From: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
To: edk2-devel@lists.01.org, liming.gao@intel.com,
chao.b.zhang@intel.com, leif.lindholm@linaro.org,
ard.biesheuvel@linaro.org
Subject: [RFC PATCH v3 07/11] MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver
Date: Wed, 28 Nov 2018 15:05:05 +0530 [thread overview]
Message-ID: <1543397709-31847-8-git-send-email-jagadeesh.ujja@arm.com> (raw)
In-Reply-To: <1543397709-31847-1-git-send-email-jagadeesh.ujja@arm.com>
Adapt the variable runtime dxe driver to be used as a MM_STANDALONE
driver to provide variable storage service in MM Standalone mode.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
MdeModulePkg/Universal/Variable/RuntimeDxe/{VariableSmm.inf => VariableStandaloneMm.inf} | 43 ++---
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 37 ++--
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 201 ++++++++++++++++----
3 files changed, 195 insertions(+), 86 deletions(-)
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
similarity index 75%
copy from MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
copy to MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
index 2fe72ff8a442..35654f5cfc9d 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
@@ -1,24 +1,13 @@
## @file
-# Provides SMM variable service.
+# Provides MM variable service.
#
-# This module installs SMM variable protocol into SMM protocol database,
-# which can be used by SMM driver, and installs SMM variable protocol
-# into BS protocol database, which can be used to notify the SMM Runtime
-# Dxe driver that the SMM variable service is ready.
-# This module should be used with SMM Runtime DXE module together. The
-# SMM Runtime DXE module would install variable arch protocol and variable
-# write arch protocol based on SMM variable module.
-#
-# Caution: This module requires additional review when modified.
-# This driver will have external input - variable data and communicate buffer in SMM mode.
-# This external input must be validated carefully to avoid security issues such as
-# buffer overflow or integer overflow.
-# The whole SMM authentication variable design relies on the integrity of flash part and SMM.
-# which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory
+# The whole MM authentication variable design relies on the integrity of flash part and MM.
+# which is assumed to be protected by platform. All variable code and metadata in flash/MM Memory
# may not be modified without authorization. If platform fails to protect these resources,
# the authentication service provided in this driver will be broken, and the behavior is undefined.
#
# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -29,22 +18,21 @@
##
[Defines]
- INF_VERSION = 0x00010005
+ INF_VERSION = 0x0001000A
BASE_NAME = VariableSmm
MODULE_UNI_FILE = VariableSmm.uni
FILE_GUID = 23A089B3-EED5-4ac5-B2AB-43E3298C2343
- MODULE_TYPE = DXE_SMM_DRIVER
+ MODULE_TYPE = MM_STANDALONE
VERSION_STRING = 1.0
- PI_SPECIFICATION_VERSION = 0x0001000A
- ENTRY_POINT = VariableServiceInitialize
+ PI_SPECIFICATION_VERSION = 0x00010032
+ ENTRY_POINT = StandaloneMmVariableServiceInitialize
#
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
#
-
[Sources]
Reclaim.c
Variable.c
@@ -59,23 +47,21 @@ [Sources]
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
- UefiDriverEntryPoint
+ StandaloneMmDriverEntryPoint
MemoryAllocationLib
BaseLib
SynchronizationLib
- UefiLib
- SmmServicesTableLib
BaseMemoryLib
DebugLib
- DxeServicesTableLib
HobLib
PcdLib
- SmmMemLib
AuthVariableLib
VarCheckLib
- UefiBootServicesTableLib
+ MemLib
+ MmServicesTableLib
[Protocols]
gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES
@@ -85,7 +71,7 @@ [Protocols]
## PRODUCES
## UNDEFINED # SmiHandlerRegister
gEfiSmmVariableProtocolGuid
- gEfiSmmEndOfDxeProtocolGuid ## NOTIFY
+ ##gEfiSmmEndOfDxeProtocolGuid ## NOTIFY
gEdkiiSmmVarCheckProtocolGuid ## PRODUCES
gEfiTcgProtocolGuid ## SOMETIMES_CONSUMES
gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES
@@ -137,6 +123,7 @@ [Pcd]
[FeaturePcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.
gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang
+ gStandaloneMmPkgTokenSpaceGuid.PcdStandaloneMmEnable
[Depex]
TRUE
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 8e8db71bd201..226464c96411 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -18,6 +18,7 @@
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2015-2018 Hewlett Packard Enterprise Development LP<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -3247,19 +3248,21 @@ VariableServiceSetVariable (
}
}
- //
- // Special Handling for MOR Lock variable.
- //
- Status = SetVariableCheckHandlerMor (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize));
- if (Status == EFI_ALREADY_STARTED) {
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
//
- // EFI_ALREADY_STARTED means the SetVariable() action is handled inside of SetVariableCheckHandlerMor().
- // Variable driver can just return SUCCESS.
+ // Special Handling for MOR Lock variable.
//
- return EFI_SUCCESS;
- }
- if (EFI_ERROR (Status)) {
- return Status;
+ Status = SetVariableCheckHandlerMor (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize));
+ if (Status == EFI_ALREADY_STARTED) {
+ //
+ // EFI_ALREADY_STARTED means the SetVariable() action is handled inside of SetVariableCheckHandlerMor().
+ // Variable driver can just return SUCCESS.
+ //
+ return EFI_SUCCESS;
+ }
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
}
Status = VarCheckLibSetVariableCheck (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize), mRequestSource);
@@ -4068,12 +4071,14 @@ VariableWriteServiceInitialize (
}
}
- ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
+ if (!PcdGetBool (PcdStandaloneMmEnable)) {
+ ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
- //
- // Initialize MOR Lock variable.
- //
- MorLockInit ();
+ //
+ // Initialize MOR Lock variable.
+ //
+ MorLockInit ();
+ }
return Status;
}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
index 6dc19c24dbc2..cbbb446669b6 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@@ -15,6 +15,7 @@
SmmVariableGetStatistics() should also do validation based on its own knowledge.
Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -34,6 +35,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/SmmServicesTableLib.h>
#include <Library/SmmMemLib.h>
+#include <Library/StandaloneMmMemLib.h>
+#include <Library/StandaloneMmServicesTableLib.h>
#include <Guid/SmmVariableCommon.h>
#include "Variable.h"
@@ -218,11 +221,19 @@ GetFtwProtocol (
//
// Locate Smm Fault Tolerent Write protocol
//
- Status = gSmst->SmmLocateProtocol (
- &gEfiSmmFaultTolerantWriteProtocolGuid,
- NULL,
- FtwProtocol
- );
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gMmst->MmLocateProtocol (
+ &gEfiSmmFaultTolerantWriteProtocolGuid,
+ NULL,
+ FtwProtocol
+ );
+ } else {
+ Status = gSmst->SmmLocateProtocol (
+ &gEfiSmmFaultTolerantWriteProtocolGuid,
+ NULL,
+ FtwProtocol
+ );
+ }
return Status;
}
@@ -248,11 +259,19 @@ GetFvbByHandle (
//
// To get the SMM FVB protocol interface on the handle
//
- return gSmst->SmmHandleProtocol (
- FvBlockHandle,
- &gEfiSmmFirmwareVolumeBlockProtocolGuid,
- (VOID **) FvBlock
- );
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ return gMmst->MmHandleProtocol (
+ FvBlockHandle,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ (VOID **) FvBlock
+ );
+ } else {
+ return gSmst->SmmHandleProtocol (
+ FvBlockHandle,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ (VOID **) FvBlock
+ );
+ }
}
@@ -287,13 +306,23 @@ GetFvbCountAndBuffer (
BufferSize = 0;
*NumberHandles = 0;
*Buffer = NULL;
- Status = gSmst->SmmLocateHandle (
- ByProtocol,
- &gEfiSmmFirmwareVolumeBlockProtocolGuid,
- NULL,
- &BufferSize,
- *Buffer
- );
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gMmst->MmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ } else {
+ Status = gSmst->SmmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ }
if (EFI_ERROR(Status) && Status != EFI_BUFFER_TOO_SMALL) {
return EFI_NOT_FOUND;
}
@@ -303,14 +332,23 @@ GetFvbCountAndBuffer (
return EFI_OUT_OF_RESOURCES;
}
- Status = gSmst->SmmLocateHandle (
- ByProtocol,
- &gEfiSmmFirmwareVolumeBlockProtocolGuid,
- NULL,
- &BufferSize,
- *Buffer
- );
-
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gMmst->MmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ } else {
+ Status = gSmst->SmmLocateHandle (
+ ByProtocol,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ NULL,
+ &BufferSize,
+ *Buffer
+ );
+ }
*NumberHandles = BufferSize / sizeof(EFI_HANDLE);
if (EFI_ERROR(Status)) {
*NumberHandles = 0;
@@ -499,10 +537,16 @@ SmmVariableHandler (
DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer payload size invalid!\n"));
return EFI_SUCCESS;
}
-
- if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
- DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
- return EFI_SUCCESS;
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ if (!MmIsBufferOutsideMmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+ DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
+ return EFI_SUCCESS;
+ }
+ } else {
+ if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+ DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
+ return EFI_SUCCESS;
+ }
}
SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *)CommBuffer;
@@ -691,13 +735,17 @@ SmmVariableHandler (
break;
}
if (!mEndOfDxe) {
- MorLockInitAtEndOfDxe ();
- mEndOfDxe = TRUE;
- VarCheckLibInitializeAtEndOfDxe (NULL);
- //
- // The initialization for variable quota.
- //
- InitializeVariableQuota ();
+ if (!PcdGetBool (PcdStandaloneMmEnable)){
+ MorLockInitAtEndOfDxe ();
+ mEndOfDxe = TRUE;
+ VarCheckLibInitializeAtEndOfDxe (NULL);
+ //
+ // The initialization for variable quota.
+ //
+ InitializeVariableQuota ();
+ } else {
+ mEndOfDxe = TRUE;
+ }
}
ReclaimForOS ();
Status = EFI_SUCCESS;
@@ -911,12 +959,22 @@ SmmFtwNotificationEvent (
//
// Notify the variable wrapper driver the variable write service is ready
//
- Status = gBS->InstallProtocolInterface (
- &mSmmVariableHandle,
- &gSmmVariableWriteGuid,
- EFI_NATIVE_INTERFACE,
- NULL
- );
+ if (PcdGetBool (PcdStandaloneMmEnable)) {
+ Status = gMmst->MmInstallProtocolInterface (
+ &mSmmVariableHandle,
+ &gSmmVariableWriteGuid,
+ EFI_NATIVE_INTERFACE,
+ NULL
+ );
+ } else {
+ Status = gBS->InstallProtocolInterface (
+ &mSmmVariableHandle,
+ &gSmmVariableWriteGuid,
+ EFI_NATIVE_INTERFACE,
+ NULL
+ );
+ }
+
ASSERT_EFI_ERROR (Status);
return EFI_SUCCESS;
@@ -1026,4 +1084,63 @@ VariableServiceInitialize (
return EFI_SUCCESS;
}
+/**
+ Variable Driver main entry point. The Variable driver places the 4 EFI
+ runtime services in the EFI System Table and installs arch protocols
+ for variable read and write services being available. It also registers
+ a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
+
+ @param[in] ImageHandle The firmware allocated handle for the EFI image.
+ @param[in] SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS Variable service successfully initialized.
+
+**/
+EFI_STATUS
+EFIAPI
+StandaloneMmVariableServiceInitialize (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_MM_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+ EFI_HANDLE VariableHandle;
+ VOID *SmmFtwRegistration;
+
+ //
+ // Variable initialize.
+ //
+ Status = VariableCommonInitialize ();
+ ASSERT_EFI_ERROR (Status);
+
+ mVariableBufferPayloadSize = GetMaxVariableSize () +
+ OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) - GetVariableHeaderSize ();
+
+ Status = gMmst->MmAllocatePool (
+ EfiRuntimeServicesData,
+ mVariableBufferPayloadSize,
+ (VOID **)&mVariableBufferPayload
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ ///
+ /// Register SMM variable SMI handler
+ ///
+ VariableHandle = NULL;
+ Status = gMmst->MmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle);
+ ASSERT_EFI_ERROR (Status);
+ //
+ // Register FtwNotificationEvent () notify function.
+ //
+ Status = gMmst->MmRegisterProtocolNotify (
+ &gEfiSmmFaultTolerantWriteProtocolGuid,
+ SmmFtwNotificationEvent,
+ &SmmFtwRegistration
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ SmmFtwNotificationEvent (NULL, NULL, NULL);
+
+ return EFI_SUCCESS;
+}
--
2.7.4
next prev parent reply other threads:[~2018-11-28 9:35 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-28 9:34 [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
2018-11-28 9:34 ` [RFC PATCH v3 01/11] MdeModulePkg/Variable: replace all uses of AsmLfence with MemoryFence Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 02/11] StandaloneMmPkg: Pull in additonal libraries from staging branch Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 03/11] MdeModulePkg/Library: Add StandaloneMmRuntimeDxe library Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 04/11] ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 05/11] MdeModulePkg/FaultTolerantWriteDxe: " Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 06/11] MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM Standalone Jagadeesh Ujja
2018-11-28 9:35 ` Jagadeesh Ujja [this message]
2018-11-28 9:35 ` [RFC PATCH v3 08/11] SecurityPkg/AuthVariableLib: allow MM_STANDALONE drivers to use this library Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 09/11] MdeModulePkg/VarCheckLib: " Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 10/11] CryptoPkg/BaseCryptLib: " Jagadeesh Ujja
2018-11-28 9:35 ` [RFC PATCH v3 11/11] CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode Jagadeesh Ujja
2018-11-30 8:15 ` Ye, Ting
2018-11-29 15:57 ` [RFC PATCH v3 00/11] Extend secure variable service to be usable from Standalone MM Gao, Liming
2018-12-11 5:28 ` jagadeesh ujja
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1543397709-31847-8-git-send-email-jagadeesh.ujja@arm.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox