >> +[LibraryClasses]
> >> +  BaseLib
> >> +  BaseMemoryLib
> >> +  DebugLib
> >> +  MemoryAllocationLib
> >> +  MmServicesTableLib
> >> +  PcdLib
> >> +  ReportStatusCodeLib
> >> +  StandaloneMmDriverEntryPoint
> >> +
> >> +[Guids]
> >> +  #
> >> +  # Signature in EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER
> >> +  #
> >> +  ## CONSUMES           ## GUID
> >> +  ## PRODUCES           ## GUID
> >> +  gEdkiiWorkingBlockSignatureGuid
> >> +
> >> +[Protocols]
> >> +  gEfiSmmSwapAddressRangeProtocolGuid |
> >> gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable  ##
> >> SOMETIMES_CONSUMES
> >> +  ## NOTIFY
> >> +  ## CONSUMES
> >> +  gEfiSmmFirmwareVolumeBlockProtocolGuid
> >> +  ## PRODUCES
> >> +  ## UNDEFINED # SmiHandlerRegister
> >> +  gEfiSmmFaultTolerantWriteProtocolGuid
> >> +  gEfiMmEndOfDxeProtocolGuid                       ## CONSUMES
> >> +
> >> +[FeaturePcd]
> >> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ## CONSUMES
> >> +
> >> +[Pcd]
> >> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase
> >> ## SOMETIMES_CONSUMES
> >> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64
> >> ## CONSUMES
> >> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize
> >> ## CONSUMES
> >> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase
> >> ## SOMETIMES_CONSUMES
> >> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64
> >> ## CONSUMES
> >> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize
> >> ## CONSUMES
> >> +
> >> +[Depex]
> >> +  TRUE
> >> +
> >>
>

Re: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Zeng, Star]

On 2019/1/10 15:33, Ard Biesheuvel wrote:
> On Thu, 10 Jan 2019 at 08:30, Zeng, Star <star.zeng@intel.com> wrote:
>>
>> Hi Ard,
>>
>> Another minor feedback.
>>
>> On 2019/1/10 14:47, Zeng, Star wrote:
>>> Hi Ard,
>>>
>>> Some minor feedback added inline.
>>>
>>> On 2019/1/4 2:28, Ard Biesheuvel wrote:
>>>> Implement a new version of the fault tolerant write driver that can
>>>> be used in the context of a standalone MM implementation.
>>>>
>>>> Contributed-under: TianoCore Contribution Agreement 1.1
>>>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>>>> ---
>>>>
>>>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>>>> | 70 +++++++++++++++
>>>>
>>>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>>>> | 90 ++++++++++++++++++++
>>>>    2 files changed, 160 insertions(+)
>>
>> Please add it into MdeModulePkg.dsc for package build verification.
>>
> 
> Hello Star,
> 
> Thanks for all the feedback. I will respond in more detail later.
> 
> However, to the point raised here: it is not possible to add these
> drivers to MdeModulePkg.dsc unless we add a dummy implementation of
> StandaloneMmDriverEntryPoint to MdeModulePkg. Do you think we should
> do that?

Oh, good information.
To have full code building coverage for the package, personally I think 
we can move StandaloneMmDriverEntryPoint library class and instance into 
MdePkg, and even the MmServicesTableLib for MM_STANDALONE, they should 
be generic enough.

I do not want to block this patch set because of this. So let's discuss 
this in parallel as separated topic.

Mike, Liming, Laszlo, Jian and Hao,\
What's your opinion?


Thanks,
Star

> 
> 
>>>>
>>>> diff --git
>>>> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>>>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>>>>
>>>> new file mode 100644
>>>> index 000000000000..b6fbf6c64f8a
>>>> --- /dev/null
>>>> +++
>>>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>>>>
>>>> @@ -0,0 +1,70 @@
>>>> +/** @file
>>>> +
>>>> +  Parts of the SMM/MM implementation that are specific to standalone MM
>>>> +
>>>> +Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
>>>> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
>>>> +This program and the accompanying materials
>>>> +are licensed and made available under the terms and conditions of the
>>>> BSD License
>>>> +which accompanies this distribution.  The full text of the license
>>>> may be found at
>>>> +http://opensource.org/licenses/bsd-license.php
>>>> +
>>>> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>>>> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
>>>> IMPLIED.
>>>> +
>>>> +**/
>>>> +
>>>> +#include <Library/SmmMemLib.h>
>>>> +#include <Library/UefiBootServicesTableLib.h>
>>>> +#include "FaultTolerantWrite.h"
>>>> +#include "FaultTolerantWriteSmmCommon.h"
>>>> +
>>>> +BOOLEAN
>>>> +FtwSmmIsBufferOutsideSmmValid (
>>>> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
>>>> +  IN UINT64                Length
>>>> +  )
>>>> +{
>>>> +  return TRUE;
>>>> +}
>>>
>>> Please add function comment header for it, otherwise some coding style
>>> tool may report error.
>>>
>>>> +
>>>> +/**
>>>> +  Internal implementation of CRC32. Depending on the execution context
>>>> +  (standalone SMM or DXE vs standalone MM), this function is implemented
>>>> +  via a call to the CalculateCrc32 () boot service, or via a library
>>>> +  call.
>>>> +
>>>> +  If Buffer is NULL, then ASSERT().
>>>> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
>>>> +
>>>> +  @param[in]  Buffer       A pointer to the buffer on which the
>>>> 32-bit CRC is to be computed.
>>>> +  @param[in]  Length       The number of bytes in the buffer Data.
>>>> +
>>>> +  @retval Crc32            The 32-bit CRC was computed for the data
>>>> buffer.
>>>> +
>>>> +**/
>>>> +UINT32
>>>> +FtwCalculateCrc32 (
>>>> +  IN  VOID                         *Buffer,
>>>> +  IN  UINTN                        Length
>>>> +  )
>>>> +{
>>>> +  return CalculateCrc32 (Buffer, Length);
>>>> +}
>>>
>>> Please add function comment header for it, otherwise some coding style
>>> tool may report error.
>>>
>>>> +
>>>> +VOID
>>>> +FtwNotifySmmReady (
>>>> +  VOID
>>>> +  )
>>>> +{
>>>> +}
>>>
>>> Please add function comment header for it, otherwise some coding style
>>> tool may report error.
>>>
>>> Thanks,
>>> Star
>>>
>>>> +
>>>> +EFI_STATUS
>>>> +EFIAPI
>>>> +StandaloneMmFaultTolerantWriteInitialize (
>>>> +  IN EFI_HANDLE            ImageHandle,
>>>> +  IN EFI_MM_SYSTEM_TABLE   *MmSystemTable
>>>> +  )
>>>> +{
>>>> +  return MmFaultTolerantWriteInitialize ();
>>>> +}
>>>> diff --git
>>>> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>>>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>>>>
>>>> new file mode 100644
>>>> index 000000000000..99bd62ad5ceb
>>>> --- /dev/null
>>>> +++
>>>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>>>>
>>>> @@ -0,0 +1,90 @@
>>>> + ## @file
>>>> +#   Fault Tolerant Write Smm Driver.
>>>> +#
>>>> +#   This driver installs SMM Fault Tolerant Write (FTW) protocol,
>>>> which provides fault
>>>> +#   tolerant write capability in SMM environment for block devices.
>>>> Its implementation
>>>> +#   depends on the full functionality SMM FVB protocol that support
>>>> read, write/erase
>>>> +#   flash access.
>>>> +#
>>>> +# Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
>>>> +#
>>>> +#  This program and the accompanying materials
>>>> +#  are licensed and made available under the terms and conditions of
>>>> the BSD License
>>>> +#  which accompanies this distribution. The full text of the license
>>>> may be found at
>>>> +#  http://opensource.org/licenses/bsd-license.php
>>>> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>>>> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS
>>>> OR IMPLIED.
>>>> +#
>>>> +##
>>>> +
>>>> +[Defines]
>>>> +  INF_VERSION                    = 0x0001001A
>>>> +  BASE_NAME                      = FaultTolerantWriteStandaloneMm
>>>> +  FILE_GUID                      = 3aade4ec-63cc-4a48-a928-5a374dd463eb
>>>> +  MODULE_TYPE                    = MM_STANDALONE
>>>> +  VERSION_STRING                 = 1.0
>>>> +  PI_SPECIFICATION_VERSION       = 0x00010032
>>>> +  ENTRY_POINT                    =
>>>> StandaloneMmFaultTolerantWriteInitialize
>>>> +
>>>> +#
>>>> +# The following information is for reference only and not required by
>>>> the build tools.
>>>> +#
>>>> +#  VALID_ARCHITECTURES           = AARCH64
>>>> +#
>>>> +
>>>> +[Sources]
>>>> +  FtwMisc.c
>>>> +  UpdateWorkingBlock.c
>>>> +  FaultTolerantWrite.c
>>>> +  FaultTolerantWriteStandaloneMm.c
>>>> +  FaultTolerantWriteSmm.c
>>>> +  FaultTolerantWrite.h
>>>> +  FaultTolerantWriteSmmCommon.h
>>>> +
>>>> +[Packages]
>>>> +  MdePkg/MdePkg.dec
>>>> +  MdeModulePkg/MdeModulePkg.dec
>>>> +  StandaloneMmPkg/StandaloneMmPkg.dec
>>>> +
>>>> +[LibraryClasses]
>>>> +  BaseLib
>>>> +  BaseMemoryLib
>>>> +  DebugLib
>>>> +  MemoryAllocationLib
>>>> +  MmServicesTableLib
>>>> +  PcdLib
>>>> +  ReportStatusCodeLib
>>>> +  StandaloneMmDriverEntryPoint
>>>> +
>>>> +[Guids]
>>>> +  #
>>>> +  # Signature in EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER
>>>> +  #
>>>> +  ## CONSUMES           ## GUID
>>>> +  ## PRODUCES           ## GUID
>>>> +  gEdkiiWorkingBlockSignatureGuid
>>>> +
>>>> +[Protocols]
>>>> +  gEfiSmmSwapAddressRangeProtocolGuid |
>>>> gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable  ##
>>>> SOMETIMES_CONSUMES
>>>> +  ## NOTIFY
>>>> +  ## CONSUMES
>>>> +  gEfiSmmFirmwareVolumeBlockProtocolGuid
>>>> +  ## PRODUCES
>>>> +  ## UNDEFINED # SmiHandlerRegister
>>>> +  gEfiSmmFaultTolerantWriteProtocolGuid
>>>> +  gEfiMmEndOfDxeProtocolGuid                       ## CONSUMES
>>>> +
>>>> +[FeaturePcd]
>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ## CONSUMES
>>>> +
>>>> +[Pcd]
>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase
>>>> ## SOMETIMES_CONSUMES
>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64
>>>> ## CONSUMES
>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize
>>>> ## CONSUMES
>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase
>>>> ## SOMETIMES_CONSUMES
>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64
>>>> ## CONSUMES
>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize
>>>> ## CONSUMES
>>>> +
>>>> +[Depex]
>>>> +  TRUE
>>>> +
>>>>
>>

Re: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Wang, Jian J]

Star,

I think moving it to MdePkg would be better, just like UefiDriverEntryPoint. A dummy
one may be not necessary.

Regards,
Jian


> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Zeng,
> Star
> Sent: Thursday, January 10, 2019 4:00 PM
> To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Wu, Hao A <hao.a.wu@intel.com>; edk2-devel@lists.01.org; Gao, Liming
> <liming.gao@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>;
> Laszlo Ersek <lersek@redhat.com>; Zeng, Star <star.zeng@intel.com>
> Subject: Re: [edk2] [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe:
> implement standalone MM version
> 
> On 2019/1/10 15:33, Ard Biesheuvel wrote:
> > On Thu, 10 Jan 2019 at 08:30, Zeng, Star <star.zeng@intel.com> wrote:
> >>
> >> Hi Ard,
> >>
> >> Another minor feedback.
> >>
> >> On 2019/1/10 14:47, Zeng, Star wrote:
> >>> Hi Ard,
> >>>
> >>> Some minor feedback added inline.
> >>>
> >>> On 2019/1/4 2:28, Ard Biesheuvel wrote:
> >>>> Implement a new version of the fault tolerant write driver that can
> >>>> be used in the context of a standalone MM implementation.
> >>>>
> >>>> Contributed-under: TianoCore Contribution Agreement 1.1
> >>>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> >>>> ---
> >>>>
> >>>>
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandalon
> eMm.c
> >>>> | 70 +++++++++++++++
> >>>>
> >>>>
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandalon
> eMm.inf
> >>>> | 90 ++++++++++++++++++++
> >>>>    2 files changed, 160 insertions(+)
> >>
> >> Please add it into MdeModulePkg.dsc for package build verification.
> >>
> >
> > Hello Star,
> >
> > Thanks for all the feedback. I will respond in more detail later.
> >
> > However, to the point raised here: it is not possible to add these
> > drivers to MdeModulePkg.dsc unless we add a dummy implementation of
> > StandaloneMmDriverEntryPoint to MdeModulePkg. Do you think we should
> > do that?
> 
> Oh, good information.
> To have full code building coverage for the package, personally I think
> we can move StandaloneMmDriverEntryPoint library class and instance into
> MdePkg, and even the MmServicesTableLib for MM_STANDALONE, they should
> be generic enough.
> 
> I do not want to block this patch set because of this. So let's discuss
> this in parallel as separated topic.
> 
> Mike, Liming, Laszlo, Jian and Hao,\
> What's your opinion?
> 
> 
> Thanks,
> Star
> 
> >
> >
> >>>>
> >>>> diff --git
> >>>>
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.c
> >>>>
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.c
> >>>>
> >>>> new file mode 100644
> >>>> index 000000000000..b6fbf6c64f8a
> >>>> --- /dev/null
> >>>> +++
> >>>>
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.c
> >>>>
> >>>> @@ -0,0 +1,70 @@
> >>>> +/** @file
> >>>> +
> >>>> +  Parts of the SMM/MM implementation that are specific to standalone
> MM
> >>>> +
> >>>> +Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> >>>> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
> >>>> +This program and the accompanying materials
> >>>> +are licensed and made available under the terms and conditions of the
> >>>> BSD License
> >>>> +which accompanies this distribution.  The full text of the license
> >>>> may be found at
> >>>> +http://opensource.org/licenses/bsd-license.php
> >>>> +
> >>>> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> BASIS,
> >>>> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS OR
> >>>> IMPLIED.
> >>>> +
> >>>> +**/
> >>>> +
> >>>> +#include <Library/SmmMemLib.h>
> >>>> +#include <Library/UefiBootServicesTableLib.h>
> >>>> +#include "FaultTolerantWrite.h"
> >>>> +#include "FaultTolerantWriteSmmCommon.h"
> >>>> +
> >>>> +BOOLEAN
> >>>> +FtwSmmIsBufferOutsideSmmValid (
> >>>> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> >>>> +  IN UINT64                Length
> >>>> +  )
> >>>> +{
> >>>> +  return TRUE;
> >>>> +}
> >>>
> >>> Please add function comment header for it, otherwise some coding style
> >>> tool may report error.
> >>>
> >>>> +
> >>>> +/**
> >>>> +  Internal implementation of CRC32. Depending on the execution context
> >>>> +  (standalone SMM or DXE vs standalone MM), this function is
> implemented
> >>>> +  via a call to the CalculateCrc32 () boot service, or via a library
> >>>> +  call.
> >>>> +
> >>>> +  If Buffer is NULL, then ASSERT().
> >>>> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
> >>>> +
> >>>> +  @param[in]  Buffer       A pointer to the buffer on which the
> >>>> 32-bit CRC is to be computed.
> >>>> +  @param[in]  Length       The number of bytes in the buffer Data.
> >>>> +
> >>>> +  @retval Crc32            The 32-bit CRC was computed for the data
> >>>> buffer.
> >>>> +
> >>>> +**/
> >>>> +UINT32
> >>>> +FtwCalculateCrc32 (
> >>>> +  IN  VOID                         *Buffer,
> >>>> +  IN  UINTN                        Length
> >>>> +  )
> >>>> +{
> >>>> +  return CalculateCrc32 (Buffer, Length);
> >>>> +}
> >>>
> >>> Please add function comment header for it, otherwise some coding style
> >>> tool may report error.
> >>>
> >>>> +
> >>>> +VOID
> >>>> +FtwNotifySmmReady (
> >>>> +  VOID
> >>>> +  )
> >>>> +{
> >>>> +}
> >>>
> >>> Please add function comment header for it, otherwise some coding style
> >>> tool may report error.
> >>>
> >>> Thanks,
> >>> Star
> >>>
> >>>> +
> >>>> +EFI_STATUS
> >>>> +EFIAPI
> >>>> +StandaloneMmFaultTolerantWriteInitialize (
> >>>> +  IN EFI_HANDLE            ImageHandle,
> >>>> +  IN EFI_MM_SYSTEM_TABLE   *MmSystemTable
> >>>> +  )
> >>>> +{
> >>>> +  return MmFaultTolerantWriteInitialize ();
> >>>> +}
> >>>> diff --git
> >>>>
> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.inf
> >>>>
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.inf
> >>>>
> >>>> new file mode 100644
> >>>> index 000000000000..99bd62ad5ceb
> >>>> --- /dev/null
> >>>> +++
> >>>>
> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> oneMm.inf
> >>>>
> >>>> @@ -0,0 +1,90 @@
> >>>> + ## @file
> >>>> +#   Fault Tolerant Write Smm Driver.
> >>>> +#
> >>>> +#   This driver installs SMM Fault Tolerant Write (FTW) protocol,
> >>>> which provides fault
> >>>> +#   tolerant write capability in SMM environment for block devices.
> >>>> Its implementation
> >>>> +#   depends on the full functionality SMM FVB protocol that support
> >>>> read, write/erase
> >>>> +#   flash access.
> >>>> +#
> >>>> +# Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> >>>> +#
> >>>> +#  This program and the accompanying materials
> >>>> +#  are licensed and made available under the terms and conditions of
> >>>> the BSD License
> >>>> +#  which accompanies this distribution. The full text of the license
> >>>> may be found at
> >>>> +#  http://opensource.org/licenses/bsd-license.php
> >>>> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS
> IS" BASIS,
> >>>> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS
> >>>> OR IMPLIED.
> >>>> +#
> >>>> +##
> >>>> +
> >>>> +[Defines]
> >>>> +  INF_VERSION                    = 0x0001001A
> >>>> +  BASE_NAME                      = FaultTolerantWriteStandaloneMm
> >>>> +  FILE_GUID                      = 3aade4ec-63cc-4a48-a928-5a374dd463eb
> >>>> +  MODULE_TYPE                    = MM_STANDALONE
> >>>> +  VERSION_STRING                 = 1.0
> >>>> +  PI_SPECIFICATION_VERSION       = 0x00010032
> >>>> +  ENTRY_POINT                    =
> >>>> StandaloneMmFaultTolerantWriteInitialize
> >>>> +
> >>>> +#
> >>>> +# The following information is for reference only and not required by
> >>>> the build tools.
> >>>> +#
> >>>> +#  VALID_ARCHITECTURES           = AARCH64
> >>>> +#
> >>>> +
> >>>> +[Sources]
> >>>> +  FtwMisc.c
> >>>> +  UpdateWorkingBlock.c
> >>>> +  FaultTolerantWrite.c
> >>>> +  FaultTolerantWriteStandaloneMm.c
> >>>> +  FaultTolerantWriteSmm.c
> >>>> +  FaultTolerantWrite.h
> >>>> +  FaultTolerantWriteSmmCommon.h
> >>>> +
> >>>> +[Packages]
> >>>> +  MdePkg/MdePkg.dec
> >>>> +  MdeModulePkg/MdeModulePkg.dec
> >>>> +  StandaloneMmPkg/StandaloneMmPkg.dec
> >>>> +
> >>>> +[LibraryClasses]
> >>>> +  BaseLib
> >>>> +  BaseMemoryLib
> >>>> +  DebugLib
> >>>> +  MemoryAllocationLib
> >>>> +  MmServicesTableLib
> >>>> +  PcdLib
> >>>> +  ReportStatusCodeLib
> >>>> +  StandaloneMmDriverEntryPoint
> >>>> +
> >>>> +[Guids]
> >>>> +  #
> >>>> +  # Signature in EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER
> >>>> +  #
> >>>> +  ## CONSUMES           ## GUID
> >>>> +  ## PRODUCES           ## GUID
> >>>> +  gEdkiiWorkingBlockSignatureGuid
> >>>> +
> >>>> +[Protocols]
> >>>> +  gEfiSmmSwapAddressRangeProtocolGuid |
> >>>> gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable  ##
> >>>> SOMETIMES_CONSUMES
> >>>> +  ## NOTIFY
> >>>> +  ## CONSUMES
> >>>> +  gEfiSmmFirmwareVolumeBlockProtocolGuid
> >>>> +  ## PRODUCES
> >>>> +  ## UNDEFINED # SmiHandlerRegister
> >>>> +  gEfiSmmFaultTolerantWriteProtocolGuid
> >>>> +  gEfiMmEndOfDxeProtocolGuid                       ## CONSUMES
> >>>> +
> >>>> +[FeaturePcd]
> >>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ##
> CONSUMES
> >>>> +
> >>>> +[Pcd]
> >>>> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase
> >>>> ## SOMETIMES_CONSUMES
> >>>> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64
> >>>> ## CONSUMES
> >>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize
> >>>> ## CONSUMES
> >>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase
> >>>> ## SOMETIMES_CONSUMES
> >>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64
> >>>> ## CONSUMES
> >>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize
> >>>> ## CONSUMES
> >>>> +
> >>>> +[Depex]
> >>>> +  TRUE
> >>>> +
> >>>>
> >>
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel

Re: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Laszlo Ersek]

On 01/10/19 08:59, Zeng, Star wrote:
> On 2019/1/10 15:33, Ard Biesheuvel wrote:
>> On Thu, 10 Jan 2019 at 08:30, Zeng, Star <star.zeng@intel.com> wrote:
>>>
>>> Hi Ard,
>>>
>>> Another minor feedback.
>>>
>>> On 2019/1/10 14:47, Zeng, Star wrote:
>>>> Hi Ard,
>>>>
>>>> Some minor feedback added inline.
>>>>
>>>> On 2019/1/4 2:28, Ard Biesheuvel wrote:
>>>>> Implement a new version of the fault tolerant write driver that can
>>>>> be used in the context of a standalone MM implementation.
>>>>>
>>>>> Contributed-under: TianoCore Contribution Agreement 1.1
>>>>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>>>>> ---
>>>>>
>>>>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>>>>>
>>>>> | 70 +++++++++++++++
>>>>>
>>>>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>>>>>
>>>>> | 90 ++++++++++++++++++++
>>>>>    2 files changed, 160 insertions(+)
>>>
>>> Please add it into MdeModulePkg.dsc for package build verification.
>>>
>>
>> Hello Star,
>>
>> Thanks for all the feedback. I will respond in more detail later.
>>
>> However, to the point raised here: it is not possible to add these
>> drivers to MdeModulePkg.dsc unless we add a dummy implementation of
>> StandaloneMmDriverEntryPoint to MdeModulePkg. Do you think we should
>> do that?
> 
> Oh, good information.
> To have full code building coverage for the package, personally I think
> we can move StandaloneMmDriverEntryPoint library class and instance into
> MdePkg, and even the MmServicesTableLib for MM_STANDALONE, they should
> be generic enough.
> 
> I do not want to block this patch set because of this. So let's discuss
> this in parallel as separated topic.
> 
> Mike, Liming, Laszlo, Jian and Hao,\
> What's your opinion?

It should be possible to build all library instances in a central
Package (well, all Packages really), using the Package's DSC file. To my
understanding, libraries built like this are not expected to be used in
actual (shipped) drivers / applications, nor is their indiscriminate
distribution (as LIBs) expected. For example, shipping a BaseXxxLibNull
library instance in binary form seems quite useless.

With that in mind, I think a Null instance for the entry point in
question makes sense, under MdeModulePkg.

Thanks
Laszlo


> 
> 
> Thanks,
> Star
> 
>>
>>
>>>>>
>>>>> diff --git
>>>>> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>>>>>
>>>>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>>>>>
>>>>>
>>>>> new file mode 100644
>>>>> index 000000000000..b6fbf6c64f8a
>>>>> --- /dev/null
>>>>> +++
>>>>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>>>>>
>>>>>
>>>>> @@ -0,0 +1,70 @@
>>>>> +/** @file
>>>>> +
>>>>> +  Parts of the SMM/MM implementation that are specific to
>>>>> standalone MM
>>>>> +
>>>>> +Copyright (c) 2010 - 2018, Intel Corporation. All rights
>>>>> reserved.<BR>
>>>>> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
>>>>> +This program and the accompanying materials
>>>>> +are licensed and made available under the terms and conditions of the
>>>>> BSD License
>>>>> +which accompanies this distribution.  The full text of the license
>>>>> may be found at
>>>>> +http://opensource.org/licenses/bsd-license.php
>>>>> +
>>>>> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>>>>> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
>>>>> IMPLIED.
>>>>> +
>>>>> +**/
>>>>> +
>>>>> +#include <Library/SmmMemLib.h>
>>>>> +#include <Library/UefiBootServicesTableLib.h>
>>>>> +#include "FaultTolerantWrite.h"
>>>>> +#include "FaultTolerantWriteSmmCommon.h"
>>>>> +
>>>>> +BOOLEAN
>>>>> +FtwSmmIsBufferOutsideSmmValid (
>>>>> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
>>>>> +  IN UINT64                Length
>>>>> +  )
>>>>> +{
>>>>> +  return TRUE;
>>>>> +}
>>>>
>>>> Please add function comment header for it, otherwise some coding style
>>>> tool may report error.
>>>>
>>>>> +
>>>>> +/**
>>>>> +  Internal implementation of CRC32. Depending on the execution
>>>>> context
>>>>> +  (standalone SMM or DXE vs standalone MM), this function is
>>>>> implemented
>>>>> +  via a call to the CalculateCrc32 () boot service, or via a library
>>>>> +  call.
>>>>> +
>>>>> +  If Buffer is NULL, then ASSERT().
>>>>> +  If Length is greater than (MAX_ADDRESS - Buffer + 1), then
>>>>> ASSERT().
>>>>> +
>>>>> +  @param[in]  Buffer       A pointer to the buffer on which the
>>>>> 32-bit CRC is to be computed.
>>>>> +  @param[in]  Length       The number of bytes in the buffer Data.
>>>>> +
>>>>> +  @retval Crc32            The 32-bit CRC was computed for the data
>>>>> buffer.
>>>>> +
>>>>> +**/
>>>>> +UINT32
>>>>> +FtwCalculateCrc32 (
>>>>> +  IN  VOID                         *Buffer,
>>>>> +  IN  UINTN                        Length
>>>>> +  )
>>>>> +{
>>>>> +  return CalculateCrc32 (Buffer, Length);
>>>>> +}
>>>>
>>>> Please add function comment header for it, otherwise some coding style
>>>> tool may report error.
>>>>
>>>>> +
>>>>> +VOID
>>>>> +FtwNotifySmmReady (
>>>>> +  VOID
>>>>> +  )
>>>>> +{
>>>>> +}
>>>>
>>>> Please add function comment header for it, otherwise some coding style
>>>> tool may report error.
>>>>
>>>> Thanks,
>>>> Star
>>>>
>>>>> +
>>>>> +EFI_STATUS
>>>>> +EFIAPI
>>>>> +StandaloneMmFaultTolerantWriteInitialize (
>>>>> +  IN EFI_HANDLE            ImageHandle,
>>>>> +  IN EFI_MM_SYSTEM_TABLE   *MmSystemTable
>>>>> +  )
>>>>> +{
>>>>> +  return MmFaultTolerantWriteInitialize ();
>>>>> +}
>>>>> diff --git
>>>>> a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>>>>>
>>>>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>>>>>
>>>>>
>>>>> new file mode 100644
>>>>> index 000000000000..99bd62ad5ceb
>>>>> --- /dev/null
>>>>> +++
>>>>> b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>>>>>
>>>>>
>>>>> @@ -0,0 +1,90 @@
>>>>> + ## @file
>>>>> +#   Fault Tolerant Write Smm Driver.
>>>>> +#
>>>>> +#   This driver installs SMM Fault Tolerant Write (FTW) protocol,
>>>>> which provides fault
>>>>> +#   tolerant write capability in SMM environment for block devices.
>>>>> Its implementation
>>>>> +#   depends on the full functionality SMM FVB protocol that support
>>>>> read, write/erase
>>>>> +#   flash access.
>>>>> +#
>>>>> +# Copyright (c) 2010 - 2018, Intel Corporation. All rights
>>>>> reserved.<BR>
>>>>> +#
>>>>> +#  This program and the accompanying materials
>>>>> +#  are licensed and made available under the terms and conditions of
>>>>> the BSD License
>>>>> +#  which accompanies this distribution. The full text of the license
>>>>> may be found at
>>>>> +#  http://opensource.org/licenses/bsd-license.php
>>>>> +#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>>>> BASIS,
>>>>> +#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS
>>>>> OR IMPLIED.
>>>>> +#
>>>>> +##
>>>>> +
>>>>> +[Defines]
>>>>> +  INF_VERSION                    = 0x0001001A
>>>>> +  BASE_NAME                      = FaultTolerantWriteStandaloneMm
>>>>> +  FILE_GUID                      =
>>>>> 3aade4ec-63cc-4a48-a928-5a374dd463eb
>>>>> +  MODULE_TYPE                    = MM_STANDALONE
>>>>> +  VERSION_STRING                 = 1.0
>>>>> +  PI_SPECIFICATION_VERSION       = 0x00010032
>>>>> +  ENTRY_POINT                    =
>>>>> StandaloneMmFaultTolerantWriteInitialize
>>>>> +
>>>>> +#
>>>>> +# The following information is for reference only and not required by
>>>>> the build tools.
>>>>> +#
>>>>> +#  VALID_ARCHITECTURES           = AARCH64
>>>>> +#
>>>>> +
>>>>> +[Sources]
>>>>> +  FtwMisc.c
>>>>> +  UpdateWorkingBlock.c
>>>>> +  FaultTolerantWrite.c
>>>>> +  FaultTolerantWriteStandaloneMm.c
>>>>> +  FaultTolerantWriteSmm.c
>>>>> +  FaultTolerantWrite.h
>>>>> +  FaultTolerantWriteSmmCommon.h
>>>>> +
>>>>> +[Packages]
>>>>> +  MdePkg/MdePkg.dec
>>>>> +  MdeModulePkg/MdeModulePkg.dec
>>>>> +  StandaloneMmPkg/StandaloneMmPkg.dec
>>>>> +
>>>>> +[LibraryClasses]
>>>>> +  BaseLib
>>>>> +  BaseMemoryLib
>>>>> +  DebugLib
>>>>> +  MemoryAllocationLib
>>>>> +  MmServicesTableLib
>>>>> +  PcdLib
>>>>> +  ReportStatusCodeLib
>>>>> +  StandaloneMmDriverEntryPoint
>>>>> +
>>>>> +[Guids]
>>>>> +  #
>>>>> +  # Signature in EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER
>>>>> +  #
>>>>> +  ## CONSUMES           ## GUID
>>>>> +  ## PRODUCES           ## GUID
>>>>> +  gEdkiiWorkingBlockSignatureGuid
>>>>> +
>>>>> +[Protocols]
>>>>> +  gEfiSmmSwapAddressRangeProtocolGuid |
>>>>> gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable  ##
>>>>> SOMETIMES_CONSUMES
>>>>> +  ## NOTIFY
>>>>> +  ## CONSUMES
>>>>> +  gEfiSmmFirmwareVolumeBlockProtocolGuid
>>>>> +  ## PRODUCES
>>>>> +  ## UNDEFINED # SmiHandlerRegister
>>>>> +  gEfiSmmFaultTolerantWriteProtocolGuid
>>>>> +  gEfiMmEndOfDxeProtocolGuid                       ## CONSUMES
>>>>> +
>>>>> +[FeaturePcd]
>>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable    ##
>>>>> CONSUMES
>>>>> +
>>>>> +[Pcd]
>>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase
>>>>> ## SOMETIMES_CONSUMES
>>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64
>>>>> ## CONSUMES
>>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize
>>>>> ## CONSUMES
>>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase
>>>>> ## SOMETIMES_CONSUMES
>>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64
>>>>> ## CONSUMES
>>>>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize
>>>>> ## CONSUMES
>>>>> +
>>>>> +[Depex]
>>>>> +  TRUE
>>>>> +
>>>>>
>>>
> 

Re: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Ard Biesheuvel]

On Thu, 10 Jan 2019 at 14:03, Laszlo Ersek <lersek@redhat.com> wrote:
>
> On 01/10/19 08:59, Zeng, Star wrote:
> > On 2019/1/10 15:33, Ard Biesheuvel wrote:
> >> On Thu, 10 Jan 2019 at 08:30, Zeng, Star <star.zeng@intel.com> wrote:
> >>>
> >>> Hi Ard,
> >>>
> >>> Another minor feedback.
> >>>
> >>> On 2019/1/10 14:47, Zeng, Star wrote:
> >>>> Hi Ard,
> >>>>
> >>>> Some minor feedback added inline.
> >>>>
> >>>> On 2019/1/4 2:28, Ard Biesheuvel wrote:
> >>>>> Implement a new version of the fault tolerant write driver that can
> >>>>> be used in the context of a standalone MM implementation.
> >>>>>
> >>>>> Contributed-under: TianoCore Contribution Agreement 1.1
> >>>>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> >>>>> ---
> >>>>>
> >>>>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
> >>>>>
> >>>>> | 70 +++++++++++++++
> >>>>>
> >>>>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
> >>>>>
> >>>>> | 90 ++++++++++++++++++++
> >>>>>    2 files changed, 160 insertions(+)
> >>>
> >>> Please add it into MdeModulePkg.dsc for package build verification.
> >>>
> >>
> >> Hello Star,
> >>
> >> Thanks for all the feedback. I will respond in more detail later.
> >>
> >> However, to the point raised here: it is not possible to add these
> >> drivers to MdeModulePkg.dsc unless we add a dummy implementation of
> >> StandaloneMmDriverEntryPoint to MdeModulePkg. Do you think we should
> >> do that?
> >
> > Oh, good information.
> > To have full code building coverage for the package, personally I think
> > we can move StandaloneMmDriverEntryPoint library class and instance into
> > MdePkg, and even the MmServicesTableLib for MM_STANDALONE, they should
> > be generic enough.
> >
> > I do not want to block this patch set because of this. So let's discuss
> > this in parallel as separated topic.
> >
> > Mike, Liming, Laszlo, Jian and Hao,\
> > What's your opinion?
>
> It should be possible to build all library instances in a central
> Package (well, all Packages really), using the Package's DSC file. To my
> understanding, libraries built like this are not expected to be used in
> actual (shipped) drivers / applications, nor is their indiscriminate
> distribution (as LIBs) expected. For example, shipping a BaseXxxLibNull
> library instance in binary form seems quite useless.
>
> With that in mind, I think a Null instance for the entry point in
> question makes sense, under MdeModulePkg.
>

I will look into this a bit deeper next week. I think it makes sense
for the core PI architected pieces to all live in MdePkg rather than
StandaloneMmPkg. For instance, MmServicesTableLib for standalone MM
should live there, MmEntryPoint should live there (and have
traditional and standalone MM implementation) and perhaps some other
core pieces as well.

This may be a slippery slope, so I will dedicate some time to look
into this carefully, at least with the goal to make the
FaultTolerantWrite and Variable driver buildable from within
MdeModulePkg.

Re: [PATCH 4/6] MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version

[Zeng, Star]

On 2019/1/11 0:23, Ard Biesheuvel wrote:
> On Thu, 10 Jan 2019 at 14:03, Laszlo Ersek <lersek@redhat.com> wrote:
>>
>> On 01/10/19 08:59, Zeng, Star wrote:
>>> On 2019/1/10 15:33, Ard Biesheuvel wrote:
>>>> On Thu, 10 Jan 2019 at 08:30, Zeng, Star <star.zeng@intel.com> wrote:
>>>>>
>>>>> Hi Ard,
>>>>>
>>>>> Another minor feedback.
>>>>>
>>>>> On 2019/1/10 14:47, Zeng, Star wrote:
>>>>>> Hi Ard,
>>>>>>
>>>>>> Some minor feedback added inline.
>>>>>>
>>>>>> On 2019/1/4 2:28, Ard Biesheuvel wrote:
>>>>>>> Implement a new version of the fault tolerant write driver that can
>>>>>>> be used in the context of a standalone MM implementation.
>>>>>>>
>>>>>>> Contributed-under: TianoCore Contribution Agreement 1.1
>>>>>>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>>>>>>> ---
>>>>>>>
>>>>>>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>>>>>>>
>>>>>>> | 70 +++++++++++++++
>>>>>>>
>>>>>>> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>>>>>>>
>>>>>>> | 90 ++++++++++++++++++++
>>>>>>>     2 files changed, 160 insertions(+)
>>>>>
>>>>> Please add it into MdeModulePkg.dsc for package build verification.
>>>>>
>>>>
>>>> Hello Star,
>>>>
>>>> Thanks for all the feedback. I will respond in more detail later.
>>>>
>>>> However, to the point raised here: it is not possible to add these
>>>> drivers to MdeModulePkg.dsc unless we add a dummy implementation of
>>>> StandaloneMmDriverEntryPoint to MdeModulePkg. Do you think we should
>>>> do that?
>>>
>>> Oh, good information.
>>> To have full code building coverage for the package, personally I think
>>> we can move StandaloneMmDriverEntryPoint library class and instance into
>>> MdePkg, and even the MmServicesTableLib for MM_STANDALONE, they should
>>> be generic enough.
>>>
>>> I do not want to block this patch set because of this. So let's discuss
>>> this in parallel as separated topic.
>>>
>>> Mike, Liming, Laszlo, Jian and Hao,\
>>> What's your opinion?
>>
>> It should be possible to build all library instances in a central
>> Package (well, all Packages really), using the Package's DSC file. To my
>> understanding, libraries built like this are not expected to be used in
>> actual (shipped) drivers / applications, nor is their indiscriminate
>> distribution (as LIBs) expected. For example, shipping a BaseXxxLibNull
>> library instance in binary form seems quite useless.
>>
>> With that in mind, I think a Null instance for the entry point in
>> question makes sense, under MdeModulePkg.
>>
> 
> I will look into this a bit deeper next week. I think it makes sense
> for the core PI architected pieces to all live in MdePkg rather than
> StandaloneMmPkg. For instance, MmServicesTableLib for standalone MM
> should live there, MmEntryPoint should live there (and have
> traditional and standalone MM implementation) and perhaps some other
> core pieces as well.
> 
> This may be a slippery slope, so I will dedicate some time to look
> into this carefully, at least with the goal to make the
> FaultTolerantWrite and Variable driver buildable from within
> MdeModulePkg.

Make sense to me. You'd better to submit a bugzilla to track this after 
this patchset is pushed.

Thanks,
Star


> 

[PATCH 5/6] MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses

[Ard Biesheuvel]

In preparation of providing a standalone MM based variable runtime
driver, move the existing SMM driver to the new MM services table,
and factor out some pieces that are specific to the traditional
driver, mainly related to the use of UEFI boot services, which are
not accessible to standalone MM drivers.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c         |  18 +---
 MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h              |  50 +++++++++
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c           |  59 ++++------
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf         |   5 +-
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c | 114 ++++++++++++++++++++
 5 files changed, 187 insertions(+), 59 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
index 28aa2893c6f8..009d96c3a65e 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
@@ -21,7 +21,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Library/DebugLib.h>
 #include <Library/BaseLib.h>
 #include <Library/BaseMemoryLib.h>
-#include <Library/UefiBootServicesTableLib.h>
 #include "Variable.h"
 
 typedef struct {
@@ -419,8 +418,6 @@ MorLockInitAtEndOfDxe (
 {
   UINTN      MorSize;
   EFI_STATUS MorStatus;
-  EFI_STATUS TcgStatus;
-  VOID       *TcgInterface;
 
   if (!mMorLockInitializationRequired) {
     //
@@ -458,20 +455,7 @@ MorLockInitAtEndOfDxe (
     // can be deduced from the absence of the TCG / TCG2 protocols, as edk2's
     // MOR implementation depends on (one of) those protocols.
     //
-    TcgStatus = gBS->LocateProtocol (
-                       &gEfiTcg2ProtocolGuid,
-                       NULL,                     // Registration
-                       &TcgInterface
-                       );
-    if (EFI_ERROR (TcgStatus)) {
-      TcgStatus = gBS->LocateProtocol (
-                         &gEfiTcgProtocolGuid,
-                         NULL,                   // Registration
-                         &TcgInterface
-                         );
-    }
-
-    if (!EFI_ERROR (TcgStatus)) {
+    if (VariableHaveTcgProtocols ()) {
       //
       // The MOR variable originates from the platform firmware; set the MOR
       // Control Lock variable to report the locking capability to the OS.
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
index 938eb5de61fa..11822575ac4d 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
@@ -924,4 +924,54 @@ VariableExLibAtRuntime (
   VOID
   );
 
+/**
+  Notify the system that the SMM variable driver is ready
+**/
+VOID
+VariableNotifySmmReady (
+  VOID
+  );
+
+/**
+  Notify the system that the SMM variable write driver is ready
+**/
+VOID
+VariableNotifySmmWriteReady (
+  VOID
+  );
+
+/**
+  Variable service MM driver entry point
+**/
+EFI_STATUS
+EFIAPI
+MmVariableServiceInitialize (
+  VOID
+  );
+
+/**
+  This function check if the buffer is valid per processor architecture and not overlap with SMRAM.
+
+  @param Buffer  The buffer start address to be checked.
+  @param Length  The buffer length to be checked.
+
+  @retval TRUE  This buffer is valid per processor architecture and not overlap with SMRAM.
+  @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.
+**/
+BOOLEAN
+VariableSmmIsBufferOutsideSmmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  );
+
+/**
+  Whether the TCG or TCG2 protocols are installed in the UEFI protocol database.
+  This information is used by the MorLock code to infer whether an existing
+  MOR variable is legitimate or not.
+**/
+BOOLEAN
+VariableHaveTcgProtocols (
+  VOID
+  );
+
 #endif
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
index 8c53f84ff6e8..7245587052df 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@@ -15,6 +15,7 @@
   SmmVariableGetStatistics() should also do validation based on its own knowledge.
 
 Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -28,18 +29,15 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Protocol/SmmVariable.h>
 #include <Protocol/SmmFirmwareVolumeBlock.h>
 #include <Protocol/SmmFaultTolerantWrite.h>
-#include <Protocol/SmmEndOfDxe.h>
+#include <Protocol/MmEndOfDxe.h>
 #include <Protocol/SmmVarCheck.h>
 
-#include <Library/SmmServicesTableLib.h>
-#include <Library/SmmMemLib.h>
+#include <Library/MmServicesTableLib.h>
 
 #include <Guid/SmmVariableCommon.h>
 #include "Variable.h"
 
 extern VARIABLE_INFO_ENTRY                           *gVariableInfo;
-EFI_HANDLE                                           mSmmVariableHandle      = NULL;
-EFI_HANDLE                                           mVariableHandle         = NULL;
 BOOLEAN                                              mAtRuntime              = FALSE;
 UINT8                                                *mVariableBufferPayload = NULL;
 UINTN                                                mVariableBufferPayloadSize;
@@ -218,7 +216,7 @@ GetFtwProtocol (
   //
   // Locate Smm Fault Tolerent Write protocol
   //
-  Status = gSmst->SmmLocateProtocol (
+  Status = gMmst->MmLocateProtocol (
                     &gEfiSmmFaultTolerantWriteProtocolGuid,
                     NULL,
                     FtwProtocol
@@ -248,7 +246,7 @@ GetFvbByHandle (
   //
   // To get the SMM FVB protocol interface on the handle
   //
-  return gSmst->SmmHandleProtocol (
+  return gMmst->MmHandleProtocol (
                   FvBlockHandle,
                   &gEfiSmmFirmwareVolumeBlockProtocolGuid,
                   (VOID **) FvBlock
@@ -287,7 +285,7 @@ GetFvbCountAndBuffer (
   BufferSize     = 0;
   *NumberHandles = 0;
   *Buffer        = NULL;
-  Status = gSmst->SmmLocateHandle (
+  Status = gMmst->MmLocateHandle (
                     ByProtocol,
                     &gEfiSmmFirmwareVolumeBlockProtocolGuid,
                     NULL,
@@ -303,7 +301,7 @@ GetFvbCountAndBuffer (
     return EFI_OUT_OF_RESOURCES;
   }
 
-  Status = gSmst->SmmLocateHandle (
+  Status = gMmst->MmLocateHandle (
                     ByProtocol,
                     &gEfiSmmFirmwareVolumeBlockProtocolGuid,
                     NULL,
@@ -500,7 +498,7 @@ SmmVariableHandler (
     return EFI_SUCCESS;
   }
 
-  if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+  if (!VariableSmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
     DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
     return EFI_SUCCESS;
   }
@@ -911,13 +909,7 @@ SmmFtwNotificationEvent (
   //
   // Notify the variable wrapper driver the variable write service is ready
   //
-  Status = gBS->InstallProtocolInterface (
-                  &mSmmVariableHandle,
-                  &gSmmVariableWriteGuid,
-                  EFI_NATIVE_INTERFACE,
-                  NULL
-                  );
-  ASSERT_EFI_ERROR (Status);
+  VariableNotifySmmWriteReady ();
 
   return EFI_SUCCESS;
 }
@@ -928,18 +920,11 @@ SmmFtwNotificationEvent (
   runtime services in the EFI System Table and installs arch protocols
   for variable read and write services being available. It also registers
   a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
-
-  @param[in] ImageHandle    The firmware allocated handle for the EFI image.
-  @param[in] SystemTable    A pointer to the EFI System Table.
-
-  @retval EFI_SUCCESS       Variable service successfully initialized.
-
 **/
 EFI_STATUS
 EFIAPI
-VariableServiceInitialize (
-  IN EFI_HANDLE                           ImageHandle,
-  IN EFI_SYSTEM_TABLE                     *SystemTable
+MmVariableServiceInitialize (
+  VOID
   )
 {
   EFI_STATUS                              Status;
@@ -957,7 +942,7 @@ VariableServiceInitialize (
   // Install the Smm Variable Protocol on a new handle.
   //
   VariableHandle = NULL;
-  Status = gSmst->SmmInstallProtocolInterface (
+  Status = gMmst->MmInstallProtocolInterface (
                     &VariableHandle,
                     &gEfiSmmVariableProtocolGuid,
                     EFI_NATIVE_INTERFACE,
@@ -965,7 +950,7 @@ VariableServiceInitialize (
                     );
   ASSERT_EFI_ERROR (Status);
 
-  Status = gSmst->SmmInstallProtocolInterface (
+  Status = gMmst->MmInstallProtocolInterface (
                     &VariableHandle,
                     &gEdkiiSmmVarCheckProtocolGuid,
                     EFI_NATIVE_INTERFACE,
@@ -976,7 +961,7 @@ VariableServiceInitialize (
   mVariableBufferPayloadSize = GetMaxVariableSize () +
                                OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) - GetVariableHeaderSize ();
 
-  Status = gSmst->SmmAllocatePool (
+  Status = gMmst->MmAllocatePool (
                     EfiRuntimeServicesData,
                     mVariableBufferPayloadSize,
                     (VOID **)&mVariableBufferPayload
@@ -987,25 +972,19 @@ VariableServiceInitialize (
   /// Register SMM variable SMI handler
   ///
   VariableHandle = NULL;
-  Status = gSmst->SmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle);
+  Status = gMmst->MmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle);
   ASSERT_EFI_ERROR (Status);
 
   //
   // Notify the variable wrapper driver the variable service is ready
   //
-  Status = SystemTable->BootServices->InstallProtocolInterface (
-                                        &mVariableHandle,
-                                        &gEfiSmmVariableProtocolGuid,
-                                        EFI_NATIVE_INTERFACE,
-                                        &gSmmVariable
-                                        );
-  ASSERT_EFI_ERROR (Status);
+  VariableNotifySmmReady ();
 
   //
   // Register EFI_SMM_END_OF_DXE_PROTOCOL_GUID notify function.
   //
-  Status = gSmst->SmmRegisterProtocolNotify (
-                    &gEfiSmmEndOfDxeProtocolGuid,
+  Status = gMmst->MmRegisterProtocolNotify (
+                    &gEfiMmEndOfDxeProtocolGuid,
                     SmmEndOfDxeCallback,
                     &SmmEndOfDxeRegistration
                     );
@@ -1014,7 +993,7 @@ VariableServiceInitialize (
   //
   // Register FtwNotificationEvent () notify function.
   //
-  Status = gSmst->SmmRegisterProtocolNotify (
+  Status = gMmst->MmRegisterProtocolNotify (
                     &gEfiSmmFaultTolerantWriteProtocolGuid,
                     SmmFtwNotificationEvent,
                     &SmmFtwRegistration
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
index db7d220e06df..ed7392cbcffc 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
@@ -48,6 +48,7 @@ [Defines]
 [Sources]
   Reclaim.c
   Variable.c
+  VariableTraditionalMm.c
   VariableSmm.c
   VarCheck.c
   Variable.h
@@ -66,7 +67,7 @@ [LibraryClasses]
   BaseLib
   SynchronizationLib
   UefiLib
-  SmmServicesTableLib
+  MmServicesTableLib
   BaseMemoryLib
   DebugLib
   DxeServicesTableLib
@@ -85,7 +86,7 @@ [Protocols]
   ## PRODUCES
   ## UNDEFINED # SmiHandlerRegister
   gEfiSmmVariableProtocolGuid
-  gEfiSmmEndOfDxeProtocolGuid                   ## NOTIFY
+  gEfiMmEndOfDxeProtocolGuid                    ## NOTIFY
   gEdkiiSmmVarCheckProtocolGuid                 ## PRODUCES
   gEfiTcgProtocolGuid                           ## SOMETIMES_CONSUMES
   gEfiTcg2ProtocolGuid                          ## SOMETIMES_CONSUMES
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
new file mode 100644
index 000000000000..2143d3337e87
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
@@ -0,0 +1,114 @@
+/** @file
+
+  Parts of the SMM/MM implementation that are specific to traditional MM
+
+Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2018, Linaro, Ltd. All rights reserved. <BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/SmmMemLib.h>
+#include "Variable.h"
+
+BOOLEAN
+VariableSmmIsBufferOutsideSmmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  )
+{
+  if (!SmmIsBufferOutsideSmmValid (Buffer, Length)) {
+    DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
+    return FALSE;
+  }
+  return TRUE;
+}
+
+/**
+  Notify the system that the SMM variable driver is ready
+**/
+VOID
+VariableNotifySmmReady (
+  VOID
+  )
+{
+  EFI_STATUS            Status;
+  EFI_HANDLE            Handle;
+
+  Handle = NULL;
+  Status = gBS->InstallProtocolInterface (
+                  &Handle,
+                  &gEfiSmmVariableProtocolGuid,
+                  EFI_NATIVE_INTERFACE,
+                  NULL
+                  );
+  ASSERT_EFI_ERROR (Status);
+}
+
+/**
+  Notify the system that the SMM variable write driver is ready
+**/
+VOID
+VariableNotifySmmWriteReady (
+  VOID
+  )
+{
+  EFI_STATUS            Status;
+  EFI_HANDLE            Handle;
+
+  Handle = NULL;
+  Status = gBS->InstallProtocolInterface (
+                  &Handle,
+                  &gSmmVariableWriteGuid,
+                  EFI_NATIVE_INTERFACE,
+                  NULL
+                  );
+  ASSERT_EFI_ERROR (Status);
+}
+
+EFI_STATUS
+EFIAPI
+VariableServiceInitialize (
+  IN EFI_HANDLE                           ImageHandle,
+  IN EFI_SYSTEM_TABLE                     *SystemTable
+  )
+{
+  return MmVariableServiceInitialize ();
+}
+
+/**
+  Whether the TCG or TCG2 protocols are installed in the UEFI protocol database.
+  This information is used by the MorLock code to infer whether an existing
+  MOR variable is legitimate or not.
+**/
+BOOLEAN
+VariableHaveTcgProtocols (
+  VOID
+  )
+{
+  EFI_STATUS            Status;
+  VOID                  *Interface;
+
+  Status = gBS->LocateProtocol (
+                  &gEfiTcg2ProtocolGuid,
+                  NULL,                     // Registration
+                  &Interface
+                  );
+  if (!EFI_ERROR (Status)) {
+    return TRUE;
+  }
+
+  Status = gBS->LocateProtocol (
+                  &gEfiTcgProtocolGuid,
+                  NULL,                     // Registration
+                  &Interface
+                  );
+  return !EFI_ERROR (Status);
+}
-- 
2.17.1

Re: [PATCH 5/6] MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses

[Laszlo Ersek]

On 01/03/19 19:28, Ard Biesheuvel wrote:
> In preparation of providing a standalone MM based variable runtime
> driver, move the existing SMM driver to the new MM services table,
> and factor out some pieces that are specific to the traditional
> driver, mainly related to the use of UEFI boot services, which are
> not accessible to standalone MM drivers.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>  MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c         |  18 +---
>  MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h              |  50 +++++++++
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c           |  59 ++++------
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf         |   5 +-
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c | 114 ++++++++++++++++++++
>  5 files changed, 187 insertions(+), 59 deletions(-)

I *vaguely* feel like we should extract the new functions to
"PrivilegePolymorphic.h", rather than to "Variable.h".

Please see initial commit 00663d047fc9
("MdeModulePkg/Variable/RuntimeDxe: move SecureBootHook() decl to new
header", 2017-10-10), and other commits that touched that file.

I realize this is not a 100% "constructive" suggestion, and I feel
appropriately bad about that. It's just that "Variable.h" has so many
internals that I feel it's not a good dumping ground for these new
functions. And the other header we have, looks closer in purpose.

For example, MorLockInitAtEndOfDxe() is already declared in
"PrivilegePolymorphic.h" (see commit f1304280435f,
"MdeModulePkg/Variable/RuntimeDxe: introduce MorLockInitAtEndOfDxe()
hook", 2017-10-10).

Admittedly, now that we're going to have three separate builds of this
driver, dedicating a separate header file to each "shared between A and
B" relationship is getting a bit too complex. In retrospect, introducing
"PrivilegePolymorphic.h" may not have been a "scalable" idea, after all,
and I should have just dumped those functions all in "Variable.h".

IOW, I think
- targeting "Variable.h" now is inconsistent with earlier code,
- extending "PrivilegePolymorphic.h" is also suboptimal (although still
better than the previous option),
- adding yet another header might be technically correct, but it would
be over-engineering,
- asking you to merge "PrivilegePolymorphic.h" back into "Variable.h"
feels awkward, especially after I argued *for* "PrivilegePolymorphic.h"
at length, when I originally introduced it. :/

Sigh. Can the variable driver maintainers comment please?

(I still plan to regression-test this series, but I feel like I should
force myself to at least skim the variable driver patches, beyond
testing them. Because, next time I can't avoid working with this very
complex driver, I wouldn't like to be *completely* lost.)

Thanks,
Laszlo

Re: [PATCH 5/6] MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses

[Wang, Jian J]

Laszlo,

Regards,
Jian

> -----Original Message-----
> From: Laszlo Ersek [mailto:lersek@redhat.com]
> Sent: Tuesday, January 08, 2019 11:38 PM
> To: Ard Biesheuvel <ard.biesheuvel@linaro.org>; edk2-devel@lists.01.org
> Cc: Leif Lindholm <leif.lindholm@linaro.org>; Kinney, Michael D
> <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Wang,
> Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Jagadeesh
> Ujja <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>;
> Thomas Panakamattam Abraham <thomas.abraham@arm.com>; Sami Mujawar
> <Sami.Mujawar@arm.com>
> Subject: Re: [PATCH 5/6] MdeModulePkg/VariableRuntimeDxe: factor out boot
> service accesses
> 
> On 01/03/19 19:28, Ard Biesheuvel wrote:
> > In preparation of providing a standalone MM based variable runtime
> > driver, move the existing SMM driver to the new MM services table,
> > and factor out some pieces that are specific to the traditional
> > driver, mainly related to the use of UEFI boot services, which are
> > not accessible to standalone MM drivers.
> >
> > Contributed-under: TianoCore Contribution Agreement 1.1
> > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > ---
> >  MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c         |  18
> +---
> >  MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h              |  50
> +++++++++
> >  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c           |  59
> ++++------
> >  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf         |   5 +-
> >  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c |
> 114 ++++++++++++++++++++
> >  5 files changed, 187 insertions(+), 59 deletions(-)
> 
> I *vaguely* feel like we should extract the new functions to
> "PrivilegePolymorphic.h", rather than to "Variable.h".
> 
> Please see initial commit 00663d047fc9
> ("MdeModulePkg/Variable/RuntimeDxe: move SecureBootHook() decl to new
> header", 2017-10-10), and other commits that touched that file.
> 
> I realize this is not a 100% "constructive" suggestion, and I feel
> appropriately bad about that. It's just that "Variable.h" has so many
> internals that I feel it's not a good dumping ground for these new
> functions. And the other header we have, looks closer in purpose.
> 
> For example, MorLockInitAtEndOfDxe() is already declared in
> "PrivilegePolymorphic.h" (see commit f1304280435f,
> "MdeModulePkg/Variable/RuntimeDxe: introduce MorLockInitAtEndOfDxe()
> hook", 2017-10-10).
> 
> Admittedly, now that we're going to have three separate builds of this
> driver, dedicating a separate header file to each "shared between A and
> B" relationship is getting a bit too complex. In retrospect, introducing
> "PrivilegePolymorphic.h" may not have been a "scalable" idea, after all,
> and I should have just dumped those functions all in "Variable.h".
> 
> IOW, I think
> - targeting "Variable.h" now is inconsistent with earlier code,
> - extending "PrivilegePolymorphic.h" is also suboptimal (although still
> better than the previous option),
> - adding yet another header might be technically correct, but it would
> be over-engineering,
> - asking you to merge "PrivilegePolymorphic.h" back into "Variable.h"
> feels awkward, especially after I argued *for* "PrivilegePolymorphic.h"
> at length, when I originally introduced it. :/
> 
> Sigh. Can the variable driver maintainers comment please?
> 
> (I still plan to regression-test this series, but I feel like I should
> force myself to at least skim the variable driver patches, beyond
> testing them. Because, next time I can't avoid working with this very
> complex driver, I wouldn't like to be *completely* lost.)
> 

I agree "PrivilegePolymorphic.h" is more appropriate place for them.
Maybe Star have different opinion.

> Thanks,
> Laszlo

Re: [PATCH 5/6] MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses

[Zeng, Star]

On 2019/1/10 10:33, Wang, Jian J wrote:
> Laszlo,
> 
> Regards,
> Jian
> 
>> -----Original Message-----
>> From: Laszlo Ersek [mailto:lersek@redhat.com]
>> Sent: Tuesday, January 08, 2019 11:38 PM
>> To: Ard Biesheuvel <ard.biesheuvel@linaro.org>; edk2-devel@lists.01.org
>> Cc: Leif Lindholm <leif.lindholm@linaro.org>; Kinney, Michael D
>> <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Wang,
>> Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Jagadeesh
>> Ujja <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>;
>> Thomas Panakamattam Abraham <thomas.abraham@arm.com>; Sami Mujawar
>> <Sami.Mujawar@arm.com>
>> Subject: Re: [PATCH 5/6] MdeModulePkg/VariableRuntimeDxe: factor out boot
>> service accesses
>>
>> On 01/03/19 19:28, Ard Biesheuvel wrote:
>>> In preparation of providing a standalone MM based variable runtime
>>> driver, move the existing SMM driver to the new MM services table,
>>> and factor out some pieces that are specific to the traditional
>>> driver, mainly related to the use of UEFI boot services, which are
>>> not accessible to standalone MM drivers.
>>>
>>> Contributed-under: TianoCore Contribution Agreement 1.1
>>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>>> ---
>>>   MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c         |  18
>> +---
>>>   MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h              |  50
>> +++++++++
>>>   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c           |  59
>> ++++------
>>>   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf         |   5 +-
>>>   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c |
>> 114 ++++++++++++++++++++
>>>   5 files changed, 187 insertions(+), 59 deletions(-)
>>
>> I *vaguely* feel like we should extract the new functions to
>> "PrivilegePolymorphic.h", rather than to "Variable.h".
>>
>> Please see initial commit 00663d047fc9
>> ("MdeModulePkg/Variable/RuntimeDxe: move SecureBootHook() decl to new
>> header", 2017-10-10), and other commits that touched that file.
>>
>> I realize this is not a 100% "constructive" suggestion, and I feel
>> appropriately bad about that. It's just that "Variable.h" has so many
>> internals that I feel it's not a good dumping ground for these new
>> functions. And the other header we have, looks closer in purpose.
>>
>> For example, MorLockInitAtEndOfDxe() is already declared in
>> "PrivilegePolymorphic.h" (see commit f1304280435f,
>> "MdeModulePkg/Variable/RuntimeDxe: introduce MorLockInitAtEndOfDxe()
>> hook", 2017-10-10).
>>
>> Admittedly, now that we're going to have three separate builds of this
>> driver, dedicating a separate header file to each "shared between A and
>> B" relationship is getting a bit too complex. In retrospect, introducing
>> "PrivilegePolymorphic.h" may not have been a "scalable" idea, after all,
>> and I should have just dumped those functions all in "Variable.h".
>>
>> IOW, I think
>> - targeting "Variable.h" now is inconsistent with earlier code,
>> - extending "PrivilegePolymorphic.h" is also suboptimal (although still
>> better than the previous option),
>> - adding yet another header might be technically correct, but it would
>> be over-engineering,
>> - asking you to merge "PrivilegePolymorphic.h" back into "Variable.h"
>> feels awkward, especially after I argued *for* "PrivilegePolymorphic.h"
>> at length, when I originally introduced it. :/
>>
>> Sigh. Can the variable driver maintainers comment please?
>>
>> (I still plan to regression-test this series, but I feel like I should
>> force myself to at least skim the variable driver patches, beyond
>> testing them. Because, next time I can't avoid working with this very
>> complex driver, I wouldn't like to be *completely* lost.)
>>
> 
> I agree "PrivilegePolymorphic.h" is more appropriate place for them.
> Maybe Star have different opinion.

At current situation, I prefer PrivilegePolymorphic.h. :)

Some minor feedback will be added in another reply.

Thanks,
Star

> 
>> Thanks,
>> Laszlo

Re: [PATCH 5/6] MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses

[Zeng, Star]

Hi Ard,

Some minor feedback added inline.

On 2019/1/4 2:28, Ard Biesheuvel wrote:
> In preparation of providing a standalone MM based variable runtime
> driver, move the existing SMM driver to the new MM services table,
> and factor out some pieces that are specific to the traditional
> driver, mainly related to the use of UEFI boot services, which are
> not accessible to standalone MM drivers.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>   MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c         |  18 +---
>   MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h              |  50 +++++++++
>   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c           |  59 ++++------
>   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf         |   5 +-
>   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c | 114 ++++++++++++++++++++
>   5 files changed, 187 insertions(+), 59 deletions(-)
> 
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
> index 28aa2893c6f8..009d96c3a65e 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
> @@ -21,7 +21,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
>   #include <Library/DebugLib.h>
>   #include <Library/BaseLib.h>
>   #include <Library/BaseMemoryLib.h>
> -#include <Library/UefiBootServicesTableLib.h>
>   #include "Variable.h"
>   
>   typedef struct {
> @@ -419,8 +418,6 @@ MorLockInitAtEndOfDxe (
>   {
>     UINTN      MorSize;
>     EFI_STATUS MorStatus;
> -  EFI_STATUS TcgStatus;
> -  VOID       *TcgInterface;
>   
>     if (!mMorLockInitializationRequired) {
>       //
> @@ -458,20 +455,7 @@ MorLockInitAtEndOfDxe (
>       // can be deduced from the absence of the TCG / TCG2 protocols, as edk2's
>       // MOR implementation depends on (one of) those protocols.
>       //
> -    TcgStatus = gBS->LocateProtocol (
> -                       &gEfiTcg2ProtocolGuid,
> -                       NULL,                     // Registration
> -                       &TcgInterface
> -                       );
> -    if (EFI_ERROR (TcgStatus)) {
> -      TcgStatus = gBS->LocateProtocol (
> -                         &gEfiTcgProtocolGuid,
> -                         NULL,                   // Registration
> -                         &TcgInterface
> -                         );
> -    }
> -
> -    if (!EFI_ERROR (TcgStatus)) {
> +    if (VariableHaveTcgProtocols ()) {
>         //
>         // The MOR variable originates from the platform firmware; set the MOR
>         // Control Lock variable to report the locking capability to the OS.
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
> index 938eb5de61fa..11822575ac4d 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
> @@ -924,4 +924,54 @@ VariableExLibAtRuntime (
>     VOID
>     );
>   
> +/**
> +  Notify the system that the SMM variable driver is ready
> +**/
> +VOID
> +VariableNotifySmmReady (
> +  VOID
> +  );
> +
> +/**
> +  Notify the system that the SMM variable write driver is ready
> +**/
> +VOID
> +VariableNotifySmmWriteReady (
> +  VOID
> +  );
> +
> +/**
> +  Variable service MM driver entry point
> +**/
> +EFI_STATUS
> +EFIAPI
> +MmVariableServiceInitialize (
> +  VOID
> +  );
> +
> +/**
> +  This function check if the buffer is valid per processor architecture and not overlap with SMRAM.
> +
> +  @param Buffer  The buffer start address to be checked.
> +  @param Length  The buffer length to be checked.
> +
> +  @retval TRUE  This buffer is valid per processor architecture and not overlap with SMRAM.
> +  @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.
> +**/
> +BOOLEAN
> +VariableSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64                Length
> +  );
> +
> +/**
> +  Whether the TCG or TCG2 protocols are installed in the UEFI protocol database.
> +  This information is used by the MorLock code to infer whether an existing
> +  MOR variable is legitimate or not.

Add a line for return description?

> +**/
> +BOOLEAN
> +VariableHaveTcgProtocols (
> +  VOID
> +  );
> +
>   #endif
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> index 8c53f84ff6e8..7245587052df 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> @@ -15,6 +15,7 @@
>     SmmVariableGetStatistics() should also do validation based on its own knowledge.
>   
>   Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.<BR>
>   This program and the accompanying materials
>   are licensed and made available under the terms and conditions of the BSD License
>   which accompanies this distribution.  The full text of the license may be found at
> @@ -28,18 +29,15 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
>   #include <Protocol/SmmVariable.h>
>   #include <Protocol/SmmFirmwareVolumeBlock.h>
>   #include <Protocol/SmmFaultTolerantWrite.h>
> -#include <Protocol/SmmEndOfDxe.h>
> +#include <Protocol/MmEndOfDxe.h>
>   #include <Protocol/SmmVarCheck.h>
>   
> -#include <Library/SmmServicesTableLib.h>
> -#include <Library/SmmMemLib.h>
> +#include <Library/MmServicesTableLib.h>
>   
>   #include <Guid/SmmVariableCommon.h>
>   #include "Variable.h"
>   
>   extern VARIABLE_INFO_ENTRY                           *gVariableInfo;
> -EFI_HANDLE                                           mSmmVariableHandle      = NULL;
> -EFI_HANDLE                                           mVariableHandle         = NULL;
>   BOOLEAN                                              mAtRuntime              = FALSE;
>   UINT8                                                *mVariableBufferPayload = NULL;
>   UINTN                                                mVariableBufferPayloadSize;
> @@ -218,7 +216,7 @@ GetFtwProtocol (
>     //
>     // Locate Smm Fault Tolerent Write protocol
>     //
> -  Status = gSmst->SmmLocateProtocol (
> +  Status = gMmst->MmLocateProtocol (
>                       &gEfiSmmFaultTolerantWriteProtocolGuid,
>                       NULL,
>                       FtwProtocol
> @@ -248,7 +246,7 @@ GetFvbByHandle (
>     //
>     // To get the SMM FVB protocol interface on the handle
>     //
> -  return gSmst->SmmHandleProtocol (
> +  return gMmst->MmHandleProtocol (
>                     FvBlockHandle,
>                     &gEfiSmmFirmwareVolumeBlockProtocolGuid,
>                     (VOID **) FvBlock
> @@ -287,7 +285,7 @@ GetFvbCountAndBuffer (
>     BufferSize     = 0;
>     *NumberHandles = 0;
>     *Buffer        = NULL;
> -  Status = gSmst->SmmLocateHandle (
> +  Status = gMmst->MmLocateHandle (
>                       ByProtocol,
>                       &gEfiSmmFirmwareVolumeBlockProtocolGuid,
>                       NULL,
> @@ -303,7 +301,7 @@ GetFvbCountAndBuffer (
>       return EFI_OUT_OF_RESOURCES;
>     }
>   
> -  Status = gSmst->SmmLocateHandle (
> +  Status = gMmst->MmLocateHandle (
>                       ByProtocol,
>                       &gEfiSmmFirmwareVolumeBlockProtocolGuid,
>                       NULL,
> @@ -500,7 +498,7 @@ SmmVariableHandler (
>       return EFI_SUCCESS;
>     }
>   
> -  if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
> +  if (!VariableSmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
>       DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
>       return EFI_SUCCESS;
>     }
> @@ -911,13 +909,7 @@ SmmFtwNotificationEvent (
>     //
>     // Notify the variable wrapper driver the variable write service is ready
>     //
> -  Status = gBS->InstallProtocolInterface (
> -                  &mSmmVariableHandle,
> -                  &gSmmVariableWriteGuid,
> -                  EFI_NATIVE_INTERFACE,
> -                  NULL
> -                  );
> -  ASSERT_EFI_ERROR (Status);
> +  VariableNotifySmmWriteReady ();
>   
>     return EFI_SUCCESS;
>   }
> @@ -928,18 +920,11 @@ SmmFtwNotificationEvent (
>     runtime services in the EFI System Table and installs arch protocols
>     for variable read and write services being available. It also registers
>     a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
> -
> -  @param[in] ImageHandle    The firmware allocated handle for the EFI image.
> -  @param[in] SystemTable    A pointer to the EFI System Table.
> -
> -  @retval EFI_SUCCESS       Variable service successfully initialized.
> -
>   **/
>   EFI_STATUS
>   EFIAPI
> -VariableServiceInitialize (
> -  IN EFI_HANDLE                           ImageHandle,
> -  IN EFI_SYSTEM_TABLE                     *SystemTable
> +MmVariableServiceInitialize (
> +  VOID
>     )
>   {
>     EFI_STATUS                              Status;
> @@ -957,7 +942,7 @@ VariableServiceInitialize (
>     // Install the Smm Variable Protocol on a new handle.
>     //
>     VariableHandle = NULL;
> -  Status = gSmst->SmmInstallProtocolInterface (
> +  Status = gMmst->MmInstallProtocolInterface (
>                       &VariableHandle,
>                       &gEfiSmmVariableProtocolGuid,
>                       EFI_NATIVE_INTERFACE,
> @@ -965,7 +950,7 @@ VariableServiceInitialize (
>                       );
>     ASSERT_EFI_ERROR (Status);
>   
> -  Status = gSmst->SmmInstallProtocolInterface (
> +  Status = gMmst->MmInstallProtocolInterface (
>                       &VariableHandle,
>                       &gEdkiiSmmVarCheckProtocolGuid,
>                       EFI_NATIVE_INTERFACE,
> @@ -976,7 +961,7 @@ VariableServiceInitialize (
>     mVariableBufferPayloadSize = GetMaxVariableSize () +
>                                  OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) - GetVariableHeaderSize ();
>   
> -  Status = gSmst->SmmAllocatePool (
> +  Status = gMmst->MmAllocatePool (
>                       EfiRuntimeServicesData,
>                       mVariableBufferPayloadSize,
>                       (VOID **)&mVariableBufferPayload
> @@ -987,25 +972,19 @@ VariableServiceInitialize (
>     /// Register SMM variable SMI handler
>     ///
>     VariableHandle = NULL;
> -  Status = gSmst->SmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle);
> +  Status = gMmst->MmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle);
>     ASSERT_EFI_ERROR (Status);
>   
>     //
>     // Notify the variable wrapper driver the variable service is ready
>     //
> -  Status = SystemTable->BootServices->InstallProtocolInterface (
> -                                        &mVariableHandle,
> -                                        &gEfiSmmVariableProtocolGuid,
> -                                        EFI_NATIVE_INTERFACE,
> -                                        &gSmmVariable
> -                                        );
> -  ASSERT_EFI_ERROR (Status);
> +  VariableNotifySmmReady ();
>   
>     //
>     // Register EFI_SMM_END_OF_DXE_PROTOCOL_GUID notify function.
>     //
> -  Status = gSmst->SmmRegisterProtocolNotify (
> -                    &gEfiSmmEndOfDxeProtocolGuid,
> +  Status = gMmst->MmRegisterProtocolNotify (
> +                    &gEfiMmEndOfDxeProtocolGuid,
>                       SmmEndOfDxeCallback,
>                       &SmmEndOfDxeRegistration
>                       );
> @@ -1014,7 +993,7 @@ VariableServiceInitialize (
>     //
>     // Register FtwNotificationEvent () notify function.
>     //
> -  Status = gSmst->SmmRegisterProtocolNotify (
> +  Status = gMmst->MmRegisterProtocolNotify (
>                       &gEfiSmmFaultTolerantWriteProtocolGuid,
>                       SmmFtwNotificationEvent,
>                       &SmmFtwRegistration
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> index db7d220e06df..ed7392cbcffc 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> @@ -48,6 +48,7 @@ [Defines]
>   [Sources]
>     Reclaim.c
>     Variable.c
> +  VariableTraditionalMm.c
>     VariableSmm.c
>     VarCheck.c
>     Variable.h
> @@ -66,7 +67,7 @@ [LibraryClasses]
>     BaseLib
>     SynchronizationLib
>     UefiLib
> -  SmmServicesTableLib
> +  MmServicesTableLib
>     BaseMemoryLib
>     DebugLib
>     DxeServicesTableLib
> @@ -85,7 +86,7 @@ [Protocols]
>     ## PRODUCES
>     ## UNDEFINED # SmiHandlerRegister
>     gEfiSmmVariableProtocolGuid
> -  gEfiSmmEndOfDxeProtocolGuid                   ## NOTIFY
> +  gEfiMmEndOfDxeProtocolGuid                    ## NOTIFY
>     gEdkiiSmmVarCheckProtocolGuid                 ## PRODUCES
>     gEfiTcgProtocolGuid                           ## SOMETIMES_CONSUMES
>     gEfiTcg2ProtocolGuid                          ## SOMETIMES_CONSUMES
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
> new file mode 100644
> index 000000000000..2143d3337e87
> --- /dev/null
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
> @@ -0,0 +1,114 @@
> +/** @file
> +
> +  Parts of the SMM/MM implementation that are specific to traditional MM
> +
> +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved. <BR>
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD License
> +which accompanies this distribution.  The full text of the license may be found at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Library/SmmMemLib.h>
> +#include "Variable.h"
> +
> +BOOLEAN
> +VariableSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64                Length
> +  )
> +{
> +  if (!SmmIsBufferOutsideSmmValid (Buffer, Length)) {
> +    DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));

Remove this debug message printing code?

> +    return FALSE;
> +  }
> +  return TRUE;
> +}

Please add function comment header for it.

> +
> +/**
> +  Notify the system that the SMM variable driver is ready
> +**/
> +VOID
> +VariableNotifySmmReady (
> +  VOID
> +  )
> +{
> +  EFI_STATUS            Status;
> +  EFI_HANDLE            Handle;
> +
> +  Handle = NULL;
> +  Status = gBS->InstallProtocolInterface (
> +                  &Handle,
> +                  &gEfiSmmVariableProtocolGuid,
> +                  EFI_NATIVE_INTERFACE,
> +                  NULL
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +}
> +
> +/**
> +  Notify the system that the SMM variable write driver is ready
> +**/
> +VOID
> +VariableNotifySmmWriteReady (
> +  VOID
> +  )
> +{
> +  EFI_STATUS            Status;
> +  EFI_HANDLE            Handle;
> +
> +  Handle = NULL;
> +  Status = gBS->InstallProtocolInterface (
> +                  &Handle,
> +                  &gSmmVariableWriteGuid,
> +                  EFI_NATIVE_INTERFACE,
> +                  NULL
> +                  );
> +  ASSERT_EFI_ERROR (Status);
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +VariableServiceInitialize (
> +  IN EFI_HANDLE                           ImageHandle,
> +  IN EFI_SYSTEM_TABLE                     *SystemTable
> +  )
> +{
> +  return MmVariableServiceInitialize ();
> +}

Please add function comment header for it.

> +
> +/**
> +  Whether the TCG or TCG2 protocols are installed in the UEFI protocol database.
> +  This information is used by the MorLock code to infer whether an existing
> +  MOR variable is legitimate or not.

Add a line for return description?


Thanks,
Star

> +**/
> +BOOLEAN
> +VariableHaveTcgProtocols (
> +  VOID
> +  )
> +{
> +  EFI_STATUS            Status;
> +  VOID                  *Interface;
> +
> +  Status = gBS->LocateProtocol (
> +                  &gEfiTcg2ProtocolGuid,
> +                  NULL,                     // Registration
> +                  &Interface
> +                  );
> +  if (!EFI_ERROR (Status)) {
> +    return TRUE;
> +  }
> +
> +  Status = gBS->LocateProtocol (
> +                  &gEfiTcgProtocolGuid,
> +                  NULL,                     // Registration
> +                  &Interface
> +                  );
> +  return !EFI_ERROR (Status);
> +}
> 

[PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement standalone MM version

[Ard Biesheuvel]

Reuse most of the existing code to implement a variable runtime
driver that will be able to execute in the context of standalone
MM.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c   |  69 ++++++++++
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 135 ++++++++++++++++++++
 2 files changed, 204 insertions(+)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
new file mode 100644
index 000000000000..fbc99467c057
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
@@ -0,0 +1,69 @@
+/** @file
+
+  Parts of the SMM/MM implementation that are specific to standalone MM
+
+Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2018, Linaro, Ltd. All rights reserved. <BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "Variable.h"
+
+BOOLEAN
+VariableSmmIsBufferOutsideSmmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  )
+{
+  return TRUE;
+}
+
+/**
+  Notify the system that the SMM variable driver is ready
+**/
+VOID
+VariableNotifySmmReady (
+  VOID
+  )
+{
+}
+
+/**
+  Notify the system that the SMM variable write driver is ready
+**/
+VOID
+VariableNotifySmmWriteReady (
+  VOID
+  )
+{
+}
+
+EFI_STATUS
+EFIAPI
+VariableServiceInitialize (
+  IN EFI_HANDLE                           ImageHandle,
+  IN EFI_MM_SYSTEM_TABLE                  *MmSystemTable
+  )
+{
+  return MmVariableServiceInitialize ();
+}
+
+/**
+  Whether the TCG or TCG2 protocols are installed in the UEFI protocol database.
+  This information is used by the MorLock code to infer whether an existing
+  MOR variable is legitimate or not.
+**/
+BOOLEAN
+VariableHaveTcgProtocols (
+  VOID
+  )
+{
+  return FALSE;
+}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
new file mode 100644
index 000000000000..54d647af914c
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
@@ -0,0 +1,135 @@
+## @file
+#  Provides SMM variable service.
+#
+#  This module installs SMM variable protocol into SMM protocol database,
+#  which can be used by SMM driver, and installs SMM variable protocol
+#  into BS protocol database, which can be used to notify the SMM Runtime
+#  Dxe driver that the SMM variable service is ready.
+#  This module should be used with SMM Runtime DXE module together. The
+#  SMM Runtime DXE module would install variable arch protocol and variable
+#  write arch protocol based on SMM variable module.
+#
+#  Caution: This module requires additional review when modified.
+#  This driver will have external input - variable data and communicate buffer in SMM mode.
+#  This external input must be validated carefully to avoid security issues such as
+#  buffer overflow or integer overflow.
+#    The whole SMM authentication variable design relies on the integrity of flash part and SMM.
+#  which is assumed to be protected by platform.  All variable code and metadata in flash/SMM Memory
+#  may not be modified without authorization. If platform fails to protect these resources,
+#  the authentication service provided in this driver will be broken, and the behavior is undefined.
+#
+# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x0001001A
+  BASE_NAME                      = VariableStandaloneMm
+  FILE_GUID                      = 7ee2c0c1-c21a-4113-a53a-66824a95696f
+  MODULE_TYPE                    = MM_STANDALONE
+  VERSION_STRING                 = 1.0
+  PI_SPECIFICATION_VERSION       = 0x00010032
+  ENTRY_POINT                    = VariableServiceInitialize
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = AARCH64
+#
+
+
+[Sources]
+  Reclaim.c
+  Variable.c
+  VariableSmm.c
+  VariableStandaloneMm.c
+  VarCheck.c
+  Variable.h
+  PrivilegePolymorphic.h
+  VariableExLib.c
+  TcgMorLockSmm.c
+  SpeculationBarrierSmm.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  StandaloneMmPkg/StandaloneMmPkg.dec
+
+[LibraryClasses]
+  AuthVariableLib
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+  HobLib
+  MemoryAllocationLib
+  MmServicesTableLib
+  StandaloneMmDriverEntryPoint
+  SynchronizationLib
+  VarCheckLib
+
+[Protocols]
+  gEfiSmmFirmwareVolumeBlockProtocolGuid        ## CONSUMES
+  ## CONSUMES
+  ## NOTIFY
+  gEfiSmmFaultTolerantWriteProtocolGuid
+  ## PRODUCES
+  ## UNDEFINED # SmiHandlerRegister
+  gEfiSmmVariableProtocolGuid
+  gEfiMmEndOfDxeProtocolGuid                   ## NOTIFY
+  gEdkiiSmmVarCheckProtocolGuid                ## PRODUCES
+
+[Guids]
+  ## SOMETIMES_CONSUMES   ## GUID # Signature of Variable store header
+  ## SOMETIMES_PRODUCES   ## GUID # Signature of Variable store header
+  ## SOMETIMES_CONSUMES   ## HOB
+  ## SOMETIMES_PRODUCES   ## SystemTable
+  gEfiAuthenticatedVariableGuid
+
+  ## SOMETIMES_CONSUMES   ## GUID # Signature of Variable store header
+  ## SOMETIMES_PRODUCES   ## GUID # Signature of Variable store header
+  ## SOMETIMES_CONSUMES   ## HOB
+  ## SOMETIMES_PRODUCES   ## SystemTable
+  gEfiVariableGuid
+
+  ## SOMETIMES_CONSUMES   ## Variable:L"PlatformLang"
+  ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"
+  ## SOMETIMES_CONSUMES   ## Variable:L"Lang"
+  ## SOMETIMES_PRODUCES   ## Variable:L"Lang"
+  gEfiGlobalVariableGuid
+
+  gEfiMemoryOverwriteControlDataGuid            ## SOMETIMES_CONSUMES   ## Variable:L"MemoryOverwriteRequestControl"
+  gEfiMemoryOverwriteRequestControlLockGuid     ## SOMETIMES_PRODUCES   ## Variable:L"MemoryOverwriteRequestControlLock"
+
+  gEfiSystemNvDataFvGuid                        ## CONSUMES             ## GUID
+  gEdkiiFaultTolerantWriteGuid                  ## SOMETIMES_CONSUMES   ## HOB
+
+  ## SOMETIMES_CONSUMES   ## Variable:L"VarErrorFlag"
+  ## SOMETIMES_PRODUCES   ## Variable:L"VarErrorFlag"
+  gEdkiiVarErrorFlagGuid
+
+[FixedPcd]
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize       ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase       ## SOMETIMES_CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64     ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize                  ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize              ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize          ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize     ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize                ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize                 ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxUserNvVariableSpaceSize           ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdBoottimeReservedNvVariableSpaceSize  ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdReclaimVariableSpaceAtEndOfDxe   ## CONSUMES
+
+[FeaturePcd]
+  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics        ## CONSUMES  # statistic the information of variable.
+  gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate       ## CONSUMES  # Auto update PlatformLang/Lang
+
+[Depex]
+  TRUE
-- 
2.17.1

Re: [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement standalone MM version

[Wang, Jian J]

Reviewed-by: Jian J Wang <jian.j.wang@intel.com>


> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Friday, January 04, 2019 2:28 AM
> To: edk2-devel@lists.01.org
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek
> <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney,
> Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta
> <Achin.Gupta@arm.com>; Thomas Panakamattam Abraham
> <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> Subject: [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement
> standalone MM version
> 
> Reuse most of the existing code to implement a variable runtime
> driver that will be able to execute in the context of standalone
> MM.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c   |
> 69 ++++++++++
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf |
> 135 ++++++++++++++++++++
>  2 files changed, 204 insertions(+)
> 
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> new file mode 100644
> index 000000000000..fbc99467c057
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> @@ -0,0 +1,69 @@
> +/** @file
> +
> +  Parts of the SMM/MM implementation that are specific to standalone MM
> +
> +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved. <BR>
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD
> License
> +which accompanies this distribution.  The full text of the license may be found
> at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS
> OR IMPLIED.
> +
> +**/
> +
> +#include "Variable.h"
> +
> +BOOLEAN
> +VariableSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64                Length
> +  )
> +{
> +  return TRUE;
> +}
> +
> +/**
> +  Notify the system that the SMM variable driver is ready
> +**/
> +VOID
> +VariableNotifySmmReady (
> +  VOID
> +  )
> +{
> +}
> +
> +/**
> +  Notify the system that the SMM variable write driver is ready
> +**/
> +VOID
> +VariableNotifySmmWriteReady (
> +  VOID
> +  )
> +{
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +VariableServiceInitialize (
> +  IN EFI_HANDLE                           ImageHandle,
> +  IN EFI_MM_SYSTEM_TABLE                  *MmSystemTable
> +  )
> +{
> +  return MmVariableServiceInitialize ();
> +}
> +
> +/**
> +  Whether the TCG or TCG2 protocols are installed in the UEFI protocol
> database.
> +  This information is used by the MorLock code to infer whether an existing
> +  MOR variable is legitimate or not.
> +**/
> +BOOLEAN
> +VariableHaveTcgProtocols (
> +  VOID
> +  )
> +{
> +  return FALSE;
> +}
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> new file mode 100644
> index 000000000000..54d647af914c
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> @@ -0,0 +1,135 @@
> +## @file
> +#  Provides SMM variable service.
> +#
> +#  This module installs SMM variable protocol into SMM protocol database,
> +#  which can be used by SMM driver, and installs SMM variable protocol
> +#  into BS protocol database, which can be used to notify the SMM Runtime
> +#  Dxe driver that the SMM variable service is ready.
> +#  This module should be used with SMM Runtime DXE module together. The
> +#  SMM Runtime DXE module would install variable arch protocol and variable
> +#  write arch protocol based on SMM variable module.
> +#
> +#  Caution: This module requires additional review when modified.
> +#  This driver will have external input - variable data and communicate buffer in
> SMM mode.
> +#  This external input must be validated carefully to avoid security issues such
> as
> +#  buffer overflow or integer overflow.
> +#    The whole SMM authentication variable design relies on the integrity of
> flash part and SMM.
> +#  which is assumed to be protected by platform.  All variable code and
> metadata in flash/SMM Memory
> +#  may not be modified without authorization. If platform fails to protect these
> resources,
> +#  the authentication service provided in this driver will be broken, and the
> behavior is undefined.
> +#
> +# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
> +# This program and the accompanying materials
> +# are licensed and made available under the terms and conditions of the BSD
> License
> +# which accompanies this distribution. The full text of the license may be found
> at
> +# http://opensource.org/licenses/bsd-license.php
> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> BASIS,
> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x0001001A
> +  BASE_NAME                      = VariableStandaloneMm
> +  FILE_GUID                      = 7ee2c0c1-c21a-4113-a53a-66824a95696f
> +  MODULE_TYPE                    = MM_STANDALONE
> +  VERSION_STRING                 = 1.0
> +  PI_SPECIFICATION_VERSION       = 0x00010032
> +  ENTRY_POINT                    = VariableServiceInitialize
> +
> +#
> +# The following information is for reference only and not required by the build
> tools.
> +#
> +#  VALID_ARCHITECTURES           = AARCH64
> +#
> +
> +
> +[Sources]
> +  Reclaim.c
> +  Variable.c
> +  VariableSmm.c
> +  VariableStandaloneMm.c
> +  VarCheck.c
> +  Variable.h
> +  PrivilegePolymorphic.h
> +  VariableExLib.c
> +  TcgMorLockSmm.c
> +  SpeculationBarrierSmm.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +  StandaloneMmPkg/StandaloneMmPkg.dec
> +
> +[LibraryClasses]
> +  AuthVariableLib
> +  BaseLib
> +  BaseMemoryLib
> +  DebugLib
> +  HobLib
> +  MemoryAllocationLib
> +  MmServicesTableLib
> +  StandaloneMmDriverEntryPoint
> +  SynchronizationLib
> +  VarCheckLib
> +
> +[Protocols]
> +  gEfiSmmFirmwareVolumeBlockProtocolGuid        ## CONSUMES
> +  ## CONSUMES
> +  ## NOTIFY
> +  gEfiSmmFaultTolerantWriteProtocolGuid
> +  ## PRODUCES
> +  ## UNDEFINED # SmiHandlerRegister
> +  gEfiSmmVariableProtocolGuid
> +  gEfiMmEndOfDxeProtocolGuid                   ## NOTIFY
> +  gEdkiiSmmVarCheckProtocolGuid                ## PRODUCES
> +
> +[Guids]
> +  ## SOMETIMES_CONSUMES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_PRODUCES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_CONSUMES   ## HOB
> +  ## SOMETIMES_PRODUCES   ## SystemTable
> +  gEfiAuthenticatedVariableGuid
> +
> +  ## SOMETIMES_CONSUMES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_PRODUCES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_CONSUMES   ## HOB
> +  ## SOMETIMES_PRODUCES   ## SystemTable
> +  gEfiVariableGuid
> +
> +  ## SOMETIMES_CONSUMES   ## Variable:L"PlatformLang"
> +  ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"
> +  ## SOMETIMES_CONSUMES   ## Variable:L"Lang"
> +  ## SOMETIMES_PRODUCES   ## Variable:L"Lang"
> +  gEfiGlobalVariableGuid
> +
> +  gEfiMemoryOverwriteControlDataGuid            ## SOMETIMES_CONSUMES   ##
> Variable:L"MemoryOverwriteRequestControl"
> +  gEfiMemoryOverwriteRequestControlLockGuid     ## SOMETIMES_PRODUCES
> ## Variable:L"MemoryOverwriteRequestControlLock"
> +
> +  gEfiSystemNvDataFvGuid                        ## CONSUMES             ## GUID
> +  gEdkiiFaultTolerantWriteGuid                  ## SOMETIMES_CONSUMES   ## HOB
> +
> +  ## SOMETIMES_CONSUMES   ## Variable:L"VarErrorFlag"
> +  ## SOMETIMES_PRODUCES   ## Variable:L"VarErrorFlag"
> +  gEdkiiVarErrorFlagGuid
> +
> +[FixedPcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize       ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase       ##
> SOMETIMES_CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64     ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize                  ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize              ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize          ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize     ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize                ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize                 ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxUserNvVariableSpaceSize
> ## CONSUMES
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdBoottimeReservedNvVariableSpaceSize
> ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdReclaimVariableSpaceAtEndOfDxe
> ## CONSUMES
> +
> +[FeaturePcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics        ##
> CONSUMES  # statistic the information of variable.
> +  gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate       ##
> CONSUMES  # Auto update PlatformLang/Lang
> +
> +[Depex]
> +  TRUE
> --
> 2.17.1

Re: [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement standalone MM version

[Wang, Jian J]

Reviewed-by: Jian J Wang <jian.j.wang@intel.com>


> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Friday, January 04, 2019 2:28 AM
> To: edk2-devel@lists.01.org
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek
> <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney,
> Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta
> <Achin.Gupta@arm.com>; Thomas Panakamattam Abraham
> <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> Subject: [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement
> standalone MM version
> 
> Reuse most of the existing code to implement a variable runtime
> driver that will be able to execute in the context of standalone
> MM.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c   |
> 69 ++++++++++
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf |
> 135 ++++++++++++++++++++
>  2 files changed, 204 insertions(+)
> 
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> new file mode 100644
> index 000000000000..fbc99467c057
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> @@ -0,0 +1,69 @@
> +/** @file
> +
> +  Parts of the SMM/MM implementation that are specific to standalone MM
> +
> +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved. <BR>
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD
> License
> +which accompanies this distribution.  The full text of the license may be found
> at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS
> OR IMPLIED.
> +
> +**/
> +
> +#include "Variable.h"
> +
> +BOOLEAN
> +VariableSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64                Length
> +  )
> +{
> +  return TRUE;
> +}
> +
> +/**
> +  Notify the system that the SMM variable driver is ready
> +**/
> +VOID
> +VariableNotifySmmReady (
> +  VOID
> +  )
> +{
> +}
> +
> +/**
> +  Notify the system that the SMM variable write driver is ready
> +**/
> +VOID
> +VariableNotifySmmWriteReady (
> +  VOID
> +  )
> +{
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +VariableServiceInitialize (
> +  IN EFI_HANDLE                           ImageHandle,
> +  IN EFI_MM_SYSTEM_TABLE                  *MmSystemTable
> +  )
> +{
> +  return MmVariableServiceInitialize ();
> +}
> +
> +/**
> +  Whether the TCG or TCG2 protocols are installed in the UEFI protocol
> database.
> +  This information is used by the MorLock code to infer whether an existing
> +  MOR variable is legitimate or not.
> +**/
> +BOOLEAN
> +VariableHaveTcgProtocols (
> +  VOID
> +  )
> +{
> +  return FALSE;
> +}
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> new file mode 100644
> index 000000000000..54d647af914c
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> @@ -0,0 +1,135 @@
> +## @file
> +#  Provides SMM variable service.
> +#
> +#  This module installs SMM variable protocol into SMM protocol database,
> +#  which can be used by SMM driver, and installs SMM variable protocol
> +#  into BS protocol database, which can be used to notify the SMM Runtime
> +#  Dxe driver that the SMM variable service is ready.
> +#  This module should be used with SMM Runtime DXE module together. The
> +#  SMM Runtime DXE module would install variable arch protocol and variable
> +#  write arch protocol based on SMM variable module.
> +#
> +#  Caution: This module requires additional review when modified.
> +#  This driver will have external input - variable data and communicate buffer in
> SMM mode.
> +#  This external input must be validated carefully to avoid security issues such
> as
> +#  buffer overflow or integer overflow.
> +#    The whole SMM authentication variable design relies on the integrity of
> flash part and SMM.
> +#  which is assumed to be protected by platform.  All variable code and
> metadata in flash/SMM Memory
> +#  may not be modified without authorization. If platform fails to protect these
> resources,
> +#  the authentication service provided in this driver will be broken, and the
> behavior is undefined.
> +#
> +# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
> +# This program and the accompanying materials
> +# are licensed and made available under the terms and conditions of the BSD
> License
> +# which accompanies this distribution. The full text of the license may be found
> at
> +# http://opensource.org/licenses/bsd-license.php
> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> BASIS,
> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x0001001A
> +  BASE_NAME                      = VariableStandaloneMm
> +  FILE_GUID                      = 7ee2c0c1-c21a-4113-a53a-66824a95696f
> +  MODULE_TYPE                    = MM_STANDALONE
> +  VERSION_STRING                 = 1.0
> +  PI_SPECIFICATION_VERSION       = 0x00010032
> +  ENTRY_POINT                    = VariableServiceInitialize
> +
> +#
> +# The following information is for reference only and not required by the build
> tools.
> +#
> +#  VALID_ARCHITECTURES           = AARCH64
> +#
> +
> +
> +[Sources]
> +  Reclaim.c
> +  Variable.c
> +  VariableSmm.c
> +  VariableStandaloneMm.c
> +  VarCheck.c
> +  Variable.h
> +  PrivilegePolymorphic.h
> +  VariableExLib.c
> +  TcgMorLockSmm.c
> +  SpeculationBarrierSmm.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +  StandaloneMmPkg/StandaloneMmPkg.dec
> +
> +[LibraryClasses]
> +  AuthVariableLib
> +  BaseLib
> +  BaseMemoryLib
> +  DebugLib
> +  HobLib
> +  MemoryAllocationLib
> +  MmServicesTableLib
> +  StandaloneMmDriverEntryPoint
> +  SynchronizationLib
> +  VarCheckLib
> +
> +[Protocols]
> +  gEfiSmmFirmwareVolumeBlockProtocolGuid        ## CONSUMES
> +  ## CONSUMES
> +  ## NOTIFY
> +  gEfiSmmFaultTolerantWriteProtocolGuid
> +  ## PRODUCES
> +  ## UNDEFINED # SmiHandlerRegister
> +  gEfiSmmVariableProtocolGuid
> +  gEfiMmEndOfDxeProtocolGuid                   ## NOTIFY
> +  gEdkiiSmmVarCheckProtocolGuid                ## PRODUCES
> +
> +[Guids]
> +  ## SOMETIMES_CONSUMES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_PRODUCES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_CONSUMES   ## HOB
> +  ## SOMETIMES_PRODUCES   ## SystemTable
> +  gEfiAuthenticatedVariableGuid
> +
> +  ## SOMETIMES_CONSUMES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_PRODUCES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_CONSUMES   ## HOB
> +  ## SOMETIMES_PRODUCES   ## SystemTable
> +  gEfiVariableGuid
> +
> +  ## SOMETIMES_CONSUMES   ## Variable:L"PlatformLang"
> +  ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"
> +  ## SOMETIMES_CONSUMES   ## Variable:L"Lang"
> +  ## SOMETIMES_PRODUCES   ## Variable:L"Lang"
> +  gEfiGlobalVariableGuid
> +
> +  gEfiMemoryOverwriteControlDataGuid            ## SOMETIMES_CONSUMES   ##
> Variable:L"MemoryOverwriteRequestControl"
> +  gEfiMemoryOverwriteRequestControlLockGuid     ## SOMETIMES_PRODUCES
> ## Variable:L"MemoryOverwriteRequestControlLock"
> +
> +  gEfiSystemNvDataFvGuid                        ## CONSUMES             ## GUID
> +  gEdkiiFaultTolerantWriteGuid                  ## SOMETIMES_CONSUMES   ## HOB
> +
> +  ## SOMETIMES_CONSUMES   ## Variable:L"VarErrorFlag"
> +  ## SOMETIMES_PRODUCES   ## Variable:L"VarErrorFlag"
> +  gEdkiiVarErrorFlagGuid
> +
> +[FixedPcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize       ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase       ##
> SOMETIMES_CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64     ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize                  ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize              ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize          ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize     ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize                ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize                 ##
> CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxUserNvVariableSpaceSize
> ## CONSUMES
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdBoottimeReservedNvVariableSpaceSize
> ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdReclaimVariableSpaceAtEndOfDxe
> ## CONSUMES
> +
> +[FeaturePcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics        ##
> CONSUMES  # statistic the information of variable.
> +  gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate       ##
> CONSUMES  # Auto update PlatformLang/Lang
> +
> +[Depex]
> +  TRUE
> --
> 2.17.1

Re: [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement standalone MM version

[Zeng, Star]

Hi Ard,

Some minor feedback added below.
With them handled, Reviewed-by: Sta Zeng <star.zeng@intel.com>.

On 2019/1/4 2:28, Ard Biesheuvel wrote:
> Reuse most of the existing code to implement a variable runtime
> driver that will be able to execute in the context of standalone
> MM.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c   |  69 ++++++++++
>   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 135 ++++++++++++++++++++
>   2 files changed, 204 insertions(+)

Please add it into MdeModulePkg.dsc for package build verification.

> 
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> new file mode 100644
> index 000000000000..fbc99467c057
> --- /dev/null
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> @@ -0,0 +1,69 @@
> +/** @file
> +
> +  Parts of the SMM/MM implementation that are specific to standalone MM
> +
> +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. <BR>
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved. <BR>
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD License
> +which accompanies this distribution.  The full text of the license may be found at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include "Variable.h"
> +
> +BOOLEAN
> +VariableSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64                Length
> +  )
> +{
> +  return TRUE;
> +}

Please add function comment header for it.

> +
> +/**
> +  Notify the system that the SMM variable driver is ready
> +**/
> +VOID
> +VariableNotifySmmReady (
> +  VOID
> +  )
> +{
> +}
> +
> +/**
> +  Notify the system that the SMM variable write driver is ready
> +**/
> +VOID
> +VariableNotifySmmWriteReady (
> +  VOID
> +  )
> +{
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +VariableServiceInitialize (
> +  IN EFI_HANDLE                           ImageHandle,
> +  IN EFI_MM_SYSTEM_TABLE                  *MmSystemTable
> +  )
> +{
> +  return MmVariableServiceInitialize ();
> +}

Please add function comment header for it.

> +
> +/**
> +  Whether the TCG or TCG2 protocols are installed in the UEFI protocol database.
> +  This information is used by the MorLock code to infer whether an existing
> +  MOR variable is legitimate or not.

Add a line for return description?

Thanks,
Star

> +**/
> +BOOLEAN
> +VariableHaveTcgProtocols (
> +  VOID
> +  )
> +{
> +  return FALSE;
> +}
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> new file mode 100644
> index 000000000000..54d647af914c
> --- /dev/null
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> @@ -0,0 +1,135 @@
> +## @file
> +#  Provides SMM variable service.
> +#
> +#  This module installs SMM variable protocol into SMM protocol database,
> +#  which can be used by SMM driver, and installs SMM variable protocol
> +#  into BS protocol database, which can be used to notify the SMM Runtime
> +#  Dxe driver that the SMM variable service is ready.
> +#  This module should be used with SMM Runtime DXE module together. The
> +#  SMM Runtime DXE module would install variable arch protocol and variable
> +#  write arch protocol based on SMM variable module.
> +#
> +#  Caution: This module requires additional review when modified.
> +#  This driver will have external input - variable data and communicate buffer in SMM mode.
> +#  This external input must be validated carefully to avoid security issues such as
> +#  buffer overflow or integer overflow.
> +#    The whole SMM authentication variable design relies on the integrity of flash part and SMM.
> +#  which is assumed to be protected by platform.  All variable code and metadata in flash/SMM Memory
> +#  may not be modified without authorization. If platform fails to protect these resources,
> +#  the authentication service provided in this driver will be broken, and the behavior is undefined.
> +#
> +# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
> +# This program and the accompanying materials
> +# are licensed and made available under the terms and conditions of the BSD License
> +# which accompanies this distribution. The full text of the license may be found at
> +# http://opensource.org/licenses/bsd-license.php
> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> +  INF_VERSION                    = 0x0001001A
> +  BASE_NAME                      = VariableStandaloneMm
> +  FILE_GUID                      = 7ee2c0c1-c21a-4113-a53a-66824a95696f
> +  MODULE_TYPE                    = MM_STANDALONE
> +  VERSION_STRING                 = 1.0
> +  PI_SPECIFICATION_VERSION       = 0x00010032
> +  ENTRY_POINT                    = VariableServiceInitialize
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +#  VALID_ARCHITECTURES           = AARCH64
> +#
> +
> +
> +[Sources]
> +  Reclaim.c
> +  Variable.c
> +  VariableSmm.c
> +  VariableStandaloneMm.c
> +  VarCheck.c
> +  Variable.h
> +  PrivilegePolymorphic.h
> +  VariableExLib.c
> +  TcgMorLockSmm.c
> +  SpeculationBarrierSmm.c
> +
> +[Packages]
> +  MdePkg/MdePkg.dec
> +  MdeModulePkg/MdeModulePkg.dec
> +  StandaloneMmPkg/StandaloneMmPkg.dec
> +
> +[LibraryClasses]
> +  AuthVariableLib
> +  BaseLib
> +  BaseMemoryLib
> +  DebugLib
> +  HobLib
> +  MemoryAllocationLib
> +  MmServicesTableLib
> +  StandaloneMmDriverEntryPoint
> +  SynchronizationLib
> +  VarCheckLib
> +
> +[Protocols]
> +  gEfiSmmFirmwareVolumeBlockProtocolGuid        ## CONSUMES
> +  ## CONSUMES
> +  ## NOTIFY
> +  gEfiSmmFaultTolerantWriteProtocolGuid
> +  ## PRODUCES
> +  ## UNDEFINED # SmiHandlerRegister
> +  gEfiSmmVariableProtocolGuid
> +  gEfiMmEndOfDxeProtocolGuid                   ## NOTIFY
> +  gEdkiiSmmVarCheckProtocolGuid                ## PRODUCES
> +
> +[Guids]
> +  ## SOMETIMES_CONSUMES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_PRODUCES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_CONSUMES   ## HOB
> +  ## SOMETIMES_PRODUCES   ## SystemTable
> +  gEfiAuthenticatedVariableGuid
> +
> +  ## SOMETIMES_CONSUMES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_PRODUCES   ## GUID # Signature of Variable store header
> +  ## SOMETIMES_CONSUMES   ## HOB
> +  ## SOMETIMES_PRODUCES   ## SystemTable
> +  gEfiVariableGuid
> +
> +  ## SOMETIMES_CONSUMES   ## Variable:L"PlatformLang"
> +  ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"
> +  ## SOMETIMES_CONSUMES   ## Variable:L"Lang"
> +  ## SOMETIMES_PRODUCES   ## Variable:L"Lang"
> +  gEfiGlobalVariableGuid
> +
> +  gEfiMemoryOverwriteControlDataGuid            ## SOMETIMES_CONSUMES   ## Variable:L"MemoryOverwriteRequestControl"
> +  gEfiMemoryOverwriteRequestControlLockGuid     ## SOMETIMES_PRODUCES   ## Variable:L"MemoryOverwriteRequestControlLock"
> +
> +  gEfiSystemNvDataFvGuid                        ## CONSUMES             ## GUID
> +  gEdkiiFaultTolerantWriteGuid                  ## SOMETIMES_CONSUMES   ## HOB
> +
> +  ## SOMETIMES_CONSUMES   ## Variable:L"VarErrorFlag"
> +  ## SOMETIMES_PRODUCES   ## Variable:L"VarErrorFlag"
> +  gEdkiiVarErrorFlagGuid
> +
> +[FixedPcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize       ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase       ## SOMETIMES_CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64     ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize                  ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize              ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize          ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize     ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize                ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize                 ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxUserNvVariableSpaceSize           ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdBoottimeReservedNvVariableSpaceSize  ## CONSUMES
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdReclaimVariableSpaceAtEndOfDxe   ## CONSUMES
> +
> +[FeaturePcd]
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics        ## CONSUMES  # statistic the information of variable.
> +  gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate       ## CONSUMES  # Auto update PlatformLang/Lang
> +
> +[Depex]
> +  TRUE
> 

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Ard Biesheuvel]

On Thu, 3 Jan 2019 at 19:28, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
>
> This series proposed an alternative approach to the series sent out by
> Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
> special PCD, as well as some other if() conditionals.
>

That would be

[0] https://lists.01.org/pipermail/edk2-devel/2019-January/034542.html

Also, I seem to have included a BaseTools/ patch in error. Apologies
for the sloppiness.


> The primary difference is that this series defines and implements
> MmServicesTableLib in such a way that the traditional SMM drivers
> can use it as well. This is appropriate, considering that the PI
> spec has rebranded traditional SMM as one implementation of the generic
> MM framework.
>
> Patch #1 is based on Jagadeesh's patch, and introduces the MmServicesTableLib
> library class, but for all SMM flavours, not only for standalone MM.
>
> Patch #2 implements MmServicesTableLib for traditional SMM implementations.
>
> Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
> driver that invoke boot services are separated from the core SMM pieces.
>
> Patch #4 implements FaultTolerantWriteSmm for the standalone MM environment.
>
> Patches #5 and #6 do the same, respectively, for the variable runtime driver.
>
> This approach minimizes the delta, and thus the maintenance burden, between
> the traditional SMM and standalone MM drivers, while not resorting to runtime
> checks or other conditionals in the code to implement logic that should be
> decided at build time.
>
> Note that this series only covers part of the work contributed by Jagadeesh.
> This series focuses on the MdePkg and MdeModulePkg changes that affect shared
> code.
>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao Wu <hao.a.wu@intel.com>
> Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> Cc: Achin Gupta <Achin.Gupta@arm.com>
> Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
> Cc: Sami Mujawar <Sami.Mujawar@arm.com>
>
> Ard Biesheuvel (5):
>   MdePkg: implement MmServicesTableLib based on traditional SMM
>   MdeModulePkg/FaultTolerantWriteDxe: factor out boot service accesses
>   MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version
>   MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses
>   MdeModulePkg/VariableRuntimeDxe: implement standalone MM version
>
> Jagadeesh Ujja (1):
>   MdePkg/Include: add MmServicesTableLib header file
>
>  MdeModulePkg/MdeModulePkg.dsc                 |   1 +
>  .../FaultTolerantWrite.h                      |  22 ++-
>  .../FaultTolerantWriteDxe.c                   |  31 ++++
>  .../FaultTolerantWriteSmm.c                   |  54 +++----
>  .../FaultTolerantWriteSmm.inf                 |   5 +-
>  .../FaultTolerantWriteSmmCommon.h             |  31 ++++
>  .../FaultTolerantWriteSmmDxe.c                |   1 +
>  .../FaultTolerantWriteStandaloneMm.c          |  70 +++++++++
>  .../FaultTolerantWriteStandaloneMm.inf        |  90 ++++++++++++
>  .../FaultTolerantWriteTraditionalMm.c         |  94 ++++++++++++
>  .../UpdateWorkingBlock.c                      |  10 +-
>  .../Variable/RuntimeDxe/TcgMorLockSmm.c       |  18 +--
>  .../Universal/Variable/RuntimeDxe/Variable.h  |  50 +++++++
>  .../Variable/RuntimeDxe/VariableSmm.c         |  59 +++-----
>  .../Variable/RuntimeDxe/VariableSmm.inf       |   5 +-
>  .../RuntimeDxe/VariableStandaloneMm.c         |  69 +++++++++
>  .../RuntimeDxe/VariableStandaloneMm.inf       | 135 ++++++++++++++++++
>  .../RuntimeDxe/VariableTraditionalMm.c        | 114 +++++++++++++++
>  MdePkg/Include/Library/MmServicesTableLib.h   |  25 ++++
>  .../MmServicesTableLib/MmServicesTableLib.c   |  63 ++++++++
>  .../MmServicesTableLib/MmServicesTableLib.inf |  45 ++++++
>  .../MmServicesTableLib/MmServicesTableLib.uni |  22 +++
>  MdePkg/MdePkg.dec                             |   4 +
>  MdePkg/MdePkg.dsc                             |   1 +
>  24 files changed, 916 insertions(+), 103 deletions(-)
>  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
>  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
>  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
>  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
>  create mode 100644 MdePkg/Include/Library/MmServicesTableLib.h
>  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
>  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
>
> --
> 2.17.1
>

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Gao, Liming]

Ard:
  I agree this design is good. But, I need some time to evaluate its impact on our X86 platform. Could you wait for several days?

Thanks
Liming
> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Friday, January 4, 2019 2:28 AM
> To: edk2-devel@lists.01.org
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney,
> Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A
> <hao.a.wu@intel.com>; Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>; Thomas Panakamattam
> Abraham <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> Subject: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers
> 
> This series proposed an alternative approach to the series sent out by
> Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
> special PCD, as well as some other if() conditionals.
> 
> The primary difference is that this series defines and implements
> MmServicesTableLib in such a way that the traditional SMM drivers
> can use it as well. This is appropriate, considering that the PI
> spec has rebranded traditional SMM as one implementation of the generic
> MM framework.
> 
> Patch #1 is based on Jagadeesh's patch, and introduces the MmServicesTableLib
> library class, but for all SMM flavours, not only for standalone MM.
> 
> Patch #2 implements MmServicesTableLib for traditional SMM implementations.
> 
> Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
> driver that invoke boot services are separated from the core SMM pieces.
> 
> Patch #4 implements FaultTolerantWriteSmm for the standalone MM environment.
> 
> Patches #5 and #6 do the same, respectively, for the variable runtime driver.
> 
> This approach minimizes the delta, and thus the maintenance burden, between
> the traditional SMM and standalone MM drivers, while not resorting to runtime
> checks or other conditionals in the code to implement logic that should be
> decided at build time.
> 
> Note that this series only covers part of the work contributed by Jagadeesh.
> This series focuses on the MdePkg and MdeModulePkg changes that affect shared
> code.
> 
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao Wu <hao.a.wu@intel.com>
> Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> Cc: Achin Gupta <Achin.Gupta@arm.com>
> Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
> Cc: Sami Mujawar <Sami.Mujawar@arm.com>
> 
> Ard Biesheuvel (5):
>   MdePkg: implement MmServicesTableLib based on traditional SMM
>   MdeModulePkg/FaultTolerantWriteDxe: factor out boot service accesses
>   MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version
>   MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses
>   MdeModulePkg/VariableRuntimeDxe: implement standalone MM version
> 
> Jagadeesh Ujja (1):
>   MdePkg/Include: add MmServicesTableLib header file
> 
>  MdeModulePkg/MdeModulePkg.dsc                 |   1 +
>  .../FaultTolerantWrite.h                      |  22 ++-
>  .../FaultTolerantWriteDxe.c                   |  31 ++++
>  .../FaultTolerantWriteSmm.c                   |  54 +++----
>  .../FaultTolerantWriteSmm.inf                 |   5 +-
>  .../FaultTolerantWriteSmmCommon.h             |  31 ++++
>  .../FaultTolerantWriteSmmDxe.c                |   1 +
>  .../FaultTolerantWriteStandaloneMm.c          |  70 +++++++++
>  .../FaultTolerantWriteStandaloneMm.inf        |  90 ++++++++++++
>  .../FaultTolerantWriteTraditionalMm.c         |  94 ++++++++++++
>  .../UpdateWorkingBlock.c                      |  10 +-
>  .../Variable/RuntimeDxe/TcgMorLockSmm.c       |  18 +--
>  .../Universal/Variable/RuntimeDxe/Variable.h  |  50 +++++++
>  .../Variable/RuntimeDxe/VariableSmm.c         |  59 +++-----
>  .../Variable/RuntimeDxe/VariableSmm.inf       |   5 +-
>  .../RuntimeDxe/VariableStandaloneMm.c         |  69 +++++++++
>  .../RuntimeDxe/VariableStandaloneMm.inf       | 135 ++++++++++++++++++
>  .../RuntimeDxe/VariableTraditionalMm.c        | 114 +++++++++++++++
>  MdePkg/Include/Library/MmServicesTableLib.h   |  25 ++++
>  .../MmServicesTableLib/MmServicesTableLib.c   |  63 ++++++++
>  .../MmServicesTableLib/MmServicesTableLib.inf |  45 ++++++
>  .../MmServicesTableLib/MmServicesTableLib.uni |  22 +++
>  MdePkg/MdePkg.dec                             |   4 +
>  MdePkg/MdePkg.dsc                             |   1 +
>  24 files changed, 916 insertions(+), 103 deletions(-)
>  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
>  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
>  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
>  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
>  create mode 100644 MdePkg/Include/Library/MmServicesTableLib.h
>  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
>  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
> 
> --
> 2.17.1

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Ard Biesheuvel]

On Mon, 7 Jan 2019 at 13:44, Gao, Liming <liming.gao@intel.com> wrote:
>
> Ard:
>   I agree this design is good. But, I need some time to evaluate its impact on our X86 platform. Could you wait for several days?
>

Of course.

Thanks,

> > -----Original Message-----
> > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> > Sent: Friday, January 4, 2019 2:28 AM
> > To: edk2-devel@lists.01.org
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney,
> > Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A
> > <hao.a.wu@intel.com>; Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>; Thomas Panakamattam
> > Abraham <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> > Subject: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers
> >
> > This series proposed an alternative approach to the series sent out by
> > Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
> > special PCD, as well as some other if() conditionals.
> >
> > The primary difference is that this series defines and implements
> > MmServicesTableLib in such a way that the traditional SMM drivers
> > can use it as well. This is appropriate, considering that the PI
> > spec has rebranded traditional SMM as one implementation of the generic
> > MM framework.
> >
> > Patch #1 is based on Jagadeesh's patch, and introduces the MmServicesTableLib
> > library class, but for all SMM flavours, not only for standalone MM.
> >
> > Patch #2 implements MmServicesTableLib for traditional SMM implementations.
> >
> > Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
> > driver that invoke boot services are separated from the core SMM pieces.
> >
> > Patch #4 implements FaultTolerantWriteSmm for the standalone MM environment.
> >
> > Patches #5 and #6 do the same, respectively, for the variable runtime driver.
> >
> > This approach minimizes the delta, and thus the maintenance burden, between
> > the traditional SMM and standalone MM drivers, while not resorting to runtime
> > checks or other conditionals in the code to implement logic that should be
> > decided at build time.
> >
> > Note that this series only covers part of the work contributed by Jagadeesh.
> > This series focuses on the MdePkg and MdeModulePkg changes that affect shared
> > code.
> >
> > Cc: Laszlo Ersek <lersek@redhat.com>
> > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Liming Gao <liming.gao@intel.com>
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Hao Wu <hao.a.wu@intel.com>
> > Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> > Cc: Achin Gupta <Achin.Gupta@arm.com>
> > Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
> > Cc: Sami Mujawar <Sami.Mujawar@arm.com>
> >
> > Ard Biesheuvel (5):
> >   MdePkg: implement MmServicesTableLib based on traditional SMM
> >   MdeModulePkg/FaultTolerantWriteDxe: factor out boot service accesses
> >   MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version
> >   MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses
> >   MdeModulePkg/VariableRuntimeDxe: implement standalone MM version
> >
> > Jagadeesh Ujja (1):
> >   MdePkg/Include: add MmServicesTableLib header file
> >
> >  MdeModulePkg/MdeModulePkg.dsc                 |   1 +
> >  .../FaultTolerantWrite.h                      |  22 ++-
> >  .../FaultTolerantWriteDxe.c                   |  31 ++++
> >  .../FaultTolerantWriteSmm.c                   |  54 +++----
> >  .../FaultTolerantWriteSmm.inf                 |   5 +-
> >  .../FaultTolerantWriteSmmCommon.h             |  31 ++++
> >  .../FaultTolerantWriteSmmDxe.c                |   1 +
> >  .../FaultTolerantWriteStandaloneMm.c          |  70 +++++++++
> >  .../FaultTolerantWriteStandaloneMm.inf        |  90 ++++++++++++
> >  .../FaultTolerantWriteTraditionalMm.c         |  94 ++++++++++++
> >  .../UpdateWorkingBlock.c                      |  10 +-
> >  .../Variable/RuntimeDxe/TcgMorLockSmm.c       |  18 +--
> >  .../Universal/Variable/RuntimeDxe/Variable.h  |  50 +++++++
> >  .../Variable/RuntimeDxe/VariableSmm.c         |  59 +++-----
> >  .../Variable/RuntimeDxe/VariableSmm.inf       |   5 +-
> >  .../RuntimeDxe/VariableStandaloneMm.c         |  69 +++++++++
> >  .../RuntimeDxe/VariableStandaloneMm.inf       | 135 ++++++++++++++++++
> >  .../RuntimeDxe/VariableTraditionalMm.c        | 114 +++++++++++++++
> >  MdePkg/Include/Library/MmServicesTableLib.h   |  25 ++++
> >  .../MmServicesTableLib/MmServicesTableLib.c   |  63 ++++++++
> >  .../MmServicesTableLib/MmServicesTableLib.inf |  45 ++++++
> >  .../MmServicesTableLib/MmServicesTableLib.uni |  22 +++
> >  MdePkg/MdePkg.dec                             |   4 +
> >  MdePkg/MdePkg.dsc                             |   1 +
> >  24 files changed, 916 insertions(+), 103 deletions(-)
> >  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
> >  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
> >  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
> >  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> >  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> >  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
> >  create mode 100644 MdePkg/Include/Library/MmServicesTableLib.h
> >  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
> >  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> >  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
> >
> > --
> > 2.17.1
>

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Laszlo Ersek]

On 01/07/19 14:05, Ard Biesheuvel wrote:
> On Mon, 7 Jan 2019 at 13:44, Gao, Liming <liming.gao@intel.com> wrote:
>>
>> Ard:
>>   I agree this design is good. But, I need some time to evaluate its impact on our X86 platform. Could you wait for several days?
>>
> 
> Of course.

I think it would be prudent of me to at least regression-test this
series. Adding it to my queue... It's likely that I won't be too quick. :/

Thanks
Laszlo

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Gao, Liming]

Ard:
  Now, the impact is to update platform DSC to include MmServicesTableLib library instance. This change is acceptable for me. I suggest your create one BZ for this patch set.
  Besides, I can't apply for these patches in my machine. Could you share git branch to me? Then, I can further verify its functionality on SMM mode. 
  
Thanks
Liming
> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Monday, January 7, 2019 9:06 PM
> To: Gao, Liming <liming.gao@intel.com>
> Cc: edk2-devel@lists.01.org; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney, Michael D
> <michael.d.kinney@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Jagadeesh Ujja
> <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>; Thomas Panakamattam Abraham <thomas.abraham@arm.com>;
> Sami Mujawar <Sami.Mujawar@arm.com>
> Subject: Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers
> 
> On Mon, 7 Jan 2019 at 13:44, Gao, Liming <liming.gao@intel.com> wrote:
> >
> > Ard:
> >   I agree this design is good. But, I need some time to evaluate its impact on our X86 platform. Could you wait for several days?
> >
> 
> Of course.
> 
> Thanks,
> 
> > > -----Original Message-----
> > > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> > > Sent: Friday, January 4, 2019 2:28 AM
> > > To: edk2-devel@lists.01.org
> > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>;
> Kinney,
> > > Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A
> > > <hao.a.wu@intel.com>; Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>; Thomas Panakamattam
> > > Abraham <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> > > Subject: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers
> > >
> > > This series proposed an alternative approach to the series sent out by
> > > Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
> > > special PCD, as well as some other if() conditionals.
> > >
> > > The primary difference is that this series defines and implements
> > > MmServicesTableLib in such a way that the traditional SMM drivers
> > > can use it as well. This is appropriate, considering that the PI
> > > spec has rebranded traditional SMM as one implementation of the generic
> > > MM framework.
> > >
> > > Patch #1 is based on Jagadeesh's patch, and introduces the MmServicesTableLib
> > > library class, but for all SMM flavours, not only for standalone MM.
> > >
> > > Patch #2 implements MmServicesTableLib for traditional SMM implementations.
> > >
> > > Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
> > > driver that invoke boot services are separated from the core SMM pieces.
> > >
> > > Patch #4 implements FaultTolerantWriteSmm for the standalone MM environment.
> > >
> > > Patches #5 and #6 do the same, respectively, for the variable runtime driver.
> > >
> > > This approach minimizes the delta, and thus the maintenance burden, between
> > > the traditional SMM and standalone MM drivers, while not resorting to runtime
> > > checks or other conditionals in the code to implement logic that should be
> > > decided at build time.
> > >
> > > Note that this series only covers part of the work contributed by Jagadeesh.
> > > This series focuses on the MdePkg and MdeModulePkg changes that affect shared
> > > code.
> > >
> > > Cc: Laszlo Ersek <lersek@redhat.com>
> > > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > > Cc: Liming Gao <liming.gao@intel.com>
> > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > Cc: Hao Wu <hao.a.wu@intel.com>
> > > Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> > > Cc: Achin Gupta <Achin.Gupta@arm.com>
> > > Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
> > > Cc: Sami Mujawar <Sami.Mujawar@arm.com>
> > >
> > > Ard Biesheuvel (5):
> > >   MdePkg: implement MmServicesTableLib based on traditional SMM
> > >   MdeModulePkg/FaultTolerantWriteDxe: factor out boot service accesses
> > >   MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version
> > >   MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses
> > >   MdeModulePkg/VariableRuntimeDxe: implement standalone MM version
> > >
> > > Jagadeesh Ujja (1):
> > >   MdePkg/Include: add MmServicesTableLib header file
> > >
> > >  MdeModulePkg/MdeModulePkg.dsc                 |   1 +
> > >  .../FaultTolerantWrite.h                      |  22 ++-
> > >  .../FaultTolerantWriteDxe.c                   |  31 ++++
> > >  .../FaultTolerantWriteSmm.c                   |  54 +++----
> > >  .../FaultTolerantWriteSmm.inf                 |   5 +-
> > >  .../FaultTolerantWriteSmmCommon.h             |  31 ++++
> > >  .../FaultTolerantWriteSmmDxe.c                |   1 +
> > >  .../FaultTolerantWriteStandaloneMm.c          |  70 +++++++++
> > >  .../FaultTolerantWriteStandaloneMm.inf        |  90 ++++++++++++
> > >  .../FaultTolerantWriteTraditionalMm.c         |  94 ++++++++++++
> > >  .../UpdateWorkingBlock.c                      |  10 +-
> > >  .../Variable/RuntimeDxe/TcgMorLockSmm.c       |  18 +--
> > >  .../Universal/Variable/RuntimeDxe/Variable.h  |  50 +++++++
> > >  .../Variable/RuntimeDxe/VariableSmm.c         |  59 +++-----
> > >  .../Variable/RuntimeDxe/VariableSmm.inf       |   5 +-
> > >  .../RuntimeDxe/VariableStandaloneMm.c         |  69 +++++++++
> > >  .../RuntimeDxe/VariableStandaloneMm.inf       | 135 ++++++++++++++++++
> > >  .../RuntimeDxe/VariableTraditionalMm.c        | 114 +++++++++++++++
> > >  MdePkg/Include/Library/MmServicesTableLib.h   |  25 ++++
> > >  .../MmServicesTableLib/MmServicesTableLib.c   |  63 ++++++++
> > >  .../MmServicesTableLib/MmServicesTableLib.inf |  45 ++++++
> > >  .../MmServicesTableLib/MmServicesTableLib.uni |  22 +++
> > >  MdePkg/MdePkg.dec                             |   4 +
> > >  MdePkg/MdePkg.dsc                             |   1 +
> > >  24 files changed, 916 insertions(+), 103 deletions(-)
> > >  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
> > >  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
> > >  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
> > >  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> > >  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> > >  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
> > >  create mode 100644 MdePkg/Include/Library/MmServicesTableLib.h
> > >  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
> > >  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> > >  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
> > >
> > > --
> > > 2.17.1
> >

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Ard Biesheuvel]

On Wed, 9 Jan 2019 at 14:56, Gao, Liming <liming.gao@intel.com> wrote:
>
> Ard:
>   Now, the impact is to update platform DSC to include MmServicesTableLib library instance. This change is acceptable for me. I suggest your create one BZ for this patch set.

https://bugzilla.tianocore.org/show_bug.cgi?id=1442

>   Besides, I can't apply for these patches in my machine. Could you share git branch to me? Then, I can further verify its functionality on SMM mode.
>

https://github.com/ardbiesheuvel/edk2/tree/variable-ftw-standalone-mm-conversion

Note that I included the changes to add the MmServicesTableLib
resolution to consumers of the FTW and variable drivers.

Thanks,
Ard.



> Thanks
> Liming
> > -----Original Message-----
> > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> > Sent: Monday, January 7, 2019 9:06 PM
> > To: Gao, Liming <liming.gao@intel.com>
> > Cc: edk2-devel@lists.01.org; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney, Michael D
> > <michael.d.kinney@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Jagadeesh Ujja
> > <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>; Thomas Panakamattam Abraham <thomas.abraham@arm.com>;
> > Sami Mujawar <Sami.Mujawar@arm.com>
> > Subject: Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers
> >
> > On Mon, 7 Jan 2019 at 13:44, Gao, Liming <liming.gao@intel.com> wrote:
> > >
> > > Ard:
> > >   I agree this design is good. But, I need some time to evaluate its impact on our X86 platform. Could you wait for several days?
> > >
> >
> > Of course.
> >
> > Thanks,
> >
> > > > -----Original Message-----
> > > > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> > > > Sent: Friday, January 4, 2019 2:28 AM
> > > > To: edk2-devel@lists.01.org
> > > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>;
> > Kinney,
> > > > Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A
> > > > <hao.a.wu@intel.com>; Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>; Thomas Panakamattam
> > > > Abraham <thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> > > > Subject: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers
> > > >
> > > > This series proposed an alternative approach to the series sent out by
> > > > Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
> > > > special PCD, as well as some other if() conditionals.
> > > >
> > > > The primary difference is that this series defines and implements
> > > > MmServicesTableLib in such a way that the traditional SMM drivers
> > > > can use it as well. This is appropriate, considering that the PI
> > > > spec has rebranded traditional SMM as one implementation of the generic
> > > > MM framework.
> > > >
> > > > Patch #1 is based on Jagadeesh's patch, and introduces the MmServicesTableLib
> > > > library class, but for all SMM flavours, not only for standalone MM.
> > > >
> > > > Patch #2 implements MmServicesTableLib for traditional SMM implementations.
> > > >
> > > > Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
> > > > driver that invoke boot services are separated from the core SMM pieces.
> > > >
> > > > Patch #4 implements FaultTolerantWriteSmm for the standalone MM environment.
> > > >
> > > > Patches #5 and #6 do the same, respectively, for the variable runtime driver.
> > > >
> > > > This approach minimizes the delta, and thus the maintenance burden, between
> > > > the traditional SMM and standalone MM drivers, while not resorting to runtime
> > > > checks or other conditionals in the code to implement logic that should be
> > > > decided at build time.
> > > >
> > > > Note that this series only covers part of the work contributed by Jagadeesh.
> > > > This series focuses on the MdePkg and MdeModulePkg changes that affect shared
> > > > code.
> > > >
> > > > Cc: Laszlo Ersek <lersek@redhat.com>
> > > > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > > > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > > > Cc: Liming Gao <liming.gao@intel.com>
> > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > Cc: Hao Wu <hao.a.wu@intel.com>
> > > > Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> > > > Cc: Achin Gupta <Achin.Gupta@arm.com>
> > > > Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
> > > > Cc: Sami Mujawar <Sami.Mujawar@arm.com>
> > > >
> > > > Ard Biesheuvel (5):
> > > >   MdePkg: implement MmServicesTableLib based on traditional SMM
> > > >   MdeModulePkg/FaultTolerantWriteDxe: factor out boot service accesses
> > > >   MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version
> > > >   MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses
> > > >   MdeModulePkg/VariableRuntimeDxe: implement standalone MM version
> > > >
> > > > Jagadeesh Ujja (1):
> > > >   MdePkg/Include: add MmServicesTableLib header file
> > > >
> > > >  MdeModulePkg/MdeModulePkg.dsc                 |   1 +
> > > >  .../FaultTolerantWrite.h                      |  22 ++-
> > > >  .../FaultTolerantWriteDxe.c                   |  31 ++++
> > > >  .../FaultTolerantWriteSmm.c                   |  54 +++----
> > > >  .../FaultTolerantWriteSmm.inf                 |   5 +-
> > > >  .../FaultTolerantWriteSmmCommon.h             |  31 ++++
> > > >  .../FaultTolerantWriteSmmDxe.c                |   1 +
> > > >  .../FaultTolerantWriteStandaloneMm.c          |  70 +++++++++
> > > >  .../FaultTolerantWriteStandaloneMm.inf        |  90 ++++++++++++
> > > >  .../FaultTolerantWriteTraditionalMm.c         |  94 ++++++++++++
> > > >  .../UpdateWorkingBlock.c                      |  10 +-
> > > >  .../Variable/RuntimeDxe/TcgMorLockSmm.c       |  18 +--
> > > >  .../Universal/Variable/RuntimeDxe/Variable.h  |  50 +++++++
> > > >  .../Variable/RuntimeDxe/VariableSmm.c         |  59 +++-----
> > > >  .../Variable/RuntimeDxe/VariableSmm.inf       |   5 +-
> > > >  .../RuntimeDxe/VariableStandaloneMm.c         |  69 +++++++++
> > > >  .../RuntimeDxe/VariableStandaloneMm.inf       | 135 ++++++++++++++++++
> > > >  .../RuntimeDxe/VariableTraditionalMm.c        | 114 +++++++++++++++
> > > >  MdePkg/Include/Library/MmServicesTableLib.h   |  25 ++++
> > > >  .../MmServicesTableLib/MmServicesTableLib.c   |  63 ++++++++
> > > >  .../MmServicesTableLib/MmServicesTableLib.inf |  45 ++++++
> > > >  .../MmServicesTableLib/MmServicesTableLib.uni |  22 +++
> > > >  MdePkg/MdePkg.dec                             |   4 +
> > > >  MdePkg/MdePkg.dsc                             |   1 +
> > > >  24 files changed, 916 insertions(+), 103 deletions(-)
> > > >  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
> > > >  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
> > > >  create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
> > > >  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> > > >  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> > > >  create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
> > > >  create mode 100644 MdePkg/Include/Library/MmServicesTableLib.h
> > > >  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
> > > >  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> > > >  create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
> > > >
> > > > --
> > > > 2.17.1
> > >

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Gao, Liming]

Ard:
  I don't find the function issue in this patch. I have no other comments for the change in MdePkg. Reviewed-by: Liming Gao <liming.gao@intel.com>. For this patch set, if you push the change, please push the patches in MdePkg first, and tell me the revision. I will update our internal platform DSC to include new MmServicesTableLib library instance. After I am done, I will let you know. Then, you can continue to push the change in MdeModulePkg. Is it OK?

  I see you will continue to look add MmStandaloneEntryPointLib and MmServiceLib for MmStandalone driver. You can create another BZ for it. I will review them once you are done. 

Thanks
Liming
>-----Original Message-----
>From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
>Sent: Wednesday, January 09, 2019 11:30 PM
>To: Gao, Liming <liming.gao@intel.com>
>Cc: edk2-devel@lists.01.org; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm
><leif.lindholm@linaro.org>; Kinney, Michael D <michael.d.kinney@intel.com>;
>Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
>Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta
><Achin.Gupta@arm.com>; Thomas Panakamattam Abraham
><thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
>Subject: Re: [PATCH 0/6] implement standalone MM versions of the variable
>runtime drivers
>
>On Wed, 9 Jan 2019 at 14:56, Gao, Liming <liming.gao@intel.com> wrote:
>>
>> Ard:
>>   Now, the impact is to update platform DSC to include MmServicesTableLib
>library instance. This change is acceptable for me. I suggest your create one BZ
>for this patch set.
>
>https://bugzilla.tianocore.org/show_bug.cgi?id=1442
>
>>   Besides, I can't apply for these patches in my machine. Could you share git
>branch to me? Then, I can further verify its functionality on SMM mode.
>>
>
>https://github.com/ardbiesheuvel/edk2/tree/variable-ftw-standalone-mm-
>conversion
>
>Note that I included the changes to add the MmServicesTableLib
>resolution to consumers of the FTW and variable drivers.
>
>Thanks,
>Ard.
>
>
>
>> Thanks
>> Liming
>> > -----Original Message-----
>> > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
>> > Sent: Monday, January 7, 2019 9:06 PM
>> > To: Gao, Liming <liming.gao@intel.com>
>> > Cc: edk2-devel@lists.01.org; Laszlo Ersek <lersek@redhat.com>; Leif
>Lindholm <leif.lindholm@linaro.org>; Kinney, Michael D
>> > <michael.d.kinney@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu,
>Hao A <hao.a.wu@intel.com>; Jagadeesh Ujja
>> > <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>;
>Thomas Panakamattam Abraham <thomas.abraham@arm.com>;
>> > Sami Mujawar <Sami.Mujawar@arm.com>
>> > Subject: Re: [PATCH 0/6] implement standalone MM versions of the
>variable runtime drivers
>> >
>> > On Mon, 7 Jan 2019 at 13:44, Gao, Liming <liming.gao@intel.com> wrote:
>> > >
>> > > Ard:
>> > >   I agree this design is good. But, I need some time to evaluate its impact
>on our X86 platform. Could you wait for several days?
>> > >
>> >
>> > Of course.
>> >
>> > Thanks,
>> >
>> > > > -----Original Message-----
>> > > > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
>> > > > Sent: Friday, January 4, 2019 2:28 AM
>> > > > To: edk2-devel@lists.01.org
>> > > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek
><lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>;
>> > Kinney,
>> > > > Michael D <michael.d.kinney@intel.com>; Gao, Liming
><liming.gao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A
>> > > > <hao.a.wu@intel.com>; Jagadeesh Ujja <jagadeesh.ujja@arm.com>;
>Achin Gupta <Achin.Gupta@arm.com>; Thomas Panakamattam
>> > > > Abraham <thomas.abraham@arm.com>; Sami Mujawar
><Sami.Mujawar@arm.com>
>> > > > Subject: [PATCH 0/6] implement standalone MM versions of the
>variable runtime drivers
>> > > >
>> > > > This series proposed an alternative approach to the series sent out by
>> > > > Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
>> > > > special PCD, as well as some other if() conditionals.
>> > > >
>> > > > The primary difference is that this series defines and implements
>> > > > MmServicesTableLib in such a way that the traditional SMM drivers
>> > > > can use it as well. This is appropriate, considering that the PI
>> > > > spec has rebranded traditional SMM as one implementation of the
>generic
>> > > > MM framework.
>> > > >
>> > > > Patch #1 is based on Jagadeesh's patch, and introduces the
>MmServicesTableLib
>> > > > library class, but for all SMM flavours, not only for standalone MM.
>> > > >
>> > > > Patch #2 implements MmServicesTableLib for traditional SMM
>implementations.
>> > > >
>> > > > Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
>> > > > driver that invoke boot services are separated from the core SMM
>pieces.
>> > > >
>> > > > Patch #4 implements FaultTolerantWriteSmm for the standalone MM
>environment.
>> > > >
>> > > > Patches #5 and #6 do the same, respectively, for the variable runtime
>driver.
>> > > >
>> > > > This approach minimizes the delta, and thus the maintenance burden,
>between
>> > > > the traditional SMM and standalone MM drivers, while not resorting to
>runtime
>> > > > checks or other conditionals in the code to implement logic that should
>be
>> > > > decided at build time.
>> > > >
>> > > > Note that this series only covers part of the work contributed by
>Jagadeesh.
>> > > > This series focuses on the MdePkg and MdeModulePkg changes that
>affect shared
>> > > > code.
>> > > >
>> > > > Cc: Laszlo Ersek <lersek@redhat.com>
>> > > > Cc: Leif Lindholm <leif.lindholm@linaro.org>
>> > > > Cc: Michael D Kinney <michael.d.kinney@intel.com>
>> > > > Cc: Liming Gao <liming.gao@intel.com>
>> > > > Cc: Jian J Wang <jian.j.wang@intel.com>
>> > > > Cc: Hao Wu <hao.a.wu@intel.com>
>> > > > Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
>> > > > Cc: Achin Gupta <Achin.Gupta@arm.com>
>> > > > Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
>> > > > Cc: Sami Mujawar <Sami.Mujawar@arm.com>
>> > > >
>> > > > Ard Biesheuvel (5):
>> > > >   MdePkg: implement MmServicesTableLib based on traditional SMM
>> > > >   MdeModulePkg/FaultTolerantWriteDxe: factor out boot service
>accesses
>> > > >   MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM
>version
>> > > >   MdeModulePkg/VariableRuntimeDxe: factor out boot service
>accesses
>> > > >   MdeModulePkg/VariableRuntimeDxe: implement standalone MM
>version
>> > > >
>> > > > Jagadeesh Ujja (1):
>> > > >   MdePkg/Include: add MmServicesTableLib header file
>> > > >
>> > > >  MdeModulePkg/MdeModulePkg.dsc                 |   1 +
>> > > >  .../FaultTolerantWrite.h                      |  22 ++-
>> > > >  .../FaultTolerantWriteDxe.c                   |  31 ++++
>> > > >  .../FaultTolerantWriteSmm.c                   |  54 +++----
>> > > >  .../FaultTolerantWriteSmm.inf                 |   5 +-
>> > > >  .../FaultTolerantWriteSmmCommon.h             |  31 ++++
>> > > >  .../FaultTolerantWriteSmmDxe.c                |   1 +
>> > > >  .../FaultTolerantWriteStandaloneMm.c          |  70 +++++++++
>> > > >  .../FaultTolerantWriteStandaloneMm.inf        |  90 ++++++++++++
>> > > >  .../FaultTolerantWriteTraditionalMm.c         |  94 ++++++++++++
>> > > >  .../UpdateWorkingBlock.c                      |  10 +-
>> > > >  .../Variable/RuntimeDxe/TcgMorLockSmm.c       |  18 +--
>> > > >  .../Universal/Variable/RuntimeDxe/Variable.h  |  50 +++++++
>> > > >  .../Variable/RuntimeDxe/VariableSmm.c         |  59 +++-----
>> > > >  .../Variable/RuntimeDxe/VariableSmm.inf       |   5 +-
>> > > >  .../RuntimeDxe/VariableStandaloneMm.c         |  69 +++++++++
>> > > >  .../RuntimeDxe/VariableStandaloneMm.inf       | 135
>++++++++++++++++++
>> > > >  .../RuntimeDxe/VariableTraditionalMm.c        | 114 +++++++++++++++
>> > > >  MdePkg/Include/Library/MmServicesTableLib.h   |  25 ++++
>> > > >  .../MmServicesTableLib/MmServicesTableLib.c   |  63 ++++++++
>> > > >  .../MmServicesTableLib/MmServicesTableLib.inf |  45 ++++++
>> > > >  .../MmServicesTableLib/MmServicesTableLib.uni |  22 +++
>> > > >  MdePkg/MdePkg.dec                             |   4 +
>> > > >  MdePkg/MdePkg.dsc                             |   1 +
>> > > >  24 files changed, 916 insertions(+), 103 deletions(-)
>> > > >  create mode 100644
>MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
>oneMm.c
>> > > >  create mode 100644
>MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
>oneMm.inf
>> > > >  create mode 100644
>MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditio
>nalMm.c
>> > > >  create mode 100644
>MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
>> > > >  create mode 100644
>MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
>> > > >  create mode 100644
>MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
>> > > >  create mode 100644 MdePkg/Include/Library/MmServicesTableLib.h
>> > > >  create mode 100644
>MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
>> > > >  create mode 100644
>MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>> > > >  create mode 100644
>MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
>> > > >
>> > > > --
>> > > > 2.17.1
>> > >

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Ard Biesheuvel]

On Mon, 14 Jan 2019 at 03:55, Gao, Liming <liming.gao@intel.com> wrote:
>
> Ard:
>   I don't find the function issue in this patch. I have no other comments for the change in MdePkg. Reviewed-by: Liming Gao <liming.gao@intel.com>. For this patch set, if you push the change, please push the patches in MdePkg first, and tell me the revision. I will update our internal platform DSC to include new MmServicesTableLib library instance. After I am done, I will let you know. Then, you can continue to push the change in MdeModulePkg. Is it OK?
>

Yes, that is fine. I will need to respin the remaining patches anyway.

I have pushed the following patches

b94aecb4ec94 MdePkg/Include: add MmServicesTableLib header file
17f5fd9291e0 MdePkg: implement MmServicesTableLib based on traditional SMM

with Star's and Jian's feedback addressed, and your R-b's added.


>   I see you will continue to look add MmStandaloneEntryPointLib and MmServiceLib for MmStandalone driver. You can create another BZ for it. I will review them once you are done.
>

OK.

> >-----Original Message-----
> >From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> >Sent: Wednesday, January 09, 2019 11:30 PM
> >To: Gao, Liming <liming.gao@intel.com>
> >Cc: edk2-devel@lists.01.org; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm
> ><leif.lindholm@linaro.org>; Kinney, Michael D <michael.d.kinney@intel.com>;
> >Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> >Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta
> ><Achin.Gupta@arm.com>; Thomas Panakamattam Abraham
> ><thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> >Subject: Re: [PATCH 0/6] implement standalone MM versions of the variable
> >runtime drivers
> >
> >On Wed, 9 Jan 2019 at 14:56, Gao, Liming <liming.gao@intel.com> wrote:
> >>
> >> Ard:
> >>   Now, the impact is to update platform DSC to include MmServicesTableLib
> >library instance. This change is acceptable for me. I suggest your create one BZ
> >for this patch set.
> >
> >https://bugzilla.tianocore.org/show_bug.cgi?id=1442
> >
> >>   Besides, I can't apply for these patches in my machine. Could you share git
> >branch to me? Then, I can further verify its functionality on SMM mode.
> >>
> >
> >https://github.com/ardbiesheuvel/edk2/tree/variable-ftw-standalone-mm-
> >conversion
> >
> >Note that I included the changes to add the MmServicesTableLib
> >resolution to consumers of the FTW and variable drivers.
> >
> >Thanks,
> >Ard.
> >
> >
> >
> >> Thanks
> >> Liming
> >> > -----Original Message-----
> >> > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> >> > Sent: Monday, January 7, 2019 9:06 PM
> >> > To: Gao, Liming <liming.gao@intel.com>
> >> > Cc: edk2-devel@lists.01.org; Laszlo Ersek <lersek@redhat.com>; Leif
> >Lindholm <leif.lindholm@linaro.org>; Kinney, Michael D
> >> > <michael.d.kinney@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu,
> >Hao A <hao.a.wu@intel.com>; Jagadeesh Ujja
> >> > <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>;
> >Thomas Panakamattam Abraham <thomas.abraham@arm.com>;
> >> > Sami Mujawar <Sami.Mujawar@arm.com>
> >> > Subject: Re: [PATCH 0/6] implement standalone MM versions of the
> >variable runtime drivers
> >> >
> >> > On Mon, 7 Jan 2019 at 13:44, Gao, Liming <liming.gao@intel.com> wrote:
> >> > >
> >> > > Ard:
> >> > >   I agree this design is good. But, I need some time to evaluate its impact
> >on our X86 platform. Could you wait for several days?
> >> > >
> >> >
> >> > Of course.
> >> >
> >> > Thanks,
> >> >
> >> > > > -----Original Message-----
> >> > > > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> >> > > > Sent: Friday, January 4, 2019 2:28 AM
> >> > > > To: edk2-devel@lists.01.org
> >> > > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek
> ><lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>;
> >> > Kinney,
> >> > > > Michael D <michael.d.kinney@intel.com>; Gao, Liming
> ><liming.gao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A
> >> > > > <hao.a.wu@intel.com>; Jagadeesh Ujja <jagadeesh.ujja@arm.com>;
> >Achin Gupta <Achin.Gupta@arm.com>; Thomas Panakamattam
> >> > > > Abraham <thomas.abraham@arm.com>; Sami Mujawar
> ><Sami.Mujawar@arm.com>
> >> > > > Subject: [PATCH 0/6] implement standalone MM versions of the
> >variable runtime drivers
> >> > > >
> >> > > > This series proposed an alternative approach to the series sent out by
> >> > > > Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
> >> > > > special PCD, as well as some other if() conditionals.
> >> > > >
> >> > > > The primary difference is that this series defines and implements
> >> > > > MmServicesTableLib in such a way that the traditional SMM drivers
> >> > > > can use it as well. This is appropriate, considering that the PI
> >> > > > spec has rebranded traditional SMM as one implementation of the
> >generic
> >> > > > MM framework.
> >> > > >
> >> > > > Patch #1 is based on Jagadeesh's patch, and introduces the
> >MmServicesTableLib
> >> > > > library class, but for all SMM flavours, not only for standalone MM.
> >> > > >
> >> > > > Patch #2 implements MmServicesTableLib for traditional SMM
> >implementations.
> >> > > >
> >> > > > Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
> >> > > > driver that invoke boot services are separated from the core SMM
> >pieces.
> >> > > >
> >> > > > Patch #4 implements FaultTolerantWriteSmm for the standalone MM
> >environment.
> >> > > >
> >> > > > Patches #5 and #6 do the same, respectively, for the variable runtime
> >driver.
> >> > > >
> >> > > > This approach minimizes the delta, and thus the maintenance burden,
> >between
> >> > > > the traditional SMM and standalone MM drivers, while not resorting to
> >runtime
> >> > > > checks or other conditionals in the code to implement logic that should
> >be
> >> > > > decided at build time.
> >> > > >
> >> > > > Note that this series only covers part of the work contributed by
> >Jagadeesh.
> >> > > > This series focuses on the MdePkg and MdeModulePkg changes that
> >affect shared
> >> > > > code.
> >> > > >
> >> > > > Cc: Laszlo Ersek <lersek@redhat.com>
> >> > > > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> >> > > > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> >> > > > Cc: Liming Gao <liming.gao@intel.com>
> >> > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> >> > > > Cc: Hao Wu <hao.a.wu@intel.com>
> >> > > > Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> >> > > > Cc: Achin Gupta <Achin.Gupta@arm.com>
> >> > > > Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
> >> > > > Cc: Sami Mujawar <Sami.Mujawar@arm.com>
> >> > > >
> >> > > > Ard Biesheuvel (5):
> >> > > >   MdePkg: implement MmServicesTableLib based on traditional SMM
> >> > > >   MdeModulePkg/FaultTolerantWriteDxe: factor out boot service
> >accesses
> >> > > >   MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM
> >version
> >> > > >   MdeModulePkg/VariableRuntimeDxe: factor out boot service
> >accesses
> >> > > >   MdeModulePkg/VariableRuntimeDxe: implement standalone MM
> >version
> >> > > >
> >> > > > Jagadeesh Ujja (1):
> >> > > >   MdePkg/Include: add MmServicesTableLib header file
> >> > > >
> >> > > >  MdeModulePkg/MdeModulePkg.dsc                 |   1 +
> >> > > >  .../FaultTolerantWrite.h                      |  22 ++-
> >> > > >  .../FaultTolerantWriteDxe.c                   |  31 ++++
> >> > > >  .../FaultTolerantWriteSmm.c                   |  54 +++----
> >> > > >  .../FaultTolerantWriteSmm.inf                 |   5 +-
> >> > > >  .../FaultTolerantWriteSmmCommon.h             |  31 ++++
> >> > > >  .../FaultTolerantWriteSmmDxe.c                |   1 +
> >> > > >  .../FaultTolerantWriteStandaloneMm.c          |  70 +++++++++
> >> > > >  .../FaultTolerantWriteStandaloneMm.inf        |  90 ++++++++++++
> >> > > >  .../FaultTolerantWriteTraditionalMm.c         |  94 ++++++++++++
> >> > > >  .../UpdateWorkingBlock.c                      |  10 +-
> >> > > >  .../Variable/RuntimeDxe/TcgMorLockSmm.c       |  18 +--
> >> > > >  .../Universal/Variable/RuntimeDxe/Variable.h  |  50 +++++++
> >> > > >  .../Variable/RuntimeDxe/VariableSmm.c         |  59 +++-----
> >> > > >  .../Variable/RuntimeDxe/VariableSmm.inf       |   5 +-
> >> > > >  .../RuntimeDxe/VariableStandaloneMm.c         |  69 +++++++++
> >> > > >  .../RuntimeDxe/VariableStandaloneMm.inf       | 135
> >++++++++++++++++++
> >> > > >  .../RuntimeDxe/VariableTraditionalMm.c        | 114 +++++++++++++++
> >> > > >  MdePkg/Include/Library/MmServicesTableLib.h   |  25 ++++
> >> > > >  .../MmServicesTableLib/MmServicesTableLib.c   |  63 ++++++++
> >> > > >  .../MmServicesTableLib/MmServicesTableLib.inf |  45 ++++++
> >> > > >  .../MmServicesTableLib/MmServicesTableLib.uni |  22 +++
> >> > > >  MdePkg/MdePkg.dec                             |   4 +
> >> > > >  MdePkg/MdePkg.dsc                             |   1 +
> >> > > >  24 files changed, 916 insertions(+), 103 deletions(-)
> >> > > >  create mode 100644
> >MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> >oneMm.c
> >> > > >  create mode 100644
> >MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> >oneMm.inf
> >> > > >  create mode 100644
> >MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditio
> >nalMm.c
> >> > > >  create mode 100644
> >MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> >> > > >  create mode 100644
> >MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> >> > > >  create mode 100644
> >MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
> >> > > >  create mode 100644 MdePkg/Include/Library/MmServicesTableLib.h
> >> > > >  create mode 100644
> >MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
> >> > > >  create mode 100644
> >MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> >> > > >  create mode 100644
> >MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
> >> > > >
> >> > > > --
> >> > > > 2.17.1
> >> > >

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Gao, Liming]

Ard:
  Got it. I will update our internal platform dsc to include new MmServicesTableLib library.

  Besides, will you send the patch to update platform DSC files in edk2-platforms? If yes, please update DSCs in https://github.com/tianocore/edk2-platforms/tree/devel-MinPlatform. They both depend on edk2 master. 

Thanks
Liming
> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Monday, January 14, 2019 4:27 PM
> To: Gao, Liming <liming.gao@intel.com>
> Cc: edk2-devel@lists.01.org; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>; Kinney, Michael D
> <michael.d.kinney@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Jagadeesh Ujja
> <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>; Thomas Panakamattam Abraham <thomas.abraham@arm.com>;
> Sami Mujawar <Sami.Mujawar@arm.com>
> Subject: Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers
> 
> On Mon, 14 Jan 2019 at 03:55, Gao, Liming <liming.gao@intel.com> wrote:
> >
> > Ard:
> >   I don't find the function issue in this patch. I have no other comments for the change in MdePkg. Reviewed-by: Liming Gao
> <liming.gao@intel.com>. For this patch set, if you push the change, please push the patches in MdePkg first, and tell me the revision. I
> will update our internal platform DSC to include new MmServicesTableLib library instance. After I am done, I will let you know. Then,
> you can continue to push the change in MdeModulePkg. Is it OK?
> >
> 
> Yes, that is fine. I will need to respin the remaining patches anyway.
> 
> I have pushed the following patches
> 
> b94aecb4ec94 MdePkg/Include: add MmServicesTableLib header file
> 17f5fd9291e0 MdePkg: implement MmServicesTableLib based on traditional SMM
> 
> with Star's and Jian's feedback addressed, and your R-b's added.
> 
> 
> >   I see you will continue to look add MmStandaloneEntryPointLib and MmServiceLib for MmStandalone driver. You can create
> another BZ for it. I will review them once you are done.
> >
> 
> OK.
> 
> > >-----Original Message-----
> > >From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> > >Sent: Wednesday, January 09, 2019 11:30 PM
> > >To: Gao, Liming <liming.gao@intel.com>
> > >Cc: edk2-devel@lists.01.org; Laszlo Ersek <lersek@redhat.com>; Leif Lindholm
> > ><leif.lindholm@linaro.org>; Kinney, Michael D <michael.d.kinney@intel.com>;
> > >Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>;
> > >Jagadeesh Ujja <jagadeesh.ujja@arm.com>; Achin Gupta
> > ><Achin.Gupta@arm.com>; Thomas Panakamattam Abraham
> > ><thomas.abraham@arm.com>; Sami Mujawar <Sami.Mujawar@arm.com>
> > >Subject: Re: [PATCH 0/6] implement standalone MM versions of the variable
> > >runtime drivers
> > >
> > >On Wed, 9 Jan 2019 at 14:56, Gao, Liming <liming.gao@intel.com> wrote:
> > >>
> > >> Ard:
> > >>   Now, the impact is to update platform DSC to include MmServicesTableLib
> > >library instance. This change is acceptable for me. I suggest your create one BZ
> > >for this patch set.
> > >
> > >https://bugzilla.tianocore.org/show_bug.cgi?id=1442
> > >
> > >>   Besides, I can't apply for these patches in my machine. Could you share git
> > >branch to me? Then, I can further verify its functionality on SMM mode.
> > >>
> > >
> > >https://github.com/ardbiesheuvel/edk2/tree/variable-ftw-standalone-mm-
> > >conversion
> > >
> > >Note that I included the changes to add the MmServicesTableLib
> > >resolution to consumers of the FTW and variable drivers.
> > >
> > >Thanks,
> > >Ard.
> > >
> > >
> > >
> > >> Thanks
> > >> Liming
> > >> > -----Original Message-----
> > >> > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> > >> > Sent: Monday, January 7, 2019 9:06 PM
> > >> > To: Gao, Liming <liming.gao@intel.com>
> > >> > Cc: edk2-devel@lists.01.org; Laszlo Ersek <lersek@redhat.com>; Leif
> > >Lindholm <leif.lindholm@linaro.org>; Kinney, Michael D
> > >> > <michael.d.kinney@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu,
> > >Hao A <hao.a.wu@intel.com>; Jagadeesh Ujja
> > >> > <jagadeesh.ujja@arm.com>; Achin Gupta <Achin.Gupta@arm.com>;
> > >Thomas Panakamattam Abraham <thomas.abraham@arm.com>;
> > >> > Sami Mujawar <Sami.Mujawar@arm.com>
> > >> > Subject: Re: [PATCH 0/6] implement standalone MM versions of the
> > >variable runtime drivers
> > >> >
> > >> > On Mon, 7 Jan 2019 at 13:44, Gao, Liming <liming.gao@intel.com> wrote:
> > >> > >
> > >> > > Ard:
> > >> > >   I agree this design is good. But, I need some time to evaluate its impact
> > >on our X86 platform. Could you wait for several days?
> > >> > >
> > >> >
> > >> > Of course.
> > >> >
> > >> > Thanks,
> > >> >
> > >> > > > -----Original Message-----
> > >> > > > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> > >> > > > Sent: Friday, January 4, 2019 2:28 AM
> > >> > > > To: edk2-devel@lists.01.org
> > >> > > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Laszlo Ersek
> > ><lersek@redhat.com>; Leif Lindholm <leif.lindholm@linaro.org>;
> > >> > Kinney,
> > >> > > > Michael D <michael.d.kinney@intel.com>; Gao, Liming
> > ><liming.gao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A
> > >> > > > <hao.a.wu@intel.com>; Jagadeesh Ujja <jagadeesh.ujja@arm.com>;
> > >Achin Gupta <Achin.Gupta@arm.com>; Thomas Panakamattam
> > >> > > > Abraham <thomas.abraham@arm.com>; Sami Mujawar
> > ><Sami.Mujawar@arm.com>
> > >> > > > Subject: [PATCH 0/6] implement standalone MM versions of the
> > >variable runtime drivers
> > >> > > >
> > >> > > > This series proposed an alternative approach to the series sent out by
> > >> > > > Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
> > >> > > > special PCD, as well as some other if() conditionals.
> > >> > > >
> > >> > > > The primary difference is that this series defines and implements
> > >> > > > MmServicesTableLib in such a way that the traditional SMM drivers
> > >> > > > can use it as well. This is appropriate, considering that the PI
> > >> > > > spec has rebranded traditional SMM as one implementation of the
> > >generic
> > >> > > > MM framework.
> > >> > > >
> > >> > > > Patch #1 is based on Jagadeesh's patch, and introduces the
> > >MmServicesTableLib
> > >> > > > library class, but for all SMM flavours, not only for standalone MM.
> > >> > > >
> > >> > > > Patch #2 implements MmServicesTableLib for traditional SMM
> > >implementations.
> > >> > > >
> > >> > > > Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
> > >> > > > driver that invoke boot services are separated from the core SMM
> > >pieces.
> > >> > > >
> > >> > > > Patch #4 implements FaultTolerantWriteSmm for the standalone MM
> > >environment.
> > >> > > >
> > >> > > > Patches #5 and #6 do the same, respectively, for the variable runtime
> > >driver.
> > >> > > >
> > >> > > > This approach minimizes the delta, and thus the maintenance burden,
> > >between
> > >> > > > the traditional SMM and standalone MM drivers, while not resorting to
> > >runtime
> > >> > > > checks or other conditionals in the code to implement logic that should
> > >be
> > >> > > > decided at build time.
> > >> > > >
> > >> > > > Note that this series only covers part of the work contributed by
> > >Jagadeesh.
> > >> > > > This series focuses on the MdePkg and MdeModulePkg changes that
> > >affect shared
> > >> > > > code.
> > >> > > >
> > >> > > > Cc: Laszlo Ersek <lersek@redhat.com>
> > >> > > > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > >> > > > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > >> > > > Cc: Liming Gao <liming.gao@intel.com>
> > >> > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > >> > > > Cc: Hao Wu <hao.a.wu@intel.com>
> > >> > > > Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> > >> > > > Cc: Achin Gupta <Achin.Gupta@arm.com>
> > >> > > > Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
> > >> > > > Cc: Sami Mujawar <Sami.Mujawar@arm.com>
> > >> > > >
> > >> > > > Ard Biesheuvel (5):
> > >> > > >   MdePkg: implement MmServicesTableLib based on traditional SMM
> > >> > > >   MdeModulePkg/FaultTolerantWriteDxe: factor out boot service
> > >accesses
> > >> > > >   MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM
> > >version
> > >> > > >   MdeModulePkg/VariableRuntimeDxe: factor out boot service
> > >accesses
> > >> > > >   MdeModulePkg/VariableRuntimeDxe: implement standalone MM
> > >version
> > >> > > >
> > >> > > > Jagadeesh Ujja (1):
> > >> > > >   MdePkg/Include: add MmServicesTableLib header file
> > >> > > >
> > >> > > >  MdeModulePkg/MdeModulePkg.dsc                 |   1 +
> > >> > > >  .../FaultTolerantWrite.h                      |  22 ++-
> > >> > > >  .../FaultTolerantWriteDxe.c                   |  31 ++++
> > >> > > >  .../FaultTolerantWriteSmm.c                   |  54 +++----
> > >> > > >  .../FaultTolerantWriteSmm.inf                 |   5 +-
> > >> > > >  .../FaultTolerantWriteSmmCommon.h             |  31 ++++
> > >> > > >  .../FaultTolerantWriteSmmDxe.c                |   1 +
> > >> > > >  .../FaultTolerantWriteStandaloneMm.c          |  70 +++++++++
> > >> > > >  .../FaultTolerantWriteStandaloneMm.inf        |  90 ++++++++++++
> > >> > > >  .../FaultTolerantWriteTraditionalMm.c         |  94 ++++++++++++
> > >> > > >  .../UpdateWorkingBlock.c                      |  10 +-
> > >> > > >  .../Variable/RuntimeDxe/TcgMorLockSmm.c       |  18 +--
> > >> > > >  .../Universal/Variable/RuntimeDxe/Variable.h  |  50 +++++++
> > >> > > >  .../Variable/RuntimeDxe/VariableSmm.c         |  59 +++-----
> > >> > > >  .../Variable/RuntimeDxe/VariableSmm.inf       |   5 +-
> > >> > > >  .../RuntimeDxe/VariableStandaloneMm.c         |  69 +++++++++
> > >> > > >  .../RuntimeDxe/VariableStandaloneMm.inf       | 135
> > >++++++++++++++++++
> > >> > > >  .../RuntimeDxe/VariableTraditionalMm.c        | 114 +++++++++++++++
> > >> > > >  MdePkg/Include/Library/MmServicesTableLib.h   |  25 ++++
> > >> > > >  .../MmServicesTableLib/MmServicesTableLib.c   |  63 ++++++++
> > >> > > >  .../MmServicesTableLib/MmServicesTableLib.inf |  45 ++++++
> > >> > > >  .../MmServicesTableLib/MmServicesTableLib.uni |  22 +++
> > >> > > >  MdePkg/MdePkg.dec                             |   4 +
> > >> > > >  MdePkg/MdePkg.dsc                             |   1 +
> > >> > > >  24 files changed, 916 insertions(+), 103 deletions(-)
> > >> > > >  create mode 100644
> > >MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> > >oneMm.c
> > >> > > >  create mode 100644
> > >MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandal
> > >oneMm.inf
> > >> > > >  create mode 100644
> > >MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditio
> > >nalMm.c
> > >> > > >  create mode 100644
> > >MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> > >> > > >  create mode 100644
> > >MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> > >> > > >  create mode 100644
> > >MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
> > >> > > >  create mode 100644 MdePkg/Include/Library/MmServicesTableLib.h
> > >> > > >  create mode 100644
> > >MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
> > >> > > >  create mode 100644
> > >MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> > >> > > >  create mode 100644
> > >MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
> > >> > > >
> > >> > > > --
> > >> > > > 2.17.1
> > >> > >

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Laszlo Ersek]

On 01/03/19 19:28, Ard Biesheuvel wrote:
> This series proposed an alternative approach to the series sent out by
> Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
> special PCD, as well as some other if() conditionals.
>
> The primary difference is that this series defines and implements
> MmServicesTableLib in such a way that the traditional SMM drivers can
> use it as well. This is appropriate, considering that the PI spec has
> rebranded traditional SMM as one implementation of the generic MM
> framework.
>
> Patch #1 is based on Jagadeesh's patch, and introduces the
> MmServicesTableLib library class, but for all SMM flavours, not only
> for standalone MM.
>
> Patch #2 implements MmServicesTableLib for traditional SMM
> implementations.
>
> Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
> driver that invoke boot services are separated from the core SMM
> pieces.
>
> Patch #4 implements FaultTolerantWriteSmm for the standalone MM
> environment.
>
> Patches #5 and #6 do the same, respectively, for the variable runtime
> driver.
>
> This approach minimizes the delta, and thus the maintenance burden,
> between the traditional SMM and standalone MM drivers, while not
> resorting to runtime checks or other conditionals in the code to
> implement logic that should be decided at build time.
>
> Note that this series only covers part of the work contributed by
> Jagadeesh. This series focuses on the MdePkg and MdeModulePkg changes
> that affect shared code.
>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao Wu <hao.a.wu@intel.com>
> Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> Cc: Achin Gupta <Achin.Gupta@arm.com>
> Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
> Cc: Sami Mujawar <Sami.Mujawar@arm.com>

I tried building this, on top of commit a53a888de8f5:

build \
  -a IA32 \
  -p OvmfPkg/OvmfPkgIa32.dsc \
  -t GCC48 \
  -b NOOPT \
  -D HTTP_BOOT_ENABLE \
  -D NETWORK_IP6_ENABLE \
  -D SECURE_BOOT_ENABLE \
  -D SMM_REQUIRE \
  -D TLS_ENABLE \
  --cmd-len=65536 \
  --hash \
  --genfds-multi-thread

but it failed with:

> OvmfPkg/OvmfPkgIa32.dsc(...): error 4000: Instance of library class [MmServicesTableLib] is not found
>         in [MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf] [IA32]
>         consumed by module [MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf]

You did mention earlier that adding new lib class resolutions to several
x86 DSC files would be necessary, so this is not unexpected. Can you
please insert such a patch for OvmfPkg between patches #2 and #3?

I've looked at the current OVMF DSC files, and SmmServicesTableLib is
resolved for two module types,

> [LibraryClasses.common.DXE_SMM_DRIVER]
>   SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
>
> [LibraryClasses.common.SMM_CORE]
>   SmmServicesTableLib|MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.inf

I assume it should be enough, for this series, to update the
DXE_SMM_DRIVER resolution only, and to leave SMM_CORE alone.

(Because, my understanding is that the current, x86 specific

  MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf

module, of type SMM_CORE, will not be refactored; instead, it is
entirely supplanted -- in the affected platforms -- by the

  StandaloneMmPkg/Core/StandaloneMmCore.inf

module, which is of type MM_CORE_STANDALONE.)

But, it's still not clear to me (without trying) whether I should
resolve MmServicesTableLib  for DXE_SMM_DRIVER in addition to
SmmServicesTableLib, or in its place. I'd prefer not experimenting with
this myself; I'd just like to apply the series, and build & test it. :)

Thanks,
Laszlo

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Ard Biesheuvel]

On Wed, 9 Jan 2019 at 10:44, Laszlo Ersek <lersek@redhat.com> wrote:
>
> On 01/03/19 19:28, Ard Biesheuvel wrote:
> > This series proposed an alternative approach to the series sent out by
> > Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
> > special PCD, as well as some other if() conditionals.
> >
> > The primary difference is that this series defines and implements
> > MmServicesTableLib in such a way that the traditional SMM drivers can
> > use it as well. This is appropriate, considering that the PI spec has
> > rebranded traditional SMM as one implementation of the generic MM
> > framework.
> >
> > Patch #1 is based on Jagadeesh's patch, and introduces the
> > MmServicesTableLib library class, but for all SMM flavours, not only
> > for standalone MM.
> >
> > Patch #2 implements MmServicesTableLib for traditional SMM
> > implementations.
> >
> > Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
> > driver that invoke boot services are separated from the core SMM
> > pieces.
> >
> > Patch #4 implements FaultTolerantWriteSmm for the standalone MM
> > environment.
> >
> > Patches #5 and #6 do the same, respectively, for the variable runtime
> > driver.
> >
> > This approach minimizes the delta, and thus the maintenance burden,
> > between the traditional SMM and standalone MM drivers, while not
> > resorting to runtime checks or other conditionals in the code to
> > implement logic that should be decided at build time.
> >
> > Note that this series only covers part of the work contributed by
> > Jagadeesh. This series focuses on the MdePkg and MdeModulePkg changes
> > that affect shared code.
> >
> > Cc: Laszlo Ersek <lersek@redhat.com>
> > Cc: Leif Lindholm <leif.lindholm@linaro.org>
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Liming Gao <liming.gao@intel.com>
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Hao Wu <hao.a.wu@intel.com>
> > Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> > Cc: Achin Gupta <Achin.Gupta@arm.com>
> > Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
> > Cc: Sami Mujawar <Sami.Mujawar@arm.com>
>
> I tried building this, on top of commit a53a888de8f5:
>
> build \
>   -a IA32 \
>   -p OvmfPkg/OvmfPkgIa32.dsc \
>   -t GCC48 \
>   -b NOOPT \
>   -D HTTP_BOOT_ENABLE \
>   -D NETWORK_IP6_ENABLE \
>   -D SECURE_BOOT_ENABLE \
>   -D SMM_REQUIRE \
>   -D TLS_ENABLE \
>   --cmd-len=65536 \
>   --hash \
>   --genfds-multi-thread
>
> but it failed with:
>
> > OvmfPkg/OvmfPkgIa32.dsc(...): error 4000: Instance of library class [MmServicesTableLib] is not found
> >         in [MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf] [IA32]
> >         consumed by module [MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf]
>
> You did mention earlier that adding new lib class resolutions to several
> x86 DSC files would be necessary, so this is not unexpected. Can you
> please insert such a patch for OvmfPkg between patches #2 and #3?
>

Ah yes, of course.

> I've looked at the current OVMF DSC files, and SmmServicesTableLib is
> resolved for two module types,
>
> > [LibraryClasses.common.DXE_SMM_DRIVER]
> >   SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
> >
> > [LibraryClasses.common.SMM_CORE]
> >   SmmServicesTableLib|MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.inf
>
> I assume it should be enough, for this series, to update the
> DXE_SMM_DRIVER resolution only, and to leave SMM_CORE alone.
>
> (Because, my understanding is that the current, x86 specific
>
>   MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf
>
> module, of type SMM_CORE, will not be refactored; instead, it is
> entirely supplanted -- in the affected platforms -- by the
>
>   StandaloneMmPkg/Core/StandaloneMmCore.inf
>
> module, which is of type MM_CORE_STANDALONE.)
>
> But, it's still not clear to me (without trying) whether I should
> resolve MmServicesTableLib  for DXE_SMM_DRIVER in addition to
> SmmServicesTableLib, or in its place. I'd prefer not experimenting with
> this myself; I'd just like to apply the series, and build & test it. :)
>

At the moment, you will need both resolutions for DXE_SMM_DRIVERS
globally. Based on the outcome of the review of this series, this is
something we will need to clean up going forward, but currently, even
the drivers that are updated to use MmServicesTableLib pull in
libraries that depend on SmmServicesTableLib.

This should be a rather straight-forward search/replace operation
[famous last words], and I can commit to dedicating some of my time to
getting this fixed throughout, at least to the point where modules
that consume MmServicesTableLib no longer have to supply a resolution
for SmmServicesTableLib as well.

So, I will include a patch in the next revision of the series. In the
mean time, the hunk below should suffice to complete your regression
testing.

--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -391,6 +391,7 @@
   HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
   SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
   SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
+  MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
 !ifdef $(DEBUG_ON_SERIAL_PORT)
   DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
 !else

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Laszlo Ersek]

On 01/09/19 11:28, Ard Biesheuvel wrote:
> On Wed, 9 Jan 2019 at 10:44, Laszlo Ersek <lersek@redhat.com> wrote:

>> But, it's still not clear to me (without trying) whether I should
>> resolve MmServicesTableLib  for DXE_SMM_DRIVER in addition to
>> SmmServicesTableLib, or in its place. I'd prefer not experimenting with
>> this myself; I'd just like to apply the series, and build & test it. :)
>>
> 
> At the moment, you will need both resolutions for DXE_SMM_DRIVERS
> globally. Based on the outcome of the review of this series, this is
> something we will need to clean up going forward, but currently, even
> the drivers that are updated to use MmServicesTableLib pull in
> libraries that depend on SmmServicesTableLib.
> 
> This should be a rather straight-forward search/replace operation
> [famous last words], and I can commit to dedicating some of my time to
> getting this fixed throughout, at least to the point where modules
> that consume MmServicesTableLib no longer have to supply a resolution
> for SmmServicesTableLib as well.
> 
> So, I will include a patch in the next revision of the series.

Great, thank you. This is exactly the info I needed.

> In the mean time, the hunk below should suffice to complete your regression
> testing.
> 
> --- a/OvmfPkg/OvmfPkgX64.dsc
> +++ b/OvmfPkg/OvmfPkgX64.dsc
> @@ -391,6 +391,7 @@
>    HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
>    SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
>    SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
> +  MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>  !ifdef $(DEBUG_ON_SERIAL_PORT)
>    DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
>  !else
> 

I'll replicate this to the other two DSC files [*], and then retry the
tests.

[*] SMM in OVMF has a non-intuitive restriction, in relation to X64 PEI.
SMM "just works" in the IA32 and IA32X64 builds, however, in the X64
build, one has to disable S3 support on the QEMU command line, or else
we hang the boot intentionally. See commit 5133d1f1d297 ("OvmfPkg:
replace README fine print about X64 SMM S3 with PlatformPei check",
2015-11-30).

For this reason, the IA32X64 build is considered the most-featureful, if
-D SMM_REQUIRE is desired.


For those that insist on the X64 build nevertheless, OvmfPkg/README
documents the QEMU option that disables S3, on the Q35 machine type,
which is required for SMM anyway:

  -global ICH9-LPC.disable_s3=1

When using libvirt, the matching knob is:

https://libvirt.org/formatdomain.html#elementsPowerManagement

<pm>
  <suspend-to-mem enabled='no'/>
</pm>


Personally, I focus my SMM testing on IA32 and IA32X64; I almost never
test SMM in the X64 build. This is because S3 has historically proved
very effective at triggering multiprocessing bugs in core SMM code, and
in general UefiCpuPkg infrastructure. Thus, my SMM regression tests:

https://github.com/tianocore/tianocore.github.io/wiki/Testing-SMM-with-QEMU,-KVM-and-libvirt

always include S3 suspend/resume, and that precludes the X64 build of OVMF.

... Sorry about the wall of text, I just wanted to explain why precisely
the short hunk you pasted is unhelpful in this case. Obviously, it does
answer my question, I can copy the class resolution to the other two DSC
files, and in the final OvmfPkg patch, we should update all three DSC files.

I'll be back with test results later.

Thanks!
Laszlo

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Laszlo Ersek]

On 01/09/19 16:04, Laszlo Ersek wrote:
> On 01/09/19 11:28, Ard Biesheuvel wrote:
>> In the mean time, the hunk below should suffice to complete your
>> regression testing.

I used:

> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
> index 3f3533e5c163..908450eda174 100644
> --- a/OvmfPkg/OvmfPkgIa32.dsc
> +++ b/OvmfPkg/OvmfPkgIa32.dsc
> @@ -386,6 +386,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
>    HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
>    SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
>    SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
> +  MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>  !ifdef $(DEBUG_ON_SERIAL_PORT)
>    DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
>  !else
> diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
> index 6c08b2728d63..14166e946a93 100644
> --- a/OvmfPkg/OvmfPkgIa32X64.dsc
> +++ b/OvmfPkg/OvmfPkgIa32X64.dsc
> @@ -391,6 +391,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
>    HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
>    SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
>    SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
> +  MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>  !ifdef $(DEBUG_ON_SERIAL_PORT)
>    DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
>  !else
> diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
> index 4072c839d73f..0cd5f76cccd9 100644
> --- a/OvmfPkg/OvmfPkgX64.dsc
> +++ b/OvmfPkg/OvmfPkgX64.dsc
> @@ -391,6 +391,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
>    HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
>    SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
>    SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
> +  MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>  !ifdef $(DEBUG_ON_SERIAL_PORT)
>    DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
>  !else

On 01/09/19 16:04, Laszlo Ersek wrote:
> I'll be back with test results later.

Regression-tested-by: Laszlo Ersek <lersek@redhat.com>

Thanks,
Laszlo

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Ard Biesheuvel]

On Wed, 9 Jan 2019 at 22:46, Laszlo Ersek <lersek@redhat.com> wrote:
>
> On 01/09/19 16:04, Laszlo Ersek wrote:
> > On 01/09/19 11:28, Ard Biesheuvel wrote:
> >> In the mean time, the hunk below should suffice to complete your
> >> regression testing.
>
> I used:
>
> > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
> > index 3f3533e5c163..908450eda174 100644
> > --- a/OvmfPkg/OvmfPkgIa32.dsc
> > +++ b/OvmfPkg/OvmfPkgIa32.dsc
> > @@ -386,6 +386,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
> >    HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> >    SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
> >    SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
> > +  MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> >  !ifdef $(DEBUG_ON_SERIAL_PORT)
> >    DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> >  !else
> > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
> > index 6c08b2728d63..14166e946a93 100644
> > --- a/OvmfPkg/OvmfPkgIa32X64.dsc
> > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc
> > @@ -391,6 +391,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
> >    HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> >    SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
> >    SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
> > +  MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> >  !ifdef $(DEBUG_ON_SERIAL_PORT)
> >    DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> >  !else
> > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
> > index 4072c839d73f..0cd5f76cccd9 100644
> > --- a/OvmfPkg/OvmfPkgX64.dsc
> > +++ b/OvmfPkg/OvmfPkgX64.dsc
> > @@ -391,6 +391,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
> >    HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> >    SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
> >    SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
> > +  MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> >  !ifdef $(DEBUG_ON_SERIAL_PORT)
> >    DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> >  !else
>
> On 01/09/19 16:04, Laszlo Ersek wrote:
> > I'll be back with test results later.
>
> Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
>

Wonderful! Thanks a lot Laszlo

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Zeng, Star]

We'd better have a bugzilla to track this change.
And since it will require platform change in platform dsc to add the new 
library mapping, we need add notes in 
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-Notes.


Thanks,
Star

On 2019/1/4 2:28, Ard Biesheuvel wrote:
> This series proposed an alternative approach to the series sent out by
> Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
> special PCD, as well as some other if() conditionals.
> 
> The primary difference is that this series defines and implements
> MmServicesTableLib in such a way that the traditional SMM drivers
> can use it as well. This is appropriate, considering that the PI
> spec has rebranded traditional SMM as one implementation of the generic
> MM framework.
> 
> Patch #1 is based on Jagadeesh's patch, and introduces the MmServicesTableLib
> library class, but for all SMM flavours, not only for standalone MM.
> 
> Patch #2 implements MmServicesTableLib for traditional SMM implementations.
> 
> Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
> driver that invoke boot services are separated from the core SMM pieces.
> 
> Patch #4 implements FaultTolerantWriteSmm for the standalone MM environment.
> 
> Patches #5 and #6 do the same, respectively, for the variable runtime driver.
> 
> This approach minimizes the delta, and thus the maintenance burden, between
> the traditional SMM and standalone MM drivers, while not resorting to runtime
> checks or other conditionals in the code to implement logic that should be
> decided at build time.
> 
> Note that this series only covers part of the work contributed by Jagadeesh.
> This series focuses on the MdePkg and MdeModulePkg changes that affect shared
> code.
> 
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao Wu <hao.a.wu@intel.com>
> Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> Cc: Achin Gupta <Achin.Gupta@arm.com>
> Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
> Cc: Sami Mujawar <Sami.Mujawar@arm.com>
> 
> Ard Biesheuvel (5):
>    MdePkg: implement MmServicesTableLib based on traditional SMM
>    MdeModulePkg/FaultTolerantWriteDxe: factor out boot service accesses
>    MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version
>    MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses
>    MdeModulePkg/VariableRuntimeDxe: implement standalone MM version
> 
> Jagadeesh Ujja (1):
>    MdePkg/Include: add MmServicesTableLib header file
> 
>   MdeModulePkg/MdeModulePkg.dsc                 |   1 +
>   .../FaultTolerantWrite.h                      |  22 ++-
>   .../FaultTolerantWriteDxe.c                   |  31 ++++
>   .../FaultTolerantWriteSmm.c                   |  54 +++----
>   .../FaultTolerantWriteSmm.inf                 |   5 +-
>   .../FaultTolerantWriteSmmCommon.h             |  31 ++++
>   .../FaultTolerantWriteSmmDxe.c                |   1 +
>   .../FaultTolerantWriteStandaloneMm.c          |  70 +++++++++
>   .../FaultTolerantWriteStandaloneMm.inf        |  90 ++++++++++++
>   .../FaultTolerantWriteTraditionalMm.c         |  94 ++++++++++++
>   .../UpdateWorkingBlock.c                      |  10 +-
>   .../Variable/RuntimeDxe/TcgMorLockSmm.c       |  18 +--
>   .../Universal/Variable/RuntimeDxe/Variable.h  |  50 +++++++
>   .../Variable/RuntimeDxe/VariableSmm.c         |  59 +++-----
>   .../Variable/RuntimeDxe/VariableSmm.inf       |   5 +-
>   .../RuntimeDxe/VariableStandaloneMm.c         |  69 +++++++++
>   .../RuntimeDxe/VariableStandaloneMm.inf       | 135 ++++++++++++++++++
>   .../RuntimeDxe/VariableTraditionalMm.c        | 114 +++++++++++++++
>   MdePkg/Include/Library/MmServicesTableLib.h   |  25 ++++
>   .../MmServicesTableLib/MmServicesTableLib.c   |  63 ++++++++
>   .../MmServicesTableLib/MmServicesTableLib.inf |  45 ++++++
>   .../MmServicesTableLib/MmServicesTableLib.uni |  22 +++
>   MdePkg/MdePkg.dec                             |   4 +
>   MdePkg/MdePkg.dsc                             |   1 +
>   24 files changed, 916 insertions(+), 103 deletions(-)
>   create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>   create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>   create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
>   create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
>   create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
>   create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
>   create mode 100644 MdePkg/Include/Library/MmServicesTableLib.h
>   create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
>   create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>   create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
> 

Re: [PATCH 0/6] implement standalone MM versions of the variable runtime drivers

[Zeng, Star]

Ard,

FYI:
There is minor change overlap to VariableDxe/Smm.c between this patch 
series and the patch series at 
https://lists.01.org/pipermail/edk2-devel/2019-January/034921.html 
([PATCH 04/12]) I just sent.

After one patch series is pushed, the other patch series will need a 
simple rebase.


Thanks,
Star

On 2019/1/4 2:28, Ard Biesheuvel wrote:
> This series proposed an alternative approach to the series sent out by
> Jagadeesh [0]. In particular, it gets rid of the InMm() calls and the
> special PCD, as well as some other if() conditionals.
> 
> The primary difference is that this series defines and implements
> MmServicesTableLib in such a way that the traditional SMM drivers
> can use it as well. This is appropriate, considering that the PI
> spec has rebranded traditional SMM as one implementation of the generic
> MM framework.
> 
> Patch #1 is based on Jagadeesh's patch, and introduces the MmServicesTableLib
> library class, but for all SMM flavours, not only for standalone MM.
> 
> Patch #2 implements MmServicesTableLib for traditional SMM implementations.
> 
> Patch #3 refactors FaultTolerantWriteDxe so that the parts of the SMM
> driver that invoke boot services are separated from the core SMM pieces.
> 
> Patch #4 implements FaultTolerantWriteSmm for the standalone MM environment.
> 
> Patches #5 and #6 do the same, respectively, for the variable runtime driver.
> 
> This approach minimizes the delta, and thus the maintenance burden, between
> the traditional SMM and standalone MM drivers, while not resorting to runtime
> checks or other conditionals in the code to implement logic that should be
> decided at build time.
> 
> Note that this series only covers part of the work contributed by Jagadeesh.
> This series focuses on the MdePkg and MdeModulePkg changes that affect shared
> code.
> 
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao Wu <hao.a.wu@intel.com>
> Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> Cc: Achin Gupta <Achin.Gupta@arm.com>
> Cc: Thomas Panakamattam Abraham <thomas.abraham@arm.com>
> Cc: Sami Mujawar <Sami.Mujawar@arm.com>
> 
> Ard Biesheuvel (5):
>    MdePkg: implement MmServicesTableLib based on traditional SMM
>    MdeModulePkg/FaultTolerantWriteDxe: factor out boot service accesses
>    MdeModulePkg/FaultTolerantWriteDxe: implement standalone MM version
>    MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses
>    MdeModulePkg/VariableRuntimeDxe: implement standalone MM version
> 
> Jagadeesh Ujja (1):
>    MdePkg/Include: add MmServicesTableLib header file
> 
>   MdeModulePkg/MdeModulePkg.dsc                 |   1 +
>   .../FaultTolerantWrite.h                      |  22 ++-
>   .../FaultTolerantWriteDxe.c                   |  31 ++++
>   .../FaultTolerantWriteSmm.c                   |  54 +++----
>   .../FaultTolerantWriteSmm.inf                 |   5 +-
>   .../FaultTolerantWriteSmmCommon.h             |  31 ++++
>   .../FaultTolerantWriteSmmDxe.c                |   1 +
>   .../FaultTolerantWriteStandaloneMm.c          |  70 +++++++++
>   .../FaultTolerantWriteStandaloneMm.inf        |  90 ++++++++++++
>   .../FaultTolerantWriteTraditionalMm.c         |  94 ++++++++++++
>   .../UpdateWorkingBlock.c                      |  10 +-
>   .../Variable/RuntimeDxe/TcgMorLockSmm.c       |  18 +--
>   .../Universal/Variable/RuntimeDxe/Variable.h  |  50 +++++++
>   .../Variable/RuntimeDxe/VariableSmm.c         |  59 +++-----
>   .../Variable/RuntimeDxe/VariableSmm.inf       |   5 +-
>   .../RuntimeDxe/VariableStandaloneMm.c         |  69 +++++++++
>   .../RuntimeDxe/VariableStandaloneMm.inf       | 135 ++++++++++++++++++
>   .../RuntimeDxe/VariableTraditionalMm.c        | 114 +++++++++++++++
>   MdePkg/Include/Library/MmServicesTableLib.h   |  25 ++++
>   .../MmServicesTableLib/MmServicesTableLib.c   |  63 ++++++++
>   .../MmServicesTableLib/MmServicesTableLib.inf |  45 ++++++
>   .../MmServicesTableLib/MmServicesTableLib.uni |  22 +++
>   MdePkg/MdePkg.dec                             |   4 +
>   MdePkg/MdePkg.dsc                             |   1 +
>   24 files changed, 916 insertions(+), 103 deletions(-)
>   create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.c
>   create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
>   create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteTraditionalMm.c
>   create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
>   create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
>   create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
>   create mode 100644 MdePkg/Include/Library/MmServicesTableLib.h
>   create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.c
>   create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
>   create mode 100644 MdePkg/Library/MmServicesTableLib/MmServicesTableLib.uni
> 

[PATCH] BaseTools/GenFds: permit stripped MM_CORE_STANDALONE binaries

[Ard Biesheuvel]

The standalone MM core is executed in place, and resides in a
separate execution context which may be space constrained.
Since code and data may be mapped with different attributes for
security reasons, the PE/COFF binary could have a section
alignment of 4 KB.

This means that any relocation data is not only useless, but it
will also take up 4 KB of valuable space.

So add support for the RELOCS_STRIPPED attribute on FFS files of
this type, so that we can get rid of the .reloc section altogether.
Combined with the FIXED attribute (which enables an optimization
in GenFfs that strips redundant padding) and a TE type binary, this
gets rid of all the needless padding around the standalone MM core
binary.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 BaseTools/Source/Python/GenFds/EfiSection.py      | 2 +-
 BaseTools/Source/Python/GenFds/FdfParser.py       | 2 +-
 BaseTools/Source/Python/GenFds/FfsInfStatement.py | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/BaseTools/Source/Python/GenFds/EfiSection.py b/BaseTools/Source/Python/GenFds/EfiSection.py
index f8573b5c7d1b..0be176ec8ae1 100644
--- a/BaseTools/Source/Python/GenFds/EfiSection.py
+++ b/BaseTools/Source/Python/GenFds/EfiSection.py
@@ -68,7 +68,7 @@ class EfiSection (EfiSectionClassObject):
             StringData = FfsInf.__ExtendMacro__(self.StringData)
             ModuleNameStr = FfsInf.__ExtendMacro__('$(MODULE_NAME)')
             NoStrip = True
-            if FfsInf.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM) and SectionType in (BINARY_FILE_TYPE_TE, BINARY_FILE_TYPE_PE32):
+            if FfsInf.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE) and SectionType in (BINARY_FILE_TYPE_TE, BINARY_FILE_TYPE_PE32):
                 if FfsInf.KeepReloc is not None:
                     NoStrip = FfsInf.KeepReloc
                 elif FfsInf.KeepRelocFromRule is not None:
diff --git a/BaseTools/Source/Python/GenFds/FdfParser.py b/BaseTools/Source/Python/GenFds/FdfParser.py
index e000228d2f6c..de0b166030e7 100644
--- a/BaseTools/Source/Python/GenFds/FdfParser.py
+++ b/BaseTools/Source/Python/GenFds/FdfParser.py
@@ -2589,7 +2589,7 @@ class FdfParser:
     #
     @staticmethod
     def _FileCouldHaveRelocFlag (FileType):
-        if FileType in {SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, 'PEI_DXE_COMBO'}:
+        if FileType in {SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE, 'PEI_DXE_COMBO'}:
             return True
         else:
             return False
diff --git a/BaseTools/Source/Python/GenFds/FfsInfStatement.py b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
index c1073c96e9aa..d4c61c074963 100644
--- a/BaseTools/Source/Python/GenFds/FfsInfStatement.py
+++ b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
@@ -901,7 +901,7 @@ class FfsInfStatement(FfsInfStatementClassObject):
     #   @retval string       File name of the generated section file
     #
     def __GenComplexFileSection__(self, Rule, FvChildAddr, FvParentAddr, IsMakefile = False):
-        if self.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM):
+        if self.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE):
             if Rule.KeepReloc is not None:
                 self.KeepRelocFromRule = Rule.KeepReloc
         SectFiles = []
-- 
2.17.1

Re: [PATCH] BaseTools/GenFds: permit stripped MM_CORE_STANDALONE binaries

[Carsey, Jaben]

Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>


> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> Ard Biesheuvel
> Sent: Thursday, January 03, 2019 4:13 AM
> To: edk2-devel@lists.01.org
> Cc: Gao, Liming <liming.gao@intel.com>
> Subject: [edk2] [PATCH] BaseTools/GenFds: permit stripped
> MM_CORE_STANDALONE binaries
> 
> The standalone MM core is executed in place, and resides in a
> separate execution context which may be space constrained.
> Since code and data may be mapped with different attributes for
> security reasons, the PE/COFF binary could have a section
> alignment of 4 KB.
> 
> This means that any relocation data is not only useless, but it
> will also take up 4 KB of valuable space.
> 
> So add support for the RELOCS_STRIPPED attribute on FFS files of
> this type, so that we can get rid of the .reloc section altogether.
> Combined with the FIXED attribute (which enables an optimization
> in GenFfs that strips redundant padding) and a TE type binary, this
> gets rid of all the needless padding around the standalone MM core
> binary.
> 
> Cc: Bob Feng <bob.c.feng@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>  BaseTools/Source/Python/GenFds/EfiSection.py      | 2 +-
>  BaseTools/Source/Python/GenFds/FdfParser.py       | 2 +-
>  BaseTools/Source/Python/GenFds/FfsInfStatement.py | 2 +-
>  3 files changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/BaseTools/Source/Python/GenFds/EfiSection.py
> b/BaseTools/Source/Python/GenFds/EfiSection.py
> index f8573b5c7d1b..0be176ec8ae1 100644
> --- a/BaseTools/Source/Python/GenFds/EfiSection.py
> +++ b/BaseTools/Source/Python/GenFds/EfiSection.py
> @@ -68,7 +68,7 @@ class EfiSection (EfiSectionClassObject):
>              StringData = FfsInf.__ExtendMacro__(self.StringData)
>              ModuleNameStr = FfsInf.__ExtendMacro__('$(MODULE_NAME)')
>              NoStrip = True
> -            if FfsInf.ModuleType in (SUP_MODULE_SEC,
> SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM) and SectionType in
> (BINARY_FILE_TYPE_TE, BINARY_FILE_TYPE_PE32):
> +            if FfsInf.ModuleType in (SUP_MODULE_SEC,
> SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM,
> SUP_MODULE_MM_CORE_STANDALONE) and SectionType in
> (BINARY_FILE_TYPE_TE, BINARY_FILE_TYPE_PE32):
>                  if FfsInf.KeepReloc is not None:
>                      NoStrip = FfsInf.KeepReloc
>                  elif FfsInf.KeepRelocFromRule is not None:
> diff --git a/BaseTools/Source/Python/GenFds/FdfParser.py
> b/BaseTools/Source/Python/GenFds/FdfParser.py
> index e000228d2f6c..de0b166030e7 100644
> --- a/BaseTools/Source/Python/GenFds/FdfParser.py
> +++ b/BaseTools/Source/Python/GenFds/FdfParser.py
> @@ -2589,7 +2589,7 @@ class FdfParser:
>      #
>      @staticmethod
>      def _FileCouldHaveRelocFlag (FileType):
> -        if FileType in {SUP_MODULE_SEC, SUP_MODULE_PEI_CORE,
> SUP_MODULE_PEIM, 'PEI_DXE_COMBO'}:
> +        if FileType in {SUP_MODULE_SEC, SUP_MODULE_PEI_CORE,
> SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE,
> 'PEI_DXE_COMBO'}:
>              return True
>          else:
>              return False
> diff --git a/BaseTools/Source/Python/GenFds/FfsInfStatement.py
> b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
> index c1073c96e9aa..d4c61c074963 100644
> --- a/BaseTools/Source/Python/GenFds/FfsInfStatement.py
> +++ b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
> @@ -901,7 +901,7 @@ class FfsInfStatement(FfsInfStatementClassObject):
>      #   @retval string       File name of the generated section file
>      #
>      def __GenComplexFileSection__(self, Rule, FvChildAddr, FvParentAddr,
> IsMakefile = False):
> -        if self.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE,
> SUP_MODULE_PEIM):
> +        if self.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE,
> SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE):
>              if Rule.KeepReloc is not None:
>                  self.KeepRelocFromRule = Rule.KeepReloc
>          SectFiles = []
> --
> 2.17.1
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel

Re: [PATCH] BaseTools/GenFds: permit stripped MM_CORE_STANDALONE binaries

[Ard Biesheuvel]

On Thu, 3 Jan 2019 at 17:05, Carsey, Jaben <jaben.carsey@intel.com> wrote:
>
> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
>
>

Thanks all

Pushed as 672601cfcc6f..8ef653aa5aad

> > -----Original Message-----
> > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> > Ard Biesheuvel
> > Sent: Thursday, January 03, 2019 4:13 AM
> > To: edk2-devel@lists.01.org
> > Cc: Gao, Liming <liming.gao@intel.com>
> > Subject: [edk2] [PATCH] BaseTools/GenFds: permit stripped
> > MM_CORE_STANDALONE binaries
> >
> > The standalone MM core is executed in place, and resides in a
> > separate execution context which may be space constrained.
> > Since code and data may be mapped with different attributes for
> > security reasons, the PE/COFF binary could have a section
> > alignment of 4 KB.
> >
> > This means that any relocation data is not only useless, but it
> > will also take up 4 KB of valuable space.
> >
> > So add support for the RELOCS_STRIPPED attribute on FFS files of
> > this type, so that we can get rid of the .reloc section altogether.
> > Combined with the FIXED attribute (which enables an optimization
> > in GenFfs that strips redundant padding) and a TE type binary, this
> > gets rid of all the needless padding around the standalone MM core
> > binary.
> >
> > Cc: Bob Feng <bob.c.feng@intel.com>
> > Cc: Liming Gao <liming.gao@intel.com>
> > Cc: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
> > Contributed-under: TianoCore Contribution Agreement 1.1
> > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > ---
> >  BaseTools/Source/Python/GenFds/EfiSection.py      | 2 +-
> >  BaseTools/Source/Python/GenFds/FdfParser.py       | 2 +-
> >  BaseTools/Source/Python/GenFds/FfsInfStatement.py | 2 +-
> >  3 files changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/BaseTools/Source/Python/GenFds/EfiSection.py
> > b/BaseTools/Source/Python/GenFds/EfiSection.py
> > index f8573b5c7d1b..0be176ec8ae1 100644
> > --- a/BaseTools/Source/Python/GenFds/EfiSection.py
> > +++ b/BaseTools/Source/Python/GenFds/EfiSection.py
> > @@ -68,7 +68,7 @@ class EfiSection (EfiSectionClassObject):
> >              StringData = FfsInf.__ExtendMacro__(self.StringData)
> >              ModuleNameStr = FfsInf.__ExtendMacro__('$(MODULE_NAME)')
> >              NoStrip = True
> > -            if FfsInf.ModuleType in (SUP_MODULE_SEC,
> > SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM) and SectionType in
> > (BINARY_FILE_TYPE_TE, BINARY_FILE_TYPE_PE32):
> > +            if FfsInf.ModuleType in (SUP_MODULE_SEC,
> > SUP_MODULE_PEI_CORE, SUP_MODULE_PEIM,
> > SUP_MODULE_MM_CORE_STANDALONE) and SectionType in
> > (BINARY_FILE_TYPE_TE, BINARY_FILE_TYPE_PE32):
> >                  if FfsInf.KeepReloc is not None:
> >                      NoStrip = FfsInf.KeepReloc
> >                  elif FfsInf.KeepRelocFromRule is not None:
> > diff --git a/BaseTools/Source/Python/GenFds/FdfParser.py
> > b/BaseTools/Source/Python/GenFds/FdfParser.py
> > index e000228d2f6c..de0b166030e7 100644
> > --- a/BaseTools/Source/Python/GenFds/FdfParser.py
> > +++ b/BaseTools/Source/Python/GenFds/FdfParser.py
> > @@ -2589,7 +2589,7 @@ class FdfParser:
> >      #
> >      @staticmethod
> >      def _FileCouldHaveRelocFlag (FileType):
> > -        if FileType in {SUP_MODULE_SEC, SUP_MODULE_PEI_CORE,
> > SUP_MODULE_PEIM, 'PEI_DXE_COMBO'}:
> > +        if FileType in {SUP_MODULE_SEC, SUP_MODULE_PEI_CORE,
> > SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE,
> > 'PEI_DXE_COMBO'}:
> >              return True
> >          else:
> >              return False
> > diff --git a/BaseTools/Source/Python/GenFds/FfsInfStatement.py
> > b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
> > index c1073c96e9aa..d4c61c074963 100644
> > --- a/BaseTools/Source/Python/GenFds/FfsInfStatement.py
> > +++ b/BaseTools/Source/Python/GenFds/FfsInfStatement.py
> > @@ -901,7 +901,7 @@ class FfsInfStatement(FfsInfStatementClassObject):
> >      #   @retval string       File name of the generated section file
> >      #
> >      def __GenComplexFileSection__(self, Rule, FvChildAddr, FvParentAddr,
> > IsMakefile = False):
> > -        if self.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE,
> > SUP_MODULE_PEIM):
> > +        if self.ModuleType in (SUP_MODULE_SEC, SUP_MODULE_PEI_CORE,
> > SUP_MODULE_PEIM, SUP_MODULE_MM_CORE_STANDALONE):
> >              if Rule.KeepReloc is not None:
> >                  self.KeepRelocFromRule = Rule.KeepReloc
> >          SectFiles = []
> > --
> > 2.17.1
> >
> > _______________________________________________
> > edk2-devel mailing list
> > edk2-devel@lists.01.org
> > https://lists.01.org/mailman/listinfo/edk2-devel