From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: edk2-devel@lists.01.org
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Achin Gupta <achin.gupta@arm.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Supreeth Venkatesh <supreeth.venkatesh@arm.com>,
Leif Lindholm <leif.lindholm@linaro.org>,
Jagadeesh Ujja <jagadeesh.ujja@arm.com>,
Thomas Panakamattam Abraham <thomas.abraham@arm.com>,
Sami Mujawar <Sami.Mujawar@arm.com>
Subject: [PATCH 7/8] StandaloneMmPkg/StandaloneMmCoreEntryPoint: permit the use of TE images
Date: Fri, 4 Jan 2019 12:03:14 +0100 [thread overview]
Message-ID: <20190104110315.18339-8-ard.biesheuvel@linaro.org> (raw)
In-Reply-To: <20190104110315.18339-1-ard.biesheuvel@linaro.org>
TE images take up less space when using 4 KB section alignment, since
the FFS/FV generation code optimizes away the redundant, nested padding.
This saves 4 KB of space, which is a worthwhile improvement for code
that executes in place in secure context.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermissions.c | 107 +++++++++-----------
1 file changed, 46 insertions(+), 61 deletions(-)
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermissions.c b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermissions.c
index 3ca7f6660f47..90299ebbafb6 100644
--- a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermissions.c
+++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermissions.c
@@ -143,9 +143,12 @@ LocateStandaloneMmCorePeCoffData (
Status = FfsFindSectionData (EFI_SECTION_PE32, FileHeader, TeData, TeDataSize);
if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM Section data - 0x%x\n",
- Status));
- return Status;
+ Status = FfsFindSectionData (EFI_SECTION_TE, FileHeader, TeData, TeDataSize);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM Section data - %r\n",
+ Status));
+ return Status;
+ }
}
DEBUG ((DEBUG_INFO, "Found Standalone MM PE data - 0x%x\n", *TeData));
@@ -155,10 +158,9 @@ LocateStandaloneMmCorePeCoffData (
STATIC
EFI_STATUS
GetPeCoffSectionInformation (
- IN CONST PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext,
- IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *TmpContext,
- IN OUT UINT32 *SectionHeaderOffset,
- IN OUT UINT16 *NumberOfSections
+ IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext,
+ OUT UINT32 *SectionHeaderOffset,
+ OUT UINT16 *NumberOfSections
)
{
RETURN_STATUS Status;
@@ -168,44 +170,29 @@ GetPeCoffSectionInformation (
UINTN ReadSize;
ASSERT (ImageContext != NULL);
- ASSERT (TmpContext != NULL);
ASSERT (SectionHeaderOffset != NULL);
ASSERT (NumberOfSections != NULL);
- //
- // We need to copy ImageContext since PeCoffLoaderGetImageInfo ()
- // will mangle the ImageAddress field
- //
- CopyMem (TmpContext, ImageContext, sizeof (*TmpContext));
-
- if (TmpContext->PeCoffHeaderOffset == 0) {
- Status = PeCoffLoaderGetImageInfo (TmpContext);
- if (RETURN_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR,
- "%a: PeCoffLoaderGetImageInfo () failed (Status = %r)\n",
- __FUNCTION__, Status));
- return Status;
- }
- }
-
- if (TmpContext->IsTeImage &&
- TmpContext->ImageAddress == ImageContext->ImageAddress) {
- DEBUG ((DEBUG_INFO, "%a: ignoring XIP TE image at 0x%lx\n", __FUNCTION__,
- ImageContext->ImageAddress));
- return RETURN_UNSUPPORTED;
+ Status = PeCoffLoaderGetImageInfo (ImageContext);
+ if (RETURN_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR,
+ "%a: PeCoffLoaderGetImageInfo () failed (Status == %r)\n",
+ __FUNCTION__, Status));
+ return Status;
}
- if (TmpContext->SectionAlignment < EFI_PAGE_SIZE) {
+ if (ImageContext->SectionAlignment < EFI_PAGE_SIZE) {
//
// The sections need to be at least 4 KB aligned, since that is the
// granularity at which we can tighten permissions.
//
- if (!TmpContext->IsTeImage) {
+ if (!ImageContext->IsTeImage) {
DEBUG ((DEBUG_WARN,
"%a: non-TE Image at 0x%lx has SectionAlignment < 4 KB (%lu)\n",
- __FUNCTION__, ImageContext->ImageAddress, TmpContext->SectionAlignment));
+ __FUNCTION__, ImageContext->ImageAddress, ImageContext->SectionAlignment));
+ return RETURN_UNSUPPORTED;
}
- return RETURN_UNSUPPORTED;
+ ImageContext->SectionAlignment = EFI_PAGE_SIZE;
}
//
@@ -217,9 +204,9 @@ GetPeCoffSectionInformation (
Hdr.Union = &HdrData;
Size = sizeof (EFI_IMAGE_OPTIONAL_HEADER_UNION);
ReadSize = Size;
- Status = TmpContext->ImageRead (
- TmpContext->Handle,
- TmpContext->PeCoffHeaderOffset,
+ Status = ImageContext->ImageRead (
+ ImageContext->Handle,
+ ImageContext->PeCoffHeaderOffset,
&Size,
Hdr.Pe32
);
@@ -231,23 +218,28 @@ GetPeCoffSectionInformation (
return Status;
}
- ASSERT (Hdr.Pe32->Signature == EFI_IMAGE_NT_SIGNATURE);
-
- *SectionHeaderOffset = TmpContext->PeCoffHeaderOffset + sizeof (UINT32) +
- sizeof (EFI_IMAGE_FILE_HEADER);
- *NumberOfSections = Hdr.Pe32->FileHeader.NumberOfSections;
-
- switch (Hdr.Pe32->OptionalHeader.Magic) {
- case EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC:
- *SectionHeaderOffset += Hdr.Pe32->FileHeader.SizeOfOptionalHeader;
- break;
- case EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC:
- *SectionHeaderOffset += Hdr.Pe32Plus->FileHeader.SizeOfOptionalHeader;
- break;
- default:
- ASSERT (FALSE);
+ if (!ImageContext->IsTeImage) {
+ ASSERT (Hdr.Pe32->Signature == EFI_IMAGE_NT_SIGNATURE);
+
+ *SectionHeaderOffset = ImageContext->PeCoffHeaderOffset + sizeof (UINT32) +
+ sizeof (EFI_IMAGE_FILE_HEADER);
+ *NumberOfSections = Hdr.Pe32->FileHeader.NumberOfSections;
+
+ switch (Hdr.Pe32->OptionalHeader.Magic) {
+ case EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC:
+ *SectionHeaderOffset += Hdr.Pe32->FileHeader.SizeOfOptionalHeader;
+ break;
+ case EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC:
+ *SectionHeaderOffset += Hdr.Pe32Plus->FileHeader.SizeOfOptionalHeader;
+ break;
+ default:
+ ASSERT (FALSE);
+ }
+ } else {
+ *SectionHeaderOffset = (UINTN)(sizeof (EFI_TE_IMAGE_HEADER));
+ *NumberOfSections = Hdr.Te->NumberOfSections;
+ ImageContext->ImageAddress -= (UINT32)Hdr.Te->StrippedSize - sizeof (EFI_TE_IMAGE_HEADER);
}
-
return RETURN_SUCCESS;
}
@@ -261,7 +253,6 @@ GetStandaloneMmCorePeCoffSections (
)
{
EFI_STATUS Status;
- PE_COFF_LOADER_IMAGE_CONTEXT TmpContext;
// Initialize the Image Context
ZeroMem (ImageContext, sizeof (PE_COFF_LOADER_IMAGE_CONTEXT));
@@ -270,15 +261,9 @@ GetStandaloneMmCorePeCoffSections (
DEBUG ((DEBUG_INFO, "Found Standalone MM PE data - 0x%x\n", TeData));
- Status = PeCoffLoaderGetImageInfo (ImageContext);
- if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM Core PE-COFF Image information - 0x%x\n", Status));
- return Status;
- }
-
- Status = GetPeCoffSectionInformation (ImageContext, &TmpContext, SectionHeaderOffset, NumberOfSections);
+ Status = GetPeCoffSectionInformation (ImageContext, SectionHeaderOffset, NumberOfSections);
if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM Core PE-COFF Section information - 0x%x\n", Status));
+ DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM Core PE-COFF Section information - %r\n", Status));
return Status;
}
--
2.17.1
next prev parent reply other threads:[~2019-01-04 11:03 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-04 11:03 [PATCH 0/8] StandaloneMmPkg: assorted fixes and improvements Ard Biesheuvel
2019-01-04 11:03 ` [PATCH 1/8] StandaloneMmPkg/StandaloneMmCpu: fix typo Standlone -> Standalone Ard Biesheuvel
2019-01-04 17:48 ` Supreeth Venkatesh
2019-01-04 11:03 ` [PATCH 2/8] StandaloneMmPkg/StandaloneMmCoreEntryPoint: add missing SerialPortLib ref Ard Biesheuvel
2019-01-04 17:49 ` Supreeth Venkatesh
2019-01-04 11:03 ` [PATCH 3/8] StandaloneMmPkg/StandaloneMmCoreEntryPoint: use %a modifier for ASCII strings Ard Biesheuvel
2019-01-04 17:51 ` Supreeth Venkatesh
2019-01-04 11:03 ` [PATCH 4/8] StandaloneMmPkg/StandaloneMmCoreEntryPoint: remove bogus ASSERT_EFI_ERROR()s Ard Biesheuvel
2019-01-04 17:52 ` Supreeth Venkatesh
2019-01-04 11:03 ` [PATCH 5/8] StandaloneMmPkg/StandaloneMmPeCoffExtraActionLib: ignore runtime attribute Ard Biesheuvel
2019-01-04 11:03 ` [PATCH 6/8] StandaloneMmPkg/Core/Dispatcher: don't copy dispatched image twice Ard Biesheuvel
2019-01-04 11:03 ` Ard Biesheuvel [this message]
2019-01-04 11:03 ` [PATCH 8/8] StandaloneMmPkg/Core: permit encapsulated firmware volumes Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190104110315.18339-8-ard.biesheuvel@linaro.org \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox