From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2a01:111:f400:fe06::600; helo=eur02-ve1-obe.outbound.protection.outlook.com; envelope-from=achin.gupta@arm.com; receiver=edk2-devel@lists.01.org Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02on0600.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe06::600]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 18A192244E3E3 for ; Mon, 16 Apr 2018 08:11:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=wvOGCQIag3JOxlBuTu1XFZdUbpqtO7RYJT60Lhhj8wA=; b=ombK4i/5kqbfSz2+r6PSJzb88SVqp6wSmLRwFGJldSmz+jQlhqrO5JOzinqc9VsgCp8AtNgQFrC6fsnQxTJl8TjAFJePu7u4Vsd40rvWv3txzNXH/cnT+3vic+F6CmwDPbUZvj9lhsT1/+je7JJyHCqANSqziE4x8UV42Ylhg2M= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Achin.Gupta@arm.com; Received: from e104320-lin (217.140.96.140) by DB7PR08MB2987.eurprd08.prod.outlook.com (2603:10a6:5:1c::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.675.14; Mon, 16 Apr 2018 15:11:34 +0000 Date: Mon, 16 Apr 2018 16:12:59 +0100 From: Achin Gupta To: Supreeth Venkatesh Cc: edk2-devel@lists.01.org, michael.d.kinney@intel.com, liming.gao@intel.com, jiewen.yao@intel.com, leif.lindholm@linaro.org, ard.biesheuvel@linaro.org, nd@arm.com Message-ID: <20180416151258.GP663@e104320-lin> References: <20180406144223.10931-1-supreeth.venkatesh@arm.com> <20180406144223.10931-9-supreeth.venkatesh@arm.com> MIME-Version: 1.0 In-Reply-To: <20180406144223.10931-9-supreeth.venkatesh@arm.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-Originating-IP: [217.140.96.140] X-ClientProxiedBy: HE1PR0701CA0049.eurprd07.prod.outlook.com (2603:10a6:3:9e::17) To DB7PR08MB2987.eurprd08.prod.outlook.com (2603:10a6:5:1c::25) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(48565401081)(2017052603328)(7153060)(7193020); SRVR:DB7PR08MB2987; X-Microsoft-Exchange-Diagnostics: 1; DB7PR08MB2987; 3:Uty9hqWequwKN9dgKAhULkhxi7gqwSQF8QWp9zybKUalg5H1aF2BWQ7Kcc3DyluOQfIttDyyB9Nu51CrgXCFdSNjczuw7l5n0Glgmort64zvIfjF+uXVrds2aEXzOu3Cmz5Qj+snJVGcHxMlwCHyL+HpSEC0vAIEvfaTW4keuMwkriPTD2zqjirqCb8xCyciiXV6hZLU3sM1OHwZMFDHXFFlEnHSnQ+AJ4b9rpW8VgRBY0iqebth+qZLRg8fgTQo; 25:mzDzgxcJLxSVLwQjdSN/J5lkjxIZDL3f2aBuO+eWhnRMeh4bKfPdeLq0xH6fXUJvfTNHRGTbGNF7lHB370t/cc5hu0nnZ5VQOhKpx8GhjaCUYP7yMom+lDlxT8b7a5o/Oro8AfRmN3LyKGqPbIfCTqcft5z4sFM6ObX8hUvfcm+cSen9+0s5Q68WoV4FMS2sG6BJ0ISPI6KLSNXdg1c7tNEGyn+5ssYgCjTk07aOqgVHwolcbzy45M58KE/vC1VxCs5Q4pJcrMUVJkz9+HskYeLSmXwlrk3Jot6ijJWjBdExb97WToiH+ome8zDGhK6FNTfnf3grcFeD3As/DvwEAA==; 31:9t1HhzGf782Hk7JnzszDhI461dwNpI4DZHA7/9uO19ZFgv2MntdIVSuCAiLbqCVfWbvV8YmWDevdCQMIUbuB3m+q6ZEh5Kbu0pN9pmXpc/VstaiWN18mzZg8Z0XIiJqPRRsPCMGezn/6UnZAWvLv022QCvywtZsQwoMIbD2egZ6Ss3JddC9jKtVMFvCyLcvzcH/82TItq5m0bb3BXjxKxVZ+hD/K6Q0WVkw6u1w2F2U= X-MS-TrafficTypeDiagnostic: DB7PR08MB2987: NoDisclaimer: True X-Microsoft-Exchange-Diagnostics: 1; DB7PR08MB2987; 20:yv31V7fTAGNm+UfbuTCfxZghDYaz3TFqGwKVHeKkQENA1Ky/427sbv9FSEmOh9Tn5wc5z0vGep2mIH/FRoPGsDpcSPsBmje1/Ny56/OEerO4j8GNFU/i7LPwIk2r2Io2gZxdN5livFg8jEfQ0QQ2i2G3cN63Tp6soUwRl9NEGwg=; 4:UoawNTRWFfnvvftBYYjS01k9JGDpxQ4ikPBMiSkHmv+yI7NDd1A7HPvzeFIyABKEpQfUVfgvCsbQW/NNuIwv6OBcPOtyPLSQPAfVBVNz6Z/NllRizak1/LVZaD4oSWkMqxetxwm1F2kVGxQ6BhYP5494flfl+jZCx6l8HLyZpvJUWFPWgtRtIwngfmG5g5YjxLshdJwJms0lwfvz4wdcqBxTZELNEgdSwFsOTW130IS6JqwP2g/lA+RLW0dpSYgSG01cXAlkG9f+txJ0Iddt7VDPeWzkxB1ZG0etSOtSOjfjL6fCJ6eUw2gkVAeihdCEba4xgxjtPIhQKeoLWbeL0PJ0kIbE6GgkR2zr8fXa6Hc= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(180628864354917)(192374486261705); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(3231232)(944501327)(52105095)(93006095)(93001095)(6055026)(6041310)(20161123562045)(20161123558120)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:DB7PR08MB2987; BCL:0; PCL:0; RULEID:; SRVR:DB7PR08MB2987; X-Forefront-PRVS: 0644578634 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6029001)(39380400002)(376002)(396003)(346002)(366004)(39860400002)(199004)(189003)(446003)(11346002)(2906002)(7736002)(25786009)(47776003)(53936002)(50466002)(476003)(106356001)(486006)(33716001)(305945005)(386003)(16799955002)(59450400001)(15188155005)(1076002)(66066001)(86362001)(966005)(68736007)(6306002)(9686003)(6862004)(23726003)(72206003)(956004)(6246003)(53376002)(3846002)(55016002)(6116002)(4326008)(8936002)(33656002)(76176011)(6496006)(8676002)(478600001)(33896004)(97736004)(5660300001)(316002)(16526019)(16586007)(58126008)(44832011)(81166006)(105586002)(26005)(229853002)(81156014)(6636002)(6666003)(52116002)(11771545001)(18370500001)(107986001); DIR:OUT; SFP:1101; SCL:1; SRVR:DB7PR08MB2987; H:e104320-lin; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; Received-SPF: None (protection.outlook.com: arm.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DB7PR08MB2987; 23:0Wnn9VFjuAeb4Jpte/2QZxomgU4ykANk9pgJGxoPc?= =?us-ascii?Q?prFBNVOsWMjfj5yxv6aWMXPCHhEfN3vSYYdn9VEiLFP575ABxn/aL7N65nwt?= =?us-ascii?Q?H9RA32cW6tsRQNNFt+IGOVN6oMlhBj63giTeNbHUwCxLOplYFS+iB1B908zN?= =?us-ascii?Q?iLMUjxLny1mxucmv4ERuzz+9feMwC5/sJPv2+4G51pYE3NogsyZ5sPUH0WUS?= =?us-ascii?Q?cNJO9/CEhLCWZYl9J8+b9kSw8cZz7/YRgEPhYvVtnG99Qum5Jt+rO/vsb3pz?= =?us-ascii?Q?ANdoQ0Id3YQ5jIgDCUSE6EQuBw59EI1RJERk3XDk9PAJSKRLiJd6WgEX6qnp?= =?us-ascii?Q?9xZvFDepJnwyjJRzVQyUs2EiGAJ7xuLkZpNiguAvBzDE37VsvViq1Pwy6Lhk?= =?us-ascii?Q?8jBXVwf+PAZ+Ok+53o2EF8uHiOh3+kNKd0kccrqMvoZLcl1S2bGVOGQySKWf?= =?us-ascii?Q?3qI1UMJf/1U+Vj8/QGJLKi0DEh1ucgZuqZBWiW2miRv5RIm5i+9ilpA/fviT?= =?us-ascii?Q?S1jgSXCmJ43diw1R/YNumYFozeanz1dPFv+T3jOZBE4kXKRlucIuAeCXKd1M?= =?us-ascii?Q?6pRkaxBAB5UPqzkyPlD331c/7COVow23xKxhZJ8wKMhOlIgRQ2ZX5Ic7haVt?= =?us-ascii?Q?1e1iTGu8kErUPhe+dazUKHJ1NqIY3ACaDi2ALWmGMpswywepAy3hbUiWik8d?= =?us-ascii?Q?1pzi75Y2ojqopBfCKQhnSeaZOpAsECnzbxFwnJ+CBlmuDkoJyfSTfPBFfJAY?= =?us-ascii?Q?y/d0uHckXgtI46e8h//SYDMad4RNVFgBhqivCmwJ80fC6nks2PG3wk2ygiMi?= =?us-ascii?Q?3R8KAvh/SB+QxdQ0/5yj08SKB6i5OOwnOo8BF99eriNGkPTo3IAM8ZGZIdvx?= =?us-ascii?Q?gtUcA1FSV/Ww7v0m8HUPAzPTeQGJ61+62p04NSmVTfoQo4KEYGSRmcuhFAMR?= =?us-ascii?Q?lY4xgXBl4nGJgK9QV+FGruEZnyEi4Eww91CB3JgHZa27BSy2ouyq3y+kEPeb?= =?us-ascii?Q?RVx33dK3PxNqtyTFQfX1BCv0bCrCNnGkYeIEfAMgHOFAuWt412o+jx7p7Mr7?= =?us-ascii?Q?IfTXfBvZRMqMqplkyHwMEa4dy3Z4psgAjKXsWkZoo9R0Xcr8zw0mV+PhwhC1?= =?us-ascii?Q?EIeD4CkXQV+cptqx7kCh2CgRGH3XCDqTKJPcMAI63vFPSW65MJpTYwzkao1s?= =?us-ascii?Q?FmNrt1yw22aEZC3AHPzOzpyrUVNErrI+1Fik6o8ZSooth4BQ3XXzTqukdpQn?= =?us-ascii?Q?pw0KkRRntSd+oI+vJWtZNl6Hzk8ovCOsDUIrm5/JWMkyZLaZLG6tRCH6w28x?= =?us-ascii?Q?b6hE5AcZmcpz6SifYSX2vdv+nFoAcsUUoU2FJlniDoFJt5Gl6U0dQpsAyKNO?= =?us-ascii?Q?qrlsNJyzF4MnhPTBCg3QxeO/EbEy/hk6JCg8MVlG+Nzi8QhPMgw4O45DYVDY?= =?us-ascii?Q?zFPwKhUjkiZAIgisoWePu56oNxupd/eJI7pO7XfnUy7yX6Z4JOpD3EVWaMqn?= =?us-ascii?Q?brNI7q2Q7a2eScjZRRGMsHWjysMFxbZbtH2o4+G1DwZyZ1HGf6UtkJr?= X-Microsoft-Antispam-Message-Info: F9k0ilag3a+zzynEfg5/7/qNJtzwUDQAPko21UD7VorSF7CFdGJlaMuAx+ZXnQqhCMFsgDe4mr/4/yNDI5AsS5Qkr9/c9n05sSrQZoU4mEdxav1j8oMAykNzZmA7Ir7m8UtROCSIbOJaYcoNwcoLL58F8YP6MKuJ7FjUE8xLsTVN/2TpbKSKYHZWw+HGH7JW X-Microsoft-Exchange-Diagnostics: 1; DB7PR08MB2987; 6:c9hrgz6yHDZNov9/4D2O/XcIz4Kk+yoDZfIAHO5m0IU7VpMulwJPWENIg+xWShotpkNGM9mHO5x8ILoVFJ8VWE9F2nln6SymzJkYiSIPezLcRJ8bhjwpE4T5lIYvoM0qSASs1P1ZPgERBZtwwJS6c904RFdiin+Md1PT48KMkm6TpPX8zKjHj4sHo7moHZj6lD4o4y3/xLZslZoUkuoGrbExlH7+LaOhyltTJNoQyPS4xp6XaAdwFXLJLEPn8YtvII19j1BU2vTzIrjI5QzYXfpTNz4gVpR0FBVme7VMAuCsqX/V3CqvYMdUxkz1WqJhLDllNU8aK1k9ldQLLwQGI5Mp4gAd/6ap0waCr2jpzPAbq08+19mS/AWOU0/woESMX8/vAwm/RZ/B1F7AINssQ/+yHV81xOQL40YERA8GlGY2A+LwTgjwJPuCoSIbjiNvoE/X+3mIebXkYoP+LySAbQ==; 5:GI+lJtcTr3HbCDWzoRPcoLoB6RE9q56Z8SFGSFp6eijpA/GPIeFR6B/7avfgv2Ld3T+ZBCIRCpVeWT4mkth2oLArxhmPooB/bISvkAavuREKEXflZacZWWg2nNg/LCjzwhNmoSCLylMEG3utAFL9+hcSCvOhyq19rWp7qKjcDhg=; 24:91dvs0WGbRUXHCRdaGB69DR1bODt0G6OyqLAepts5DDceox5/3giELCGfWYPJtp5WfdQZ8xJpU9Gn2kMocy/loMc+SuvxM1/aYwaZS7ATrg= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DB7PR08MB2987; 7:jBewFWREQxztqV7A3rIKBO0avJfheZevsLRKUYXuqz0/xDFu4k5JUXFO4aWlm3JBrR1s0FTDwR0S579Gsx6nWv4ALabbjBy78lPt+T+AHQ23BOm4s1Vvt+4Roe0iHaJktRbiWEIntNjGTYt7Lg7HLFqDuVB+3kN+2uNRlNPviNATTbgcIp8i2ZpyPI/BRre/uMMzJ4M67IIKH95geIUs7fSF6VI61ZKOHzFHPtd+uTRQJ63AeX7kQ+VHISC1jBCb X-MS-Office365-Filtering-Correlation-Id: 20045f5d-26ab-4682-399e-08d5a3ac5862 X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Apr 2018 15:11:34.5796 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 20045f5d-26ab-4682-399e-08d5a3ac5862 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR08MB2987 Subject: Re: [PATCH v1 08/18] StandaloneMmPkg/MemLib: AARCH64 Specific instance of memory check library. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Apr 2018 15:11:39 -0000 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi Supreeth, On Fri, Apr 06, 2018 at 03:42:13PM +0100, Supreeth Venkatesh wrote: > MM memory check library library implementation. This library consumes > MM_ACCESS_PROTOCOL to get MMRAM information. In order to use this > library instance, the platform should produce all MMRAM range via > MM_ACCESS_PROTOCOL, including the range for firmware (like MM Core > and MM driver) and/or specific dedicated hardware. > > This patch provides services for MM Memory Operation. > The management mode Mem Library provides function for checking if buffer > is outside MMRAM and valid. It also provides functions for copy data > from MMRAM to non-MMRAM, from non-MMRAM to MMRAM, > from non-MMRAM to non-MMRAM, or set data in non-MMRAM. > > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Achin Gupta > Signed-off-by: Supreeth Venkatesh > --- > StandaloneMmPkg/Include/Library/MemLib.h | 140 ++++++++++++++ > StandaloneMmPkg/Library/MemLib/Arm/MemLib.c | 276 ++++++++++++++++++++++++++++ Why is this Library Arm specific. Apart from cosmetics tweaks, it has not changed since it was originally contributed? cheers, Achin > StandaloneMmPkg/Library/MemLib/MemLib.inf | 47 +++++ > 3 files changed, 463 insertions(+) > create mode 100644 StandaloneMmPkg/Include/Library/MemLib.h > create mode 100644 StandaloneMmPkg/Library/MemLib/Arm/MemLib.c > create mode 100644 StandaloneMmPkg/Library/MemLib/MemLib.inf > > diff --git a/StandaloneMmPkg/Include/Library/MemLib.h b/StandaloneMmPkg/Include/Library/MemLib.h > new file mode 100644 > index 0000000000..3264f10010 > --- /dev/null > +++ b/StandaloneMmPkg/Include/Library/MemLib.h > @@ -0,0 +1,140 @@ > +/** @file > + Provides services for MM Memory Operation. > + > + The MM Mem Library provides function for checking if buffer is outside MMRAM and valid. > + It also provides functions for copy data from MMRAM to non-MMRAM, from non-MMRAM to MMRAM, > + from non-MMRAM to non-MMRAM, or set data in non-MMRAM. > + > + Copyright (c) 2015, Intel Corporation. All rights reserved.
> + Copyright (c) 2016 - 2017, ARM Limited. All rights reserved.
> + > + This program and the accompanying materials > + are licensed and made available under the terms and conditions of the BSD License > + which accompanies this distribution. The full text of the license may be found at > + http://opensource.org/licenses/bsd-license.php > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > + > +**/ > + > +#ifndef _MM_MEM_LIB_H_ > +#define _MM_MEM_LIB_H_ > + > +/** > + This function check if the buffer is valid per processor architecture and not overlap with MMRAM. > + > + @param Buffer The buffer start address to be checked. > + @param Length The buffer length to be checked. > + > + @retval TRUE This buffer is valid per processor architecture and not overlap with MMRAM. > + @retval FALSE This buffer is not valid per processor architecture or overlap with MMRAM. > +**/ > +BOOLEAN > +EFIAPI > +MmIsBufferOutsideMmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64 Length > + ); > + > +/** > + Copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + It checks if source buffer is valid per processor architecture and not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it return EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of the memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory copy. > + @param Length The number of bytes to copy from SourceBuffer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemToSmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ); > + > +/** > + Copies a source buffer (MMRAM) to a destination buffer (NON-MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + It checks if destination buffer is valid per processor architecture and not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of the memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory copy. > + @param Length The number of bytes to copy from SourceBuffer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per processor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemFromSmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ); > + > +/** > + Copies a source buffer (NON-MMRAM) to a destination buffer (NON-MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + It checks if source buffer and destination buffer are valid per processor architecture and not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant, and it must handle the case where source buffer overlaps destination buffer. > + > + @param DestinationBuffer The pointer to the destination buffer of the memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory copy. > + @param Length The number of bytes to copy from SourceBuffer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per processor architecture or overlap with MMRAM. > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMem ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ); > + > +/** > + Fills a target buffer (NON-MMRAM) with a byte value. > + > + This function fills a target buffer (non-MMRAM) with a byte value. > + It checks if target buffer is valid per processor architecture and not overlap with MMRAM. > + If the check passes, it fills memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + > + @param Buffer The memory to set. > + @param Length The number of bytes to set. > + @param Value The value with which to fill Length bytes of Buffer. > + > + @retval EFI_SECURITY_VIOLATION The Buffer is invalid per processor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is set. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmSetMem ( > + OUT VOID *Buffer, > + IN UINTN Length, > + IN UINT8 Value > + ); > + > +#endif > diff --git a/StandaloneMmPkg/Library/MemLib/Arm/MemLib.c b/StandaloneMmPkg/Library/MemLib/Arm/MemLib.c > new file mode 100644 > index 0000000000..432a45698b > --- /dev/null > +++ b/StandaloneMmPkg/Library/MemLib/Arm/MemLib.c > @@ -0,0 +1,276 @@ > +/** @file > + Instance of MM memory check library. > + > + MM memory check library library implementation. This library consumes MM_ACCESS_PROTOCOL > + to get MMRAM information. In order to use this library instance, the platform should produce > + all MMRAM range via MM_ACCESS_PROTOCOL, including the range for firmware (like MM Core > + and MM driver) and/or specific dedicated hardware. > + > + Copyright (c) 2015, Intel Corporation. All rights reserved.
> + Copyright (c) 2016 - 2017, ARM Limited. All rights reserved.
> + > + This program and the accompanying materials > + are licensed and made available under the terms and conditions of the BSD License > + which accompanies this distribution. The full text of the license may be found at > + http://opensource.org/licenses/bsd-license.php > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > + > +**/ > + > + > +#include > + > +#include > +#include > +#include > + > +EFI_MMRAM_DESCRIPTOR *mMmMemLibInternalMmramRanges; > +UINTN mMmMemLibInternalMmramCount; > + > +// > +// Maximum support address used to check input buffer > +// > +EFI_PHYSICAL_ADDRESS mMmMemLibInternalMaximumSupportAddress = 0; > + > +/** > + Calculate and save the maximum support address. > + > +**/ > +VOID > +MmMemLibInternalCalculateMaximumSupportAddress ( > + VOID > + ) > +{ > + UINT8 PhysicalAddressBits; > + > + PhysicalAddressBits = 36; > + > + // > + // Save the maximum support address in one global variable > + // > + mMmMemLibInternalMaximumSupportAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)(LShiftU64 (1, PhysicalAddressBits) - 1); > + DEBUG ((DEBUG_INFO, "mMmMemLibInternalMaximumSupportAddress = 0x%lx\n", mMmMemLibInternalMaximumSupportAddress)); > +} > + > +/** > + This function check if the buffer is valid per processor architecture and not overlap with MMRAM. > + > + @param Buffer The buffer start address to be checked. > + @param Length The buffer length to be checked. > + > + @retval TRUE This buffer is valid per processor architecture and not overlap with MMRAM. > + @retval FALSE This buffer is not valid per processor architecture or overlap with MMRAM. > +**/ > +BOOLEAN > +EFIAPI > +MmIsBufferOutsideMmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64 Length > + ) > +{ > + UINTN Index; > + > + // > + // Check override. > + // NOTE: (B:0->L:4G) is invalid for IA32, but (B:1->L:4G-1)/(B:4G-1->L:1) is valid. > + // > + if ((Length > mMmMemLibInternalMaximumSupportAddress) || > + (Buffer > mMmMemLibInternalMaximumSupportAddress) || > + ((Length != 0) && (Buffer > (mMmMemLibInternalMaximumSupportAddress - (Length - 1)))) ) { > + // > + // Overflow happen > + // > + DEBUG (( > + DEBUG_ERROR, > + "MmIsBufferOutsideMmValid: Overflow: Buffer (0x%lx) - Length (0x%lx), MaximumSupportAddress (0x%lx)\n", > + Buffer, > + Length, > + mMmMemLibInternalMaximumSupportAddress > + )); > + return FALSE; > + } > + > + for (Index = 0; Index < mMmMemLibInternalMmramCount; Index ++) { > + if (((Buffer >= mMmMemLibInternalMmramRanges[Index].CpuStart) && (Buffer < mMmMemLibInternalMmramRanges[Index].CpuStart + mMmMemLibInternalMmramRanges[Index].PhysicalSize)) || > + ((mMmMemLibInternalMmramRanges[Index].CpuStart >= Buffer) && (mMmMemLibInternalMmramRanges[Index].CpuStart < Buffer + Length))) { > + DEBUG (( > + DEBUG_ERROR, > + "MmIsBufferOutsideMmValid: Overlap: Buffer (0x%lx) - Length (0x%lx), ", > + Buffer, > + Length > + )); > + DEBUG (( > + DEBUG_ERROR, > + "CpuStart (0x%lx) - PhysicalSize (0x%lx)\n", > + mMmMemLibInternalMmramRanges[Index].CpuStart, > + mMmMemLibInternalMmramRanges[Index].PhysicalSize > + )); > + return FALSE; > + } > + } > + > + return TRUE; > +} > + > +/** > + Copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + It checks if source buffer is valid per processor architecture and not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it return EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of the memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory copy. > + @param Length The number of bytes to copy from SourceBuffer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemToMmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ) > +{ > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)SourceBuffer, Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMemToMmram: Security Violation: Source (0x%x), Length (0x%x)\n", SourceBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + CopyMem (DestinationBuffer, SourceBuffer, Length); > + return EFI_SUCCESS; > +} > + > +/** > + Copies a source buffer (MMRAM) to a destination buffer (NON-MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + It checks if destination buffer is valid per processor architecture and not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of the memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory copy. > + @param Length The number of bytes to copy from SourceBuffer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per processor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemFromMmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ) > +{ > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)DestinationBuffer, Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMemFromMmram: Security Violation: Destination (0x%x), Length (0x%x)\n", DestinationBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + CopyMem (DestinationBuffer, SourceBuffer, Length); > + return EFI_SUCCESS; > +} > + > +/** > + Copies a source buffer (NON-MMRAM) to a destination buffer (NON-MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + It checks if source buffer and destination buffer are valid per processor architecture and not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant, and it must handle the case where source buffer overlaps destination buffer. > + > + @param DestinationBuffer The pointer to the destination buffer of the memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory copy. > + @param Length The number of bytes to copy from SourceBuffer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per processor architecture or overlap with MMRAM. > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMem ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ) > +{ > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)DestinationBuffer, Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMem: Security Violation: Destination (0x%x), Length (0x%x)\n", DestinationBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)SourceBuffer, Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMem: Security Violation: Source (0x%x), Length (0x%x)\n", SourceBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + CopyMem (DestinationBuffer, SourceBuffer, Length); > + return EFI_SUCCESS; > +} > + > +/** > + Fills a target buffer (NON-MMRAM) with a byte value. > + > + This function fills a target buffer (non-MMRAM) with a byte value. > + It checks if target buffer is valid per processor architecture and not overlap with MMRAM. > + If the check passes, it fills memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + > + @param Buffer The memory to set. > + @param Length The number of bytes to set. > + @param Value The value with which to fill Length bytes of Buffer. > + > + @retval EFI_SECURITY_VIOLATION The Buffer is invalid per processor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is set. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmSetMem ( > + OUT VOID *Buffer, > + IN UINTN Length, > + IN UINT8 Value > + ) > +{ > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)Buffer, Length)) { > + DEBUG ((DEBUG_ERROR, "MmSetMem: Security Violation: Source (0x%x), Length (0x%x)\n", Buffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + SetMem (Buffer, Length, Value); > + return EFI_SUCCESS; > +} > + > +/** > + The constructor function initializes the Mm Mem library > + > + @param ImageHandle The firmware allocated handle for the EFI image. > + @param SystemTable A pointer to the EFI System Table. > + > + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. > + > +**/ > +EFI_STATUS > +EFIAPI > +MemLibConstructor ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_MM_SYSTEM_TABLE *MmSystemTable > + ) > +{ > + > + // > + // Calculate and save maximum support address > + // > + MmMemLibInternalCalculateMaximumSupportAddress (); > + > + return EFI_SUCCESS; > +} > diff --git a/StandaloneMmPkg/Library/MemLib/MemLib.inf b/StandaloneMmPkg/Library/MemLib/MemLib.inf > new file mode 100644 > index 0000000000..52b7c06397 > --- /dev/null > +++ b/StandaloneMmPkg/Library/MemLib/MemLib.inf > @@ -0,0 +1,47 @@ > +## @file > +# Instance of MM memory check library. > +# > +# MM memory check library library implementation. This library consumes MM_ACCESS_PROTOCOL > +# to get MMRAM information. In order to use this library instance, the platform should produce > +# all MMRAM range via MM_ACCESS_PROTOCOL, including the range for firmware (like MM Core > +# and MM driver) and/or specific dedicated hardware. > +# > +# Copyright (c) 2015, Intel Corporation. All rights reserved.
> +# Copyright (c) 2016 - 2017, ARM Limited. All rights reserved.
> +# > +# This program and the accompanying materials > +# are licensed and made available under the terms and conditions of the BSD License > +# which accompanies this distribution. The full text of the license may be found at > +# http://opensource.org/licenses/bsd-license.php > +# > +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > +# > +## > + > +[Defines] > + INF_VERSION = 0x0001001A > + BASE_NAME = MemLib > + FILE_GUID = EA355F14-6409-4716-829F-37B3BC7C7F26 > + MODULE_TYPE = MM_STANDALONE > + VERSION_STRING = 1.0 > + PI_SPECIFICATION_VERSION = 0x00010032 > + LIBRARY_CLASS = MemLib|MM_STANDALONE MM_CORE_STANDALONE > + CONSTRUCTOR = MemLibConstructor > + > +# > +# The following information is for reference only and not required by the build tools. > +# > +# VALID_ARCHITECTURES = AARCH64 > +# > + > +[Sources.AARCH64] > + Arm/MemLib.c > + > +[Packages] > + MdePkg/MdePkg.dec > + StandaloneMmPkg/StandaloneMmPkg.dec > + > +[LibraryClasses] > + BaseMemoryLib > + DebugLib > -- > 2.16.2 >