Re: [PATCH 06/10] StandaloneMmPkg/Core: permit encapsulated firmware volumes

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: Achin Gupta <Achin.Gupta@arm.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>,
	Supreeth Venkatesh <Supreeth.Venkatesh@arm.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Leif Lindholm <leif.lindholm@linaro.org>,
	Jagadeesh Ujja <Jagadeesh.Ujja@arm.com>,  nd <nd@arm.com>
Subject: Re: [PATCH 06/10] StandaloneMmPkg/Core: permit encapsulated firmware volumes
Date: Wed, 6 Mar 2019 16:56:13 +0000	[thread overview]
Message-ID: <20190306165605.GS21602@mac-ubuntu-vm> (raw)
In-Reply-To: <20190305133248.4828-7-ard.biesheuvel@linaro.org>

Reviewed-by: achin.gupta@arm.com

On Tue, Mar 05, 2019 at 02:32:44PM +0100, Ard Biesheuvel wrote:
> Standalone MM requires 4 KB section alignment for all images, so that
> strict permissions can be applied. Unfortunately, this results in a
> lot of wasted space, which is usually costly in the secure world
> environment that standalone MM is expected to operate in.
>
> So let's permit the standalone MM drivers (but not the core) to be
> delivered in a compressed firmware volume.
>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>  StandaloneMmPkg/Core/StandaloneMmCore.inf |  1 +
>  StandaloneMmPkg/Core/FwVol.c              | 99 ++++++++++++++++++--
>  2 files changed, 91 insertions(+), 9 deletions(-)
>
> diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf b/StandaloneMmPkg/Core/StandaloneMmCore.inf
> index ff2b8b9cef03..83d31e2d92c5 100644
> --- a/StandaloneMmPkg/Core/StandaloneMmCore.inf
> +++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf
> @@ -49,6 +49,7 @@ [LibraryClasses]
>    BaseMemoryLib
>    CacheMaintenanceLib
>    DebugLib
> +  ExtractGuidedSectionLib
>    FvLib
>    HobLib
>    MemoryAllocationLib
> diff --git a/StandaloneMmPkg/Core/FwVol.c b/StandaloneMmPkg/Core/FwVol.c
> index 5abf98c24797..d95491f252f9 100644
> --- a/StandaloneMmPkg/Core/FwVol.c
> +++ b/StandaloneMmPkg/Core/FwVol.c
> @@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
>
>  #include "StandaloneMmCore.h"
>  #include <Library/FvLib.h>
> +#include <Library/ExtractGuidedSectionLib.h>
>
>  //
>  // List of file types supported by dispatcher
> @@ -65,15 +66,25 @@ Returns:
>
>  --*/
>  {
> -  EFI_STATUS          Status;
> -  EFI_STATUS          DepexStatus;
> -  EFI_FFS_FILE_HEADER *FileHeader;
> -  EFI_FV_FILETYPE     FileType;
> -  VOID                *Pe32Data;
> -  UINTN               Pe32DataSize;
> -  VOID                *Depex;
> -  UINTN               DepexSize;
> -  UINTN               Index;
> +  EFI_STATUS                              Status;
> +  EFI_STATUS                              DepexStatus;
> +  EFI_FFS_FILE_HEADER                     *FileHeader;
> +  EFI_FV_FILETYPE                         FileType;
> +  VOID                                    *Pe32Data;
> +  UINTN                                   Pe32DataSize;
> +  VOID                                    *Depex;
> +  UINTN                                   DepexSize;
> +  UINTN                                   Index;
> +  EFI_COMMON_SECTION_HEADER               *Section;
> +  VOID                                    *SectionData;
> +  UINTN                                   SectionDataSize;
> +  UINT32                                  DstBufferSize;
> +  VOID                                    *ScratchBuffer;
> +  UINT32                                  ScratchBufferSize;
> +  VOID                                    *DstBuffer;
> +  UINT16                                  SectionAttribute;
> +  UINT32                                  AuthenticationStatus;
> +  EFI_FIRMWARE_VOLUME_HEADER              *InnerFvHeader;
>
>    DEBUG ((DEBUG_INFO, "MmCoreFfsFindMmDriver - 0x%x\n", FwVolHeader));
>
> @@ -83,6 +94,71 @@ Returns:
>
>    FvIsBeingProcesssed (FwVolHeader);
>
> +  //
> +  // First check for encapsulated compressed firmware volumes
> +  //
> +  FileHeader = NULL;
> +  do {
> +    Status = FfsFindNextFile (EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE,
> +               FwVolHeader, &FileHeader);
> +    if (EFI_ERROR (Status)) {
> +      break;
> +    }
> +    Status = FfsFindSectionData (EFI_SECTION_GUID_DEFINED, FileHeader,
> +               &SectionData, &SectionDataSize);
> +    if (EFI_ERROR (Status)) {
> +      break;
> +    }
> +    Section = (EFI_COMMON_SECTION_HEADER *)(FileHeader + 1);
> +    Status = ExtractGuidedSectionGetInfo (Section, &DstBufferSize,
> +               &ScratchBufferSize, &SectionAttribute);
> +    if (EFI_ERROR (Status)) {
> +      break;
> +    }
> +
> +    //
> +    // Allocate scratch buffer
> +    //
> +    ScratchBuffer = (VOID *)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES (ScratchBufferSize));
> +    if (ScratchBuffer == NULL) {
> +      return EFI_OUT_OF_RESOURCES;
> +    }
> +
> +    //
> +    // Allocate destination buffer, extra one page for adjustment
> +    //
> +    DstBuffer = (VOID *)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES (DstBufferSize));
> +    if (DstBuffer == NULL) {
> +      return EFI_OUT_OF_RESOURCES;
> +    }
> +
> +    //
> +    // Call decompress function
> +    //
> +    Status = ExtractGuidedSectionDecode (Section, &DstBuffer, ScratchBuffer,
> +                &AuthenticationStatus);
> +    FreePages (ScratchBuffer, EFI_SIZE_TO_PAGES (ScratchBufferSize));
> +    if (EFI_ERROR (Status)) {
> +      goto FreeDstBuffer;
> +    }
> +
> +    DEBUG ((DEBUG_INFO,
> +      "Processing compressed firmware volume (AuthenticationStatus == %x)\n",
> +      AuthenticationStatus));
> +
> +    Status = FindFfsSectionInSections (DstBuffer, DstBufferSize,
> +               EFI_SECTION_FIRMWARE_VOLUME_IMAGE, &Section);
> +    if (EFI_ERROR (Status)) {
> +      goto FreeDstBuffer;
> +    }
> +
> +    InnerFvHeader = (VOID *)(Section + 1);
> +    Status = MmCoreFfsFindMmDriver (InnerFvHeader);
> +    if (EFI_ERROR (Status)) {
> +      goto FreeDstBuffer;
> +    }
> +  } while (TRUE);
> +
>    for (Index = 0; Index < sizeof (mMmFileTypes) / sizeof (mMmFileTypes[0]); Index++) {
>      DEBUG ((DEBUG_INFO, "Check MmFileTypes - 0x%x\n", mMmFileTypes[Index]));
>      FileType = mMmFileTypes[Index];
> @@ -100,5 +176,10 @@ Returns:
>      } while (!EFI_ERROR (Status));
>    }
>
> +  return EFI_SUCCESS;
> +
> +FreeDstBuffer:
> +  FreePages (DstBuffer, EFI_SIZE_TO_PAGES (DstBufferSize));
> +
>    return Status;
>  }
> --
> 2.20.1
>

next prev parent reply	other threads:[~2019-03-06 16:56 UTC|newest]

Thread overview: 43+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-03-05 13:32 [PATCH 00/10] StandaloneMmPkg, ArmPkg: cleanups and improvements Ard Biesheuvel
2019-03-05 13:32 ` [PATCH 01/10] StandaloneMmPkg: drop redundant definition of gEfiMmConfigurationProtocolGuid Ard Biesheuvel
2019-03-05 13:53   ` Yao, Jiewen
2019-03-05 13:32 ` [PATCH 02/10] StandaloneMmPkg: drop unused PCD PcdStandaloneMmEnable Ard Biesheuvel
2019-03-05 13:55   ` Yao, Jiewen
2019-03-06 15:16   ` Achin Gupta
2019-03-06 15:17     ` Ard Biesheuvel
2019-03-06 15:37       ` Achin Gupta
2019-03-07 10:09         ` Ard Biesheuvel
2019-03-07 11:14           ` Achin Gupta
2019-03-05 13:32 ` [PATCH 03/10] StandaloneMmPkg: switch to NULL DebugLib resolution Ard Biesheuvel
2019-03-05 14:22   ` Yao, Jiewen
2019-03-06 15:38   ` Achin Gupta
2019-03-05 13:32 ` [PATCH 04/10] StandaloneMmPkg: remove redundant StandaloneMmDriverEntryPoint driver Ard Biesheuvel
2019-03-05 14:22   ` Yao, Jiewen
2019-03-05 13:32 ` [PATCH 05/10] StandaloneMmPkg/StandaloneMmCoreEntryPoint: drop explicit SerialPortLib call Ard Biesheuvel
2019-03-05 13:52   ` Yao, Jiewen
2019-03-06 16:35   ` Achin Gupta
2019-03-06 16:41     ` Ard Biesheuvel
2019-03-06 16:55       ` Achin Gupta
2019-03-05 13:32 ` [PATCH 06/10] StandaloneMmPkg/Core: permit encapsulated firmware volumes Ard Biesheuvel
2019-03-05 15:50   ` Yao, Jiewen
2019-03-06 16:56   ` Achin Gupta [this message]
2019-03-05 13:32 ` [PATCH 07/10] StandaloneMmPkg/Core: dispatch all drivers at init time Ard Biesheuvel
2019-03-05 15:51   ` Yao, Jiewen
2019-03-06 16:56   ` Achin Gupta
2019-03-05 13:32 ` [PATCH 08/10] StandaloneMmPkg/Core: drop support for dispatching FVs into MM Ard Biesheuvel
2019-03-05 15:51   ` Yao, Jiewen
2019-03-06 16:58   ` Achin Gupta
2019-03-05 13:32 ` [PATCH 09/10] StandaloneMmPkg/Core: remove legacy boot support Ard Biesheuvel
2019-03-05 13:52   ` Yao, Jiewen
2019-03-06 16:59   ` Achin Gupta
2019-03-05 13:32 ` [PATCH 10/10] ArmPkg/MmCommunicationDxe: signal architected PI events into MM context Ard Biesheuvel
2019-03-05 15:55   ` Yao, Jiewen
2019-03-05 15:58     ` Ard Biesheuvel
2019-03-05 16:04       ` Yao, Jiewen
2019-03-05 16:07         ` Ard Biesheuvel
2019-03-05 16:19           ` Yao, Jiewen
2019-03-05 16:53             ` Felix Polyudov
2019-03-05 17:29               ` Ard Biesheuvel
2019-03-06 16:58   ` Achin Gupta
2019-03-11 11:54 ` [PATCH 00/10] StandaloneMmPkg, ArmPkg: cleanups and improvements Ard Biesheuvel
2019-03-11 11:59   ` Ard Biesheuvel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190306165605.GS21602@mac-ubuntu-vm \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox