* [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM
@ 2018-10-31 11:09 Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 1/9] StandaloneMmPkg: Pull in additonal libraries from staging branch Jagadeesh Ujja
` (9 more replies)
0 siblings, 10 replies; 12+ messages in thread
From: Jagadeesh Ujja @ 2018-10-31 11:09 UTC (permalink / raw)
To: edk2-devel
This RFC patch series extends the existing secure variable service support
for use with Standalone MM. This is applicable to paltforms that use
Standalone Management Mode to protect access to non-volatile memory (NOR
flash in case of these patches) used to store the secure EFI variables.
The first patch pulls in additional libraries from the staging branch of
StandaloneMmPkg into the edk2's StandaloneMmPkg. The existing secure
variable service implementation supports only the traditional MM mode
and so the rest of the patches extends the existing secure variable
service support to be useable with Standalone MM mode as well.
This patch series is being posted as an RFC to get feedback on the
approach taken in these patches.
Jagadeesh Ujja (9):
StandaloneMmPkg: Pull in additonal libraries from staging branch
ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver
MdeModulePkg/FaultTolerantWriteDxe: allow reusability as a MM driver
MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM Standalone
MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver
CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode
SecurityPkg/AuthVariableLib:allow reusability as MM_STANDALONE
MdeModulePkg VarCheckLib: allow reusability as MM_STANDALONE
CryptoPkg/BaseCryptLib: allow MM_STANDALONE drivers to use this library
.../Drivers/NorFlashDxe/NorFlashBlockIoDxe.c | 5 +-
ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c | 116 ++-
ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h | 15 +-
.../Drivers/NorFlashDxe/NorFlashFvbDxe.c | 26 +-
.../Drivers/NorFlashDxe/NorFlashMmStandalone.inf | 76 ++
.../BaseCryptLib/BaseCryptLibMmStandalone.inf | 106 +++
.../Library/BaseCryptLib/SysCall/TimerWrapper.c | 19 +-
MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf | 5 +-
.../FaultTolerantWriteMmStandalone.inf | 100 +++
.../FaultTolerantWriteDxe/FaultTolerantWriteSmm.c | 72 +-
.../FaultTolerantWriteDxe/UpdateWorkingBlock.c | 8 +-
.../Universal/Variable/RuntimeDxe/Variable.c | 16 +-
.../Universal/Variable/RuntimeDxe/Variable.h | 8 +
.../Variable/RuntimeDxe/VariableMmStandalone.inf | 134 ++++
.../Universal/Variable/RuntimeDxe/VariableSmm.c | 73 +-
.../Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 20 +-
.../Library/AuthVariableLib/AuthVariableLib.inf | 5 +-
.../StandaloneMmCoreHobLib.inf | 2 +-
.../AArch64/StandaloneMmCoreHobLibInternal.c | 64 ++
.../StandaloneMmHobLib/StandaloneMmHobLib.c | 655 ++++++++++++++++
.../StandaloneMmHobLib/StandaloneMmHobLib.inf | 48 ++
.../StandaloneMmMemoryAllocationLib.c | 824 +++++++++++++++++++++
.../StandaloneMmMemoryAllocationLib.inf | 45 ++
.../StandaloneMmServicesTableLib.c | 40 +
.../StandaloneMmServicesTableLib.inf | 36 +
25 files changed, 2470 insertions(+), 48 deletions(-)
create mode 100644 ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashMmStandalone.inf
create mode 100644 CryptoPkg/Library/BaseCryptLib/BaseCryptLibMmStandalone.inf
create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteMmStandalone.inf
create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableMmStandalone.inf
create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf
create mode 100644 StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
create mode 100644 StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
create mode 100644 StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
create mode 100644 StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
--
1.9.1
^ permalink raw reply [flat|nested] 12+ messages in thread
* [RFC PATCH 1/9] StandaloneMmPkg: Pull in additonal libraries from staging branch
2018-10-31 11:09 [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
@ 2018-10-31 11:09 ` Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 2/9] ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver Jagadeesh Ujja
` (8 subsequent siblings)
9 siblings, 0 replies; 12+ messages in thread
From: Jagadeesh Ujja @ 2018-10-31 11:09 UTC (permalink / raw)
To: edk2-devel
Three additional library packages are being pulled into StandaloneMmPkg
from the staging area in order to support the secure variable service.
The three packages being pulled in are
- StandaloneMmHobLib
- StandaloneMmMemoryAllocationLib
- StandaloneMmServicesTableLib
Change-Id: Ice1f2e892b4094e907ee8141da20f7b0568d390c
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
.../StandaloneMmCoreHobLib.inf | 2 +-
.../AArch64/StandaloneMmCoreHobLibInternal.c | 64 ++
.../StandaloneMmHobLib/StandaloneMmHobLib.c | 655 ++++++++++++++++
.../StandaloneMmHobLib/StandaloneMmHobLib.inf | 48 ++
.../StandaloneMmMemoryAllocationLib.c | 824 +++++++++++++++++++++
.../StandaloneMmMemoryAllocationLib.inf | 45 ++
.../StandaloneMmServicesTableLib.c | 40 +
.../StandaloneMmServicesTableLib.inf | 36 +
8 files changed, 1713 insertions(+), 1 deletion(-)
create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf
create mode 100644 StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
create mode 100644 StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
create mode 100644 StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
create mode 100644 StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf b/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
index db19d3c..ac036e3 100644
--- a/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
+++ b/StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
@@ -24,7 +24,7 @@
MODULE_TYPE = MM_CORE_STANDALONE
VERSION_STRING = 1.0
PI_SPECIFICATION_VERSION = 0x00010032
- LIBRARY_CLASS = HobLib|MM_CORE_STANDALONE MM_STANDALONE
+ LIBRARY_CLASS = HobLib|MM_CORE_STANDALONE
#
# VALID_ARCHITECTURES = AARCH64
diff --git a/StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c b/StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
new file mode 100644
index 0000000..ac5a1c0
--- /dev/null
+++ b/StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
@@ -0,0 +1,64 @@
+/** @file
+ HOB Library implementation for Standalone MM Core.
+
+Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2017 - 2018, ARM Limited. All rights reserved.<BR>
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php.
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiMm.h>
+
+#include <Library/HobLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+
+#include <Guid/MemoryAllocationHob.h>
+
+//
+// Cache copy of HobList pointer.
+//
+extern VOID *gHobList;
+
+EFI_HOB_HANDOFF_INFO_TABLE*
+HobConstructor (
+ IN VOID *EfiMemoryBegin,
+ IN UINTN EfiMemoryLength,
+ IN VOID *EfiFreeMemoryBottom,
+ IN VOID *EfiFreeMemoryTop
+ )
+{
+ EFI_HOB_HANDOFF_INFO_TABLE *Hob;
+ EFI_HOB_GENERIC_HEADER *HobEnd;
+
+ Hob = EfiFreeMemoryBottom;
+ HobEnd = (EFI_HOB_GENERIC_HEADER *)(Hob+1);
+
+ Hob->Header.HobType = EFI_HOB_TYPE_HANDOFF;
+ Hob->Header.HobLength = sizeof(EFI_HOB_HANDOFF_INFO_TABLE);
+ Hob->Header.Reserved = 0;
+
+ HobEnd->HobType = EFI_HOB_TYPE_END_OF_HOB_LIST;
+ HobEnd->HobLength = sizeof(EFI_HOB_GENERIC_HEADER);
+ HobEnd->Reserved = 0;
+
+ Hob->Version = EFI_HOB_HANDOFF_TABLE_VERSION;
+ Hob->BootMode = BOOT_WITH_FULL_CONFIGURATION;
+
+ Hob->EfiMemoryTop = (UINTN)EfiMemoryBegin + EfiMemoryLength;
+ Hob->EfiMemoryBottom = (UINTN)EfiMemoryBegin;
+ Hob->EfiFreeMemoryTop = (UINTN)EfiFreeMemoryTop;
+ Hob->EfiFreeMemoryBottom = (EFI_PHYSICAL_ADDRESS)(UINTN)(HobEnd+1);
+ Hob->EfiEndOfHobList = (EFI_PHYSICAL_ADDRESS)(UINTN)HobEnd;
+
+ gHobList = Hob;
+
+ return Hob;
+}
diff --git a/StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c b/StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
new file mode 100644
index 0000000..591a78c
--- /dev/null
+++ b/StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
@@ -0,0 +1,655 @@
+/** @file
+ HOB Library implementation for Standalone MM Core.
+
+Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2017 - 2018, ARM Limited. All rights reserved.<BR>
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php.
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiMm.h>
+
+#include <Library/HobLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+
+#include <Guid/MemoryAllocationHob.h>
+
+//
+// Cache copy of HobList pointer.
+//
+VOID *gHobList = NULL;
+
+EFI_MM_SYSTEM_TABLE *gMmst = NULL;
+
+/**
+ The constructor function caches the pointer to HOB list.
+
+ The constructor function gets the start address of HOB list from system configuration table.
+ It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
+
+ @param ImageHandle The firmware allocated handle for the EFI image.
+ @param SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS The constructor successfully gets HobList.
+ @retval Other value The constructor can't get HobList.
+
+**/
+EFI_STATUS
+EFIAPI
+HobLibConstructor (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_MM_SYSTEM_TABLE *SmmSystemTable
+ )
+{
+ UINTN Index;
+
+ for (Index = 0; Index < gMmst->NumberOfTableEntries; Index++) {
+ if (CompareGuid (&gEfiHobListGuid, &gMmst->MmConfigurationTable[Index].VendorGuid)) {
+ gHobList = gMmst->MmConfigurationTable[Index].VendorTable;
+ break;
+ }
+ }
+
+ /* HACK: Use the ImageHandle to smuggle the hoblist into the library constructor */
+ if (ImageHandle)
+ gHobList = (VOID *) ImageHandle;
+
+ return EFI_SUCCESS;
+}
+/**
+ Returns the pointer to the HOB list.
+
+ This function returns the pointer to first HOB in the list.
+ If the pointer to the HOB list is NULL, then ASSERT().
+
+ @return The pointer to the HOB list.
+
+**/
+VOID *
+EFIAPI
+GetHobList (
+ VOID
+ )
+{
+ UINTN Index;
+
+ if (gHobList == NULL) {
+ for (Index = 0; Index < gMmst->NumberOfTableEntries; Index++) {
+ if (CompareGuid (&gEfiHobListGuid, &gMmst->MmConfigurationTable[Index].VendorGuid)) {
+ gHobList = gMmst->MmConfigurationTable[Index].VendorTable;
+ break;
+ }
+ }
+ }
+ ASSERT (gHobList != NULL);
+ return gHobList;
+}
+
+/**
+ Returns the next instance of a HOB type from the starting HOB.
+
+ This function searches the first instance of a HOB type from the starting HOB pointer.
+ If there does not exist such HOB type from the starting HOB pointer, it will return NULL.
+ In contrast with macro GET_NEXT_HOB(), this function does not skip the starting HOB pointer
+ unconditionally: it returns HobStart back if HobStart itself meets the requirement;
+ caller is required to use GET_NEXT_HOB() if it wishes to skip current HobStart.
+
+ If HobStart is NULL, then ASSERT().
+
+ @param Type The HOB type to return.
+ @param HobStart The starting HOB pointer to search from.
+
+ @return The next instance of a HOB type from the starting HOB.
+
+**/
+VOID *
+EFIAPI
+GetNextHob (
+ IN UINT16 Type,
+ IN CONST VOID *HobStart
+ )
+{
+ EFI_PEI_HOB_POINTERS Hob;
+
+ ASSERT (HobStart != NULL);
+
+ Hob.Raw = (UINT8 *) HobStart;
+ //
+ // Parse the HOB list until end of list or matching type is found.
+ //
+ while (!END_OF_HOB_LIST (Hob)) {
+ if (Hob.Header->HobType == Type) {
+ return Hob.Raw;
+ }
+ Hob.Raw = GET_NEXT_HOB (Hob);
+ }
+ return NULL;
+}
+
+/**
+ Returns the first instance of a HOB type among the whole HOB list.
+
+ This function searches the first instance of a HOB type among the whole HOB list.
+ If there does not exist such HOB type in the HOB list, it will return NULL.
+
+ If the pointer to the HOB list is NULL, then ASSERT().
+
+ @param Type The HOB type to return.
+
+ @return The next instance of a HOB type from the starting HOB.
+
+**/
+VOID *
+EFIAPI
+GetFirstHob (
+ IN UINT16 Type
+ )
+{
+ VOID *HobList;
+
+ HobList = GetHobList ();
+ return GetNextHob (Type, HobList);
+}
+
+/**
+ Returns the next instance of the matched GUID HOB from the starting HOB.
+
+ This function searches the first instance of a HOB from the starting HOB pointer.
+ Such HOB should satisfy two conditions:
+ its HOB type is EFI_HOB_TYPE_GUID_EXTENSION, and its GUID Name equals to the input Guid.
+ If such a HOB from the starting HOB pointer does not exist, it will return NULL.
+ Caller is required to apply GET_GUID_HOB_DATA () and GET_GUID_HOB_DATA_SIZE ()
+ to extract the data section and its size information, respectively.
+ In contrast with macro GET_NEXT_HOB(), this function does not skip the starting HOB pointer
+ unconditionally: it returns HobStart back if HobStart itself meets the requirement;
+ caller is required to use GET_NEXT_HOB() if it wishes to skip current HobStart.
+
+ If Guid is NULL, then ASSERT().
+ If HobStart is NULL, then ASSERT().
+
+ @param Guid The GUID to match with in the HOB list.
+ @param HobStart A pointer to a Guid.
+
+ @return The next instance of the matched GUID HOB from the starting HOB.
+
+**/
+VOID *
+EFIAPI
+GetNextGuidHob (
+ IN CONST EFI_GUID *Guid,
+ IN CONST VOID *HobStart
+ )
+{
+ EFI_PEI_HOB_POINTERS GuidHob;
+
+ GuidHob.Raw = (UINT8 *) HobStart;
+ while ((GuidHob.Raw = GetNextHob (EFI_HOB_TYPE_GUID_EXTENSION, GuidHob.Raw)) != NULL) {
+ if (CompareGuid (Guid, &GuidHob.Guid->Name)) {
+ break;
+ }
+ GuidHob.Raw = GET_NEXT_HOB (GuidHob);
+ }
+ return GuidHob.Raw;
+}
+
+/**
+ Returns the first instance of the matched GUID HOB among the whole HOB list.
+
+ This function searches the first instance of a HOB among the whole HOB list.
+ Such HOB should satisfy two conditions:
+ its HOB type is EFI_HOB_TYPE_GUID_EXTENSION and its GUID Name equals to the input Guid.
+ If such a HOB from the starting HOB pointer does not exist, it will return NULL.
+ Caller is required to apply GET_GUID_HOB_DATA () and GET_GUID_HOB_DATA_SIZE ()
+ to extract the data section and its size information, respectively.
+
+ If the pointer to the HOB list is NULL, then ASSERT().
+ If Guid is NULL, then ASSERT().
+
+ @param Guid The GUID to match with in the HOB list.
+
+ @return The first instance of the matched GUID HOB among the whole HOB list.
+
+**/
+VOID *
+EFIAPI
+GetFirstGuidHob (
+ IN CONST EFI_GUID *Guid
+ )
+{
+ VOID *HobList;
+
+ HobList = GetHobList ();
+ return GetNextGuidHob (Guid, HobList);
+}
+
+/**
+ Get the system boot mode from the HOB list.
+
+ This function returns the system boot mode information from the
+ PHIT HOB in HOB list.
+
+ If the pointer to the HOB list is NULL, then ASSERT().
+
+ @param VOID
+
+ @return The Boot Mode.
+
+**/
+EFI_BOOT_MODE
+EFIAPI
+GetBootModeHob (
+ VOID
+ )
+{
+ EFI_HOB_HANDOFF_INFO_TABLE *HandOffHob;
+
+ HandOffHob = (EFI_HOB_HANDOFF_INFO_TABLE *) GetHobList ();
+
+ return HandOffHob->BootMode;
+}
+
+VOID *
+CreateHob (
+ IN UINT16 HobType,
+ IN UINT16 HobLength
+ )
+{
+ EFI_HOB_HANDOFF_INFO_TABLE *HandOffHob;
+ EFI_HOB_GENERIC_HEADER *HobEnd;
+ EFI_PHYSICAL_ADDRESS FreeMemory;
+ VOID *Hob;
+
+ HandOffHob = GetHobList ();
+
+ HobLength = (UINT16)((HobLength + 0x7) & (~0x7));
+
+ FreeMemory = HandOffHob->EfiFreeMemoryTop - HandOffHob->EfiFreeMemoryBottom;
+
+ if (FreeMemory < HobLength) {
+ return NULL;
+ }
+
+ Hob = (VOID*) (UINTN) HandOffHob->EfiEndOfHobList;
+ ((EFI_HOB_GENERIC_HEADER*) Hob)->HobType = HobType;
+ ((EFI_HOB_GENERIC_HEADER*) Hob)->HobLength = HobLength;
+ ((EFI_HOB_GENERIC_HEADER*) Hob)->Reserved = 0;
+
+ HobEnd = (EFI_HOB_GENERIC_HEADER*) ((UINTN)Hob + HobLength);
+ HandOffHob->EfiEndOfHobList = (EFI_PHYSICAL_ADDRESS) (UINTN) HobEnd;
+
+ HobEnd->HobType = EFI_HOB_TYPE_END_OF_HOB_LIST;
+ HobEnd->HobLength = sizeof(EFI_HOB_GENERIC_HEADER);
+ HobEnd->Reserved = 0;
+ HobEnd++;
+ HandOffHob->EfiFreeMemoryBottom = (EFI_PHYSICAL_ADDRESS) (UINTN) HobEnd;
+
+ return Hob;
+}
+
+/**
+ Builds a HOB for a loaded PE32 module.
+
+ This function builds a HOB for a loaded PE32 module.
+ If ModuleName is NULL, then ASSERT().
+ If there is no additional space for HOB creation, then ASSERT().
+
+ @param ModuleName The GUID File Name of the module.
+ @param MemoryAllocationModule The 64 bit physical address of the module.
+ @param ModuleLength The length of the module in bytes.
+ @param EntryPoint The 64 bit physical address of the module entry point.
+
+**/
+VOID
+EFIAPI
+BuildModuleHob (
+ IN CONST EFI_GUID *ModuleName,
+ IN EFI_PHYSICAL_ADDRESS MemoryAllocationModule,
+ IN UINT64 ModuleLength,
+ IN EFI_PHYSICAL_ADDRESS EntryPoint
+ )
+{
+ EFI_HOB_MEMORY_ALLOCATION_MODULE *Hob;
+
+ ASSERT (((MemoryAllocationModule & (EFI_PAGE_SIZE - 1)) == 0) &&
+ ((ModuleLength & (EFI_PAGE_SIZE - 1)) == 0));
+
+ Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION_MODULE));
+
+ CopyGuid (&(Hob->MemoryAllocationHeader.Name), &gEfiHobMemoryAllocModuleGuid);
+ Hob->MemoryAllocationHeader.MemoryBaseAddress = MemoryAllocationModule;
+ Hob->MemoryAllocationHeader.MemoryLength = ModuleLength;
+ Hob->MemoryAllocationHeader.MemoryType = EfiBootServicesCode;
+
+ //
+ // Zero the reserved space to match HOB spec
+ //
+ ZeroMem (Hob->MemoryAllocationHeader.Reserved, sizeof (Hob->MemoryAllocationHeader.Reserved));
+
+ CopyGuid (&Hob->ModuleName, ModuleName);
+ Hob->EntryPoint = EntryPoint;
+}
+
+/**
+ Builds a HOB that describes a chunk of system memory.
+
+ This function builds a HOB that describes a chunk of system memory.
+ If there is no additional space for HOB creation, then ASSERT().
+
+ @param ResourceType The type of resource described by this HOB.
+ @param ResourceAttribute The resource attributes of the memory described by this HOB.
+ @param PhysicalStart The 64 bit physical address of memory described by this HOB.
+ @param NumberOfBytes The length of the memory described by this HOB in bytes.
+
+**/
+VOID
+EFIAPI
+BuildResourceDescriptorHob (
+ IN EFI_RESOURCE_TYPE ResourceType,
+ IN EFI_RESOURCE_ATTRIBUTE_TYPE ResourceAttribute,
+ IN EFI_PHYSICAL_ADDRESS PhysicalStart,
+ IN UINT64 NumberOfBytes
+ )
+{
+ EFI_HOB_RESOURCE_DESCRIPTOR *Hob;
+
+ Hob = CreateHob (EFI_HOB_TYPE_RESOURCE_DESCRIPTOR, sizeof (EFI_HOB_RESOURCE_DESCRIPTOR));
+ ASSERT(Hob != NULL);
+
+ Hob->ResourceType = ResourceType;
+ Hob->ResourceAttribute = ResourceAttribute;
+ Hob->PhysicalStart = PhysicalStart;
+ Hob->ResourceLength = NumberOfBytes;
+}
+
+/**
+ Builds a GUID HOB with a certain data length.
+
+ This function builds a customized HOB tagged with a GUID for identification
+ and returns the start address of GUID HOB data so that caller can fill the customized data.
+ The HOB Header and Name field is already stripped.
+ If Guid is NULL, then ASSERT().
+ If there is no additional space for HOB creation, then ASSERT().
+ If DataLength >= (0x10000 - sizeof (EFI_HOB_GUID_TYPE)), then ASSERT().
+
+ @param Guid The GUID to tag the customized HOB.
+ @param DataLength The size of the data payload for the GUID HOB.
+
+ @return The start address of GUID HOB data.
+
+**/
+VOID *
+EFIAPI
+BuildGuidHob (
+ IN CONST EFI_GUID *Guid,
+ IN UINTN DataLength
+ )
+{
+ EFI_HOB_GUID_TYPE *Hob;
+
+ //
+ // Make sure that data length is not too long.
+ //
+ ASSERT (DataLength <= (0xffff - sizeof (EFI_HOB_GUID_TYPE)));
+
+ Hob = CreateHob (EFI_HOB_TYPE_GUID_EXTENSION, (UINT16) (sizeof (EFI_HOB_GUID_TYPE) + DataLength));
+ CopyGuid (&Hob->Name, Guid);
+ return Hob + 1;
+}
+
+
+/**
+ Copies a data buffer to a newly-built HOB.
+
+ This function builds a customized HOB tagged with a GUID for identification,
+ copies the input data to the HOB data field and returns the start address of the GUID HOB data.
+ The HOB Header and Name field is already stripped.
+ If Guid is NULL, then ASSERT().
+ If Data is NULL and DataLength > 0, then ASSERT().
+ If there is no additional space for HOB creation, then ASSERT().
+ If DataLength >= (0x10000 - sizeof (EFI_HOB_GUID_TYPE)), then ASSERT().
+
+ @param Guid The GUID to tag the customized HOB.
+ @param Data The data to be copied into the data field of the GUID HOB.
+ @param DataLength The size of the data payload for the GUID HOB.
+
+ @return The start address of GUID HOB data.
+
+**/
+VOID *
+EFIAPI
+BuildGuidDataHob (
+ IN CONST EFI_GUID *Guid,
+ IN VOID *Data,
+ IN UINTN DataLength
+ )
+{
+ VOID *HobData;
+
+ ASSERT (Data != NULL || DataLength == 0);
+
+ HobData = BuildGuidHob (Guid, DataLength);
+
+ return CopyMem (HobData, Data, DataLength);
+}
+
+/**
+ Builds a Firmware Volume HOB.
+
+ This function builds a Firmware Volume HOB.
+ If there is no additional space for HOB creation, then ASSERT().
+
+ @param BaseAddress The base address of the Firmware Volume.
+ @param Length The size of the Firmware Volume in bytes.
+
+**/
+VOID
+EFIAPI
+BuildFvHob (
+ IN EFI_PHYSICAL_ADDRESS BaseAddress,
+ IN UINT64 Length
+ )
+{
+ EFI_HOB_FIRMWARE_VOLUME *Hob;
+
+ Hob = CreateHob (EFI_HOB_TYPE_FV, sizeof (EFI_HOB_FIRMWARE_VOLUME));
+
+ Hob->BaseAddress = BaseAddress;
+ Hob->Length = Length;
+}
+
+
+/**
+ Builds a EFI_HOB_TYPE_FV2 HOB.
+
+ This function builds a EFI_HOB_TYPE_FV2 HOB.
+ If there is no additional space for HOB creation, then ASSERT().
+
+ @param BaseAddress The base address of the Firmware Volume.
+ @param Length The size of the Firmware Volume in bytes.
+ @param FvName The name of the Firmware Volume.
+ @param FileName The name of the file.
+
+**/
+VOID
+EFIAPI
+BuildFv2Hob (
+ IN EFI_PHYSICAL_ADDRESS BaseAddress,
+ IN UINT64 Length,
+ IN CONST EFI_GUID *FvName,
+ IN CONST EFI_GUID *FileName
+ )
+{
+ EFI_HOB_FIRMWARE_VOLUME2 *Hob;
+
+ Hob = CreateHob (EFI_HOB_TYPE_FV2, sizeof (EFI_HOB_FIRMWARE_VOLUME2));
+
+ Hob->BaseAddress = BaseAddress;
+ Hob->Length = Length;
+ CopyGuid (&Hob->FvName, FvName);
+ CopyGuid (&Hob->FileName, FileName);
+}
+
+
+/**
+ Builds a HOB for the CPU.
+
+ This function builds a HOB for the CPU.
+ If there is no additional space for HOB creation, then ASSERT().
+
+ @param SizeOfMemorySpace The maximum physical memory addressability of the processor.
+ @param SizeOfIoSpace The maximum physical I/O addressability of the processor.
+
+**/
+VOID
+EFIAPI
+BuildCpuHob (
+ IN UINT8 SizeOfMemorySpace,
+ IN UINT8 SizeOfIoSpace
+ )
+{
+ EFI_HOB_CPU *Hob;
+
+ Hob = CreateHob (EFI_HOB_TYPE_CPU, sizeof (EFI_HOB_CPU));
+
+ Hob->SizeOfMemorySpace = SizeOfMemorySpace;
+ Hob->SizeOfIoSpace = SizeOfIoSpace;
+
+ //
+ // Zero the reserved space to match HOB spec
+ //
+ ZeroMem (Hob->Reserved, sizeof (Hob->Reserved));
+}
+
+/**
+ Builds a HOB for the memory allocation.
+
+ This function builds a HOB for the memory allocation.
+ If there is no additional space for HOB creation, then ASSERT().
+
+ @param BaseAddress The 64 bit physical address of the memory.
+ @param Length The length of the memory allocation in bytes.
+ @param MemoryType Type of memory allocated by this HOB.
+
+**/
+VOID
+EFIAPI
+BuildMemoryAllocationHob (
+ IN EFI_PHYSICAL_ADDRESS BaseAddress,
+ IN UINT64 Length,
+ IN EFI_MEMORY_TYPE MemoryType
+ )
+{
+ EFI_HOB_MEMORY_ALLOCATION *Hob;
+
+ ASSERT (((BaseAddress & (EFI_PAGE_SIZE - 1)) == 0) &&
+ ((Length & (EFI_PAGE_SIZE - 1)) == 0));
+
+ Hob = CreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION));
+
+ ZeroMem (&(Hob->AllocDescriptor.Name), sizeof (EFI_GUID));
+ Hob->AllocDescriptor.MemoryBaseAddress = BaseAddress;
+ Hob->AllocDescriptor.MemoryLength = Length;
+ Hob->AllocDescriptor.MemoryType = MemoryType;
+ //
+ // Zero the reserved space to match HOB spec
+ //
+ ZeroMem (Hob->AllocDescriptor.Reserved, sizeof (Hob->AllocDescriptor.Reserved));
+}
+
+/**
+ Builds a HOB that describes a chunk of system memory with Owner GUID.
+
+ This function builds a HOB that describes a chunk of system memory.
+ If there is no additional space for HOB creation, then ASSERT().
+
+ @param ResourceType The type of resource described by this HOB.
+ @param ResourceAttribute The resource attributes of the memory described by this HOB.
+ @param PhysicalStart The 64 bit physical address of memory described by this HOB.
+ @param NumberOfBytes The length of the memory described by this HOB in bytes.
+ @param OwnerGUID GUID for the owner of this resource.
+
+**/
+VOID
+EFIAPI
+BuildResourceDescriptorWithOwnerHob (
+ IN EFI_RESOURCE_TYPE ResourceType,
+ IN EFI_RESOURCE_ATTRIBUTE_TYPE ResourceAttribute,
+ IN EFI_PHYSICAL_ADDRESS PhysicalStart,
+ IN UINT64 NumberOfBytes,
+ IN EFI_GUID *OwnerGUID
+ )
+{
+ ASSERT (FALSE);
+}
+
+/**
+ Builds a Capsule Volume HOB.
+
+ This function builds a Capsule Volume HOB.
+ If the platform does not support Capsule Volume HOBs, then ASSERT().
+ If there is no additional space for HOB creation, then ASSERT().
+
+ @param BaseAddress The base address of the Capsule Volume.
+ @param Length The size of the Capsule Volume in bytes.
+
+**/
+VOID
+EFIAPI
+BuildCvHob (
+ IN EFI_PHYSICAL_ADDRESS BaseAddress,
+ IN UINT64 Length
+ )
+{
+ ASSERT (FALSE);
+}
+
+
+/**
+ Builds a HOB for the BSP store.
+
+ This function builds a HOB for BSP store.
+ If there is no additional space for HOB creation, then ASSERT().
+
+ @param BaseAddress The 64 bit physical address of the BSP.
+ @param Length The length of the BSP store in bytes.
+ @param MemoryType Type of memory allocated by this HOB.
+
+**/
+VOID
+EFIAPI
+BuildBspStoreHob (
+ IN EFI_PHYSICAL_ADDRESS BaseAddress,
+ IN UINT64 Length,
+ IN EFI_MEMORY_TYPE MemoryType
+ )
+{
+ ASSERT (FALSE);
+}
+
+/**
+ Builds a HOB for the Stack.
+
+ This function builds a HOB for the stack.
+ If there is no additional space for HOB creation, then ASSERT().
+
+ @param BaseAddress The 64 bit physical address of the Stack.
+ @param Length The length of the stack in bytes.
+
+**/
+VOID
+EFIAPI
+BuildStackHob (
+ IN EFI_PHYSICAL_ADDRESS BaseAddress,
+ IN UINT64 Length
+ )
+{
+ ASSERT (FALSE);
+}
diff --git a/StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf b/StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf
new file mode 100644
index 0000000..d73188e
--- /dev/null
+++ b/StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf
@@ -0,0 +1,48 @@
+## @file
+# Instance of HOB Library for Standalone MM Core.
+#
+# HOB Library implementation for the Standalone MM Core. Does not have a constructor.
+# Uses gHobList defined in the Standalone MM Core Entry Point Library.
+#
+# Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php.
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#
+##
+
+[Defines]
+ INF_VERSION = 0x0001001A
+ BASE_NAME = HobLib
+ FILE_GUID = 8262551B-AB2D-4E76-99FC-5EBB83F4988E
+ MODULE_TYPE = MM_STANDALONE
+ VERSION_STRING = 1.0
+ PI_SPECIFICATION_VERSION = 0x00010032
+ LIBRARY_CLASS = HobLib|MM_STANDALONE
+ CONSTRUCTOR = HobLibConstructor
+#
+# VALID_ARCHITECTURES = AARCH64
+#
+[Sources.Common]
+ StandaloneMmHobLib.c
+
+[Sources.AARCH64]
+ AArch64/StandaloneMmCoreHobLibInternal.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+
+
+[LibraryClasses]
+ BaseMemoryLib
+ DebugLib
+ MmServicesTableLib
+
+[Guids]
+ gEfiHobListGuid ## CONSUMES ## SystemTable
diff --git a/StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c b/StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
new file mode 100644
index 0000000..e989f27
--- /dev/null
+++ b/StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
@@ -0,0 +1,824 @@
+/** @file
+ Support routines for memory allocation routines based on Standalone MM Core internal functions.
+
+ Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
+
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiMm.h>
+
+#include <Guid/MmramMemoryReserve.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+
+extern EFI_MM_SYSTEM_TABLE *gMmst;
+
+/**
+ Allocates one or more 4KB pages of a certain memory type.
+
+ Allocates the number of 4KB pages of a certain memory type and returns a pointer to the allocated
+ buffer. The buffer returned is aligned on a 4KB boundary. If Pages is 0, then NULL is returned.
+ If there is not enough memory remaining to satisfy the request, then NULL is returned.
+
+ @param MemoryType The type of memory to allocate.
+ @param Pages The number of 4 KB pages to allocate.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+InternalAllocatePages (
+ IN EFI_MEMORY_TYPE MemoryType,
+ IN UINTN Pages
+ )
+{
+ EFI_STATUS Status;
+ EFI_PHYSICAL_ADDRESS Memory;
+
+ if (Pages == 0) {
+ return NULL;
+ }
+
+ Status = gMmst->MmAllocatePages (AllocateAnyPages, MemoryType, Pages, &Memory);
+ if (EFI_ERROR (Status)) {
+ return NULL;
+ }
+ return (VOID *) (UINTN) Memory;
+}
+
+/**
+ Allocates one or more 4KB pages of type EfiBootServicesData.
+
+ Allocates the number of 4KB pages of type EfiBootServicesData and returns a pointer to the
+ allocated buffer. The buffer returned is aligned on a 4KB boundary. If Pages is 0, then NULL
+ is returned. If there is not enough memory remaining to satisfy the request, then NULL is
+ returned.
+
+ @param Pages The number of 4 KB pages to allocate.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocatePages (
+ IN UINTN Pages
+ )
+{
+ return InternalAllocatePages (EfiRuntimeServicesData, Pages);
+}
+
+/**
+ Allocates one or more 4KB pages of type EfiRuntimeServicesData.
+
+ Allocates the number of 4KB pages of type EfiRuntimeServicesData and returns a pointer to the
+ allocated buffer. The buffer returned is aligned on a 4KB boundary. If Pages is 0, then NULL
+ is returned. If there is not enough memory remaining to satisfy the request, then NULL is
+ returned.
+
+ @param Pages The number of 4 KB pages to allocate.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateRuntimePages (
+ IN UINTN Pages
+ )
+{
+ return InternalAllocatePages (EfiRuntimeServicesData, Pages);
+}
+
+/**
+ Allocates one or more 4KB pages of type EfiReservedMemoryType.
+
+ Allocates the number of 4KB pages of type EfiReservedMemoryType and returns a pointer to the
+ allocated buffer. The buffer returned is aligned on a 4KB boundary. If Pages is 0, then NULL
+ is returned. If there is not enough memory remaining to satisfy the request, then NULL is
+ returned.
+
+ @param Pages The number of 4 KB pages to allocate.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateReservedPages (
+ IN UINTN Pages
+ )
+{
+ return NULL;
+}
+
+/**
+ Frees one or more 4KB pages that were previously allocated with one of the page allocation
+ functions in the Memory Allocation Library.
+
+ Frees the number of 4KB pages specified by Pages from the buffer specified by Buffer. Buffer
+ must have been allocated on a previous call to the page allocation services of the Memory
+ Allocation Library. If it is not possible to free allocated pages, then this function will
+ perform no actions.
+
+ If Buffer was not allocated with a page allocation function in the Memory Allocation Library,
+ then ASSERT().
+ If Pages is zero, then ASSERT().
+
+ @param Buffer Pointer to the buffer of pages to free.
+ @param Pages The number of 4 KB pages to free.
+
+**/
+VOID
+EFIAPI
+FreePages (
+ IN VOID *Buffer,
+ IN UINTN Pages
+ )
+{
+ EFI_STATUS Status;
+
+ ASSERT (Pages != 0);
+ Status = gMmst->MmFreePages ((EFI_PHYSICAL_ADDRESS) (UINTN) Buffer, Pages);
+ ASSERT_EFI_ERROR (Status);
+}
+
+/**
+ Allocates one or more 4KB pages of a certain memory type at a specified alignment.
+
+ Allocates the number of 4KB pages specified by Pages of a certain memory type with an alignment
+ specified by Alignment. The allocated buffer is returned. If Pages is 0, then NULL is returned.
+ If there is not enough memory at the specified alignment remaining to satisfy the request, then
+ NULL is returned.
+ If Alignment is not a power of two and Alignment is not zero, then ASSERT().
+ If Pages plus EFI_SIZE_TO_PAGES (Alignment) overflows, then ASSERT().
+
+ @param MemoryType The type of memory to allocate.
+ @param Pages The number of 4 KB pages to allocate.
+ @param Alignment The requested alignment of the allocation. Must be a power of two.
+ If Alignment is zero, then byte alignment is used.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+InternalAllocateAlignedPages (
+ IN EFI_MEMORY_TYPE MemoryType,
+ IN UINTN Pages,
+ IN UINTN Alignment
+ )
+{
+ EFI_STATUS Status;
+ EFI_PHYSICAL_ADDRESS Memory;
+ UINTN AlignedMemory;
+ UINTN AlignmentMask;
+ UINTN UnalignedPages;
+ UINTN RealPages;
+
+ //
+ // Alignment must be a power of two or zero.
+ //
+ ASSERT ((Alignment & (Alignment - 1)) == 0);
+
+ if (Pages == 0) {
+ return NULL;
+ }
+ if (Alignment > EFI_PAGE_SIZE) {
+ //
+ // Calculate the total number of pages since alignment is larger than page size.
+ //
+ AlignmentMask = Alignment - 1;
+ RealPages = Pages + EFI_SIZE_TO_PAGES (Alignment);
+ //
+ // Make sure that Pages plus EFI_SIZE_TO_PAGES (Alignment) does not overflow.
+ //
+ ASSERT (RealPages > Pages);
+
+ Status = gMmst->MmAllocatePages (AllocateAnyPages, MemoryType, RealPages, &Memory);
+ if (EFI_ERROR (Status)) {
+ return NULL;
+ }
+ AlignedMemory = ((UINTN) Memory + AlignmentMask) & ~AlignmentMask;
+ UnalignedPages = EFI_SIZE_TO_PAGES (AlignedMemory - (UINTN) Memory);
+ if (UnalignedPages > 0) {
+ //
+ // Free first unaligned page(s).
+ //
+ Status = gMmst->MmFreePages (Memory, UnalignedPages);
+ ASSERT_EFI_ERROR (Status);
+ }
+ Memory = (EFI_PHYSICAL_ADDRESS) (AlignedMemory + EFI_PAGES_TO_SIZE (Pages));
+ UnalignedPages = RealPages - Pages - UnalignedPages;
+ if (UnalignedPages > 0) {
+ //
+ // Free last unaligned page(s).
+ //
+ Status = gMmst->MmFreePages (Memory, UnalignedPages);
+ ASSERT_EFI_ERROR (Status);
+ }
+ } else {
+ //
+ // Do not over-allocate pages in this case.
+ //
+ Status = gMmst->MmAllocatePages (AllocateAnyPages, MemoryType, Pages, &Memory);
+ if (EFI_ERROR (Status)) {
+ return NULL;
+ }
+ AlignedMemory = (UINTN) Memory;
+ }
+ return (VOID *) AlignedMemory;
+}
+
+/**
+ Allocates one or more 4KB pages of type EfiBootServicesData at a specified alignment.
+
+ Allocates the number of 4KB pages specified by Pages of type EfiBootServicesData with an
+ alignment specified by Alignment. The allocated buffer is returned. If Pages is 0, then NULL is
+ returned. If there is not enough memory at the specified alignment remaining to satisfy the
+ request, then NULL is returned.
+
+ If Alignment is not a power of two and Alignment is not zero, then ASSERT().
+ If Pages plus EFI_SIZE_TO_PAGES (Alignment) overflows, then ASSERT().
+
+ @param Pages The number of 4 KB pages to allocate.
+ @param Alignment The requested alignment of the allocation. Must be a power of two.
+ If Alignment is zero, then byte alignment is used.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateAlignedPages (
+ IN UINTN Pages,
+ IN UINTN Alignment
+ )
+{
+ return InternalAllocateAlignedPages (EfiRuntimeServicesData, Pages, Alignment);
+}
+
+/**
+ Allocates one or more 4KB pages of type EfiRuntimeServicesData at a specified alignment.
+
+ Allocates the number of 4KB pages specified by Pages of type EfiRuntimeServicesData with an
+ alignment specified by Alignment. The allocated buffer is returned. If Pages is 0, then NULL is
+ returned. If there is not enough memory at the specified alignment remaining to satisfy the
+ request, then NULL is returned.
+
+ If Alignment is not a power of two and Alignment is not zero, then ASSERT().
+ If Pages plus EFI_SIZE_TO_PAGES (Alignment) overflows, then ASSERT().
+
+ @param Pages The number of 4 KB pages to allocate.
+ @param Alignment The requested alignment of the allocation. Must be a power of two.
+ If Alignment is zero, then byte alignment is used.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateAlignedRuntimePages (
+ IN UINTN Pages,
+ IN UINTN Alignment
+ )
+{
+ return InternalAllocateAlignedPages (EfiRuntimeServicesData, Pages, Alignment);
+}
+
+/**
+ Allocates one or more 4KB pages of type EfiReservedMemoryType at a specified alignment.
+
+ Allocates the number of 4KB pages specified by Pages of type EfiReservedMemoryType with an
+ alignment specified by Alignment. The allocated buffer is returned. If Pages is 0, then NULL is
+ returned. If there is not enough memory at the specified alignment remaining to satisfy the
+ request, then NULL is returned.
+
+ If Alignment is not a power of two and Alignment is not zero, then ASSERT().
+ If Pages plus EFI_SIZE_TO_PAGES (Alignment) overflows, then ASSERT().
+
+ @param Pages The number of 4 KB pages to allocate.
+ @param Alignment The requested alignment of the allocation. Must be a power of two.
+ If Alignment is zero, then byte alignment is used.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateAlignedReservedPages (
+ IN UINTN Pages,
+ IN UINTN Alignment
+ )
+{
+ return NULL;
+}
+
+/**
+ Frees one or more 4KB pages that were previously allocated with one of the aligned page
+ allocation functions in the Memory Allocation Library.
+
+ Frees the number of 4KB pages specified by Pages from the buffer specified by Buffer. Buffer
+ must have been allocated on a previous call to the aligned page allocation services of the Memory
+ Allocation Library. If it is not possible to free allocated pages, then this function will
+ perform no actions.
+
+ If Buffer was not allocated with an aligned page allocation function in the Memory Allocation
+ Library, then ASSERT().
+ If Pages is zero, then ASSERT().
+
+ @param Buffer Pointer to the buffer of pages to free.
+ @param Pages The number of 4 KB pages to free.
+
+**/
+VOID
+EFIAPI
+FreeAlignedPages (
+ IN VOID *Buffer,
+ IN UINTN Pages
+ )
+{
+ EFI_STATUS Status;
+
+ ASSERT (Pages != 0);
+ Status = gMmst->MmFreePages ((EFI_PHYSICAL_ADDRESS) (UINTN) Buffer, Pages);
+ ASSERT_EFI_ERROR (Status);
+}
+
+/**
+ Allocates a buffer of a certain pool type.
+
+ Allocates the number bytes specified by AllocationSize of a certain pool type and returns a
+ pointer to the allocated buffer. If AllocationSize is 0, then a valid buffer of 0 size is
+ returned. If there is not enough memory remaining to satisfy the request, then NULL is returned.
+
+ @param MemoryType The type of memory to allocate.
+ @param AllocationSize The number of bytes to allocate.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+InternalAllocatePool (
+ IN EFI_MEMORY_TYPE MemoryType,
+ IN UINTN AllocationSize
+ )
+{
+ EFI_STATUS Status;
+ VOID *Memory;
+
+ Memory = NULL;
+
+ Status = gMmst->MmAllocatePool (MemoryType, AllocationSize, &Memory);
+ if (EFI_ERROR (Status)) {
+ Memory = NULL;
+ }
+ return Memory;
+}
+
+/**
+ Allocates a buffer of type EfiBootServicesData.
+
+ Allocates the number bytes specified by AllocationSize of type EfiBootServicesData and returns a
+ pointer to the allocated buffer. If AllocationSize is 0, then a valid buffer of 0 size is
+ returned. If there is not enough memory remaining to satisfy the request, then NULL is returned.
+
+ @param AllocationSize The number of bytes to allocate.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocatePool (
+ IN UINTN AllocationSize
+ )
+{
+ return InternalAllocatePool (EfiRuntimeServicesData, AllocationSize);
+}
+
+/**
+ Allocates a buffer of type EfiRuntimeServicesData.
+
+ Allocates the number bytes specified by AllocationSize of type EfiRuntimeServicesData and returns
+ a pointer to the allocated buffer. If AllocationSize is 0, then a valid buffer of 0 size is
+ returned. If there is not enough memory remaining to satisfy the request, then NULL is returned.
+
+ @param AllocationSize The number of bytes to allocate.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateRuntimePool (
+ IN UINTN AllocationSize
+ )
+{
+ return InternalAllocatePool (EfiRuntimeServicesData, AllocationSize);
+}
+
+/**
+ Allocates a buffer of type EfiReservedMemoryType.
+
+ Allocates the number bytes specified by AllocationSize of type EfiReservedMemoryType and returns
+ a pointer to the allocated buffer. If AllocationSize is 0, then a valid buffer of 0 size is
+ returned. If there is not enough memory remaining to satisfy the request, then NULL is returned.
+
+ @param AllocationSize The number of bytes to allocate.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateReservedPool (
+ IN UINTN AllocationSize
+ )
+{
+ return NULL;
+}
+
+/**
+ Allocates and zeros a buffer of a certain pool type.
+
+ Allocates the number bytes specified by AllocationSize of a certain pool type, clears the buffer
+ with zeros, and returns a pointer to the allocated buffer. If AllocationSize is 0, then a valid
+ buffer of 0 size is returned. If there is not enough memory remaining to satisfy the request,
+ then NULL is returned.
+
+ @param PoolType The type of memory to allocate.
+ @param AllocationSize The number of bytes to allocate and zero.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+InternalAllocateZeroPool (
+ IN EFI_MEMORY_TYPE PoolType,
+ IN UINTN AllocationSize
+ )
+{
+ VOID *Memory;
+
+ Memory = InternalAllocatePool (PoolType, AllocationSize);
+ if (Memory != NULL) {
+ Memory = ZeroMem (Memory, AllocationSize);
+ }
+ return Memory;
+}
+
+/**
+ Allocates and zeros a buffer of type EfiBootServicesData.
+
+ Allocates the number bytes specified by AllocationSize of type EfiBootServicesData, clears the
+ buffer with zeros, and returns a pointer to the allocated buffer. If AllocationSize is 0, then a
+ valid buffer of 0 size is returned. If there is not enough memory remaining to satisfy the
+ request, then NULL is returned.
+
+ @param AllocationSize The number of bytes to allocate and zero.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateZeroPool (
+ IN UINTN AllocationSize
+ )
+{
+ return InternalAllocateZeroPool (EfiRuntimeServicesData, AllocationSize);
+}
+
+/**
+ Allocates and zeros a buffer of type EfiRuntimeServicesData.
+
+ Allocates the number bytes specified by AllocationSize of type EfiRuntimeServicesData, clears the
+ buffer with zeros, and returns a pointer to the allocated buffer. If AllocationSize is 0, then a
+ valid buffer of 0 size is returned. If there is not enough memory remaining to satisfy the
+ request, then NULL is returned.
+
+ @param AllocationSize The number of bytes to allocate and zero.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateRuntimeZeroPool (
+ IN UINTN AllocationSize
+ )
+{
+ return InternalAllocateZeroPool (EfiRuntimeServicesData, AllocationSize);
+}
+
+/**
+ Allocates and zeros a buffer of type EfiReservedMemoryType.
+
+ Allocates the number bytes specified by AllocationSize of type EfiReservedMemoryType, clears the
+ buffer with zeros, and returns a pointer to the allocated buffer. If AllocationSize is 0, then a
+ valid buffer of 0 size is returned. If there is not enough memory remaining to satisfy the
+ request, then NULL is returned.
+
+ @param AllocationSize The number of bytes to allocate and zero.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateReservedZeroPool (
+ IN UINTN AllocationSize
+ )
+{
+ return NULL;
+}
+
+/**
+ Copies a buffer to an allocated buffer of a certain pool type.
+
+ Allocates the number bytes specified by AllocationSize of a certain pool type, copies
+ AllocationSize bytes from Buffer to the newly allocated buffer, and returns a pointer to the
+ allocated buffer. If AllocationSize is 0, then a valid buffer of 0 size is returned. If there
+ is not enough memory remaining to satisfy the request, then NULL is returned.
+ If Buffer is NULL, then ASSERT().
+ If AllocationSize is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
+
+ @param PoolType The type of pool to allocate.
+ @param AllocationSize The number of bytes to allocate and zero.
+ @param Buffer The buffer to copy to the allocated buffer.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+InternalAllocateCopyPool (
+ IN EFI_MEMORY_TYPE PoolType,
+ IN UINTN AllocationSize,
+ IN CONST VOID *Buffer
+ )
+{
+ VOID *Memory;
+
+ ASSERT (Buffer != NULL);
+ ASSERT (AllocationSize <= (MAX_ADDRESS - (UINTN) Buffer + 1));
+
+ Memory = InternalAllocatePool (PoolType, AllocationSize);
+ if (Memory != NULL) {
+ Memory = CopyMem (Memory, Buffer, AllocationSize);
+ }
+ return Memory;
+}
+
+/**
+ Copies a buffer to an allocated buffer of type EfiBootServicesData.
+
+ Allocates the number bytes specified by AllocationSize of type EfiBootServicesData, copies
+ AllocationSize bytes from Buffer to the newly allocated buffer, and returns a pointer to the
+ allocated buffer. If AllocationSize is 0, then a valid buffer of 0 size is returned. If there
+ is not enough memory remaining to satisfy the request, then NULL is returned.
+
+ If Buffer is NULL, then ASSERT().
+ If AllocationSize is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
+
+ @param AllocationSize The number of bytes to allocate and zero.
+ @param Buffer The buffer to copy to the allocated buffer.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateCopyPool (
+ IN UINTN AllocationSize,
+ IN CONST VOID *Buffer
+ )
+{
+ return InternalAllocateCopyPool (EfiRuntimeServicesData, AllocationSize, Buffer);
+}
+
+/**
+ Copies a buffer to an allocated buffer of type EfiRuntimeServicesData.
+
+ Allocates the number bytes specified by AllocationSize of type EfiRuntimeServicesData, copies
+ AllocationSize bytes from Buffer to the newly allocated buffer, and returns a pointer to the
+ allocated buffer. If AllocationSize is 0, then a valid buffer of 0 size is returned. If there
+ is not enough memory remaining to satisfy the request, then NULL is returned.
+
+ If Buffer is NULL, then ASSERT().
+ If AllocationSize is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
+
+ @param AllocationSize The number of bytes to allocate and zero.
+ @param Buffer The buffer to copy to the allocated buffer.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateRuntimeCopyPool (
+ IN UINTN AllocationSize,
+ IN CONST VOID *Buffer
+ )
+{
+ return InternalAllocateCopyPool (EfiRuntimeServicesData, AllocationSize, Buffer);
+}
+
+/**
+ Copies a buffer to an allocated buffer of type EfiReservedMemoryType.
+
+ Allocates the number bytes specified by AllocationSize of type EfiReservedMemoryType, copies
+ AllocationSize bytes from Buffer to the newly allocated buffer, and returns a pointer to the
+ allocated buffer. If AllocationSize is 0, then a valid buffer of 0 size is returned. If there
+ is not enough memory remaining to satisfy the request, then NULL is returned.
+
+ If Buffer is NULL, then ASSERT().
+ If AllocationSize is greater than (MAX_ADDRESS - Buffer + 1), then ASSERT().
+
+ @param AllocationSize The number of bytes to allocate and zero.
+ @param Buffer The buffer to copy to the allocated buffer.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+AllocateReservedCopyPool (
+ IN UINTN AllocationSize,
+ IN CONST VOID *Buffer
+ )
+{
+ return NULL;
+}
+
+/**
+ Reallocates a buffer of a specified memory type.
+
+ Allocates and zeros the number bytes specified by NewSize from memory of the type
+ specified by PoolType. If OldBuffer is not NULL, then the smaller of OldSize and
+ NewSize bytes are copied from OldBuffer to the newly allocated buffer, and
+ OldBuffer is freed. A pointer to the newly allocated buffer is returned.
+ If NewSize is 0, then a valid buffer of 0 size is returned. If there is not
+ enough memory remaining to satisfy the request, then NULL is returned.
+
+ If the allocation of the new buffer is successful and the smaller of NewSize and OldSize
+ is greater than (MAX_ADDRESS - OldBuffer + 1), then ASSERT().
+
+ @param PoolType The type of pool to allocate.
+ @param OldSize The size, in bytes, of OldBuffer.
+ @param NewSize The size, in bytes, of the buffer to reallocate.
+ @param OldBuffer The buffer to copy to the allocated buffer. This is an optional
+ parameter that may be NULL.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+InternalReallocatePool (
+ IN EFI_MEMORY_TYPE PoolType,
+ IN UINTN OldSize,
+ IN UINTN NewSize,
+ IN VOID *OldBuffer OPTIONAL
+ )
+{
+ VOID *NewBuffer;
+
+ NewBuffer = InternalAllocateZeroPool (PoolType, NewSize);
+ if (NewBuffer != NULL && OldBuffer != NULL) {
+ CopyMem (NewBuffer, OldBuffer, MIN (OldSize, NewSize));
+ FreePool (OldBuffer);
+ }
+ return NewBuffer;
+}
+
+/**
+ Reallocates a buffer of type EfiBootServicesData.
+
+ Allocates and zeros the number bytes specified by NewSize from memory of type
+ EfiBootServicesData. If OldBuffer is not NULL, then the smaller of OldSize and
+ NewSize bytes are copied from OldBuffer to the newly allocated buffer, and
+ OldBuffer is freed. A pointer to the newly allocated buffer is returned.
+ If NewSize is 0, then a valid buffer of 0 size is returned. If there is not
+ enough memory remaining to satisfy the request, then NULL is returned.
+
+ If the allocation of the new buffer is successful and the smaller of NewSize and OldSize
+ is greater than (MAX_ADDRESS - OldBuffer + 1), then ASSERT().
+
+ @param OldSize The size, in bytes, of OldBuffer.
+ @param NewSize The size, in bytes, of the buffer to reallocate.
+ @param OldBuffer The buffer to copy to the allocated buffer. This is an optional
+ parameter that may be NULL.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+ReallocatePool (
+ IN UINTN OldSize,
+ IN UINTN NewSize,
+ IN VOID *OldBuffer OPTIONAL
+ )
+{
+ return InternalReallocatePool (EfiRuntimeServicesData, OldSize, NewSize, OldBuffer);
+}
+
+/**
+ Reallocates a buffer of type EfiRuntimeServicesData.
+
+ Allocates and zeros the number bytes specified by NewSize from memory of type
+ EfiRuntimeServicesData. If OldBuffer is not NULL, then the smaller of OldSize and
+ NewSize bytes are copied from OldBuffer to the newly allocated buffer, and
+ OldBuffer is freed. A pointer to the newly allocated buffer is returned.
+ If NewSize is 0, then a valid buffer of 0 size is returned. If there is not
+ enough memory remaining to satisfy the request, then NULL is returned.
+
+ If the allocation of the new buffer is successful and the smaller of NewSize and OldSize
+ is greater than (MAX_ADDRESS - OldBuffer + 1), then ASSERT().
+
+ @param OldSize The size, in bytes, of OldBuffer.
+ @param NewSize The size, in bytes, of the buffer to reallocate.
+ @param OldBuffer The buffer to copy to the allocated buffer. This is an optional
+ parameter that may be NULL.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+ReallocateRuntimePool (
+ IN UINTN OldSize,
+ IN UINTN NewSize,
+ IN VOID *OldBuffer OPTIONAL
+ )
+{
+ return InternalReallocatePool (EfiRuntimeServicesData, OldSize, NewSize, OldBuffer);
+}
+
+/**
+ Reallocates a buffer of type EfiReservedMemoryType.
+
+ Allocates and zeros the number bytes specified by NewSize from memory of type
+ EfiReservedMemoryType. If OldBuffer is not NULL, then the smaller of OldSize and
+ NewSize bytes are copied from OldBuffer to the newly allocated buffer, and
+ OldBuffer is freed. A pointer to the newly allocated buffer is returned.
+ If NewSize is 0, then a valid buffer of 0 size is returned. If there is not
+ enough memory remaining to satisfy the request, then NULL is returned.
+
+ If the allocation of the new buffer is successful and the smaller of NewSize and OldSize
+ is greater than (MAX_ADDRESS - OldBuffer + 1), then ASSERT().
+
+ @param OldSize The size, in bytes, of OldBuffer.
+ @param NewSize The size, in bytes, of the buffer to reallocate.
+ @param OldBuffer The buffer to copy to the allocated buffer. This is an optional
+ parameter that may be NULL.
+
+ @return A pointer to the allocated buffer or NULL if allocation fails.
+
+**/
+VOID *
+EFIAPI
+ReallocateReservedPool (
+ IN UINTN OldSize,
+ IN UINTN NewSize,
+ IN VOID *OldBuffer OPTIONAL
+ )
+{
+ return NULL;
+}
+
+/**
+ Frees a buffer that was previously allocated with one of the pool allocation functions in the
+ Memory Allocation Library.
+
+ Frees the buffer specified by Buffer. Buffer must have been allocated on a previous call to the
+ pool allocation services of the Memory Allocation Library. If it is not possible to free pool
+ resources, then this function will perform no actions.
+
+ If Buffer was not allocated with a pool allocation function in the Memory Allocation Library,
+ then ASSERT().
+
+ @param Buffer Pointer to the buffer to free.
+
+**/
+VOID
+EFIAPI
+FreePool (
+ IN VOID *Buffer
+ )
+{
+ EFI_STATUS Status;
+
+ Status = gMmst->MmFreePool (Buffer);
+ ASSERT_EFI_ERROR (Status);
+}
+
diff --git a/StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf b/StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
new file mode 100644
index 0000000..0bd7e88
--- /dev/null
+++ b/StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
@@ -0,0 +1,45 @@
+## @file
+# Memory Allocation Library instance dedicated to MM Core.
+# The implementation borrows the MM Core Memory Allocation services as the primitive
+# for memory allocation instead of using MM System Table servces in an indirect way.
+# It is assumed that this library instance must be linked with MM Core in this package.
+#
+# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x0001001A
+ BASE_NAME = MemoryAllocationLib
+ FILE_GUID = 54646378-A9DC-473F-9BE1-BD027C4C76DE
+ MODULE_TYPE = MM_CORE_STANDALONE
+ VERSION_STRING = 1.0
+ PI_SPECIFICATION_VERSION = 0x00010032
+ LIBRARY_CLASS = MemoryAllocationLib|MM_STANDALONE
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64
+#
+
+[Sources]
+ StandaloneMmMemoryAllocationLib.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
+
+[LibraryClasses]
+ BaseMemoryLib
+ DebugLib
+ MmServicesTableLib
+ HobLib
diff --git a/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c b/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
new file mode 100644
index 0000000..2f9e37a
--- /dev/null
+++ b/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
@@ -0,0 +1,40 @@
+/** @file
+ MM Core MM Services Table Library.
+
+ Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
+
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiMm.h>
+#include <Library/DebugLib.h>
+
+extern EFI_MM_SYSTEM_TABLE *gMmst;
+
+/**
+ The constructor function caches the pointer of MM Services Table.
+
+ @param ImageHandle The firmware allocated handle for the EFI image.
+ @param SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.
+
+**/
+EFI_STATUS
+EFIAPI
+StandaloneMmServicesTableLibConstructor (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_MM_SYSTEM_TABLE *MmSystemTable
+ )
+{
+ gMmst = MmSystemTable;
+ return EFI_SUCCESS;
+}
diff --git a/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf b/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
new file mode 100644
index 0000000..3816c6e
--- /dev/null
+++ b/StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
@@ -0,0 +1,36 @@
+## @file
+# MM Core MM Services Table Library.
+#
+# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = StandaloneMmServicesTableLib
+ FILE_GUID = BEE33A2F-F49D-4B71-AF3E-FFCCB9885DEA
+ MODULE_TYPE = MM_STANDALONE
+ VERSION_STRING = 1.0
+ PI_SPECIFICATION_VERSION = 0x00010032
+ LIBRARY_CLASS = MmServicesTableLib|MM_STANDALONE
+ CONSTRUCTOR = StandaloneMmServicesTableLibConstructor
+
+#
+# VALID_ARCHITECTURES = IA32 X64
+#
+
+[Sources]
+ StandaloneMmServicesTableLib.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+
--
1.9.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [RFC PATCH 2/9] ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver
2018-10-31 11:09 [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 1/9] StandaloneMmPkg: Pull in additonal libraries from staging branch Jagadeesh Ujja
@ 2018-10-31 11:09 ` Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 3/9] MdeModulePkg/FaultTolerantWriteDxe: " Jagadeesh Ujja
` (7 subsequent siblings)
9 siblings, 0 replies; 12+ messages in thread
From: Jagadeesh Ujja @ 2018-10-31 11:09 UTC (permalink / raw)
To: edk2-devel
Adapt the NorFlashDxe driver to be used as a MM_STANDALONE driver to
allow access to NOR flash for code executing in MM_STANDALONE mode.
This allows storing of EFI variables on NOR flash which is accessible
only via the MM STANDALONE mode software.
Change-Id: I289f439f6710cf53dfe073e1776dd4f438dff3d4
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
.../Drivers/NorFlashDxe/NorFlashBlockIoDxe.c | 5 +-
ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c | 116 ++++++++++++++++++---
ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h | 15 ++-
.../Drivers/NorFlashDxe/NorFlashFvbDxe.c | 26 +++--
.../Drivers/NorFlashDxe/NorFlashMmStandalone.inf | 76 ++++++++++++++
5 files changed, 214 insertions(+), 24 deletions(-)
create mode 100644 ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashMmStandalone.inf
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashBlockIoDxe.c b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashBlockIoDxe.c
index 279b77c..38363a4 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashBlockIoDxe.c
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashBlockIoDxe.c
@@ -1,6 +1,6 @@
/** @file NorFlashBlockIoDxe.c
- Copyright (c) 2011-2013, ARM Ltd. All rights reserved.<BR>
+ Copyright (c) 2011-2018, ARM Ltd. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -13,8 +13,9 @@
**/
#include <Library/BaseMemoryLib.h>
+#ifndef MM_STANDALONE
#include <Library/UefiBootServicesTableLib.h>
-
+#endif
#include "NorFlashDxe.h"
//
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c
index 46e815b..eb8ae4e 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c
@@ -1,6 +1,6 @@
/** @file NorFlashDxe.c
- Copyright (c) 2011 - 2014, ARM Ltd. All rights reserved.<BR>
+ Copyright (c) 2011 - 2018, ARM Ltd. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -15,12 +15,16 @@
#include <Library/UefiLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
-#include <Library/UefiBootServicesTableLib.h>
#include <Library/PcdLib.h>
-
+#ifndef MM_STANDALONE
+#include <Library/UefiBootServicesTableLib.h>
+#endif
#include "NorFlashDxe.h"
-
+#ifndef MM_STANDALONE
STATIC EFI_EVENT mNorFlashVirtualAddrChangeEvent;
+#else
+EFI_MM_SYSTEM_TABLE *mMmst = NULL;
+#endif
//
// Global variable declarations
@@ -134,7 +138,7 @@ NorFlashCreateInstance (
if (SupportFvb) {
NorFlashFvbInitialize (Instance);
-
+#ifndef MM_STANDALONE
Status = gBS->InstallMultipleProtocolInterfaces (
&Instance->Handle,
&gEfiDevicePathProtocolGuid, &Instance->DevicePath,
@@ -146,7 +150,44 @@ NorFlashCreateInstance (
FreePool (Instance);
return Status;
}
+#else
+ //Install DevicePath Protocol
+ Status = mMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiDevicePathProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->DevicePath
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
+ //Install BlockIo Protocol
+ Status = mMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiBlockIoProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->BlockIoProtocol
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
+
+ //Install FirmwareVolumeBlock Protocol
+ Status = mMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->FvbProtocol
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
+#endif
} else {
+#ifndef MM_STANDALONE
Status = gBS->InstallMultipleProtocolInterfaces (
&Instance->Handle,
&gEfiDevicePathProtocolGuid, &Instance->DevicePath,
@@ -158,6 +199,42 @@ NorFlashCreateInstance (
FreePool (Instance);
return Status;
}
+#else
+ //Install DevicePath Protocol
+ Status = mMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiDevicePathProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->DevicePath
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
+ //Install BlockIo Protocol
+ Status = mMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiBlockIoProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->BlockIoProtocol
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
+
+ //Install DiskIO Protocol
+ Status = mMmst->MmInstallProtocolInterface (
+ &Instance->Handle,
+ &gEfiDiskIoProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &Instance->DiskIoProtocol
+ );
+ if (EFI_ERROR(Status)) {
+ FreePool (Instance);
+ return Status;
+ }
+#endif
}
*NorFlashInstance = Instance;
@@ -336,6 +413,7 @@ NorFlashUnlockAndEraseSingleBlock (
{
EFI_STATUS Status;
UINTN Index;
+#ifndef MM_STANDALONE
EFI_TPL OriginalTPL;
if (!EfiAtRuntime ()) {
@@ -346,7 +424,7 @@ NorFlashUnlockAndEraseSingleBlock (
// use of uninitialized variables
OriginalTPL = TPL_HIGH_LEVEL;
}
-
+#endif
Index = 0;
// The block erase might fail a first time (SW bug ?). Retry it ...
do {
@@ -363,11 +441,12 @@ NorFlashUnlockAndEraseSingleBlock (
DEBUG((EFI_D_ERROR,"EraseSingleBlock(BlockAddress=0x%08x: Block Locked Error (try to erase %d times)\n", BlockAddress,Index));
}
+#ifndef MM_STANDALONE
if (!EfiAtRuntime ()) {
// Interruptions can resume.
gBS->RestoreTPL (OriginalTPL);
}
-
+#endif
return Status;
}
@@ -580,7 +659,9 @@ NorFlashWriteFullBlock (
UINTN BlockAddress;
UINTN BuffersInBlock;
UINTN RemainingWords;
+#ifndef MM_STANDALONE
EFI_TPL OriginalTPL;
+#endif
UINTN Cnt;
Status = EFI_SUCCESS;
@@ -590,7 +671,7 @@ NorFlashWriteFullBlock (
// Start writing from the first address at the start of the block
WordAddress = BlockAddress;
-
+#ifndef MM_STANDALONE
if (!EfiAtRuntime ()) {
// Raise TPL to TPL_HIGH to stop anyone from interrupting us.
OriginalTPL = gBS->RaiseTPL (TPL_HIGH_LEVEL);
@@ -599,7 +680,7 @@ NorFlashWriteFullBlock (
// use of uninitialized variables
OriginalTPL = TPL_HIGH_LEVEL;
}
-
+#endif
Status = NorFlashUnlockAndEraseSingleBlock (Instance, BlockAddress);
if (EFI_ERROR(Status)) {
DEBUG((EFI_D_ERROR, "WriteSingleBlock: ERROR - Failed to Unlock and Erase the single block at 0x%X\n", BlockAddress));
@@ -657,11 +738,12 @@ NorFlashWriteFullBlock (
}
EXIT:
+#ifndef MM_STANDALONE
if (!EfiAtRuntime ()) {
// Interruptions can resume.
gBS->RestoreTPL (OriginalTPL);
}
-
+#endif
if (EFI_ERROR(Status)) {
DEBUG((EFI_D_ERROR, "NOR FLASH Programming [WriteSingleBlock] failed at address 0x%08x. Exit Status = \"%r\".\n", WordAddress, Status));
}
@@ -1243,6 +1325,7 @@ NorFlashVirtualNotifyEvent (
IN VOID *Context
)
{
+#ifndef MM_STANDALONE
UINTN Index;
for (Index = 0; Index < mNorFlashDeviceCount; Index++) {
@@ -1268,7 +1351,7 @@ NorFlashVirtualNotifyEvent (
EfiConvertPointer (0x0, (VOID**)&mNorFlashInstances[Index]->ShadowBuffer);
}
}
-
+#endif
return;
}
@@ -1276,13 +1359,20 @@ EFI_STATUS
EFIAPI
NorFlashInitialise (
IN EFI_HANDLE ImageHandle,
+#ifndef MM_STANDALONE
IN EFI_SYSTEM_TABLE *SystemTable
+#else
+ IN EFI_MM_SYSTEM_TABLE *SystemTable
+#endif
)
{
EFI_STATUS Status;
UINT32 Index;
NOR_FLASH_DESCRIPTION* NorFlashDevices;
BOOLEAN ContainVariableStorage;
+#ifdef MM_STANDALONE
+ mMmst = SystemTable;
+#endif
Status = NorFlashPlatformInitialization ();
if (EFI_ERROR(Status)) {
@@ -1318,7 +1408,7 @@ NorFlashInitialise (
DEBUG((EFI_D_ERROR,"NorFlashInitialise: Fail to create instance for NorFlash[%d]\n",Index));
}
}
-
+#ifndef MM_STANDALONE
//
// Register for the virtual address change event
//
@@ -1331,6 +1421,6 @@ NorFlashInitialise (
&mNorFlashVirtualAddrChangeEvent
);
ASSERT_EFI_ERROR (Status);
-
+#endif
return Status;
}
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h
index 5c07694..2dc19ad 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h
@@ -1,6 +1,6 @@
/** @file NorFlashDxe.h
- Copyright (c) 2011 - 2014, ARM Ltd. All rights reserved.<BR>
+ Copyright (c) 2011 - 2018, ARM Ltd. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -17,8 +17,11 @@
#include <Base.h>
+#ifndef MM_STANDALONE
#include <PiDxe.h>
-
+#else
+#include <PiMm.h>
+#endif
#include <Guid/EventGroup.h>
#include <Protocol/BlockIo.h>
@@ -28,8 +31,16 @@
#include <Library/DebugLib.h>
#include <Library/IoLib.h>
#include <Library/NorFlashPlatformLib.h>
+#ifndef MM_STANDALONE
#include <Library/UefiLib.h>
#include <Library/UefiRuntimeLib.h>
+#else
+#include <Library/StandaloneMmCoreEntryPoint.h>
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/SmmMemLib.h>
+#endif
#define NOR_FLASH_ERASE_RETRY 10
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c
index e62ffbb..dae0e55 100644
--- a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c
@@ -1,6 +1,6 @@
/*++ @file NorFlashFvbDxe.c
- Copyright (c) 2011 - 2014, ARM Ltd. All rights reserved.<BR>
+ Copyright (c) 2011 - 2018, ARM Ltd. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -12,7 +12,11 @@
--*/
+#ifndef MM_STANDALONE
#include <PiDxe.h>
+#else
+#include <PiMm.h>
+#endif
#include <Library/PcdLib.h>
#include <Library/BaseLib.h>
@@ -20,16 +24,21 @@
#include <Library/UefiLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
+#ifndef MM_STANDALONE
#include <Library/DxeServicesTableLib.h>
#include <Library/UefiBootServicesTableLib.h>
-
+#else
+#include <Library/StandaloneMmCoreEntryPoint.h>
+#endif
#include <Guid/VariableFormat.h>
#include <Guid/SystemNvDataGuid.h>
#include <Guid/NvVarStoreFormatted.h>
#include "NorFlashDxe.h"
+#ifndef MM_STANDALONE
STATIC EFI_EVENT mFvbVirtualAddrChangeEvent;
+#endif
STATIC UINTN mFlashNvStorageVariableBase;
///
@@ -702,7 +711,9 @@ FvbVirtualNotifyEvent (
IN VOID *Context
)
{
+#ifndef MM_STANDALONE
EfiConvertPointer (0x0, (VOID**)&mFlashNvStorageVariableBase);
+#endif
return;
}
@@ -715,11 +726,12 @@ NorFlashFvbInitialize (
EFI_STATUS Status;
UINT32 FvbNumLba;
EFI_BOOT_MODE BootMode;
+#ifndef MM_STANDALONE
UINTN RuntimeMmioRegionSize;
-
+#endif
DEBUG((DEBUG_BLKIO,"NorFlashFvbInitialize\n"));
ASSERT((Instance != NULL));
-
+#ifndef MM_STANDALONE
//
// Declare the Non-Volatile storage as EFI_MEMORY_RUNTIME
//
@@ -741,7 +753,7 @@ NorFlashFvbInitialize (
Instance->DeviceBaseAddress, RuntimeMmioRegionSize,
EFI_MEMORY_UC | EFI_MEMORY_RUNTIME);
ASSERT_EFI_ERROR (Status);
-
+#endif
mFlashNvStorageVariableBase = FixedPcdGet32 (PcdFlashNvStorageVariableBase);
// Set the index of the first LBA for the FVB
@@ -776,7 +788,7 @@ NorFlashFvbInitialize (
return Status;
}
}
-
+#ifndef MM_STANDALONE
//
// The driver implementing the variable read service can now be dispatched;
// the varstore headers are in place.
@@ -801,6 +813,6 @@ NorFlashFvbInitialize (
&mFvbVirtualAddrChangeEvent
);
ASSERT_EFI_ERROR (Status);
-
+#endif
return Status;
}
diff --git a/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashMmStandalone.inf b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashMmStandalone.inf
new file mode 100644
index 0000000..abf221c
--- /dev/null
+++ b/ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashMmStandalone.inf
@@ -0,0 +1,76 @@
+#/** @file
+#
+# Component description file for NorFlashDxe module
+#
+# Copyright (c) 2018, ARM Limited. All rights reserved.
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#**/
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = StandaloneMmNorFlash
+ FILE_GUID = 166F677B-DAC9-4AE4-AD34-2FF2504B0637
+ MODULE_TYPE = MM_STANDALONE
+ VERSION_STRING = 1.0
+ PI_SPECIFICATION_VERSION = 0x00010032
+ ENTRY_POINT = NorFlashInitialise
+
+[Sources.common]
+ NorFlashDxe.c
+ NorFlashFvbDxe.c
+ NorFlashBlockIoDxe.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ ArmPlatformPkg/ArmPlatformPkg.dec
+ EmbeddedPkg/EmbeddedPkg.dec
+ ArmPkg/ArmPkg.dec
+ edk2-platforms/Platform/ARM/ARM.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
+
+[LibraryClasses]
+ StandaloneMmDriverEntryPoint
+ BaseMemoryLib
+ ArmSvcLib
+ ArmLib
+ IoLib
+ BaseLib
+ DebugLib
+ HobLib
+ MemoryAllocationLib
+ NorFlashPlatformLib
+
+[Guids]
+ gEfiSystemNvDataFvGuid
+ gEfiVariableGuid
+ gEfiAuthenticatedVariableGuid
+ gEfiEventVirtualAddressChangeGuid
+ gEdkiiNvVarStoreFormattedGuid ## PRODUCES ## PROTOCOL
+
+[Protocols]
+ gEfiBlockIoProtocolGuid
+ gEfiDevicePathProtocolGuid
+ gEfiSmmFirmwareVolumeBlockProtocolGuid
+ gEfiDiskIoProtocolGuid
+
+[Pcd.common]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize
+
+ gArmPlatformTokenSpaceGuid.PcdNorFlashCheckBlockLocked
+
+[Depex]
+ TRUE
--
1.9.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [RFC PATCH 3/9] MdeModulePkg/FaultTolerantWriteDxe: allow reusability as a MM driver
2018-10-31 11:09 [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 1/9] StandaloneMmPkg: Pull in additonal libraries from staging branch Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 2/9] ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver Jagadeesh Ujja
@ 2018-10-31 11:09 ` Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 4/9] MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM Standalone Jagadeesh Ujja
` (6 subsequent siblings)
9 siblings, 0 replies; 12+ messages in thread
From: Jagadeesh Ujja @ 2018-10-31 11:09 UTC (permalink / raw)
To: edk2-devel
Adapt the FaultTolerantWriteDxe driver to be used as a MM_STANDALONE
driver to provide UEFI fault tolerant write protocol functionality
for variable reclaim operation on EFI variables stored on a NOR flash
that is only accessible to code executing in MM Standalone mode.
Change-Id: I132dce2de3c564227db45bd3d1b803702243c1a4
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
.../FaultTolerantWriteMmStandalone.inf | 100 +++++++++++++++++++++
.../FaultTolerantWriteDxe/FaultTolerantWriteSmm.c | 72 +++++++++++++--
.../FaultTolerantWriteDxe/UpdateWorkingBlock.c | 8 +-
3 files changed, 172 insertions(+), 8 deletions(-)
create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteMmStandalone.inf
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteMmStandalone.inf b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteMmStandalone.inf
new file mode 100644
index 0000000..033ba95
--- /dev/null
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteMmStandalone.inf
@@ -0,0 +1,100 @@
+## @file
+# Fault Tolerant Write Smm Driver.
+#
+# This driver installs SMM Fault Tolerant Write (FTW) protocol, which provides fault
+# tolerant write capability in SMM environment for block devices. Its implementation
+# depends on the full functionality SMM FVB protocol that support read, write/erase
+# flash access.
+#
+# Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = FaultTolerantWriteMmStandalone
+ MODULE_UNI_FILE = SmmFaultTolerantWriteDxe.uni
+ FILE_GUID = 470CB248-E8AC-473c-BB4F-81069A1FE6FD
+ MODULE_TYPE = MM_STANDALONE
+ VERSION_STRING = 1.0
+ PI_SPECIFICATION_VERSION = 0x00010032
+ ENTRY_POINT = SmmFaultTolerantWriteInitialize
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+#
+
+[Sources]
+ FtwMisc.c
+ UpdateWorkingBlock.c
+ FaultTolerantWrite.c
+ FaultTolerantWriteSmm.c
+ FaultTolerantWrite.h
+ FaultTolerantWriteSmmCommon.h
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ ArmPkg/ArmPkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
+
+[LibraryClasses]
+ MemoryAllocationLib
+ BaseMemoryLib
+ DebugLib
+ PcdLib
+ ReportStatusCodeLib
+ MemLib
+ StandaloneMmDriverEntryPoint
+
+[Guids]
+ #
+ # Signature in EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER
+ #
+ ## CONSUMES ## GUID
+ ## PRODUCES ## GUID
+ gEdkiiWorkingBlockSignatureGuid
+
+[Protocols]
+ gEfiSmmSwapAddressRangeProtocolGuid | gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable ## SOMETIMES_CONSUMES
+ ## NOTIFY
+ ## CONSUMES
+ gEfiSmmFirmwareVolumeBlockProtocolGuid
+ ## PRODUCES
+ ## UNDEFINED # SmiHandlerRegister
+ gEfiSmmFaultTolerantWriteProtocolGuid
+ gEfiSmmEndOfDxeProtocolGuid ## CONSUMES
+
+[FeaturePcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable ## CONSUMES
+
+[Pcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase ## SOMETIMES_CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64 ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase ## SOMETIMES_CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64 ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize ## CONSUMES
+
+#
+# gBS->CalculateCrc32() is consumed in EntryPoint.
+# PI spec said: When the DXE Foundation is notified that the EFI_RUNTIME_ARCH_PROTOCOL
+# has been installed, then the Boot Service CalculateCrc32() is available.
+# So add gEfiRuntimeArchProtocolGuid Depex here.
+#
+[Depex]
+ TRUE
+ #gEfiSmmFirmwareVolumeBlockProtocolGuid AND gEfiRuntimeArchProtocolGuid
+
+[UserExtensions.TianoCore."ExtraFiles"]
+ SmmFaultTolerantWriteDxeExtra.uni
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
index 27fcab1..dea7143 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
@@ -44,6 +44,7 @@
This driver need to make sure the CommBuffer is not in the SMRAM range.
Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -53,8 +54,13 @@ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
-
+#ifndef MM_STANDALONE
#include <PiSmm.h>
+#include <Protocol/SmmEndOfDxe.h>
+#else
+#include <PiMm.h>
+#include <Library/StandaloneMmMemLib.h>
+#endif
#include <Library/SmmServicesTableLib.h>
#include <Library/SmmMemLib.h>
#include <Library/BaseLib.h>
@@ -66,6 +72,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
EFI_EVENT mFvbRegistration = NULL;
EFI_FTW_DEVICE *mFtwDevice = NULL;
+#ifdef MM_STANDALONE
+EFI_MM_SYSTEM_TABLE *mMmst = NULL;
+#endif
///
/// The flag to indicate whether the platform has left the DXE phase of execution.
///
@@ -92,7 +101,11 @@ FtwGetFvbByHandle (
//
// To get the SMM FVB protocol interface on the handle
//
+#ifndef MM_STANDALONE
return gSmst->SmmHandleProtocol (
+#else
+ return mMmst->MmHandleProtocol (
+#endif
FvBlockHandle,
&gEfiSmmFirmwareVolumeBlockProtocolGuid,
(VOID **) FvBlock
@@ -119,7 +132,11 @@ FtwGetSarProtocol (
//
// Locate Smm Swap Address Range protocol
//
+#ifndef MM_STANDALONE
Status = gSmst->SmmLocateProtocol (
+#else
+ Status = mMmst->MmLocateProtocol (
+#endif
&gEfiSmmSwapAddressRangeProtocolGuid,
NULL,
SarProtocol
@@ -158,7 +175,11 @@ GetFvbCountAndBuffer (
BufferSize = 0;
*NumberHandles = 0;
*Buffer = NULL;
+#ifndef MM_STANDALONE
Status = gSmst->SmmLocateHandle (
+#else
+ Status = mMmst->MmLocateHandle (
+#endif
ByProtocol,
&gEfiSmmFirmwareVolumeBlockProtocolGuid,
NULL,
@@ -173,15 +194,17 @@ GetFvbCountAndBuffer (
if (*Buffer == NULL) {
return EFI_OUT_OF_RESOURCES;
}
-
+#ifndef MM_STANDALONE
Status = gSmst->SmmLocateHandle (
+#else
+ Status = mMmst->MmLocateHandle (
+#endif
ByProtocol,
&gEfiSmmFirmwareVolumeBlockProtocolGuid,
NULL,
&BufferSize,
*Buffer
);
-
*NumberHandles = BufferSize / sizeof(EFI_HANDLE);
if (EFI_ERROR(Status)) {
*NumberHandles = 0;
@@ -335,8 +358,11 @@ SmmFaultTolerantWriteHandler (
return EFI_SUCCESS;
}
CommBufferPayloadSize = TempCommBufferSize - SMM_FTW_COMMUNICATE_HEADER_SIZE;
-
+#ifndef MM_STANDALONE
if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+#else
+ if (!MmIsBufferOutsideMmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+#endif
DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in SMRAM or overflow!\n"));
return EFI_SUCCESS;
}
@@ -418,12 +444,14 @@ SmmFaultTolerantWriteHandler (
&SmmFvbHandle
);
if (!EFI_ERROR (Status)) {
+#ifndef MM_STANDALONE
//
// The AsmLfence() call here is to ensure the previous range/content
// checks for the CommBuffer have been completed before calling into
// FtwWrite().
//
AsmLfence ();
+#endif
Status = FtwWrite(
&mFtwDevice->FtwInstance,
SmmFtwWriteHeader->Lba,
@@ -525,6 +553,7 @@ FvbNotificationEvent (
EFI_STATUS Status;
EFI_SMM_FAULT_TOLERANT_WRITE_PROTOCOL *FtwProtocol;
EFI_HANDLE SmmFtwHandle;
+#ifndef MM_STANDALONE
EFI_HANDLE FtwHandle;
//
@@ -536,6 +565,13 @@ FvbNotificationEvent (
NULL,
(VOID **) &FtwProtocol
);
+#else
+ Status = mMmst->MmLocateProtocol (
+ &gEfiSmmFaultTolerantWriteProtocolGuid,
+ NULL,
+ (VOID **) &FtwProtocol
+ );
+#endif
if (!EFI_ERROR (Status)) {
return EFI_SUCCESS;
}
@@ -551,7 +587,11 @@ FvbNotificationEvent (
//
// Install protocol interface
//
+#ifndef MM_STANDALONE
Status = gSmst->SmmInstallProtocolInterface (
+#else
+ Status = mMmst->MmInstallProtocolInterface (
+#endif
&mFtwDevice->Handle,
&gEfiSmmFaultTolerantWriteProtocolGuid,
EFI_NATIVE_INTERFACE,
@@ -562,6 +602,7 @@ FvbNotificationEvent (
///
/// Register SMM FTW SMI handler
///
+#ifndef MM_STANDALONE
Status = gSmst->SmiHandlerRegister (SmmFaultTolerantWriteHandler, &gEfiSmmFaultTolerantWriteProtocolGuid, &SmmFtwHandle);
ASSERT_EFI_ERROR (Status);
@@ -576,6 +617,10 @@ FvbNotificationEvent (
NULL
);
ASSERT_EFI_ERROR (Status);
+#else
+ Status = mMmst->MmiHandlerRegister (SmmFaultTolerantWriteHandler, &gEfiSmmFaultTolerantWriteProtocolGuid, &SmmFtwHandle);
+ ASSERT_EFI_ERROR (Status);
+#endif
return EFI_SUCCESS;
}
@@ -617,12 +662,21 @@ EFI_STATUS
EFIAPI
SmmFaultTolerantWriteInitialize (
IN EFI_HANDLE ImageHandle,
+#ifndef MM_STANDALONE
IN EFI_SYSTEM_TABLE *SystemTable
+#else
+ IN EFI_MM_SYSTEM_TABLE *SystemTable
+#endif
)
{
EFI_STATUS Status;
+#ifndef MM_STANDALONE
VOID *SmmEndOfDxeRegistration;
+#endif
+#ifdef MM_STANDALONE
+ mMmst = SystemTable;
+#endif
//
// Allocate private data structure for SMM FTW protocol and do some initialization
//
@@ -630,7 +684,7 @@ SmmFaultTolerantWriteInitialize (
if (EFI_ERROR(Status)) {
return Status;
}
-
+#ifndef MM_STANDALONE
//
// Register EFI_SMM_END_OF_DXE_PROTOCOL_GUID notify function.
//
@@ -650,6 +704,14 @@ SmmFaultTolerantWriteInitialize (
&mFvbRegistration
);
ASSERT_EFI_ERROR (Status);
+#else
+ Status = mMmst->MmRegisterProtocolNotify (
+ &gEfiSmmFirmwareVolumeBlockProtocolGuid,
+ FvbNotificationEvent,
+ &mFvbRegistration
+ );
+ ASSERT_EFI_ERROR (Status);
+#endif
FvbNotificationEvent (NULL, NULL, NULL);
diff --git a/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c b/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
index 50d3421..b005d3a 100644
--- a/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
+++ b/MdeModulePkg/Universal/FaultTolerantWriteDxe/UpdateWorkingBlock.c
@@ -3,6 +3,7 @@
Internal functions to operate Working Block Space.
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -29,8 +30,9 @@ InitializeLocalWorkSpaceHeader (
VOID
)
{
+#ifndef MM_STANDALONE
EFI_STATUS Status;
-
+#endif
//
// Check signature with gEdkiiWorkingBlockSignatureGuid.
//
@@ -56,7 +58,7 @@ InitializeLocalWorkSpaceHeader (
sizeof (EFI_GUID)
);
mWorkingBlockHeader.WriteQueueSize = PcdGet32 (PcdFlashNvStorageFtwWorkingSize) - sizeof (EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER);
-
+#ifndef MM_STANDALONE
//
// Crc is calculated with all the fields except Crc and STATE, so leave them as FTW_ERASED_BYTE.
//
@@ -70,7 +72,7 @@ InitializeLocalWorkSpaceHeader (
&mWorkingBlockHeader.Crc
);
ASSERT_EFI_ERROR (Status);
-
+#endif
mWorkingBlockHeader.WorkingBlockValid = FTW_VALID_STATE;
mWorkingBlockHeader.WorkingBlockInvalid = FTW_INVALID_STATE;
}
--
1.9.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [RFC PATCH 4/9] MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM Standalone
2018-10-31 11:09 [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (2 preceding siblings ...)
2018-10-31 11:09 ` [RFC PATCH 3/9] MdeModulePkg/FaultTolerantWriteDxe: " Jagadeesh Ujja
@ 2018-10-31 11:09 ` Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 5/9] MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver Jagadeesh Ujja
` (5 subsequent siblings)
9 siblings, 0 replies; 12+ messages in thread
From: Jagadeesh Ujja @ 2018-10-31 11:09 UTC (permalink / raw)
To: edk2-devel
Adapt the VariableSmmRuntimeDxe driver to communicate with a VariableSmm
driver that is implemented as a MM Standalone driver.
Change-Id: I3975d021ac848f13206bc2c577a4f5fb0e29b941
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
.../Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 85d655d..63b9157 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -14,6 +14,8 @@
InitCommunicateBuffer() is really function to check the variable data size.
Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
+
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -51,7 +53,13 @@ EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable = NULL;
EFI_EVENT mVirtualAddressChangeEvent = NULL;
EFI_SMM_COMMUNICATION_PROTOCOL *mSmmCommunication = NULL;
UINT8 *mVariableBuffer = NULL;
+#ifndef MM_RUNTIME
+
+ //
+ // mVariableBufferPhysical is not required as post UEFI boot the address will be of virtual address
+ //
UINT8 *mVariableBufferPhysical = NULL;
+#endif
UINTN mVariableBufferSize;
UINTN mVariableBufferPayloadSize;
EFI_LOCK mVariableServicesLock;
@@ -179,7 +187,11 @@ SendCommunicateBuffer (
SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader;
CommSize = DataSize + SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;
+#ifdef MM_RUNTIME
+ Status = mSmmCommunication->Communicate (mSmmCommunication, mVariableBuffer, &CommSize);
+#else
Status = mSmmCommunication->Communicate (mSmmCommunication, mVariableBufferPhysical, &CommSize);
+#endif
ASSERT_EFI_ERROR (Status);
SmmCommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *) mVariableBuffer;
@@ -991,10 +1003,12 @@ SmmVariableReady (
{
EFI_STATUS Status;
+#ifndef MM_RUNTIME
Status = gBS->LocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID **)&mSmmVariable);
if (EFI_ERROR (Status)) {
return;
}
+#endif
Status = gBS->LocateProtocol (&gEfiSmmCommunicationProtocolGuid, NULL, (VOID **) &mSmmCommunication);
ASSERT_EFI_ERROR (Status);
@@ -1007,12 +1021,12 @@ SmmVariableReady (
mVariableBufferSize = SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + mVariableBufferPayloadSize;
mVariableBuffer = AllocateRuntimePool (mVariableBufferSize);
ASSERT (mVariableBuffer != NULL);
-
+#ifndef MM_RUNTIME
//
// Save the buffer physical address used for SMM conmunication.
//
mVariableBufferPhysical = mVariableBuffer;
-
+#endif
gRT->GetVariable = RuntimeServiceGetVariable;
gRT->GetNextVariableName = RuntimeServiceGetNextVariableName;
gRT->SetVariable = RuntimeServiceSetVariable;
@@ -1068,6 +1082,7 @@ SmmVariableWriteReady (
)
{
EFI_STATUS Status;
+#ifndef MM_RUNTIME
VOID *ProtocolOps;
//
@@ -1077,6 +1092,7 @@ SmmVariableWriteReady (
if (EFI_ERROR (Status)) {
return;
}
+#endif
//
// Some Secure Boot Policy Var (SecureBoot, etc) updates following other
--
1.9.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [RFC PATCH 5/9] MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver
2018-10-31 11:09 [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (3 preceding siblings ...)
2018-10-31 11:09 ` [RFC PATCH 4/9] MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM Standalone Jagadeesh Ujja
@ 2018-10-31 11:09 ` Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 6/9] CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode Jagadeesh Ujja
` (4 subsequent siblings)
9 siblings, 0 replies; 12+ messages in thread
From: Jagadeesh Ujja @ 2018-10-31 11:09 UTC (permalink / raw)
To: edk2-devel
Adapt the variable runtime dxe driver to be used as a MM_STANDALONE
driver to provide variable storage service in MM Standalone mode.
Change-Id: Ieadd1e575d7c430b2a3223f049d41d88dfbaecb2
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
.../Universal/Variable/RuntimeDxe/Variable.c | 16 ++-
.../Universal/Variable/RuntimeDxe/Variable.h | 8 ++
.../Variable/RuntimeDxe/VariableMmStandalone.inf | 134 +++++++++++++++++++++
.../Universal/Variable/RuntimeDxe/VariableSmm.c | 73 ++++++++++-
4 files changed, 224 insertions(+), 7 deletions(-)
create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableMmStandalone.inf
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 8e8db71..71f706b 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -18,6 +18,7 @@
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2015-2018 Hewlett Packard Enterprise Development LP<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -3200,12 +3201,16 @@ VariableServiceSetVariable (
((EFI_VARIABLE_AUTHENTICATION_2 *) Data)->AuthInfo.Hdr.dwLength < OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) {
return EFI_SECURITY_VIOLATION;
}
+
+#ifndef MM_STANDALONE
//
// The MemoryLoadFence() call here is to ensure the above sanity check
// for the EFI_VARIABLE_AUTHENTICATION_2 descriptor has been completed
// before the execution of subsequent codes.
//
MemoryLoadFence ();
+#endif
+
PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
} else {
PayloadSize = DataSize;
@@ -3247,6 +3252,7 @@ VariableServiceSetVariable (
}
}
+#ifndef MM_STANDALONE
//
// Special Handling for MOR Lock variable.
//
@@ -3261,6 +3267,7 @@ VariableServiceSetVariable (
if (EFI_ERROR (Status)) {
return Status;
}
+#endif
Status = VarCheckLibSetVariableCheck (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize), mRequestSource);
if (EFI_ERROR (Status)) {
@@ -3744,8 +3751,11 @@ InitNonVolatileVariableStore (
if (NvStorageData == NULL) {
return EFI_OUT_OF_RESOURCES;
}
-
+#ifndef MM_STANDALONE
NvStorageBase = (EFI_PHYSICAL_ADDRESS) PcdGet64 (PcdFlashNvStorageVariableBase64);
+#else
+ NvStorageBase = (EFI_PHYSICAL_ADDRESS) PcdGet32 (PcdFlashNvStorageVariableBase);
+#endif
if (NvStorageBase == 0) {
NvStorageBase = (EFI_PHYSICAL_ADDRESS) PcdGet32 (PcdFlashNvStorageVariableBase);
}
@@ -4067,14 +4077,14 @@ VariableWriteServiceInitialize (
ASSERT_EFI_ERROR (Status);
}
}
-
+#ifndef MM_STANDALONE
ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
//
// Initialize MOR Lock variable.
//
MorLockInit ();
-
+#endif
return Status;
}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
index 938eb5d..fa5fd5d 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
@@ -3,6 +3,7 @@
internal structure and functions used by Variable modules.
Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -16,7 +17,12 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#ifndef _VARIABLE_H_
#define _VARIABLE_H_
+#ifndef MM_STANDALONE
#include <PiDxe.h>
+#else
+#include <PiMm.h>
+#include <Library/StandaloneMmCoreEntryPoint.h>
+#endif
#include <Protocol/VariableWrite.h>
#include <Protocol/FaultTolerantWrite.h>
#include <Protocol/FirmwareVolumeBlock.h>
@@ -25,8 +31,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Protocol/VarCheck.h>
#include <Library/PcdLib.h>
#include <Library/HobLib.h>
+#ifndef MM_STANDALONE
#include <Library/UefiDriverEntryPoint.h>
#include <Library/DxeServicesTableLib.h>
+#endif
#include <Library/UefiRuntimeLib.h>
#include <Library/DebugLib.h>
#include <Library/BaseMemoryLib.h>
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableMmStandalone.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableMmStandalone.inf
new file mode 100644
index 0000000..871a6e8
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableMmStandalone.inf
@@ -0,0 +1,134 @@
+## @file
+# Provides MM variable service.
+#
+# The whole MM authentication variable design relies on the integrity of flash part and MM.
+# which is assumed to be protected by platform. All variable code and metadata in flash/MM Memory
+# may not be modified without authorization. If platform fails to protect these resources,
+# the authentication service provided in this driver will be broken, and the behavior is undefined.
+#
+# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = VariableSmm
+ MODULE_UNI_FILE = VariableSmm.uni
+ FILE_GUID = 23A089B3-EED5-4ac5-B2AB-43E3298C2343
+ MODULE_TYPE = MM_STANDALONE
+ VERSION_STRING = 1.0
+ PI_SPECIFICATION_VERSION = 0x00010032
+ ENTRY_POINT = VariableServiceInitialize
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+#
+
+
+[Sources]
+ Reclaim.c
+ Variable.c
+ VariableSmm.c
+ VarCheck.c
+ Variable.h
+ PrivilegePolymorphic.h
+ VariableExLib.c
+ TcgMorLockSmm.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
+ ArmPkg/ArmPkg.dec
+ edk2-platforms/Platform/ARM/ARM.dec
+
+[LibraryClasses]
+ StandaloneMmDriverEntryPoint
+ ArmSvcLib
+ ArmLib
+ MemoryAllocationLib
+ BaseLib
+ SynchronizationLib
+ BaseMemoryLib
+ DebugLib
+ HobLib
+ PcdLib
+ AuthVariableLib
+ VarCheckLib
+ MemLib
+
+[Protocols]
+ gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES
+ ## CONSUMES
+ ## NOTIFY
+ gEfiSmmFaultTolerantWriteProtocolGuid
+ ## PRODUCES
+ ## UNDEFINED # SmiHandlerRegister
+ gEfiSmmVariableProtocolGuid
+ ##gEfiSmmEndOfDxeProtocolGuid ## NOTIFY
+ gEdkiiSmmVarCheckProtocolGuid ## PRODUCES
+ gEfiTcgProtocolGuid ## SOMETIMES_CONSUMES
+ gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES
+
+[Guids]
+ ## SOMETIMES_CONSUMES ## GUID # Signature of Variable store header
+ ## SOMETIMES_PRODUCES ## GUID # Signature of Variable store header
+ ## SOMETIMES_CONSUMES ## HOB
+ ## SOMETIMES_PRODUCES ## SystemTable
+ gEfiAuthenticatedVariableGuid
+
+ ## SOMETIMES_CONSUMES ## GUID # Signature of Variable store header
+ ## SOMETIMES_PRODUCES ## GUID # Signature of Variable store header
+ ## SOMETIMES_CONSUMES ## HOB
+ ## SOMETIMES_PRODUCES ## SystemTable
+ gEfiVariableGuid
+
+ ## SOMETIMES_CONSUMES ## Variable:L"PlatformLang"
+ ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang"
+ ## SOMETIMES_CONSUMES ## Variable:L"Lang"
+ ## SOMETIMES_PRODUCES ## Variable:L"Lang"
+ gEfiGlobalVariableGuid
+
+ gEfiMemoryOverwriteControlDataGuid ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"
+ gEfiMemoryOverwriteRequestControlLockGuid ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControlLock"
+
+ gSmmVariableWriteGuid ## PRODUCES ## GUID # Install protocol
+ gEfiSystemNvDataFvGuid ## CONSUMES ## GUID
+ gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB
+
+ ## SOMETIMES_CONSUMES ## Variable:L"VarErrorFlag"
+ ## SOMETIMES_PRODUCES ## Variable:L"VarErrorFlag"
+ gEdkiiVarErrorFlagGuid
+
+[Pcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxUserNvVariableSpaceSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdBoottimeReservedNvVariableSpaceSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdReclaimVariableSpaceAtEndOfDxe ## CONSUMES
+
+[FeaturePcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.
+ gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang
+
+[Depex]
+ TRUE
+
+[UserExtensions.TianoCore."ExtraFiles"]
+ VariableSmmExtra.uni
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
index 6dc19c2..2811264 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@@ -15,6 +15,7 @@
SmmVariableGetStatistics() should also do validation based on its own knowledge.
Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -37,6 +38,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Guid/SmmVariableCommon.h>
#include "Variable.h"
+#ifdef MM_STANDALONE
+#include <Library/StandaloneMmMemLib.h>
+#include <Library/ArmSvcLib.h>
+#include <Library/ArmLib.h>
+#include <Library/StandaloneMmCoreEntryPoint.h>
+#endif
+
extern VARIABLE_INFO_ENTRY *gVariableInfo;
EFI_HANDLE mSmmVariableHandle = NULL;
EFI_HANDLE mVariableHandle = NULL;
@@ -46,6 +54,10 @@ UINTN mVariableBufferPayloadSize;
extern BOOLEAN mEndOfDxe;
extern VAR_CHECK_REQUEST_SOURCE mRequestSource;
+#ifdef MM_STANDALONE
+EFI_MM_SYSTEM_TABLE *mMmst = NULL;
+#endif
+
/**
SecureBoot Hook for SetVariable.
@@ -218,7 +230,11 @@ GetFtwProtocol (
//
// Locate Smm Fault Tolerent Write protocol
//
+#ifdef MM_STANDALONE
+ Status = mMmst->MmLocateProtocol (
+#else
Status = gSmst->SmmLocateProtocol (
+#endif
&gEfiSmmFaultTolerantWriteProtocolGuid,
NULL,
FtwProtocol
@@ -248,7 +264,11 @@ GetFvbByHandle (
//
// To get the SMM FVB protocol interface on the handle
//
+#ifdef MM_STANDALONE
+ return mMmst->MmHandleProtocol (
+#else
return gSmst->SmmHandleProtocol (
+#endif
FvBlockHandle,
&gEfiSmmFirmwareVolumeBlockProtocolGuid,
(VOID **) FvBlock
@@ -287,7 +307,11 @@ GetFvbCountAndBuffer (
BufferSize = 0;
*NumberHandles = 0;
*Buffer = NULL;
+#ifdef MM_STANDALONE
+ Status = mMmst->MmLocateHandle (
+#else
Status = gSmst->SmmLocateHandle (
+#endif
ByProtocol,
&gEfiSmmFirmwareVolumeBlockProtocolGuid,
NULL,
@@ -302,8 +326,11 @@ GetFvbCountAndBuffer (
if (*Buffer == NULL) {
return EFI_OUT_OF_RESOURCES;
}
-
+#ifdef MM_STANDALONE
+ Status = mMmst->MmLocateHandle (
+#else
Status = gSmst->SmmLocateHandle (
+#endif
ByProtocol,
&gEfiSmmFirmwareVolumeBlockProtocolGuid,
NULL,
@@ -499,8 +526,11 @@ SmmVariableHandler (
DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer payload size invalid!\n"));
return EFI_SUCCESS;
}
-
+#ifdef MM_STANDALONE
+ if (!MmIsBufferOutsideMmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+#else
if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+#endif
DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
return EFI_SUCCESS;
}
@@ -537,12 +567,14 @@ SmmVariableHandler (
goto EXIT;
}
+#ifndef MM_STANDALONE
//
// The MemoryLoadFence() call here is to ensure the previous range/content
// checks for the CommBuffer have been completed before the subsequent
// consumption of the CommBuffer content.
//
MemoryLoadFence ();
+#endif
if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {
//
// Make sure VariableName is A Null-terminated string.
@@ -637,12 +669,14 @@ SmmVariableHandler (
goto EXIT;
}
+#ifndef MM_STANDALONE
//
// The MemoryLoadFence() call here is to ensure the previous range/content
// checks for the CommBuffer have been completed before the subsequent
// consumption of the CommBuffer content.
//
MemoryLoadFence ();
+#endif
if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {
//
// Make sure VariableName is A Null-terminated string.
@@ -691,6 +725,7 @@ SmmVariableHandler (
break;
}
if (!mEndOfDxe) {
+#ifndef MM_STANDALONE
MorLockInitAtEndOfDxe ();
mEndOfDxe = TRUE;
VarCheckLibInitializeAtEndOfDxe (NULL);
@@ -698,6 +733,9 @@ SmmVariableHandler (
// The initialization for variable quota.
//
InitializeVariableQuota ();
+#else
+ mEndOfDxe = TRUE;
+#endif
}
ReclaimForOS ();
Status = EFI_SUCCESS;
@@ -778,12 +816,14 @@ SmmVariableHandler (
goto EXIT;
}
+#ifndef MM_STANDALONE
//
// The MemoryLoadFence() call here is to ensure the previous range/content
// checks for the CommBuffer have been completed before the subsequent
// consumption of the CommBuffer content.
//
MemoryLoadFence ();
+#endif
if (CommVariableProperty->NameSize < sizeof (CHAR16) || CommVariableProperty->Name[CommVariableProperty->NameSize/sizeof (CHAR16) - 1] != L'\0') {
//
// Make sure VariableName is A Null-terminated string.
@@ -911,7 +951,11 @@ SmmFtwNotificationEvent (
//
// Notify the variable wrapper driver the variable write service is ready
//
+#ifdef MM_STANDALONE
+ Status = mMmst->MmInstallProtocolInterface (
+#else
Status = gBS->InstallProtocolInterface (
+#endif
&mSmmVariableHandle,
&gSmmVariableWriteGuid,
EFI_NATIVE_INTERFACE,
@@ -939,20 +983,28 @@ EFI_STATUS
EFIAPI
VariableServiceInitialize (
IN EFI_HANDLE ImageHandle,
+#ifdef MM_STANDALONE
+ IN EFI_MM_SYSTEM_TABLE *SystemTable
+#else
IN EFI_SYSTEM_TABLE *SystemTable
+#endif
)
{
EFI_STATUS Status;
EFI_HANDLE VariableHandle;
VOID *SmmFtwRegistration;
+#ifndef MM_STANDALONE
VOID *SmmEndOfDxeRegistration;
+#else
+ mMmst = SystemTable;
+#endif
//
// Variable initialize.
//
Status = VariableCommonInitialize ();
ASSERT_EFI_ERROR (Status);
-
+#ifndef MM_STANDALONE
//
// Install the Smm Variable Protocol on a new handle.
//
@@ -972,11 +1024,16 @@ VariableServiceInitialize (
&mSmmVarCheck
);
ASSERT_EFI_ERROR (Status);
+#endif
mVariableBufferPayloadSize = GetMaxVariableSize () +
OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) - GetVariableHeaderSize ();
+#ifdef MM_STANDALONE
+ Status = mMmst->MmAllocatePool (
+#else
Status = gSmst->SmmAllocatePool (
+#endif
EfiRuntimeServicesData,
mVariableBufferPayloadSize,
(VOID **)&mVariableBufferPayload
@@ -987,6 +1044,10 @@ VariableServiceInitialize (
/// Register SMM variable SMI handler
///
VariableHandle = NULL;
+#ifdef MM_STANDALONE
+ Status = mMmst->MmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle);
+ ASSERT_EFI_ERROR (Status);
+#else
Status = gSmst->SmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle);
ASSERT_EFI_ERROR (Status);
@@ -1010,11 +1071,15 @@ VariableServiceInitialize (
&SmmEndOfDxeRegistration
);
ASSERT_EFI_ERROR (Status);
-
+#endif
//
// Register FtwNotificationEvent () notify function.
//
+#ifdef MM_STANDALONE
+ Status = mMmst->MmRegisterProtocolNotify (
+#else
Status = gSmst->SmmRegisterProtocolNotify (
+#endif
&gEfiSmmFaultTolerantWriteProtocolGuid,
SmmFtwNotificationEvent,
&SmmFtwRegistration
--
1.9.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [RFC PATCH 6/9] CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode
2018-10-31 11:09 [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (4 preceding siblings ...)
2018-10-31 11:09 ` [RFC PATCH 5/9] MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver Jagadeesh Ujja
@ 2018-10-31 11:09 ` Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 7/9] SecurityPkg/AuthVariableLib:allow reusability as MM_STANDALONE Jagadeesh Ujja
` (3 subsequent siblings)
9 siblings, 0 replies; 12+ messages in thread
From: Jagadeesh Ujja @ 2018-10-31 11:09 UTC (permalink / raw)
To: edk2-devel
This is hack to get the time when executing in MM Standalone mode. It is
not clear how to implement a function that gets the current time. So
using this as a hack for now.
Change-Id: I6f0ad72d2c965e8f1e7e4871039b3399cf9c3c6a
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
index 5f9b0c2..72208c0 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c
@@ -3,6 +3,7 @@
for OpenSSL-based Cryptographic Library (used in DXE & RUNTIME).
Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -72,11 +73,13 @@ UINTN CumulativeDays[2][14] = {
// )
time_t time (time_t *timer)
{
+#ifndef MM_STANDALONE
EFI_STATUS Status;
+#endif
EFI_TIME Time;
time_t CalTime;
UINTN Year;
-
+#ifndef MM_STANDALONE
//
// Get the current time and date information
//
@@ -84,7 +87,19 @@ time_t time (time_t *timer)
if (EFI_ERROR (Status) || (Time.Year < 1970)) {
return 0;
}
-
+#else
+ //
+ //[ToDo] Find out a way to get the current time for code executing as MM_STANDALONE
+ //
+ Time.Year = 2007;
+ Time.Month = 11;
+ Time.Day = 29;
+ Time.Hour = 17;
+ Time.Minute = 43;
+ Time.Second = 30;
+
+ Year = (UINTN) (Time.Year % 100);
+#endif
//
// Years Handling
// UTime should now be set to 00:00:00 on Jan 1 of the current year.
--
1.9.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [RFC PATCH 7/9] SecurityPkg/AuthVariableLib:allow reusability as MM_STANDALONE
2018-10-31 11:09 [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (5 preceding siblings ...)
2018-10-31 11:09 ` [RFC PATCH 6/9] CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode Jagadeesh Ujja
@ 2018-10-31 11:09 ` Jagadeesh Ujja
2018-11-09 6:04 ` Zhang, Chao B
2018-10-31 11:09 ` [RFC PATCH 8/9] MdeModulePkg VarCheckLib: allow " Jagadeesh Ujja
` (2 subsequent siblings)
9 siblings, 1 reply; 12+ messages in thread
From: Jagadeesh Ujja @ 2018-10-31 11:09 UTC (permalink / raw)
To: edk2-devel
“AuthVariableLib” library will be used by MM_STANDALONE driver too,
hence adding LIBRARY_CLASS as MM_STANDALONE
Change-Id: I67a10e1c60b3c859283c995f442d5b8709de89e1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
index 572ba4e..4294d3b 100644
--- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
+++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
@@ -2,6 +2,7 @@
# Provides authenticated variable services.
#
# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions
@@ -21,12 +22,12 @@
FILE_GUID = B23CF5FB-6FCC-4422-B145-D855DBC05457
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = AuthVariableLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER
+ LIBRARY_CLASS = AuthVariableLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER MM_STANDALONE
#
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
#
[Sources]
--
1.9.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [RFC PATCH 8/9] MdeModulePkg VarCheckLib: allow reusability as MM_STANDALONE
2018-10-31 11:09 [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (6 preceding siblings ...)
2018-10-31 11:09 ` [RFC PATCH 7/9] SecurityPkg/AuthVariableLib:allow reusability as MM_STANDALONE Jagadeesh Ujja
@ 2018-10-31 11:09 ` Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 9/9] CryptoPkg/BaseCryptLib: allow MM_STANDALONE drivers to use this library Jagadeesh Ujja
2018-10-31 13:58 ` [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Gao, Liming
9 siblings, 0 replies; 12+ messages in thread
From: Jagadeesh Ujja @ 2018-10-31 11:09 UTC (permalink / raw)
To: edk2-devel
“VarCheckLib” library will be used by MM_STANDALONE driver too,
hence adding LIBRARY_CLASS as MM_STANDALONE
Change-Id: I1b999d05381180b511b986cd09b4923907ef2a4d
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf b/MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
index 099f83d..c8cf810 100644
--- a/MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
+++ b/MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
@@ -2,6 +2,7 @@
# Provides variable check services and database management.
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions
@@ -21,12 +22,12 @@
FILE_GUID = 63E12D08-0C5D-47F8-95E4-09F89D7506C5
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = VarCheckLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER
+ LIBRARY_CLASS = VarCheckLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER MM_STANDALONE
#
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
#
[Sources]
--
1.9.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [RFC PATCH 9/9] CryptoPkg/BaseCryptLib: allow MM_STANDALONE drivers to use this library
2018-10-31 11:09 [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (7 preceding siblings ...)
2018-10-31 11:09 ` [RFC PATCH 8/9] MdeModulePkg VarCheckLib: allow " Jagadeesh Ujja
@ 2018-10-31 11:09 ` Jagadeesh Ujja
2018-10-31 13:58 ` [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Gao, Liming
9 siblings, 0 replies; 12+ messages in thread
From: Jagadeesh Ujja @ 2018-10-31 11:09 UTC (permalink / raw)
To: edk2-devel
“BaseCryptLib” library can be used by MM_STANDALONE drivers as well.
So add MM_STANDALONE as the module type this library supports
A new inf file is added for this because the UefiRuntimeServicesTableLib
library class cannot be used along with MM_STANDALONE modules.
Change-Id: Ib7562bf4592493fb443cca9ac783c80d786f498e
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
Signed-off-by: Thomas Abraham <thomas.abraham@arm.com>
---
.../BaseCryptLib/BaseCryptLibMmStandalone.inf | 106 +++++++++++++++++++++
1 file changed, 106 insertions(+)
create mode 100644 CryptoPkg/Library/BaseCryptLib/BaseCryptLibMmStandalone.inf
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLibMmStandalone.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLibMmStandalone.inf
new file mode 100644
index 0000000..a8aa49c
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLibMmStandalone.inf
@@ -0,0 +1,106 @@
+## @file
+# Cryptographic Library Instance for DXE_DRIVER.
+#
+# Caution: This module requires additional review when modified.
+# This library will have external input - signature.
+# This external input must be validated carefully to avoid security issues such as
+# buffer overflow or integer overflow.
+#
+# Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = BaseCryptLib
+ MODULE_UNI_FILE = BaseCryptLib.uni
+ FILE_GUID = be3bb803-91b6-4da0-bd91-a8b21c18ca5d
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = BaseCryptLib|DXE_DRIVER DXE_CORE UEFI_APPLICATION UEFI_DRIVER MM_STANDALONE
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF ARM AARCH64
+#
+
+[Sources]
+ InternalCryptLib.h
+ Hash/CryptMd4.c
+ Hash/CryptMd5.c
+ Hash/CryptSha1.c
+ Hash/CryptSha256.c
+ Hash/CryptSha512.c
+ Hmac/CryptHmacMd5.c
+ Hmac/CryptHmacSha1.c
+ Hmac/CryptHmacSha256.c
+ Cipher/CryptAes.c
+ Cipher/CryptTdes.c
+ Cipher/CryptArc4.c
+ Pk/CryptRsaBasic.c
+ Pk/CryptRsaExt.c
+ Pk/CryptPkcs5Pbkdf2.c
+ Pk/CryptPkcs7Sign.c
+ Pk/CryptPkcs7Verify.c
+ Pk/CryptDh.c
+ Pk/CryptX509.c
+ Pk/CryptAuthenticode.c
+ Pk/CryptTs.c
+ Pem/CryptPem.c
+
+ SysCall/CrtWrapper.c
+ SysCall/TimerWrapper.c
+ SysCall/BaseMemAllocation.c
+
+[Sources.Ia32]
+ Rand/CryptRandTsc.c
+
+[Sources.X64]
+ Rand/CryptRandTsc.c
+
+[Sources.IPF]
+ Rand/CryptRandItc.c
+
+[Sources.ARM]
+ Rand/CryptRand.c
+
+[Sources.AARCH64]
+ Rand/CryptRand.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ MemoryAllocationLib
+ DebugLib
+ OpensslLib
+ IntrinsicLib
+ PrintLib
+
+#
+# Remove these [BuildOptions] after this library is cleaned up
+#
+[BuildOptions]
+ #
+ # suppress the following warnings so we do not break the build with warnings-as-errors:
+ # C4090: 'function' : different 'const' qualifiers
+ #
+ MSFT:*_*_*_CC_FLAGS = /wd4090
+
+ GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"
+
+ # -JCryptoPkg/Include : To disable the use of the system includes provided by RVCT
+ # --diag_remark=1 : Reduce severity of "#1-D: last line of file ends without a newline"
+ RVCT:*_*_ARM_CC_FLAGS = -JCryptoPkg/Include --diag_remark=1
--
1.9.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM
2018-10-31 11:09 [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
` (8 preceding siblings ...)
2018-10-31 11:09 ` [RFC PATCH 9/9] CryptoPkg/BaseCryptLib: allow MM_STANDALONE drivers to use this library Jagadeesh Ujja
@ 2018-10-31 13:58 ` Gao, Liming
9 siblings, 0 replies; 12+ messages in thread
From: Gao, Liming @ 2018-10-31 13:58 UTC (permalink / raw)
To: Jagadeesh Ujja, edk2-devel@lists.01.org
Jagadeesh:
I have some comments.
1) Edk2 don't use #ifdef/#else/#endif to switch the code logic. You can define PCD to switch the code logic bases on PCD setting.
2) Edk2 MdeModulePkg should not depend on platform packages from edk2-platforms. MdeModulePkg includes the generic modules those are platform intendent.
3) mMmst is used widely. You can also introduce MmServiceTableLib for it.
4) CryptoPkg\Library\BaseCryptLib\BaseCryptLib.inf can be reused only if you provide one dummy implementation UefiRuntimeServiceTableLib for MM_STANDALONE usage.
Thanks
Liming
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jagadeesh Ujja
> Sent: Wednesday, October 31, 2018 7:10 PM
> To: edk2-devel@lists.01.org
> Subject: [edk2] [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM
>
> This RFC patch series extends the existing secure variable service support
> for use with Standalone MM. This is applicable to paltforms that use
> Standalone Management Mode to protect access to non-volatile memory (NOR
> flash in case of these patches) used to store the secure EFI variables.
>
> The first patch pulls in additional libraries from the staging branch of
> StandaloneMmPkg into the edk2's StandaloneMmPkg. The existing secure
> variable service implementation supports only the traditional MM mode
> and so the rest of the patches extends the existing secure variable
> service support to be useable with Standalone MM mode as well.
>
> This patch series is being posted as an RFC to get feedback on the
> approach taken in these patches.
>
> Jagadeesh Ujja (9):
> StandaloneMmPkg: Pull in additonal libraries from staging branch
> ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver
> MdeModulePkg/FaultTolerantWriteDxe: allow reusability as a MM driver
> MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM Standalone
> MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver
> CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode
> SecurityPkg/AuthVariableLib:allow reusability as MM_STANDALONE
> MdeModulePkg VarCheckLib: allow reusability as MM_STANDALONE
> CryptoPkg/BaseCryptLib: allow MM_STANDALONE drivers to use this library
>
> .../Drivers/NorFlashDxe/NorFlashBlockIoDxe.c | 5 +-
> ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.c | 116 ++-
> ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h | 15 +-
> .../Drivers/NorFlashDxe/NorFlashFvbDxe.c | 26 +-
> .../Drivers/NorFlashDxe/NorFlashMmStandalone.inf | 76 ++
> .../BaseCryptLib/BaseCryptLibMmStandalone.inf | 106 +++
> .../Library/BaseCryptLib/SysCall/TimerWrapper.c | 19 +-
> MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf | 5 +-
> .../FaultTolerantWriteMmStandalone.inf | 100 +++
> .../FaultTolerantWriteDxe/FaultTolerantWriteSmm.c | 72 +-
> .../FaultTolerantWriteDxe/UpdateWorkingBlock.c | 8 +-
> .../Universal/Variable/RuntimeDxe/Variable.c | 16 +-
> .../Universal/Variable/RuntimeDxe/Variable.h | 8 +
> .../Variable/RuntimeDxe/VariableMmStandalone.inf | 134 ++++
> .../Universal/Variable/RuntimeDxe/VariableSmm.c | 73 +-
> .../Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 20 +-
> .../Library/AuthVariableLib/AuthVariableLib.inf | 5 +-
> .../StandaloneMmCoreHobLib.inf | 2 +-
> .../AArch64/StandaloneMmCoreHobLibInternal.c | 64 ++
> .../StandaloneMmHobLib/StandaloneMmHobLib.c | 655 ++++++++++++++++
> .../StandaloneMmHobLib/StandaloneMmHobLib.inf | 48 ++
> .../StandaloneMmMemoryAllocationLib.c | 824 +++++++++++++++++++++
> .../StandaloneMmMemoryAllocationLib.inf | 45 ++
> .../StandaloneMmServicesTableLib.c | 40 +
> .../StandaloneMmServicesTableLib.inf | 36 +
> 25 files changed, 2470 insertions(+), 48 deletions(-)
> create mode 100644 ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashMmStandalone.inf
> create mode 100644 CryptoPkg/Library/BaseCryptLib/BaseCryptLibMmStandalone.inf
> create mode 100644 MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteMmStandalone.inf
> create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableMmStandalone.inf
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
> create mode 100644 StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
>
> --
> 1.9.1
>
>
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [RFC PATCH 7/9] SecurityPkg/AuthVariableLib:allow reusability as MM_STANDALONE
2018-10-31 11:09 ` [RFC PATCH 7/9] SecurityPkg/AuthVariableLib:allow reusability as MM_STANDALONE Jagadeesh Ujja
@ 2018-11-09 6:04 ` Zhang, Chao B
0 siblings, 0 replies; 12+ messages in thread
From: Zhang, Chao B @ 2018-11-09 6:04 UTC (permalink / raw)
To: Jagadeesh Ujja, edk2-devel@lists.01.org
Reviewed-by : Chao Zhang <chao.b.zhang@intel.com>
-----Original Message-----
From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jagadeesh Ujja
Sent: Wednesday, October 31, 2018 7:10 PM
To: edk2-devel@lists.01.org
Subject: [edk2] [RFC PATCH 7/9] SecurityPkg/AuthVariableLib:allow reusability as MM_STANDALONE
“AuthVariableLib” library will be used by MM_STANDALONE driver too, hence adding LIBRARY_CLASS as MM_STANDALONE
Change-Id: I67a10e1c60b3c859283c995f442d5b8709de89e1
Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com>
---
SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
index 572ba4e..4294d3b 100644
--- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
+++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
@@ -2,6 +2,7 @@
# Provides authenticated variable services.
#
# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2018, ARM Limited. All rights reserved.<BR>
#
# This program and the accompanying materials # are licensed and made available under the terms and conditions @@ -21,12 +22,12 @@
FILE_GUID = B23CF5FB-6FCC-4422-B145-D855DBC05457
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
- LIBRARY_CLASS = AuthVariableLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER
+ LIBRARY_CLASS = AuthVariableLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER MM_STANDALONE
#
# The following information is for reference only and not required by the build tools.
#
-# VALID_ARCHITECTURES = IA32 X64
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
#
[Sources]
--
1.9.1
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply related [flat|nested] 12+ messages in thread
end of thread, other threads:[~2018-11-09 6:05 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-10-31 11:09 [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 1/9] StandaloneMmPkg: Pull in additonal libraries from staging branch Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 2/9] ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 3/9] MdeModulePkg/FaultTolerantWriteDxe: " Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 4/9] MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM Standalone Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 5/9] MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 6/9] CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 7/9] SecurityPkg/AuthVariableLib:allow reusability as MM_STANDALONE Jagadeesh Ujja
2018-11-09 6:04 ` Zhang, Chao B
2018-10-31 11:09 ` [RFC PATCH 8/9] MdeModulePkg VarCheckLib: allow " Jagadeesh Ujja
2018-10-31 11:09 ` [RFC PATCH 9/9] CryptoPkg/BaseCryptLib: allow MM_STANDALONE drivers to use this library Jagadeesh Ujja
2018-10-31 13:58 ` [RFC PATCH 0/9] Extend secure variable service to be usable from Standalone MM Gao, Liming
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox