* [RFC PATCH v3 01/11] MdeModulePkg/Variable: replace all uses of AsmLfence with MemoryFence
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
@ 2018-11-28 9:34 ` Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 02/11] StandaloneMmPkg: Pull in additonal libraries from staging branch Jagadeesh Ujja
` (10 subsequent siblings)
11 siblings, 0 replies; 15+ messages in thread
From: Jagadeesh Ujja @ 2018-11-28 9:34 UTC (permalink / raw)
To: edk2-devel, liming.gao, chao.b.zhang, leif.lindholm,
ard.biesheuvel
Replace all uses of AsmLfence with call to MemoryFence to allow
variable service code to be platform independent.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c | 4 ++--
MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c | 2 +-
MdePkg/Library/BaseLib/X86MemoryFence.c | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
index 27fcab19b62b..fabd713c7411 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
@@ -419,11 +419,11 @@ SmmFaultTolerantWriteHandler (
);
if (!EFI_ERROR (Status)) {
//
- // The AsmLfence() call here is to ensure the previous range/content
+ // The MemoryFence () call here is to ensure the previous range/content
// checks for the CommBuffer have been completed before calling into
// FtwWrite().
//
- AsmLfence ();
+ MemoryFence ();
Status = FtwWrite(
&mFtwDevice->FtwInstance,
SmmFtwWriteHeader->Lba,
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c
index 4b0d7e3e9561..7c4b01924e12 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c
@@ -26,5 +26,5 @@ MemoryLoadFence (
VOID
)
{
- AsmLfence ();
+ MemoryFence ();
}
diff --git a/MdePkg/Library/BaseLib/X86MemoryFence.c b/MdePkg/Library/BaseLib/X86MemoryFence.c
index 77e1c5a4ddee..3a7928df9bf8 100644
--- a/MdePkg/Library/BaseLib/X86MemoryFence.c
+++ b/MdePkg/Library/BaseLib/X86MemoryFence.c
@@ -28,5 +28,5 @@ MemoryFence (
VOID
)
{
- return;
+ AsmLfence ();
}
--
2.7.4
^ permalink raw reply related [flat|nested] 15+ messages in thread* [RFC PATCH v3 02/11] StandaloneMmPkg: Pull in additonal libraries from staging branch
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
2018-11-28 9:34 ` [RFC PATCH v3 01/11] MdeModulePkg/Variable: replace all uses of AsmLfence with MemoryFence Jagadeesh Ujja
@ 2018-11-28 9:35 ` Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 03/11] MdeModulePkg/Library: Add StandaloneMmRuntimeDxe library Jagadeesh Ujja
` (9 subsequent siblings)
11 siblings, 0 replies; 15+ messages in thread
From: Jagadeesh Ujja @ 2018-11-28 9:35 UTC (permalink / raw)
To: edk2-devel, liming.gao, chao.b.zhang, leif.lindholm,
ard.biesheuvel
Three additional library packages are being pulled into StandaloneMmPkg
from the staging area in order to support the secure variable service.
The three packages being pulled in are
- StandaloneMmHobLib
- StandaloneMmMemoryAllocationLib
- StandaloneMmServicesTableLib
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf | 2 +-
StandaloneMmPkg/Library/{StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf => StandaloneMmHobLib/StandaloneMmHobLib.inf} | 11 +--
StandaloneMmPkg/Library/{StandaloneMmCoreMemoryAllocationLib/StandaloneMmCoreMemoryAllocationLib.inf => StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf} | 14 ++-
StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf | 36 ++++++++
MdePkg/Include/Library/SmmServicesTableLib.h => StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h | 90 ++++++++++----------
StandaloneMmPkg/Library/{StandaloneMmCoreHobLib => StandaloneMmHobLib}/AArch64/StandaloneMmCoreHobLibInternal.c | 4 +-
StandaloneMmPkg/Library/{StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.c => StandaloneMmHobLib/StandaloneMmHobLib.c} | 55 +++++++++++-
MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c => StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c | 69 ++++++++-------
MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.c => StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c | 34 ++++----
9 files changed, 203 insertions(+), 112 deletions(-)
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf b/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
index db19d3c926e8..ac036e31cf5e 100644
--- a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
+++ b/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
@@ -24,7 +24,7 @@ [Defines]
MODULE_TYPE = MM_CORE_STANDALONE
VERSION_STRING = 1.0
PI_SPECIFICATION_VERSION = 0x00010032
- LIBRARY_CLASS = HobLib|MM_CORE_STANDALONE MM_STANDALONE
+ LIBRARY_CLASS = HobLib|MM_CORE_STANDALONE
#
# VALID_ARCHITECTURES = AARCH64
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf b/StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf
similarity index 79%
copy from StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
copy to StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf
index db19d3c926e8..d73188ec1b57 100644
--- a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
+++ b/StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf
@@ -20,17 +20,17 @@
[Defines]
INF_VERSION = 0x0001001A
BASE_NAME = HobLib
- FILE_GUID = CF56EF2C-68D8-4BD5-9A8B-8A7BFCFF751C
- MODULE_TYPE = MM_CORE_STANDALONE
+ FILE_GUID = 8262551B-AB2D-4E76-99FC-5EBB83F4988E
+ MODULE_TYPE = MM_STANDALONE
VERSION_STRING = 1.0
PI_SPECIFICATION_VERSION = 0x00010032
- LIBRARY_CLASS = HobLib|MM_CORE_STANDALONE MM_STANDALONE
-
+ LIBRARY_CLASS = HobLib|MM_STANDALONE
+ CONSTRUCTOR = HobLibConstructor
#
# VALID_ARCHITECTURES = AARCH64
#
[Sources.Common]
- StandaloneMmCoreHobLib.c
+ StandaloneMmHobLib.c
[Sources.AARCH64]
AArch64/StandaloneMmCoreHobLibInternal.c
@@ -42,6 +42,7 @@ [Packages]
[LibraryClasses]
BaseMemoryLib
DebugLib
+ MmServicesTableLib
[Guids]
gEfiHobListGuid ## CONSUMES ## SystemTable
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreMemoryAllocationLib/StandaloneMmCoreMemoryAllocationLib.inf b/StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
similarity index 76%
copy from StandaloneMmPkg/Library/StandaloneMmCoreMemoryAllocationLib/StandaloneMmCoreMemoryAllocationLib.inf
copy to StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
index 3958655cb4cf..9ac03df4caad 100644
--- a/StandaloneMmPkg/Library/StandaloneMmCoreMemoryAllocationLib/StandaloneMmCoreMemoryAllocationLib.inf
+++ b/StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
@@ -19,22 +19,20 @@
[Defines]
INF_VERSION = 0x0001001A
BASE_NAME = MemoryAllocationLib
- FILE_GUID = DCDCBE1D-E760-4E1D-85B4-96E3F0439C41
+ FILE_GUID = 54646378-A9DC-473F-9BE1-BD027C4C76DE
MODULE_TYPE = MM_CORE_STANDALONE
VERSION_STRING = 1.0
PI_SPECIFICATION_VERSION = 0x00010032
- LIBRARY_CLASS = MemoryAllocationLib|MM_CORE_STANDALONE
- CONSTRUCTOR = MemoryAllocationLibConstructor
+ LIBRARY_CLASS = MemoryAllocationLib|MM_STANDALONE
#
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
#
[Sources]
- StandaloneMmCoreMemoryAllocationLib.c
- StandaloneMmCoreMemoryAllocationServices.h
+ StandaloneMmMemoryAllocationLib.c
[Packages]
MdePkg/MdePkg.dec
@@ -43,7 +41,5 @@ [Packages]
[LibraryClasses]
BaseMemoryLib
DebugLib
+ MmServicesTableLib
HobLib
-
-[Guids]
- gEfiMmPeiMmramMemoryReserveGuid
diff --git a/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf b/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
new file mode 100644
index 000000000000..c36242914229
--- /dev/null
+++ b/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
@@ -0,0 +1,36 @@
+## @file
+# MM Core MM Services Table Library.
+#
+# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = StandaloneMmServicesTableLib
+ FILE_GUID = BEE33A2F-F49D-4B71-AF3E-FFCCB9885DEA
+ MODULE_TYPE = MM_STANDALONE
+ VERSION_STRING = 1.0
+ PI_SPECIFICATION_VERSION = 0x00010032
+ LIBRARY_CLASS = MmServicesTableLib|MM_STANDALONE
+ CONSTRUCTOR = StandaloneMmServicesTableLibConstructor
+
+#
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+#
+
+[Sources]
+ StandaloneMmServicesTableLib.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+
diff --git a/MdePkg/Include/Library/SmmServicesTableLib.h b/StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h
similarity index 55%
copy from MdePkg/Include/Library/SmmServicesTableLib.h
copy to StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h
index 01e999d234e7..e7a670d3636d 100644
--- a/MdePkg/Include/Library/SmmServicesTableLib.h
+++ b/StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h
@@ -1,43 +1,47 @@
-/** @file
- Provides a service to retrieve a pointer to the SMM Services Table.
- Only available to SMM module types.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef __SMM_SERVICES_TABLE_LIB_H__
-#define __SMM_SERVICES_TABLE_LIB_H__
-
-#include <PiSmm.h>
-
-///
-/// Cache pointer to the SMM Services Table
-///
-extern EFI_SMM_SYSTEM_TABLE2 *gSmst;
-
-/**
- This function allows the caller to determine if the driver is executing in
- System Management Mode(SMM).
-
- This function returns TRUE if the driver is executing in SMM and FALSE if the
- driver is not executing in SMM.
-
- @retval TRUE The driver is executing in System Management Mode (SMM).
- @retval FALSE The driver is not executing in System Management Mode (SMM).
-
-**/
-BOOLEAN
-EFIAPI
-InSmm (
- VOID
- );
-
-#endif
+/** @file
+ Provides a service to retrieve a pointer to the Standalone MM Services Table.
+ Only available to Standalone MM module types.
+
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __MM_SERVICES_TABLE_LIB_H__
+#define __MM_SERVICES_TABLE_LIB_H__
+
+#include <PiMm.h>
+#include <Library/DebugLib.h>
+
+///
+/// Cache pointer to the Standalone MM Services Table
+
+extern EFI_MM_SYSTEM_TABLE *gMmst;
+
+
+/**
+ This function allows the caller to determine if the driver is executing in
+ Standalone Management Mode(SMM).
+
+ This function returns TRUE if the driver is executing in SMM and FALSE if the
+ driver is not executing in SMM.
+
+ @retval TRUE The driver is executing in Standalone Management Mode (SMM).
+ @retval FALSE The driver is not executing in Standalone Management Mode (SMM).
+
+**/
+BOOLEAN
+EFIAPI
+InMm (
+ VOID
+ );
+
+#endif
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/AArch64/StandaloneMmCoreHobLibInternal.c b/StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
similarity index 90%
copy from StandaloneMmPkg/Library/StandaloneMmCoreHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
copy to StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
index 90e1cd479cb2..ac5a1c039f6a 100644
--- a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
+++ b/StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
@@ -42,11 +42,11 @@ HobConstructor (
HobEnd = (EFI_HOB_GENERIC_HEADER *)(Hob+1);
Hob->Header.HobType = EFI_HOB_TYPE_HANDOFF;
- Hob->Header.HobLength = sizeof (EFI_HOB_HANDOFF_INFO_TABLE);
+ Hob->Header.HobLength = sizeof(EFI_HOB_HANDOFF_INFO_TABLE);
Hob->Header.Reserved = 0;
HobEnd->HobType = EFI_HOB_TYPE_END_OF_HOB_LIST;
- HobEnd->HobLength = sizeof (EFI_HOB_GENERIC_HEADER);
+ HobEnd->HobLength = sizeof(EFI_HOB_GENERIC_HEADER);
HobEnd->Reserved = 0;
Hob->Version = EFI_HOB_HANDOFF_TABLE_VERSION;
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.c b/StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
similarity index 88%
copy from StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.c
copy to StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
index e2fcda813d1b..591a78c7f3b6 100644
--- a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.c
+++ b/StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
@@ -27,6 +27,43 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
//
VOID *gHobList = NULL;
+EFI_MM_SYSTEM_TABLE *gMmst = NULL;
+
+/**
+ The constructor function caches the pointer to HOB list.
+
+ The constructor function gets the start address of HOB list from system configuration table.
+ It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
+
+ @param ImageHandle The firmware allocated handle for the EFI image.
+ @param SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS The constructor successfully gets HobList.
+ @retval Other value The constructor can't get HobList.
+
+**/
+EFI_STATUS
+EFIAPI
+HobLibConstructor (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_MM_SYSTEM_TABLE *SmmSystemTable
+ )
+{
+ UINTN Index;
+
+ for (Index = 0; Index < gMmst->NumberOfTableEntries; Index++) {
+ if (CompareGuid (&gEfiHobListGuid, &gMmst->MmConfigurationTable[Index].VendorGuid)) {
+ gHobList = gMmst->MmConfigurationTable[Index].VendorTable;
+ break;
+ }
+ }
+
+ /* HACK: Use the ImageHandle to smuggle the hoblist into the library constructor */
+ if (ImageHandle)
+ gHobList = (VOID *) ImageHandle;
+
+ return EFI_SUCCESS;
+}
/**
Returns the pointer to the HOB list.
@@ -42,6 +79,16 @@ GetHobList (
VOID
)
{
+ UINTN Index;
+
+ if (gHobList == NULL) {
+ for (Index = 0; Index < gMmst->NumberOfTableEntries; Index++) {
+ if (CompareGuid (&gEfiHobListGuid, &gMmst->MmConfigurationTable[Index].VendorGuid)) {
+ gHobList = gMmst->MmConfigurationTable[Index].VendorTable;
+ break;
+ }
+ }
+ }
ASSERT (gHobList != NULL);
return gHobList;
}
@@ -206,7 +253,7 @@ GetBootModeHob (
HandOffHob = (EFI_HOB_HANDOFF_INFO_TABLE *) GetHobList ();
- return HandOffHob->BootMode;
+ return HandOffHob->BootMode;
}
VOID *
@@ -227,7 +274,7 @@ CreateHob (
FreeMemory = HandOffHob->EfiFreeMemoryTop - HandOffHob->EfiFreeMemoryBottom;
if (FreeMemory < HobLength) {
- return NULL;
+ return NULL;
}
Hob = (VOID*) (UINTN) HandOffHob->EfiEndOfHobList;
@@ -239,7 +286,7 @@ CreateHob (
HandOffHob->EfiEndOfHobList = (EFI_PHYSICAL_ADDRESS) (UINTN) HobEnd;
HobEnd->HobType = EFI_HOB_TYPE_END_OF_HOB_LIST;
- HobEnd->HobLength = sizeof (EFI_HOB_GENERIC_HEADER);
+ HobEnd->HobLength = sizeof(EFI_HOB_GENERIC_HEADER);
HobEnd->Reserved = 0;
HobEnd++;
HandOffHob->EfiFreeMemoryBottom = (EFI_PHYSICAL_ADDRESS) (UINTN) HobEnd;
@@ -314,7 +361,7 @@ BuildResourceDescriptorHob (
EFI_HOB_RESOURCE_DESCRIPTOR *Hob;
Hob = CreateHob (EFI_HOB_TYPE_RESOURCE_DESCRIPTOR, sizeof (EFI_HOB_RESOURCE_DESCRIPTOR));
- ASSERT (Hob != NULL);
+ ASSERT(Hob != NULL);
Hob->ResourceType = ResourceType;
Hob->ResourceAttribute = ResourceAttribute;
diff --git a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c b/StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
similarity index 89%
copy from MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
copy to StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
index dce13bbdf5e6..e989f277c159 100644
--- a/MdePkg/Library/UefiMemoryAllocationLib/MemoryAllocationLib.c
+++ b/StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
@@ -1,27 +1,28 @@
/** @file
- Support routines for memory allocation routines based
- on boot services for Dxe phase drivers.
+ Support routines for memory allocation routines based on Standalone MM Core internal functions.
+
+ Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
- Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
- http://opensource.org/licenses/bsd-license.php.
+ http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
+#include <PiMm.h>
-#include <Uefi.h>
-
-
+#include <Guid/MmramMemoryReserve.h>
#include <Library/MemoryAllocationLib.h>
-#include <Library/UefiBootServicesTableLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
+extern EFI_MM_SYSTEM_TABLE *gMmst;
+
/**
Allocates one or more 4KB pages of a certain memory type.
@@ -48,7 +49,7 @@ InternalAllocatePages (
return NULL;
}
- Status = gBS->AllocatePages (AllocateAnyPages, MemoryType, Pages, &Memory);
+ Status = gMmst->MmAllocatePages (AllocateAnyPages, MemoryType, Pages, &Memory);
if (EFI_ERROR (Status)) {
return NULL;
}
@@ -74,7 +75,7 @@ AllocatePages (
IN UINTN Pages
)
{
- return InternalAllocatePages (EfiBootServicesData, Pages);
+ return InternalAllocatePages (EfiRuntimeServicesData, Pages);
}
/**
@@ -118,7 +119,7 @@ AllocateReservedPages (
IN UINTN Pages
)
{
- return InternalAllocatePages (EfiReservedMemoryType, Pages);
+ return NULL;
}
/**
@@ -134,7 +135,7 @@ AllocateReservedPages (
then ASSERT().
If Pages is zero, then ASSERT().
- @param Buffer The pointer to the buffer of pages to free.
+ @param Buffer Pointer to the buffer of pages to free.
@param Pages The number of 4 KB pages to free.
**/
@@ -148,7 +149,7 @@ FreePages (
EFI_STATUS Status;
ASSERT (Pages != 0);
- Status = gBS->FreePages ((EFI_PHYSICAL_ADDRESS) (UINTN) Buffer, Pages);
+ Status = gMmst->MmFreePages ((EFI_PHYSICAL_ADDRESS) (UINTN) Buffer, Pages);
ASSERT_EFI_ERROR (Status);
}
@@ -203,7 +204,7 @@ InternalAllocateAlignedPages (
//
ASSERT (RealPages > Pages);
- Status = gBS->AllocatePages (AllocateAnyPages, MemoryType, RealPages, &Memory);
+ Status = gMmst->MmAllocatePages (AllocateAnyPages, MemoryType, RealPages, &Memory);
if (EFI_ERROR (Status)) {
return NULL;
}
@@ -213,23 +214,23 @@ InternalAllocateAlignedPages (
//
// Free first unaligned page(s).
//
- Status = gBS->FreePages (Memory, UnalignedPages);
+ Status = gMmst->MmFreePages (Memory, UnalignedPages);
ASSERT_EFI_ERROR (Status);
}
- Memory = AlignedMemory + EFI_PAGES_TO_SIZE (Pages);
+ Memory = (EFI_PHYSICAL_ADDRESS) (AlignedMemory + EFI_PAGES_TO_SIZE (Pages));
UnalignedPages = RealPages - Pages - UnalignedPages;
if (UnalignedPages > 0) {
//
// Free last unaligned page(s).
//
- Status = gBS->FreePages (Memory, UnalignedPages);
+ Status = gMmst->MmFreePages (Memory, UnalignedPages);
ASSERT_EFI_ERROR (Status);
}
} else {
//
// Do not over-allocate pages in this case.
//
- Status = gBS->AllocatePages (AllocateAnyPages, MemoryType, Pages, &Memory);
+ Status = gMmst->MmAllocatePages (AllocateAnyPages, MemoryType, Pages, &Memory);
if (EFI_ERROR (Status)) {
return NULL;
}
@@ -263,7 +264,7 @@ AllocateAlignedPages (
IN UINTN Alignment
)
{
- return InternalAllocateAlignedPages (EfiBootServicesData, Pages, Alignment);
+ return InternalAllocateAlignedPages (EfiRuntimeServicesData, Pages, Alignment);
}
/**
@@ -319,7 +320,7 @@ AllocateAlignedReservedPages (
IN UINTN Alignment
)
{
- return InternalAllocateAlignedPages (EfiReservedMemoryType, Pages, Alignment);
+ return NULL;
}
/**
@@ -335,7 +336,7 @@ AllocateAlignedReservedPages (
Library, then ASSERT().
If Pages is zero, then ASSERT().
- @param Buffer The pointer to the buffer of pages to free.
+ @param Buffer Pointer to the buffer of pages to free.
@param Pages The number of 4 KB pages to free.
**/
@@ -349,7 +350,7 @@ FreeAlignedPages (
EFI_STATUS Status;
ASSERT (Pages != 0);
- Status = gBS->FreePages ((EFI_PHYSICAL_ADDRESS) (UINTN) Buffer, Pages);
+ Status = gMmst->MmFreePages ((EFI_PHYSICAL_ADDRESS) (UINTN) Buffer, Pages);
ASSERT_EFI_ERROR (Status);
}
@@ -375,7 +376,9 @@ InternalAllocatePool (
EFI_STATUS Status;
VOID *Memory;
- Status = gBS->AllocatePool (MemoryType, AllocationSize, &Memory);
+ Memory = NULL;
+
+ Status = gMmst->MmAllocatePool (MemoryType, AllocationSize, &Memory);
if (EFI_ERROR (Status)) {
Memory = NULL;
}
@@ -400,7 +403,7 @@ AllocatePool (
IN UINTN AllocationSize
)
{
- return InternalAllocatePool (EfiBootServicesData, AllocationSize);
+ return InternalAllocatePool (EfiRuntimeServicesData, AllocationSize);
}
/**
@@ -442,7 +445,7 @@ AllocateReservedPool (
IN UINTN AllocationSize
)
{
- return InternalAllocatePool (EfiReservedMemoryType, AllocationSize);
+ return NULL;
}
/**
@@ -493,7 +496,7 @@ AllocateZeroPool (
IN UINTN AllocationSize
)
{
- return InternalAllocateZeroPool (EfiBootServicesData, AllocationSize);
+ return InternalAllocateZeroPool (EfiRuntimeServicesData, AllocationSize);
}
/**
@@ -537,7 +540,7 @@ AllocateReservedZeroPool (
IN UINTN AllocationSize
)
{
- return InternalAllocateZeroPool (EfiReservedMemoryType, AllocationSize);
+ return NULL;
}
/**
@@ -600,7 +603,7 @@ AllocateCopyPool (
IN CONST VOID *Buffer
)
{
- return InternalAllocateCopyPool (EfiBootServicesData, AllocationSize, Buffer);
+ return InternalAllocateCopyPool (EfiRuntimeServicesData, AllocationSize, Buffer);
}
/**
@@ -654,7 +657,7 @@ AllocateReservedCopyPool (
IN CONST VOID *Buffer
)
{
- return InternalAllocateCopyPool (EfiReservedMemoryType, AllocationSize, Buffer);
+ return NULL;
}
/**
@@ -726,7 +729,7 @@ ReallocatePool (
IN VOID *OldBuffer OPTIONAL
)
{
- return InternalReallocatePool (EfiBootServicesData, OldSize, NewSize, OldBuffer);
+ return InternalReallocatePool (EfiRuntimeServicesData, OldSize, NewSize, OldBuffer);
}
/**
@@ -790,7 +793,7 @@ ReallocateReservedPool (
IN VOID *OldBuffer OPTIONAL
)
{
- return InternalReallocatePool (EfiReservedMemoryType, OldSize, NewSize, OldBuffer);
+ return NULL;
}
/**
@@ -804,7 +807,7 @@ ReallocateReservedPool (
If Buffer was not allocated with a pool allocation function in the Memory Allocation Library,
then ASSERT().
- @param Buffer The pointer to the buffer to free.
+ @param Buffer Pointer to the buffer to free.
**/
VOID
@@ -815,7 +818,7 @@ FreePool (
{
EFI_STATUS Status;
- Status = gBS->FreePool (Buffer);
+ Status = gMmst->MmFreePool (Buffer);
ASSERT_EFI_ERROR (Status);
}
diff --git a/MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.c b/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
similarity index 56%
copy from MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.c
copy to StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
index c1ea2944338d..e0e004406287 100644
--- a/MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.c
+++ b/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
@@ -1,7 +1,9 @@
/** @file
- SMM Core SMM Services Table Library.
+ MM Core MM Services Table Library.
+
+ Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
- Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -12,15 +14,13 @@
**/
-#include <PiSmm.h>
-#include <Library/SmmServicesTableLib.h>
+#include <PiMm.h>
#include <Library/DebugLib.h>
-EFI_SMM_SYSTEM_TABLE2 *gSmst = NULL;
-extern EFI_SMM_SYSTEM_TABLE2 gSmmCoreSmst;
+extern EFI_MM_SYSTEM_TABLE *gMmst;
/**
- The constructor function caches the pointer of SMM Services Table.
+ The constructor function caches the pointer of MM Services Table.
@param ImageHandle The firmware allocated handle for the EFI image.
@param SystemTable A pointer to the EFI System Table.
@@ -30,31 +30,35 @@ extern EFI_SMM_SYSTEM_TABLE2 gSmmCoreSmst;
**/
EFI_STATUS
EFIAPI
-SmmCoreSmmServicesTableLibConstructor (
- IN EFI_HANDLE ImageHandle,
- IN EFI_SYSTEM_TABLE *SystemTable
+StandaloneMmServicesTableLibConstructor (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_MM_SYSTEM_TABLE *MmSystemTable
)
{
- gSmst = &gSmmCoreSmst;
+ gMmst = MmSystemTable;
return EFI_SUCCESS;
}
/**
This function allows the caller to determine if the driver is executing in
- System Management Mode(SMM).
+ Standalone Management Mode(SMM).
This function returns TRUE if the driver is executing in SMM and FALSE if the
driver is not executing in SMM.
- @retval TRUE The driver is executing in System Management Mode (SMM).
- @retval FALSE The driver is not executing in System Management Mode (SMM).
+ @retval TRUE The driver is executing in Standalone Management Mode (SMM).
+ @retval FALSE The driver is not executing in Standalone Management Mode (SMM).
**/
BOOLEAN
EFIAPI
-InSmm (
+InMm (
VOID
)
{
+ //
+ // We are already in Standalone MM
+ //
return TRUE;
}
+
--
2.7.4
^ permalink raw reply related [flat|nested] 15+ messages in thread* [RFC PATCH v3 03/11] MdeModulePkg/Library: Add StandaloneMmRuntimeDxe library
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
2018-11-28 9:34 ` [RFC PATCH v3 01/11] MdeModulePkg/Variable: replace all uses of AsmLfence with MemoryFence Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 02/11] StandaloneMmPkg: Pull in additonal libraries from staging branch Jagadeesh Ujja
@ 2018-11-28 9:35 ` Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 04/11] ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver Jagadeesh Ujja
` (8 subsequent siblings)
11 siblings, 0 replies; 15+ messages in thread
From: Jagadeesh Ujja @ 2018-11-28 9:35 UTC (permalink / raw)
To: edk2-devel, liming.gao, chao.b.zhang, leif.lindholm,
ard.biesheuvel
To resuse some the libraries in both MM and non-MM mode, a mechanism to
determine the execution mode is required, i.e, in MM or non-MM. Add a
new library for use by non-MM code to determine the current execution
mode.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
MdeModulePkg/Library/{AuthVariableLibNull/AuthVariableLibNull.inf => StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.inf} | 19 ++--
StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h => MdeModulePkg/Include/Library/StandaloneMmRuntimeDxe.h | 86 ++++++++---------
StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c => MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.c | 100 +++++++-------------
3 files changed, 86 insertions(+), 119 deletions(-)
diff --git a/MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf b/MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.inf
similarity index 61%
copy from MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
copy to MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.inf
index 900fef5d4989..5948fd27081c 100644
--- a/MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
+++ b/MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.inf
@@ -1,7 +1,7 @@
## @file
-# Provides NULL authenticated variable services.
+# Provides StandaloneMmRuntimeDxe.
#
-# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions
@@ -16,25 +16,28 @@
[Defines]
INF_VERSION = 0x00010005
- BASE_NAME = AuthVariableLibNull
- MODULE_UNI_FILE = AuthVariableLibNull.uni
- FILE_GUID = 435CB0E4-7C9A-4BB7-9907-8FD4643E978A
+ BASE_NAME = StandaloneMmRuntimeDxe
+ FILE_GUID = 8099cfbf-9564-4c9b-9052-e66b1da88930
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = AuthVariableLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER
+ LIBRARY_CLASS = StandaloneMmRuntimeDxe |DXE_RUNTIME_DRIVER DXE_SMM_DRIVER MM_STANDALONE
#
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
#
[Sources]
- AuthVariableLibNull.c
+ StandaloneMmRuntimeDxe.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
DebugLib
+ MemoryAllocationLib
+
diff --git a/StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h b/MdeModulePkg/Include/Library/StandaloneMmRuntimeDxe.h
similarity index 73%
copy from StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h
copy to MdeModulePkg/Include/Library/StandaloneMmRuntimeDxe.h
index e7a670d3636d..e4a61f6a7b21 100644
--- a/StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h
+++ b/MdeModulePkg/Include/Library/StandaloneMmRuntimeDxe.h
@@ -1,47 +1,39 @@
-/** @file
- Provides a service to retrieve a pointer to the Standalone MM Services Table.
- Only available to Standalone MM module types.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
-
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef __MM_SERVICES_TABLE_LIB_H__
-#define __MM_SERVICES_TABLE_LIB_H__
-
-#include <PiMm.h>
-#include <Library/DebugLib.h>
-
-///
-/// Cache pointer to the Standalone MM Services Table
-
-extern EFI_MM_SYSTEM_TABLE *gMmst;
-
-
-/**
- This function allows the caller to determine if the driver is executing in
- Standalone Management Mode(SMM).
-
- This function returns TRUE if the driver is executing in SMM and FALSE if the
- driver is not executing in SMM.
-
- @retval TRUE The driver is executing in Standalone Management Mode (SMM).
- @retval FALSE The driver is not executing in Standalone Management Mode (SMM).
-
-**/
-BOOLEAN
-EFIAPI
-InMm (
- VOID
- );
-
-#endif
+/** @file
+ Provides a service to retrieve a pointer to the Standalone MM Services Table.
+ Only available to Standalone MM module types.
+
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __STANDALONEMM_RUNTIME_DXE_LIB_H__
+#define __STANDALONEMM_RUNTIME_DXE_LIB_H__
+
+#include <PiDxe.h>
+
+/**
+ This function allows the caller to determine if the driver is executing in
+ Standalone Management Mode(SMM).
+
+ This function returns TRUE if the driver is executing in SMM and FALSE if the
+ driver is not executing in SMM.
+
+ @retval TRUE The driver is executing in Standalone Management Mode (SMM).
+ @retval FALSE The driver is not executing in Standalone Management Mode (SMM).
+
+**/
+BOOLEAN
+EFIAPI
+InMm (
+ VOID
+ );
+
+#endif
diff --git a/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c b/MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.c
similarity index 50%
copy from StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
copy to MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.c
index e0e004406287..61ef59a19a4f 100644
--- a/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
+++ b/MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.c
@@ -1,64 +1,36 @@
-/** @file
- MM Core MM Services Table Library.
-
- Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
- Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
-
- This program and the accompanying materials
- are licensed and made available under the terms and conditions of the BSD License
- which accompanies this distribution. The full text of the license may be found at
- http://opensource.org/licenses/bsd-license.php
-
- THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
- WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include <PiMm.h>
-#include <Library/DebugLib.h>
-
-extern EFI_MM_SYSTEM_TABLE *gMmst;
-
-/**
- The constructor function caches the pointer of MM Services Table.
-
- @param ImageHandle The firmware allocated handle for the EFI image.
- @param SystemTable A pointer to the EFI System Table.
-
- @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.
-
-**/
-EFI_STATUS
-EFIAPI
-StandaloneMmServicesTableLibConstructor (
- IN EFI_HANDLE ImageHandle,
- IN EFI_MM_SYSTEM_TABLE *MmSystemTable
- )
-{
- gMmst = MmSystemTable;
- return EFI_SUCCESS;
-}
-
-/**
- This function allows the caller to determine if the driver is executing in
- Standalone Management Mode(SMM).
-
- This function returns TRUE if the driver is executing in SMM and FALSE if the
- driver is not executing in SMM.
-
- @retval TRUE The driver is executing in Standalone Management Mode (SMM).
- @retval FALSE The driver is not executing in Standalone Management Mode (SMM).
-
-**/
-BOOLEAN
-EFIAPI
-InMm (
- VOID
- )
-{
- //
- // We are already in Standalone MM
- //
- return TRUE;
-}
-
+/** @file
+ StandaloneMmRuntimeDxe Library.
+
+ Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
+
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiDxe.h>
+
+/**
+ This function allows the caller to determine if the driver is executing in
+ Standalone Management Mode(SMM).
+
+ This function returns TRUE if the driver is executing in SMM and FALSE if the
+ driver is not executing in SMM.
+
+ @retval TRUE The driver is executing in Standalone Management Mode (SMM).
+ @retval FALSE The driver is not executing in Standalone Management Mode (SMM).
+
+**/
+BOOLEAN
+EFIAPI
+InMm (
+ VOID
+ )
+{
+ return FALSE;
+}
--
2.7.4
^ permalink raw reply related [flat|nested] 15+ messages in thread* [RFC PATCH v3 04/11] ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (2 preceding siblings ...)
2018-11-28 9:35 ` [RFC PATCH v3 03/11] MdeModulePkg/Library: Add StandaloneMmRuntimeDxe library Jagadeesh Ujja
@ 2018-11-28 9:35 ` Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 05/11] MdeModulePkg/FaultTolerantWriteDxe: " Jagadeesh Ujja
` (7 subsequent siblings)
11 siblings, 0 replies; 15+ messages in thread
From: Jagadeesh Ujja @ 2018-11-28 9:35 UTC (permalink / raw)
To: edk2-devel, liming.gao, chao.b.zhang, leif.lindholm,
ard.biesheuvel
Adapt the NorFlashDxe driver to be used as a MM_STANDALONE driver to
allow access to NOR flash for code executing in MM_STANDALONE mode.
This allows storing of EFI variables on NOR flash which is accessible
only via the MM STANDALONE mode software.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf | 3 +
ArmPlatformPkg/Drivers/NorFlashDxe/{NorFlashDxe.inf => NorFlashStandaloneMm.inf} | 28 +--
ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h | 5 +-
ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashBlockIoDxe.c | 2 +-
ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c | 211 ++++++++++++++++----
ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c | 88 ++++----
6 files changed, 240 insertions(+), 97 deletions(-)
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
index a59a21a03e0a..a704f69ef3aa 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
@@ -32,6 +32,7 @@ [Packages]
MdeModulePkg/MdeModulePkg.dec
ArmPlatformPkg/ArmPlatformPkg.dec
EmbeddedPkg/EmbeddedPkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
IoLib
@@ -44,6 +45,7 @@ [LibraryClasses]
UefiBootServicesTableLib
UefiRuntimeLib
DxeServicesTableLib
+ StandaloneMmRuntimeDxe
[Guids]
gEfiSystemNvDataFvGuid
@@ -57,6 +59,7 @@ [Protocols]
gEfiDevicePathProtocolGuid
gEfiFirmwareVolumeBlockProtocolGuid
gEfiDiskIoProtocolGuid
+ gEfiSmmFirmwareVolumeBlockProtocolGuid
[Pcd.common]
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashStandaloneMm.inf
similarity index 71%
copy from ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
copy to ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashStandaloneMm.inf
index a59a21a03e0a..a6d0581b799c 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashStandaloneMm.inf
@@ -2,7 +2,7 @@
#
# Component description file for NorFlashDxe module
#
-# Copyright (c) 2011 - 2014, ARM Ltd. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
@@ -16,11 +16,12 @@
[Defines]
INF_VERSION = 0x00010005
- BASE_NAME = ArmVeNorFlashDxe
- FILE_GUID = 93E34C7E-B50E-11DF-9223-2443DFD72085
- MODULE_TYPE = DXE_RUNTIME_DRIVER
+ BASE_NAME = StandaloneMmNorFlash
+ FILE_GUID = 166F677B-DAC9-4AE4-AD34-2FF2504B0637
+ MODULE_TYPE = MM_STANDALONE
VERSION_STRING = 1.0
- ENTRY_POINT = NorFlashInitialise
+ PI_SPECIFICATION_VERSION = 0x00010032
+ ENTRY_POINT = StandaloneMmNorFlashInitialise
[Sources.common]
NorFlashDxe.c
@@ -32,18 +33,21 @@ [Packages]
MdeModulePkg/MdeModulePkg.dec
ArmPlatformPkg/ArmPlatformPkg.dec
EmbeddedPkg/EmbeddedPkg.dec
+ ArmPkg/ArmPkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
+ StandaloneMmDriverEntryPoint
+ BaseMemoryLib
+ ArmSvcLib
+ ArmLib
IoLib
BaseLib
DebugLib
HobLib
+ MemoryAllocationLib
NorFlashPlatformLib
- UefiLib
- UefiDriverEntryPoint
- UefiBootServicesTableLib
- UefiRuntimeLib
- DxeServicesTableLib
+ MmServicesTableLib
[Guids]
gEfiSystemNvDataFvGuid
@@ -55,7 +59,7 @@ [Guids]
[Protocols]
gEfiBlockIoProtocolGuid
gEfiDevicePathProtocolGuid
- gEfiFirmwareVolumeBlockProtocolGuid
+ gEfiSmmFirmwareVolumeBlockProtocolGuid
gEfiDiskIoProtocolGuid
[Pcd.common]
@@ -69,4 +73,4 @@ [Pcd.common]
gArmPlatformTokenSpaceGuid.PcdNorFlashCheckBlockLocked
[Depex]
- gEfiCpuArchProtocolGuid
+ TRUE
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h
index 5c07694fbfaa..e3932a190b27 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h
@@ -1,6 +1,6 @@
/** @file NorFlashDxe.h
- Copyright (c) 2011 - 2014, ARM Ltd. All rights reserved.<BR>
+ Copyright (c) 2011 - 2018, ARM Ltd. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -19,6 +19,7 @@
#include <Base.h>
#include <PiDxe.h>
+#include <PiMm.h>
#include <Guid/EventGroup.h>
#include <Protocol/BlockIo.h>
@@ -30,6 +31,8 @@
#include <Library/NorFlashPlatformLib.h>
#include <Library/UefiLib.h>
#include <Library/UefiRuntimeLib.h>
+#include <Library/StandaloneMmServicesTableLib.h>
+#include <Library/StandaloneMmRuntimeDxe.h>
#define NOR_FLASH_ERASE_RETRY 10
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashBlockIoDxe.c b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashBlockIoDxe.c
index 279b77c75ee1..4c002c7d65d3 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashBlockIoDxe.c
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashBlockIoDxe.c
@@ -1,6 +1,6 @@
/** @file NorFlashBlockIoDxe.c
- Copyright (c) 2011-2013, ARM Ltd. All rights reserved.<BR>
+ Copyright (c) 2011-2018, ARM Ltd. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c
index 46e815beb343..706906a974a3 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c
@@ -1,6 +1,6 @@
/** @file NorFlashDxe.c
- Copyright (c) 2011 - 2014, ARM Ltd. All rights reserved.<BR>
+ Copyright (c) 2011 - 2018, ARM Ltd. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -134,29 +134,102 @@ NorFlashCreateInstance (
if (SupportFvb) {
NorFlashFvbInitialize (Instance);
+ if (!InMm ()) {
+ Status = gBS->InstallMultipleProtocolInterfaces (
+ &Instance->Handle,
+ &gEfiDevicePathProtocolGuid, &Instance->DevicePath,
+ &gEfiBlockIoProtocolGuid, &Instance->BlockIoProtocol,
+ &gEfiFirmwareVolumeBlockProtocolGuid, &Instance->FvbProtocol,
+ NULL
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
+ } else {
+ //Install DevicePath Protocol
+ Status = gMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiDevicePathProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->DevicePath
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
+ //Install BlockIo Protocol
+ Status = gMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiBlockIoProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->BlockIoProtocol
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
- Status = gBS->InstallMultipleProtocolInterfaces (
- &Instance->Handle,
- &gEfiDevicePathProtocolGuid, &Instance->DevicePath,
- &gEfiBlockIoProtocolGuid, &Instance->BlockIoProtocol,
- &gEfiFirmwareVolumeBlockProtocolGuid, &Instance->FvbProtocol,
- NULL
- );
- if (EFI_ERROR(Status)) {
- FreePool (Instance);
- return Status;
+ //Install FirmwareVolumeBlock Protocol
+ Status = gMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->FvbProtocol
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
}
} else {
- Status = gBS->InstallMultipleProtocolInterfaces (
- &Instance->Handle,
- &gEfiDevicePathProtocolGuid, &Instance->DevicePath,
- &gEfiBlockIoProtocolGuid, &Instance->BlockIoProtocol,
- &gEfiDiskIoProtocolGuid, &Instance->DiskIoProtocol,
- NULL
- );
- if (EFI_ERROR(Status)) {
- FreePool (Instance);
- return Status;
+ if (!InMm ()) {
+ Status = gBS->InstallMultipleProtocolInterfaces (
+ &Instance->Handle,
+ &gEfiDevicePathProtocolGuid, &Instance->DevicePath,
+ &gEfiBlockIoProtocolGuid, &Instance->BlockIoProtocol,
+ &gEfiDiskIoProtocolGuid, &Instance->DiskIoProtocol,
+ NULL
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
+ } else {
+ //Install DevicePath Protocol
+ Status = gMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiDevicePathProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->DevicePath
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
+ //Install BlockIo Protocol
+ Status = gMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiBlockIoProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->BlockIoProtocol
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
+
+ //Install DiskIO Protocol
+ Status = gMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiDiskIoProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->DiskIoProtocol
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
}
}
@@ -338,13 +411,15 @@ NorFlashUnlockAndEraseSingleBlock (
UINTN Index;
EFI_TPL OriginalTPL;
- if (!EfiAtRuntime ()) {
- // Raise TPL to TPL_HIGH to stop anyone from interrupting us.
- OriginalTPL = gBS->RaiseTPL (TPL_HIGH_LEVEL);
- } else {
- // This initialization is only to prevent the compiler to complain about the
- // use of uninitialized variables
- OriginalTPL = TPL_HIGH_LEVEL;
+ if (!InMm ()) {
+ if (!EfiAtRuntime ()) {
+ // Raise TPL to TPL_HIGH to stop anyone from interrupting us.
+ OriginalTPL = gBS->RaiseTPL (TPL_HIGH_LEVEL);
+ } else {
+ // This initialization is only to prevent the compiler to complain about the
+ // use of uninitialized variables
+ OriginalTPL = TPL_HIGH_LEVEL;
+ }
}
Index = 0;
@@ -363,9 +438,11 @@ NorFlashUnlockAndEraseSingleBlock (
DEBUG((EFI_D_ERROR,"EraseSingleBlock(BlockAddress=0x%08x: Block Locked Error (try to erase %d times)\n", BlockAddress,Index));
}
- if (!EfiAtRuntime ()) {
- // Interruptions can resume.
- gBS->RestoreTPL (OriginalTPL);
+ if (!InMm ()) {
+ if (!EfiAtRuntime ()) {
+ // Interruptions can resume.
+ gBS->RestoreTPL (OriginalTPL);
+ }
}
return Status;
@@ -591,13 +668,15 @@ NorFlashWriteFullBlock (
// Start writing from the first address at the start of the block
WordAddress = BlockAddress;
- if (!EfiAtRuntime ()) {
- // Raise TPL to TPL_HIGH to stop anyone from interrupting us.
- OriginalTPL = gBS->RaiseTPL (TPL_HIGH_LEVEL);
- } else {
- // This initialization is only to prevent the compiler to complain about the
- // use of uninitialized variables
- OriginalTPL = TPL_HIGH_LEVEL;
+ if (!InMm ()) {
+ if (!EfiAtRuntime ()) {
+ // Raise TPL to TPL_HIGH to stop anyone from interrupting us.
+ OriginalTPL = gBS->RaiseTPL (TPL_HIGH_LEVEL);
+ } else {
+ // This initialization is only to prevent the compiler to complain about the
+ // use of uninitialized variables
+ OriginalTPL = TPL_HIGH_LEVEL;
+ }
}
Status = NorFlashUnlockAndEraseSingleBlock (Instance, BlockAddress);
@@ -657,9 +736,11 @@ NorFlashWriteFullBlock (
}
EXIT:
- if (!EfiAtRuntime ()) {
- // Interruptions can resume.
- gBS->RestoreTPL (OriginalTPL);
+ if (!InMm ()) {
+ if (!EfiAtRuntime ()) {
+ // Interruptions can resume.
+ gBS->RestoreTPL (OriginalTPL);
+ }
}
if (EFI_ERROR(Status)) {
@@ -1331,6 +1412,54 @@ NorFlashInitialise (
&mNorFlashVirtualAddrChangeEvent
);
ASSERT_EFI_ERROR (Status);
+ return Status;
+}
+
+EFI_STATUS
+EFIAPI
+StandaloneMmNorFlashInitialise (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_MM_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+ UINT32 Index;
+ NOR_FLASH_DESCRIPTION* NorFlashDevices;
+ BOOLEAN ContainVariableStorage;
+
+ Status = NorFlashPlatformInitialization ();
+ if (EFI_ERROR(Status)) {
+ DEBUG((EFI_D_ERROR,"NorFlashInitialise: Fail to initialize Nor Flash devices\n"));
+ return Status;
+ }
+
+ Status = NorFlashPlatformGetDevices (&NorFlashDevices, &mNorFlashDeviceCount);
+ if (EFI_ERROR(Status)) {
+ DEBUG((EFI_D_ERROR,"NorFlashInitialise: Fail to get Nor Flash devices\n"));
+ return Status;
+ }
+
+ mNorFlashInstances = AllocateRuntimePool (sizeof(NOR_FLASH_INSTANCE*) * mNorFlashDeviceCount);
+
+ for (Index = 0; Index < mNorFlashDeviceCount; Index++) {
+ // Check if this NOR Flash device contain the variable storage region
+ ContainVariableStorage =
+ (NorFlashDevices[Index].RegionBaseAddress <= PcdGet32 (PcdFlashNvStorageVariableBase)) &&
+ (PcdGet32 (PcdFlashNvStorageVariableBase) + PcdGet32 (PcdFlashNvStorageVariableSize) <= NorFlashDevices[Index].RegionBaseAddress + NorFlashDevices[Index].Size);
+ Status = NorFlashCreateInstance (
+ NorFlashDevices[Index].DeviceBaseAddress,
+ NorFlashDevices[Index].RegionBaseAddress,
+ NorFlashDevices[Index].Size,
+ Index,
+ NorFlashDevices[Index].BlockSize,
+ ContainVariableStorage,
+ &NorFlashDevices[Index].Guid,
+ &mNorFlashInstances[Index]
+ );
+ if (EFI_ERROR(Status)) {
+ DEBUG((EFI_D_ERROR,"NorFlashInitialise: Fail to create instance for NorFlash[%d]\n",Index));
+ }
+ }
return Status;
}
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c
index e62ffbb433d0..e4d7100ee17e 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c
@@ -1,6 +1,6 @@
/*++ @file NorFlashFvbDxe.c
- Copyright (c) 2011 - 2014, ARM Ltd. All rights reserved.<BR>
+ Copyright (c) 2011 - 2018, ARM Ltd. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -720,27 +720,29 @@ NorFlashFvbInitialize (
DEBUG((DEBUG_BLKIO,"NorFlashFvbInitialize\n"));
ASSERT((Instance != NULL));
- //
- // Declare the Non-Volatile storage as EFI_MEMORY_RUNTIME
- //
+ if (!InMm ()) {
+ //
+ // Declare the Non-Volatile storage as EFI_MEMORY_RUNTIME
+ //
- // Note: all the NOR Flash region needs to be reserved into the UEFI Runtime memory;
- // even if we only use the small block region at the top of the NOR Flash.
- // The reason is when the NOR Flash memory is set into program mode, the command
- // is written as the base of the flash region (ie: Instance->DeviceBaseAddress)
- RuntimeMmioRegionSize = (Instance->RegionBaseAddress - Instance->DeviceBaseAddress) + Instance->Size;
+ // Note: all the NOR Flash region needs to be reserved into the UEFI Runtime memory;
+ // even if we only use the small block region at the top of the NOR Flash.
+ // The reason is when the NOR Flash memory is set into program mode, the command
+ // is written as the base of the flash region (ie: Instance->DeviceBaseAddress)
+ RuntimeMmioRegionSize = (Instance->RegionBaseAddress - Instance->DeviceBaseAddress) + Instance->Size;
- Status = gDS->AddMemorySpace (
- EfiGcdMemoryTypeMemoryMappedIo,
- Instance->DeviceBaseAddress, RuntimeMmioRegionSize,
- EFI_MEMORY_UC | EFI_MEMORY_RUNTIME
- );
- ASSERT_EFI_ERROR (Status);
+ Status = gDS->AddMemorySpace (
+ EfiGcdMemoryTypeMemoryMappedIo,
+ Instance->DeviceBaseAddress, RuntimeMmioRegionSize,
+ EFI_MEMORY_UC | EFI_MEMORY_RUNTIME
+ );
+ ASSERT_EFI_ERROR (Status);
- Status = gDS->SetMemorySpaceAttributes (
- Instance->DeviceBaseAddress, RuntimeMmioRegionSize,
- EFI_MEMORY_UC | EFI_MEMORY_RUNTIME);
- ASSERT_EFI_ERROR (Status);
+ Status = gDS->SetMemorySpaceAttributes (
+ Instance->DeviceBaseAddress, RuntimeMmioRegionSize,
+ EFI_MEMORY_UC | EFI_MEMORY_RUNTIME);
+ ASSERT_EFI_ERROR (Status);
+ }
mFlashNvStorageVariableBase = FixedPcdGet32 (PcdFlashNvStorageVariableBase);
@@ -777,30 +779,32 @@ NorFlashFvbInitialize (
}
}
- //
- // The driver implementing the variable read service can now be dispatched;
- // the varstore headers are in place.
- //
- Status = gBS->InstallProtocolInterface (
- &gImageHandle,
- &gEdkiiNvVarStoreFormattedGuid,
- EFI_NATIVE_INTERFACE,
- NULL
- );
- ASSERT_EFI_ERROR (Status);
+ if (!InMm ()) {
+ //
+ // The driver implementing the variable read service can now be dispatched;
+ // the varstore headers are in place.
+ //
+ Status = gBS->InstallProtocolInterface (
+ &gImageHandle,
+ &gEdkiiNvVarStoreFormattedGuid,
+ EFI_NATIVE_INTERFACE,
+ NULL
+ );
+ ASSERT_EFI_ERROR (Status);
- //
- // Register for the virtual address change event
- //
- Status = gBS->CreateEventEx (
- EVT_NOTIFY_SIGNAL,
- TPL_NOTIFY,
- FvbVirtualNotifyEvent,
- NULL,
- &gEfiEventVirtualAddressChangeGuid,
- &mFvbVirtualAddrChangeEvent
- );
- ASSERT_EFI_ERROR (Status);
+ //
+ // Register for the virtual address change event
+ //
+ Status = gBS->CreateEventEx (
+ EVT_NOTIFY_SIGNAL,
+ TPL_NOTIFY,
+ FvbVirtualNotifyEvent,
+ NULL,
+ &gEfiEventVirtualAddressChangeGuid,
+ &mFvbVirtualAddrChangeEvent
+ );
+ ASSERT_EFI_ERROR (Status);
+ }
return Status;
}
--
2.7.4
^ permalink raw reply related [flat|nested] 15+ messages in thread* [RFC PATCH v3 05/11] MdeModulePkg/FaultTolerantWriteDxe: allow reusability as a MM driver
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (3 preceding siblings ...)
2018-11-28 9:35 ` [RFC PATCH v3 04/11] ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver Jagadeesh Ujja
@ 2018-11-28 9:35 ` Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 06/11] MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM Standalone Jagadeesh Ujja
` (6 subsequent siblings)
11 siblings, 0 replies; 15+ messages in thread
From: Jagadeesh Ujja @ 2018-11-28 9:35 UTC (permalink / raw)
To: edk2-devel, liming.gao, chao.b.zhang, leif.lindholm,
ard.biesheuvel
Adapt the FaultTolerantWriteDxe driver to be used as a MM_STANDALONE
driver to provide UEFI fault tolerant write protocol functionality
for variable reclaim operation on EFI variables stored on a NOR flash
that is only accessible to code executing in MM Standalone mode.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf | 2 +
MdeModulePkg/Universal/FaultTolerantWriteDxe/{FaultTolerantWriteSmm.inf => FaultTolerantWriteStandaloneMm.inf} | 25 +--
MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c | 203 +++++++++++++++-----
MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c | 27 +--
4 files changed, 185 insertions(+), 72 deletions(-)
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
index dcde58d63218..db45be0a9825 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
@@ -41,6 +41,7 @@ [Sources]
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
UefiBootServicesTableLib
@@ -69,6 +70,7 @@ [Protocols]
[FeaturePcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable ## CONSUMES
+ gStandaloneMmPkgTokenSpaceGuid.PcdStandaloneMmEnable
[Pcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase ## SOMETIMES_CONSUMES
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
similarity index 79%
copy from MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
copy to MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
index 606cc2266bda..724534b09b1b 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
@@ -7,6 +7,7 @@
# flash access.
#
# Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
@@ -18,19 +19,19 @@
##
[Defines]
- INF_VERSION = 0x00010005
- BASE_NAME = SmmFaultTolerantWriteDxe
+ INF_VERSION = 0x0001001A
+ BASE_NAME = FaultTolerantWriteMmStandalone
MODULE_UNI_FILE = SmmFaultTolerantWriteDxe.uni
FILE_GUID = 470CB248-E8AC-473c-BB4F-81069A1FE6FD
- MODULE_TYPE = DXE_SMM_DRIVER
+ MODULE_TYPE = MM_STANDALONE
VERSION_STRING = 1.0
- PI_SPECIFICATION_VERSION = 0x0001000A
- ENTRY_POINT = SmmFaultTolerantWriteInitialize
+ PI_SPECIFICATION_VERSION = 0x00010032
+ ENTRY_POINT = StandaloneMmFaultTolerantWriteInitialize
#
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
#
[Sources]
@@ -44,18 +45,18 @@ [Sources]
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
- SmmServicesTableLib
MemoryAllocationLib
BaseMemoryLib
- UefiDriverEntryPoint
DebugLib
- UefiLib
PcdLib
ReportStatusCodeLib
- SmmMemLib
+ MemLib
+ StandaloneMmDriverEntryPoint
BaseLib
+ MmServicesTableLib
[Guids]
#
@@ -77,6 +78,7 @@ [Protocols]
[FeaturePcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable ## CONSUMES
+ gStandaloneMmPkgTokenSpaceGuid.PcdStandaloneMmEnable
[Pcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase ## SOMETIMES_CONSUMES
@@ -93,7 +95,8 @@ [Pcd]
# So add gEfiRuntimeArchProtocolGuid Depex here.
#
[Depex]
- gEfiSmmFirmwareVolumeBlockProtocolGuid AND gEfiRuntimeArchProtocolGuid
+ TRUE
+ #gEfiSmmFirmwareVolumeBlockProtocolGuid AND gEfiRuntimeArchProtocolGuid
[UserExtensions.TianoCore."ExtraFiles"]
SmmFaultTolerantWriteDxeExtra.uni
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
index fabd713c7411..ace39fd4d233 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
@@ -44,6 +44,7 @@
This driver need to make sure the CommBuffer is not in the SMRAM range.
Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -55,13 +56,16 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <PiSmm.h>
+#include <PiMm.h>
#include <Library/SmmServicesTableLib.h>
#include <Library/SmmMemLib.h>
+#include <Library/StandaloneMmMemLib.h>
#include <Library/BaseLib.h>
#include <Protocol/SmmSwapAddressRange.h>
#include "FaultTolerantWrite.h"
#include "FaultTolerantWriteSmmCommon.h"
#include <Protocol/SmmEndOfDxe.h>
+#include <Library/StandaloneMmServicesTableLib.h>
EFI_EVENT mFvbRegistration = NULL;
EFI_FTW_DEVICE *mFtwDevice = NULL;
@@ -92,11 +96,19 @@ FtwGetFvbByHandle (
//
// To get the SMM FVB protocol interface on the handle
//
- return gSmst->SmmHandleProtocol (
- FvBlockHandle,
- &gEfiSmmFirmwareVolumeBlockProtocolGuid,
- (VOID **) FvBlock
- );
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ return gSmst->SmmHandleProtocol (
+ FvBlockHandle,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ (VOID **) FvBlock
+ );
+ } else {
+ return gMmst->MmHandleProtocol (
+ FvBlockHandle,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ (VOID **) FvBlock
+ );
+ }
}
/**
@@ -119,11 +131,19 @@ FtwGetSarProtocol (
//
// Locate Smm Swap Address Range protocol
//
- Status = gSmst->SmmLocateProtocol (
- &gEfiSmmSwapAddressRangeProtocolGuid,
- NULL,
- SarProtocol
- );
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gSmst->SmmLocateProtocol (
+ &gEfiSmmSwapAddressRangeProtocolGuid,
+ NULL,
+ SarProtocol
+ );
+ } else {
+ Status = gMmst->MmLocateProtocol (
+ &gEfiSmmSwapAddressRangeProtocolGuid,
+ NULL,
+ SarProtocol
+ );
+ }
return Status;
}
@@ -158,13 +178,23 @@ GetFvbCountAndBuffer (
BufferSize = 0;
*NumberHandles = 0;
*Buffer = NULL;
- Status = gSmst->SmmLocateHandle (
- ByProtocol,
- &gEfiSmmFirmwareVolumeBlockProtocolGuid,
- NULL,
- &BufferSize,
- *Buffer
- );
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gSmst->SmmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ } else {
+ Status = gMmst->MmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ }
if (EFI_ERROR(Status) && Status != EFI_BUFFER_TOO_SMALL) {
return EFI_NOT_FOUND;
}
@@ -173,15 +203,23 @@ GetFvbCountAndBuffer (
if (*Buffer == NULL) {
return EFI_OUT_OF_RESOURCES;
}
-
- Status = gSmst->SmmLocateHandle (
- ByProtocol,
- &gEfiSmmFirmwareVolumeBlockProtocolGuid,
- NULL,
- &BufferSize,
- *Buffer
- );
-
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gSmst->SmmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ } else {
+ Status = gMmst->MmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ }
*NumberHandles = BufferSize / sizeof(EFI_HANDLE);
if (EFI_ERROR(Status)) {
*NumberHandles = 0;
@@ -335,10 +373,16 @@ SmmFaultTolerantWriteHandler (
return EFI_SUCCESS;
}
CommBufferPayloadSize = TempCommBufferSize - SMM_FTW_COMMUNICATE_HEADER_SIZE;
-
- if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
- DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in SMRAM or overflow!\n"));
- return EFI_SUCCESS;
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+ DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in SMRAM or overflow!\n"));
+ return EFI_SUCCESS;
+ }
+ } else {
+ if (!MmIsBufferOutsideMmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+ DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in SMRAM or overflow!\n"));
+ return EFI_SUCCESS;
+ }
}
SmmFtwFunctionHeader = (SMM_FTW_COMMUNICATE_FUNCTION_HEADER *)CommBuffer;
@@ -531,11 +575,19 @@ FvbNotificationEvent (
// Just return to avoid install SMM FaultTolerantWriteProtocol again
// if SMM Fault Tolerant Write protocol had been installed.
//
- Status = gSmst->SmmLocateProtocol (
- &gEfiSmmFaultTolerantWriteProtocolGuid,
- NULL,
- (VOID **) &FtwProtocol
- );
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gSmst->SmmLocateProtocol (
+ &gEfiSmmFaultTolerantWriteProtocolGuid,
+ NULL,
+ (VOID **) &FtwProtocol
+ );
+ } else {
+ Status = gMmst->MmLocateProtocol (
+ &gEfiSmmFaultTolerantWriteProtocolGuid,
+ NULL,
+ (VOID **) &FtwProtocol
+ );
+ }
if (!EFI_ERROR (Status)) {
return EFI_SUCCESS;
}
@@ -551,31 +603,45 @@ FvbNotificationEvent (
//
// Install protocol interface
//
- Status = gSmst->SmmInstallProtocolInterface (
- &mFtwDevice->Handle,
- &gEfiSmmFaultTolerantWriteProtocolGuid,
- EFI_NATIVE_INTERFACE,
- &mFtwDevice->FtwInstance
- );
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gSmst->SmmInstallProtocolInterface (
+ &mFtwDevice->Handle,
+ &gEfiSmmFaultTolerantWriteProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &mFtwDevice->FtwInstance
+ );
+ } else {
+ Status = gMmst->MmInstallProtocolInterface (
+ &mFtwDevice->Handle,
+ &gEfiSmmFaultTolerantWriteProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &mFtwDevice->FtwInstance
+ );
+ }
ASSERT_EFI_ERROR (Status);
///
/// Register SMM FTW SMI handler
///
- Status = gSmst->SmiHandlerRegister (SmmFaultTolerantWriteHandler, &gEfiSmmFaultTolerantWriteProtocolGuid, &SmmFtwHandle);
- ASSERT_EFI_ERROR (Status);
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gSmst->SmiHandlerRegister (SmmFaultTolerantWriteHandler, &gEfiSmmFaultTolerantWriteProtocolGuid, &SmmFtwHandle);
+ ASSERT_EFI_ERROR (Status);
- //
- // Notify the Ftw wrapper driver SMM Ftw is ready
- //
- FtwHandle = NULL;
- Status = gBS->InstallProtocolInterface (
+ //
+ // Notify the Ftw wrapper driver SMM Ftw is ready
+ //
+ FtwHandle = NULL;
+ Status = gBS->InstallProtocolInterface (
&FtwHandle,
&gEfiSmmFaultTolerantWriteProtocolGuid,
EFI_NATIVE_INTERFACE,
NULL
);
- ASSERT_EFI_ERROR (Status);
+ ASSERT_EFI_ERROR (Status);
+ } else {
+ Status = gMmst->MmiHandlerRegister (SmmFaultTolerantWriteHandler, &gEfiSmmFaultTolerantWriteProtocolGuid, &SmmFtwHandle);
+ ASSERT_EFI_ERROR (Status);
+ }
return EFI_SUCCESS;
}
@@ -655,3 +721,42 @@ SmmFaultTolerantWriteInitialize (
return EFI_SUCCESS;
}
+
+/**
+ This function is the entry point of the Fault Tolerant Write driver.
+
+ @param[in] ImageHandle A handle for the image that is initializing this driver
+ @param[in] SystemTable A pointer to the EFI system table
+
+ @retval EFI_SUCCESS The initialization finished successfully.
+ @retval EFI_OUT_OF_RESOURCES Allocate memory error
+ @retval EFI_INVALID_PARAMETER Workspace or Spare block does not exist
+
+**/
+EFI_STATUS
+EFIAPI
+StandaloneMmFaultTolerantWriteInitialize (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_MM_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // Allocate private data structure for SMM FTW protocol and do some initialization
+ //
+ Status = InitFtwDevice (&mFtwDevice);
+ if (EFI_ERROR(Status)) {
+ return Status;
+ }
+ Status = gMmst->MmRegisterProtocolNotify (
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ FvbNotificationEvent,
+ &mFvbRegistration
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ FvbNotificationEvent (NULL, NULL, NULL);
+
+ return EFI_SUCCESS;
+}
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
index 50d3421b88bb..85af89a5aa80 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
@@ -3,6 +3,7 @@
Internal functions to operate Working Block Space.
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -57,19 +58,21 @@ InitializeLocalWorkSpaceHeader (
);
mWorkingBlockHeader.WriteQueueSize = PcdGet32 (PcdFlashNvStorageFtwWorkingSize) - sizeof (EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER);
- //
- // Crc is calculated with all the fields except Crc and STATE, so leave them as FTW_ERASED_BYTE.
- //
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ //
+ // Crc is calculated with all the fields except Crc and STATE, so leave them as FTW_ERASED_BYTE.
+ //
- //
- // Calculate the Crc of woking block header
- //
- Status = gBS->CalculateCrc32 (
- &mWorkingBlockHeader,
- sizeof (EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER),
- &mWorkingBlockHeader.Crc
- );
- ASSERT_EFI_ERROR (Status);
+ //
+ // Calculate the Crc of woking block header
+ //
+ Status = gBS->CalculateCrc32 (
+ &mWorkingBlockHeader,
+ sizeof (EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER),
+ &mWorkingBlockHeader.Crc
+ );
+ ASSERT_EFI_ERROR (Status);
+ }
mWorkingBlockHeader.WorkingBlockValid = FTW_VALID_STATE;
mWorkingBlockHeader.WorkingBlockInvalid = FTW_INVALID_STATE;
--
2.7.4
^ permalink raw reply related [flat|nested] 15+ messages in thread* [RFC PATCH v3 06/11] MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM Standalone
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (4 preceding siblings ...)
2018-11-28 9:35 ` [RFC PATCH v3 05/11] MdeModulePkg/FaultTolerantWriteDxe: " Jagadeesh Ujja
@ 2018-11-28 9:35 ` Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 07/11] MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver Jagadeesh Ujja
` (5 subsequent siblings)
11 siblings, 0 replies; 15+ messages in thread
From: Jagadeesh Ujja @ 2018-11-28 9:35 UTC (permalink / raw)
To: edk2-devel, liming.gao, chao.b.zhang, leif.lindholm,
ard.biesheuvel
Adapt the VariableSmmRuntimeDxe driver to communicate with a VariableSmm
driver that is implemented as a MM Standalone driver.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf | 2 ++
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf | 4 +++
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 31 +++++++++++++-------
3 files changed, 26 insertions(+), 11 deletions(-)
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
index 868981ccaf30..f414b461d81c 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
@@ -51,6 +51,7 @@ [Sources]
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
MemoryAllocationLib
@@ -135,6 +136,7 @@ [Pcd]
[FeaturePcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.
gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang
+ gStandaloneMmPkgTokenSpaceGuid.PcdStandaloneMmEnable
[Depex]
TRUE
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
index bd73f7ac29f2..b409fa2f5844 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
@@ -48,6 +48,7 @@ [Sources]
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
MemoryAllocationLib
@@ -87,6 +88,9 @@ [Guids]
## SOMETIMES_CONSUMES ## Variable:L"dbt"
gEfiImageSecurityDatabaseGuid
+[FeaturePcd]
+ gStandaloneMmPkgTokenSpaceGuid.PcdStandaloneMmEnable
+
[Depex]
gEfiSmmCommunicationProtocolGuid
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 85d655dc19ff..da4af5f30ea2 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -14,6 +14,8 @@
InitCommunicateBuffer() is really function to check the variable data size.
Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
+
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -179,7 +181,11 @@ SendCommunicateBuffer (
SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader;
CommSize = DataSize + SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;
- Status = mSmmCommunication->Communicate (mSmmCommunication, mVariableBufferPhysical, &CommSize);
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = mSmmCommunication->Communicate (mSmmCommunication, mVariableBuffer, &CommSize);
+ } else {
+ Status = mSmmCommunication->Communicate (mSmmCommunication, mVariableBufferPhysical, &CommSize);
+ }
ASSERT_EFI_ERROR (Status);
SmmCommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *) mVariableBuffer;
@@ -991,9 +997,11 @@ SmmVariableReady (
{
EFI_STATUS Status;
- Status = gBS->LocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID **)&mSmmVariable);
- if (EFI_ERROR (Status)) {
- return;
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gBS->LocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID **)&mSmmVariable);
+ if (EFI_ERROR (Status)) {
+ return;
+ }
}
Status = gBS->LocateProtocol (&gEfiSmmCommunicationProtocolGuid, NULL, (VOID **) &mSmmCommunication);
@@ -1069,13 +1077,14 @@ SmmVariableWriteReady (
{
EFI_STATUS Status;
VOID *ProtocolOps;
-
- //
- // Check whether the protocol is installed or not.
- //
- Status = gBS->LocateProtocol (&gSmmVariableWriteGuid, NULL, (VOID **) &ProtocolOps);
- if (EFI_ERROR (Status)) {
- return;
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ //
+ // Check whether the protocol is installed or not.
+ //
+ Status = gBS->LocateProtocol (&gSmmVariableWriteGuid, NULL, (VOID **) &ProtocolOps);
+ if (EFI_ERROR (Status)) {
+ return;
+ }
}
//
--
2.7.4
^ permalink raw reply related [flat|nested] 15+ messages in thread* [RFC PATCH v3 07/11] MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (5 preceding siblings ...)
2018-11-28 9:35 ` [RFC PATCH v3 06/11] MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM Standalone Jagadeesh Ujja
@ 2018-11-28 9:35 ` Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 08/11] SecurityPkg/AuthVariableLib: allow MM_STANDALONE drivers to use this library Jagadeesh Ujja
` (4 subsequent siblings)
11 siblings, 0 replies; 15+ messages in thread
From: Jagadeesh Ujja @ 2018-11-28 9:35 UTC (permalink / raw)
To: edk2-devel, liming.gao, chao.b.zhang, leif.lindholm,
ard.biesheuvel
Adapt the variable runtime dxe driver to be used as a MM_STANDALONE
driver to provide variable storage service in MM Standalone mode.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
MdeModulePkg/Universal/Variable/RuntimeDxe/{VariableSmm.inf => VariableStandaloneMm.inf} | 43 ++---
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 37 ++--
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 201 ++++++++++++++++----
3 files changed, 195 insertions(+), 86 deletions(-)
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
similarity index 75%
copy from MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
copy to MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
index 2fe72ff8a442..35654f5cfc9d 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
@@ -1,24 +1,13 @@
## @file
-# Provides SMM variable service.
+# Provides MM variable service.
#
-# This module installs SMM variable protocol into SMM protocol database,
-# which can be used by SMM driver, and installs SMM variable protocol
-# into BS protocol database, which can be used to notify the SMM Runtime
-# Dxe driver that the SMM variable service is ready.
-# This module should be used with SMM Runtime DXE module together. The
-# SMM Runtime DXE module would install variable arch protocol and variable
-# write arch protocol based on SMM variable module.
-#
-# Caution: This module requires additional review when modified.
-# This driver will have external input - variable data and communicate buffer in SMM mode.
-# This external input must be validated carefully to avoid security issues such as
-# buffer overflow or integer overflow.
-# The whole SMM authentication variable design relies on the integrity of flash part and SMM.
-# which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory
+# The whole MM authentication variable design relies on the integrity of flash part and MM.
+# which is assumed to be protected by platform. All variable code and metadata in flash/MM Memory
# may not be modified without authorization. If platform fails to protect these resources,
# the authentication service provided in this driver will be broken, and the behavior is undefined.
#
# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -29,22 +18,21 @@
##
[Defines]
- INF_VERSION = 0x00010005
+ INF_VERSION = 0x0001000A
BASE_NAME = VariableSmm
MODULE_UNI_FILE = VariableSmm.uni
FILE_GUID = 23A089B3-EED5-4ac5-B2AB-43E3298C2343
- MODULE_TYPE = DXE_SMM_DRIVER
+ MODULE_TYPE = MM_STANDALONE
VERSION_STRING = 1.0
- PI_SPECIFICATION_VERSION = 0x0001000A
- ENTRY_POINT = VariableServiceInitialize
+ PI_SPECIFICATION_VERSION = 0x00010032
+ ENTRY_POINT = StandaloneMmVariableServiceInitialize
#
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
#
-
[Sources]
Reclaim.c
Variable.c
@@ -59,23 +47,21 @@ [Sources]
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
- UefiDriverEntryPoint
+ StandaloneMmDriverEntryPoint
MemoryAllocationLib
BaseLib
SynchronizationLib
- UefiLib
- SmmServicesTableLib
BaseMemoryLib
DebugLib
- DxeServicesTableLib
HobLib
PcdLib
- SmmMemLib
AuthVariableLib
VarCheckLib
- UefiBootServicesTableLib
+ MemLib
+ MmServicesTableLib
[Protocols]
gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES
@@ -85,7 +71,7 @@ [Protocols]
## PRODUCES
## UNDEFINED # SmiHandlerRegister
gEfiSmmVariableProtocolGuid
- gEfiSmmEndOfDxeProtocolGuid ## NOTIFY
+ ##gEfiSmmEndOfDxeProtocolGuid ## NOTIFY
gEdkiiSmmVarCheckProtocolGuid ## PRODUCES
gEfiTcgProtocolGuid ## SOMETIMES_CONSUMES
gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES
@@ -137,6 +123,7 @@ [Pcd]
[FeaturePcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.
gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang
+ gStandaloneMmPkgTokenSpaceGuid.PcdStandaloneMmEnable
[Depex]
TRUE
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 8e8db71bd201..226464c96411 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -18,6 +18,7 @@
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2015-2018 Hewlett Packard Enterprise Development LP<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -3247,19 +3248,21 @@ VariableServiceSetVariable (
}
}
- //
- // Special Handling for MOR Lock variable.
- //
- Status = SetVariableCheckHandlerMor (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize));
- if (Status == EFI_ALREADY_STARTED) {
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
//
- // EFI_ALREADY_STARTED means the SetVariable() action is handled inside of SetVariableCheckHandlerMor().
- // Variable driver can just return SUCCESS.
+ // Special Handling for MOR Lock variable.
//
- return EFI_SUCCESS;
- }
- if (EFI_ERROR (Status)) {
- return Status;
+ Status = SetVariableCheckHandlerMor (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize));
+ if (Status == EFI_ALREADY_STARTED) {
+ //
+ // EFI_ALREADY_STARTED means the SetVariable() action is handled inside of SetVariableCheckHandlerMor().
+ // Variable driver can just return SUCCESS.
+ //
+ return EFI_SUCCESS;
+ }
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
}
Status = VarCheckLibSetVariableCheck (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize), mRequestSource);
@@ -4068,12 +4071,14 @@ VariableWriteServiceInitialize (
}
}
- ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
- //
- // Initialize MOR Lock variable.
- //
- MorLockInit ();
+ //
+ // Initialize MOR Lock variable.
+ //
+ MorLockInit ();
+ }
return Status;
}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
index 6dc19c24dbc2..cbbb446669b6 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@@ -15,6 +15,7 @@
SmmVariableGetStatistics() should also do validation based on its own knowledge.
Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -34,6 +35,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/SmmServicesTableLib.h>
#include <Library/SmmMemLib.h>
+#include <Library/StandaloneMmMemLib.h>
+#include <Library/StandaloneMmServicesTableLib.h>
#include <Guid/SmmVariableCommon.h>
#include "Variable.h"
@@ -218,11 +221,19 @@ GetFtwProtocol (
//
// Locate Smm Fault Tolerent Write protocol
//
- Status = gSmst->SmmLocateProtocol (
- &gEfiSmmFaultTolerantWriteProtocolGuid,
- NULL,
- FtwProtocol
- );
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gMmst->MmLocateProtocol (
+ &gEfiSmmFaultTolerantWriteProtocolGuid,
+ NULL,
+ FtwProtocol
+ );
+ } else {
+ Status = gSmst->SmmLocateProtocol (
+ &gEfiSmmFaultTolerantWriteProtocolGuid,
+ NULL,
+ FtwProtocol
+ );
+ }
return Status;
}
@@ -248,11 +259,19 @@ GetFvbByHandle (
//
// To get the SMM FVB protocol interface on the handle
//
- return gSmst->SmmHandleProtocol (
- FvBlockHandle,
- &gEfiSmmFirmwareVolumeBlockProtocolGuid,
- (VOID **) FvBlock
- );
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ return gMmst->MmHandleProtocol (
+ FvBlockHandle,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ (VOID **) FvBlock
+ );
+ } else {
+ return gSmst->SmmHandleProtocol (
+ FvBlockHandle,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ (VOID **) FvBlock
+ );
+ }
}
@@ -287,13 +306,23 @@ GetFvbCountAndBuffer (
BufferSize = 0;
*NumberHandles = 0;
*Buffer = NULL;
- Status = gSmst->SmmLocateHandle (
- ByProtocol,
- &gEfiSmmFirmwareVolumeBlockProtocolGuid,
- NULL,
- &BufferSize,
- *Buffer
- );
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gMmst->MmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ } else {
+ Status = gSmst->SmmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ }
if (EFI_ERROR(Status) && Status != EFI_BUFFER_TOO_SMALL) {
return EFI_NOT_FOUND;
}
@@ -303,14 +332,23 @@ GetFvbCountAndBuffer (
return EFI_OUT_OF_RESOURCES;
}
- Status = gSmst->SmmLocateHandle (
- ByProtocol,
- &gEfiSmmFirmwareVolumeBlockProtocolGuid,
- NULL,
- &BufferSize,
- *Buffer
- );
-
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gMmst->MmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ } else {
+ Status = gSmst->SmmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ }
*NumberHandles = BufferSize / sizeof(EFI_HANDLE);
if (EFI_ERROR(Status)) {
*NumberHandles = 0;
@@ -499,10 +537,16 @@ SmmVariableHandler (
DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer payload size invalid!\n"));
return EFI_SUCCESS;
}
-
- if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
- DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
- return EFI_SUCCESS;
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ if (!MmIsBufferOutsideMmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+ DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
+ return EFI_SUCCESS;
+ }
+ } else {
+ if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+ DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
+ return EFI_SUCCESS;
+ }
}
SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *)CommBuffer;
@@ -691,13 +735,17 @@ SmmVariableHandler (
break;
}
if (!mEndOfDxe) {
- MorLockInitAtEndOfDxe ();
- mEndOfDxe = TRUE;
- VarCheckLibInitializeAtEndOfDxe (NULL);
- //
- // The initialization for variable quota.
- //
- InitializeVariableQuota ();
+ if (!PcdGetBool (PcdStandaloneMmEnable)){
+ MorLockInitAtEndOfDxe ();
+ mEndOfDxe = TRUE;
+ VarCheckLibInitializeAtEndOfDxe (NULL);
+ //
+ // The initialization for variable quota.
+ //
+ InitializeVariableQuota ();
+ } else {
+ mEndOfDxe = TRUE;
+ }
}
ReclaimForOS ();
Status = EFI_SUCCESS;
@@ -911,12 +959,22 @@ SmmFtwNotificationEvent (
//
// Notify the variable wrapper driver the variable write service is ready
//
- Status = gBS->InstallProtocolInterface (
- &mSmmVariableHandle,
- &gSmmVariableWriteGuid,
- EFI_NATIVE_INTERFACE,
- NULL
- );
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gMmst->MmInstallProtocolInterface (
+ &mSmmVariableHandle,
+ &gSmmVariableWriteGuid,
+ EFI_NATIVE_INTERFACE,
+ NULL
+ );
+ } else {
+ Status = gBS->InstallProtocolInterface (
+ &mSmmVariableHandle,
+ &gSmmVariableWriteGuid,
+ EFI_NATIVE_INTERFACE,
+ NULL
+ );
+ }
+
ASSERT_EFI_ERROR (Status);
return EFI_SUCCESS;
@@ -1026,4 +1084,63 @@ VariableServiceInitialize (
return EFI_SUCCESS;
}
+/**
+ Variable Driver main entry point. The Variable driver places the 4 EFI
+ runtime services in the EFI System Table and installs arch protocols
+ for variable read and write services being available. It also registers
+ a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
+
+ @param[in] ImageHandle The firmware allocated handle for the EFI image.
+ @param[in] SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS Variable service successfully initialized.
+
+**/
+EFI_STATUS
+EFIAPI
+StandaloneMmVariableServiceInitialize (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_MM_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+ EFI_HANDLE VariableHandle;
+ VOID *SmmFtwRegistration;
+
+ //
+ // Variable initialize.
+ //
+ Status = VariableCommonInitialize ();
+ ASSERT_EFI_ERROR (Status);
+
+ mVariableBufferPayloadSize = GetMaxVariableSize () +
+ OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) - GetVariableHeaderSize ();
+
+ Status = gMmst->MmAllocatePool (
+ EfiRuntimeServicesData,
+ mVariableBufferPayloadSize,
+ (VOID **)&mVariableBufferPayload
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ ///
+ /// Register SMM variable SMI handler
+ ///
+ VariableHandle = NULL;
+ Status = gMmst->MmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle);
+ ASSERT_EFI_ERROR (Status);
+ //
+ // Register FtwNotificationEvent () notify function.
+ //
+ Status = gMmst->MmRegisterProtocolNotify (
+ &gEfiSmmFaultTolerantWriteProtocolGuid,
+ SmmFtwNotificationEvent,
+ &SmmFtwRegistration
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ SmmFtwNotificationEvent (NULL, NULL, NULL);
+
+ return EFI_SUCCESS;
+}
--
2.7.4
^ permalink raw reply related [flat|nested] 15+ messages in thread* [RFC PATCH v3 08/11] SecurityPkg/AuthVariableLib: allow MM_STANDALONE drivers to use this library
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (6 preceding siblings ...)
2018-11-28 9:35 ` [RFC PATCH v3 07/11] MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver Jagadeesh Ujja
@ 2018-11-28 9:35 ` Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 09/11] MdeModulePkg/VarCheckLib: " Jagadeesh Ujja
` (3 subsequent siblings)
11 siblings, 0 replies; 15+ messages in thread
From: Jagadeesh Ujja @ 2018-11-28 9:35 UTC (permalink / raw)
To: edk2-devel, liming.gao, chao.b.zhang, leif.lindholm,
ard.biesheuvel
“AuthVariableLib” library can be used by MM_STANDALONE drivers as well.
So add MM_STANDALONE as the module type this library supports
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
---
SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
index 572ba4e120d2..4294d3b1b0b8 100644
--- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
+++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
@@ -2,6 +2,7 @@
# Provides authenticated variable services.
#
# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions
@@ -21,12 +22,12 @@ [Defines]
FILE_GUID = B23CF5FB-6FCC-4422-B145-D855DBC05457
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = AuthVariableLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER
+ LIBRARY_CLASS = AuthVariableLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER MM_STANDALONE
#
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
#
[Sources]
--
2.7.4
^ permalink raw reply related [flat|nested] 15+ messages in thread* [RFC PATCH v3 09/11] MdeModulePkg/VarCheckLib: allow MM_STANDALONE drivers to use this library
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (7 preceding siblings ...)
2018-11-28 9:35 ` [RFC PATCH v3 08/11] SecurityPkg/AuthVariableLib: allow MM_STANDALONE drivers to use this library Jagadeesh Ujja
@ 2018-11-28 9:35 ` Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 10/11] CryptoPkg/BaseCryptLib: " Jagadeesh Ujja
` (2 subsequent siblings)
11 siblings, 0 replies; 15+ messages in thread
From: Jagadeesh Ujja @ 2018-11-28 9:35 UTC (permalink / raw)
To: edk2-devel, liming.gao, chao.b.zhang, leif.lindholm,
ard.biesheuvel
“VarCheckLib” library can be used by MM_STANDALONE drivers as well.
So add MM_STANDALONE as the module type this library supports
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf b/MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
index 099f83dd6aee..c8cf81063e06 100644
--- a/MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
+++ b/MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
@@ -2,6 +2,7 @@
# Provides variable check services and database management.
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions
@@ -21,12 +22,12 @@ [Defines]
FILE_GUID = 63E12D08-0C5D-47F8-95E4-09F89D7506C5
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = VarCheckLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER
+ LIBRARY_CLASS = VarCheckLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER MM_STANDALONE
#
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
#
[Sources]
--
2.7.4
^ permalink raw reply related [flat|nested] 15+ messages in thread* [RFC PATCH v3 10/11] CryptoPkg/BaseCryptLib: allow MM_STANDALONE drivers to use this library
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (8 preceding siblings ...)
2018-11-28 9:35 ` [RFC PATCH v3 09/11] MdeModulePkg/VarCheckLib: " Jagadeesh Ujja
@ 2018-11-28 9:35 ` Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 11/11] CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode Jagadeesh Ujja
2018-11-29 15:57 ` [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Gao, Liming
11 siblings, 0 replies; 15+ messages in thread
From: Jagadeesh Ujja @ 2018-11-28 9:35 UTC (permalink / raw)
To: edk2-devel, liming.gao, chao.b.zhang, leif.lindholm,
ard.biesheuvel
“BaseCryptLib” library can be used by MM_STANDALONE drivers as well.
So add MM_STANDALONE as the module type this library supports
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index f29445ce3402..c8aafefbab9c 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -7,6 +7,7 @@
# buffer overflow or integer overflow.
#
# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -24,7 +25,7 @@ [Defines]
FILE_GUID = be3bb803-91b6-4da0-bd91-a8b21c18ca5d
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = BaseCryptLib|DXE_DRIVER DXE_CORE UEFI_APPLICATION UEFI_DRIVER
+ LIBRARY_CLASS = BaseCryptLib|DXE_DRIVER DXE_CORE UEFI_APPLICATION UEFI_DRIVER MM_STANDALONE
#
# The following information is for reference only and not required by the build tools.
--
2.7.4
^ permalink raw reply related [flat|nested] 15+ messages in thread* [RFC PATCH v3 11/11] CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (9 preceding siblings ...)
2018-11-28 9:35 ` [RFC PATCH v3 10/11] CryptoPkg/BaseCryptLib: " Jagadeesh Ujja
@ 2018-11-28 9:35 ` Jagadeesh Ujja
2018-11-30 8:15 ` Ye, Ting
2018-11-29 15:57 ` [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Gao, Liming
11 siblings, 1 reply; 15+ messages in thread
From: Jagadeesh Ujja @ 2018-11-28 9:35 UTC (permalink / raw)
To: edk2-devel, liming.gao, chao.b.zhang, leif.lindholm,
ard.biesheuvel
This is hack to get the time when executing in MM Standalone mode. It is
not clear how to implement a function that gets the current time. So
using this as a hack for now.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 5 ++++
CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 5 ++++
CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 27 +++++++++++++++-----
3 files changed, 31 insertions(+), 6 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index c8aafefbab9c..df4aca6c20e2 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -76,6 +76,7 @@ [Sources.AARCH64]
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
BaseLib
@@ -86,6 +87,10 @@ [LibraryClasses]
OpensslLib
IntrinsicLib
PrintLib
+ PcdLib
+
+[FeaturePcd]
+ gStandaloneMmPkgTokenSpaceGuid.PcdStandaloneMmEnable
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index 32628c8835a6..651a6736ba48 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -80,6 +80,7 @@ [Sources.AARCH64]
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
BaseLib
@@ -91,6 +92,10 @@ [LibraryClasses]
OpensslLib
IntrinsicLib
PrintLib
+ PcdLib
+
+[FeaturePcd]
+ gStandaloneMmPkgTokenSpaceGuid.PcdStandaloneMmEnable
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
index 5f9b0c20d75d..d01b5c5fc113 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
@@ -3,6 +3,7 @@
for OpenSSL-based Cryptographic Library (used in DXE & RUNTIME).
Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -77,12 +78,26 @@ time_t time (time_t *timer)
time_t CalTime;
UINTN Year;
- //
- // Get the current time and date information
- //
- Status = gRT->GetTime (&Time, NULL);
- if (EFI_ERROR (Status) || (Time.Year < 1970)) {
- return 0;
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ //
+ // Get the current time and date information
+ //
+ Status = gRT->GetTime (&Time, NULL);
+ if (EFI_ERROR (Status) || (Time.Year < 1970)) {
+ return 0;
+ }
+ } else {
+ //
+ //[ToDo] Find out a way to get the current time for code executing as MM_STANDALONE
+ //
+ Time.Year = 2007;
+ Time.Month = 11;
+ Time.Day = 29;
+ Time.Hour = 17;
+ Time.Minute = 43;
+ Time.Second = 30;
+
+ Year = (UINTN) (Time.Year % 100);
}
//
--
2.7.4
^ permalink raw reply related [flat|nested] 15+ messages in thread* Re: [RFC PATCH v3 11/11] CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode
2018-11-28 9:35 ` [RFC PATCH v3 11/11] CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode Jagadeesh Ujja
@ 2018-11-30 8:15 ` Ye, Ting
0 siblings, 0 replies; 15+ messages in thread
From: Ye, Ting @ 2018-11-30 8:15 UTC (permalink / raw)
To: Jagadeesh Ujja, edk2-devel@lists.01.org, Gao, Liming,
Zhang, Chao B, leif.lindholm@linaro.org,
ard.biesheuvel@linaro.org
Hi Jagadeesh,
I don't suggest to update BaseCryptLib to use a PCD in StandaloneMmPkg, it makes other consumer of BaseCryptLib has dependency of StandaloneMmPkg.
Also ToDo code below is not acceptable to me. I am thinking you could consider creating a new instance for BaseCryptLib such as "MmCryptLib" if the update to TimerWrapp.c is necessary for MM Standalone mode.
Thanks,
Ting
-----Original Message-----
From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jagadeesh Ujja
Sent: Wednesday, November 28, 2018 5:35 PM
To: edk2-devel@lists.01.org; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>; leif.lindholm@linaro.org; ard.biesheuvel@linaro.org
Subject: [edk2] [RFC PATCH v3 11/11] CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode
This is hack to get the time when executing in MM Standalone mode. It is not clear how to implement a function that gets the current time. So using this as a hack for now.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 5 ++++
CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 5 ++++
CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 27 +++++++++++++++-----
3 files changed, 31 insertions(+), 6 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index c8aafefbab9c..df4aca6c20e2 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -76,6 +76,7 @@ [Sources.AARCH64]
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
BaseLib
@@ -86,6 +87,10 @@ [LibraryClasses]
OpensslLib
IntrinsicLib
PrintLib
+ PcdLib
+
+[FeaturePcd]
+ gStandaloneMmPkgTokenSpaceGuid.PcdStandaloneMmEnable
#
# Remove these [BuildOptions] after this library is cleaned up diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index 32628c8835a6..651a6736ba48 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -80,6 +80,7 @@ [Sources.AARCH64]
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
BaseLib
@@ -91,6 +92,10 @@ [LibraryClasses]
OpensslLib
IntrinsicLib
PrintLib
+ PcdLib
+
+[FeaturePcd]
+ gStandaloneMmPkgTokenSpaceGuid.PcdStandaloneMmEnable
#
# Remove these [BuildOptions] after this library is cleaned up diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
index 5f9b0c20d75d..d01b5c5fc113 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
@@ -3,6 +3,7 @@
for OpenSSL-based Cryptographic Library (used in DXE & RUNTIME).
Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -77,12 +78,26 @@ time_t time (time_t *timer)
time_t CalTime;
UINTN Year;
- //
- // Get the current time and date information
- //
- Status = gRT->GetTime (&Time, NULL);
- if (EFI_ERROR (Status) || (Time.Year < 1970)) {
- return 0;
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ //
+ // Get the current time and date information
+ //
+ Status = gRT->GetTime (&Time, NULL);
+ if (EFI_ERROR (Status) || (Time.Year < 1970)) {
+ return 0;
+ }
+ } else {
+ //
+ //[ToDo] Find out a way to get the current time for code executing as MM_STANDALONE
+ //
+ Time.Year = 2007;
+ Time.Month = 11;
+ Time.Day = 29;
+ Time.Hour = 17;
+ Time.Minute = 43;
+ Time.Second = 30;
+
+ Year = (UINTN) (Time.Year % 100);
}
//
--
2.7.4
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply related [flat|nested] 15+ messages in thread
* Re: [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (10 preceding siblings ...)
2018-11-28 9:35 ` [RFC PATCH v3 11/11] CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode Jagadeesh Ujja
@ 2018-11-29 15:57 ` Gao, Liming
2018-12-11 5:28 ` jagadeesh ujja
11 siblings, 1 reply; 15+ messages in thread
From: Gao, Liming @ 2018-11-29 15:57 UTC (permalink / raw)
To: Jagadeesh Ujja, edk2-devel@lists.01.org, Zhang, Chao B,
leif.lindholm@linaro.org, ard.biesheuvel@linaro.org
My comment is below.
1. Please don't update MemoryFence() implementation. It will impact all consumer code. AsmLfence() is X86 specific API. You can implement the internal function in the arch specific source file to call AsmLfence() for X86 and call MemoryFence() for ARM. This internal function will be called in the common logic.
2. On StandaloneMmServicesTableLib.h, I suggest to add it into MdePkg, and add StandaloneMmRuntimeDxe library into MdePkg. This library sets gMmst is NULL, and always return FALSE in InMm().
3. On PcdStandaloneMmEnable, I also suggest to add it into MdePkg. It can be used to control the driver logic in the different packages.
With 2 & 3, other edk2 packages don't need to depend on StandaloneMmPkg/StandaloneMmPkg.dec
> -----Original Message-----
> From: Jagadeesh Ujja [mailto:jagadeesh.ujja@arm.com]
> Sent: Wednesday, November 28, 2018 5:35 PM
> To: edk2-devel@lists.01.org; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>; leif.lindholm@linaro.org;
> ard.biesheuvel@linaro.org
> Subject: [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM
>
> Changes since v2:
> - Added 'Contributed-under' tag, removed Change-ID tag and
> maintained a single signed-off-by for the all the patches.
>
> Changes since v1:
> - Addressed all the comments from Liming Gao
> - Removed the use of #ifdef/#else/#endif and used a Pcd instead to
> select between MM and non-MM paths.
> - Removed all dependencies on edk2-platforms.
> - Dropped the use of mMmst and used gSmst instead.
> - Added a dummy implementation UefiRuntimeServiceTableLib for
> MM_STANDALONE usage
> - Replaced all uses of AsmLfence with MemoryFence from variable
> service code.
> - Add a new StandaloneMmRuntimeDxe library to for use by non-MM code.
>
> This RFC patch series extends the existing secure variable service support for
> use with Standalone MM. This is applicable to paltforms that use Standalone
> Management Mode to protect access to non-volatile memory (NOR flash in case
> of these patches) used to store the secure EFI variables.
>
> The first patch pulls in additional libraries from the staging branch of
> StandaloneMmPkg into the edk2's StandaloneMmPkg. The existing secure variable
> service implementation supports only the traditional MM mode and so the rest
> of the patches extends the existing secure variable service support to be
> useable with Standalone MM mode as well.
>
> This patch series is being posted as an RFC to get feedback on the approach taken
> in these patches.
>
> Jagadeesh Ujja (11):
> MdeModulePkg/Variable: replace all uses of AsmLfence with MemoryFence
> StandaloneMmPkg: Pull in additonal libraries from staging branch
> MdeModulePkg/Library: Add StandaloneMmRuntimeDxe library
> ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver
> MdeModulePkg/FaultTolerantWriteDxe: allow reusability as a MM driver
> MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM
> Standalone
> MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver
> SecurityPkg/AuthVariableLib: allow MM_STANDALONE drivers to use this
> library
> MdeModulePkg/VarCheckLib: allow MM_STANDALONE drivers to use this
> library
> CryptoPkg/BaseCryptLib: allow MM_STANDALONE drivers to use this
> library
> CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode
>
> ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
> | 3 +
> ArmPlatformPkg/Drivers/NorFlashDxe/{NorFlashDxe.inf => NorFlashStandaloneMm.inf}
> | 28 +-
> CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> | 8 +-
> CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> | 5 +
> MdeModulePkg/Library/{VarCheckLib/VarCheckLib.inf => StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.inf}
> | 22 +-
> MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
> | 5 +-
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
> | 2 +
> MdeModulePkg/Universal/FaultTolerantWriteDxe/{FaultTolerantWriteDxe.inf => FaultTolerantWriteStandaloneMm.inf} |
> 53 +-
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> | 2 +
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
> | 4 +
> MdeModulePkg/Universal/Variable/RuntimeDxe/{VariableRuntimeDxe.inf => VariableStandaloneMm.inf}
> | 107 ++-
> SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
> | 5 +-
> StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
> | 2 +-
> StandaloneMmPkg/Library/{StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf =>
> StandaloneMmHobLib/StandaloneMmHobLib.inf} | 11 +-
> StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
> | 45 ++
> StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
> | 36 +
> ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h
> | 5 +-
> MdeModulePkg/Include/Library/StandaloneMmRuntimeDxe.h
> | 39 +
> StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h
> | 47 ++
> ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashBlockIoDxe.c
> | 2 +-
> ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c
> | 211 ++++-
> ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c
> | 88 ++-
> CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> | 27 +-
> MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.c
> | 36 +
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
> | 207 +++--
> MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
> | 27 +-
> MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c
> | 2 +-
> MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> | 37 +-
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> | 201 ++++-
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
> | 31 +-
> MdePkg/Library/BaseLib/X86MemoryFence.c
> | 2 +-
> StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
> | 64 ++
> StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
> | 655 ++++++++++++++++
> StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
> | 824 ++++++++++++++++++++
> StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
> | 64 ++
> 35 files changed, 2564 insertions(+), 343 deletions(-)
> copy ArmPlatformPkg/Drivers/NorFlashDxe/{NorFlashDxe.inf => NorFlashStandaloneMm.inf} (71%)
> copy MdeModulePkg/Library/{VarCheckLib/VarCheckLib.inf => StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.inf} (51%)
> copy MdeModulePkg/Universal/FaultTolerantWriteDxe/{FaultTolerantWriteDxe.inf => FaultTolerantWriteStandaloneMm.inf} (54%)
> copy MdeModulePkg/Universal/Variable/RuntimeDxe/{VariableRuntimeDxe.inf => VariableStandaloneMm.inf} (54%)
> copy StandaloneMmPkg/Library/{StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf =>
> StandaloneMmHobLib/StandaloneMmHobLib.inf} (79%)
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
> create mode 100644 MdeModulePkg/Include/Library/StandaloneMmRuntimeDxe.h
> create mode 100644 StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h
> create mode 100644 MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.c
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
>
> --
> 2.7.4
^ permalink raw reply [flat|nested] 15+ messages in thread* Re: [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM
2018-11-29 15:57 ` [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Gao, Liming
@ 2018-12-11 5:28 ` jagadeesh ujja
0 siblings, 0 replies; 15+ messages in thread
From: jagadeesh ujja @ 2018-12-11 5:28 UTC (permalink / raw)
To: liming.gao; +Cc: edk2-devel, chao.b.zhang, leif.lindholm, ard.biesheuvel
Hi Liming,
On Thu, Nov 29, 2018 at 9:27 PM Gao, Liming <liming.gao@intel.com> wrote:
>
> My comment is below.
>
> 1. Please don't update MemoryFence() implementation. It will impact all consumer code. AsmLfence() is X86 specific API. You can implement the internal function in the arch specific source file to call AsmLfence() for X86 and call MemoryFence() for ARM. This internal function will be called in the common logic.
> 2. On StandaloneMmServicesTableLib.h, I suggest to add it into MdePkg, and add StandaloneMmRuntimeDxe library into MdePkg. This library sets gMmst is NULL, and always return FALSE in InMm().
> 3. On PcdStandaloneMmEnable, I also suggest to add it into MdePkg. It can be used to control the driver logic in the different packages.
>
> With 2 & 3, other edk2 packages don't need to depend on StandaloneMmPkg/StandaloneMmPkg.dec
Thank you for your comments. All your comments have been addressed and
the next version of this patchset will include appropriate changes
based on your comments.
Regards,
Jagadeesh.
>
> > -----Original Message-----
> > From: Jagadeesh Ujja [mailto:jagadeesh.ujja@arm.com]
> > Sent: Wednesday, November 28, 2018 5:35 PM
> > To: edk2-devel@lists.01.org; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>; leif.lindholm@linaro.org;
> > ard.biesheuvel@linaro.org
> > Subject: [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM
> >
> > Changes since v2:
> > - Added 'Contributed-under' tag, removed Change-ID tag and
> > maintained a single signed-off-by for the all the patches.
> >
> > Changes since v1:
> > - Addressed all the comments from Liming Gao
> > - Removed the use of #ifdef/#else/#endif and used a Pcd instead to
> > select between MM and non-MM paths.
> > - Removed all dependencies on edk2-platforms.
> > - Dropped the use of mMmst and used gSmst instead.
> > - Added a dummy implementation UefiRuntimeServiceTableLib for
> > MM_STANDALONE usage
> > - Replaced all uses of AsmLfence with MemoryFence from variable
> > service code.
> > - Add a new StandaloneMmRuntimeDxe library to for use by non-MM code.
> >
> > This RFC patch series extends the existing secure variable service support for
> > use with Standalone MM. This is applicable to paltforms that use Standalone
> > Management Mode to protect access to non-volatile memory (NOR flash in case
> > of these patches) used to store the secure EFI variables.
> >
> > The first patch pulls in additional libraries from the staging branch of
> > StandaloneMmPkg into the edk2's StandaloneMmPkg. The existing secure variable
> > service implementation supports only the traditional MM mode and so the rest
> > of the patches extends the existing secure variable service support to be
> > useable with Standalone MM mode as well.
> >
> > This patch series is being posted as an RFC to get feedback on the approach taken
> > in these patches.
> >
> > Jagadeesh Ujja (11):
> > MdeModulePkg/Variable: replace all uses of AsmLfence with MemoryFence
> > StandaloneMmPkg: Pull in additonal libraries from staging branch
> > MdeModulePkg/Library: Add StandaloneMmRuntimeDxe library
> > ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver
> > MdeModulePkg/FaultTolerantWriteDxe: allow reusability as a MM driver
> > MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM
> > Standalone
> > MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver
> > SecurityPkg/AuthVariableLib: allow MM_STANDALONE drivers to use this
> > library
> > MdeModulePkg/VarCheckLib: allow MM_STANDALONE drivers to use this
> > library
> > CryptoPkg/BaseCryptLib: allow MM_STANDALONE drivers to use this
> > library
> > CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode
> >
> > ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf
> > | 3 +
> > ArmPlatformPkg/Drivers/NorFlashDxe/{NorFlashDxe.inf => NorFlashStandaloneMm.inf}
> > | 28 +-
> > CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > | 8 +-
> > CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > | 5 +
> > MdeModulePkg/Library/{VarCheckLib/VarCheckLib.inf => StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.inf}
> > | 22 +-
> > MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
> > | 5 +-
> > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
> > | 2 +
> > MdeModulePkg/Universal/FaultTolerantWriteDxe/{FaultTolerantWriteDxe.inf => FaultTolerantWriteStandaloneMm.inf} |
> > 53 +-
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> > | 2 +
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
> > | 4 +
> > MdeModulePkg/Universal/Variable/RuntimeDxe/{VariableRuntimeDxe.inf => VariableStandaloneMm.inf}
> > | 107 ++-
> > SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
> > | 5 +-
> > StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
> > | 2 +-
> > StandaloneMmPkg/Library/{StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf =>
> > StandaloneMmHobLib/StandaloneMmHobLib.inf} | 11 +-
> > StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
> > | 45 ++
> > StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
> > | 36 +
> > ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h
> > | 5 +-
> > MdeModulePkg/Include/Library/StandaloneMmRuntimeDxe.h
> > | 39 +
> > StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h
> > | 47 ++
> > ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashBlockIoDxe.c
> > | 2 +-
> > ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c
> > | 211 ++++-
> > ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c
> > | 88 ++-
> > CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
> > | 27 +-
> > MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.c
> > | 36 +
> > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
> > | 207 +++--
> > MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
> > | 27 +-
> > MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c
> > | 2 +-
> > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > | 37 +-
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> > | 201 ++++-
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
> > | 31 +-
> > MdePkg/Library/BaseLib/X86MemoryFence.c
> > | 2 +-
> > StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
> > | 64 ++
> > StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
> > | 655 ++++++++++++++++
> > StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
> > | 824 ++++++++++++++++++++
> > StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
> > | 64 ++
> > 35 files changed, 2564 insertions(+), 343 deletions(-)
> > copy ArmPlatformPkg/Drivers/NorFlashDxe/{NorFlashDxe.inf => NorFlashStandaloneMm.inf} (71%)
> > copy MdeModulePkg/Library/{VarCheckLib/VarCheckLib.inf => StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.inf} (51%)
> > copy MdeModulePkg/Universal/FaultTolerantWriteDxe/{FaultTolerantWriteDxe.inf => FaultTolerantWriteStandaloneMm.inf} (54%)
> > copy MdeModulePkg/Universal/Variable/RuntimeDxe/{VariableRuntimeDxe.inf => VariableStandaloneMm.inf} (54%)
> > copy StandaloneMmPkg/Library/{StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf =>
> > StandaloneMmHobLib/StandaloneMmHobLib.inf} (79%)
> > create mode 100644 StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
> > create mode 100644 StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
> > create mode 100644 MdeModulePkg/Include/Library/StandaloneMmRuntimeDxe.h
> > create mode 100644 StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h
> > create mode 100644 MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.c
> > create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
> > create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
> > create mode 100644 StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
> > create mode 100644 StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
> >
> > --
> > 2.7.4
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 15+ messages in thread