From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <Achin.Gupta@arm.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=2a01:111:f400:fe02::600;
 helo=eur01-db5-obe.outbound.protection.outlook.com;
 envelope-from=achin.gupta@arm.com; receiver=edk2-devel@lists.01.org 
Received: from EUR01-DB5-obe.outbound.protection.outlook.com
 (mail-db5eur01on0600.outbound.protection.outlook.com
 [IPv6:2a01:111:f400:fe02::600])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id CD7D4211D56BC
 for <edk2-devel@lists.01.org>; Wed,  6 Mar 2019 08:56:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; 
 s=selector1-arm-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=JQd72YRfXNBKK42kMePifgw5uIRkUWg1mijiz0nGnww=;
 b=MXv4NB71KF8oKckAlyGMuQ6l+1NFVDWG1l04YN3bvHpoluc6gv8ADa1OcVgg3I3DqmK/yKxkhG6b2F/T0M0xNA1l+BRY4UbV7RbHpgPEjSwcW4vOX6VvnBBkcMBrNFE1Ik9sPpG3SUGSLvU+EgCneNvbz197VBQzke4gm7rL6Wg=
Received: from AM0PR08MB2980.eurprd08.prod.outlook.com (52.134.92.153) by
 AM0PR08MB3268.eurprd08.prod.outlook.com (52.134.125.154) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.1686.17; Wed, 6 Mar 2019 16:56:13 +0000
Received: from AM0PR08MB2980.eurprd08.prod.outlook.com
 ([fe80::a133:50fa:bbbe:81a6]) by AM0PR08MB2980.eurprd08.prod.outlook.com
 ([fe80::a133:50fa:bbbe:81a6%5]) with mapi id 15.20.1665.020; Wed, 6 Mar 2019
 16:56:13 +0000
From: Achin Gupta <Achin.Gupta@arm.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
CC: "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>, Supreeth Venkatesh
 <Supreeth.Venkatesh@arm.com>, Jiewen Yao <jiewen.yao@intel.com>, Leif
 Lindholm <leif.lindholm@linaro.org>, Jagadeesh Ujja <Jagadeesh.Ujja@arm.com>, 
 nd <nd@arm.com>
Thread-Topic: [PATCH 06/10] StandaloneMmPkg/Core: permit encapsulated firmware
 volumes
Thread-Index: AQHU01f2X0PLrDxGy0ikUITffiuHjKX+1EoA
Date: Wed, 6 Mar 2019 16:56:13 +0000
Message-ID: <20190306165605.GS21602@mac-ubuntu-vm>
References: <20190305133248.4828-1-ard.biesheuvel@linaro.org>
 <20190305133248.4828-7-ard.biesheuvel@linaro.org>
In-Reply-To: <20190305133248.4828-7-ard.biesheuvel@linaro.org>
Accept-Language: en-GB, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
user-agent: Mutt/1.9.4 (2018-02-28)
x-originating-ip: [95.146.138.15]
x-clientproxiedby: LO2P265CA0354.GBRP265.PROD.OUTLOOK.COM
 (2603:10a6:600:d::30) To AM0PR08MB2980.eurprd08.prod.outlook.com
 (2603:10a6:208:5b::25)
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=Achin.Gupta@arm.com; 
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8d065858-92a8-408c-107e-08d6a254a3eb
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0;
 RULEID:(2390118)(7020095)(4652040)(8989299)(5600127)(711020)(4605104)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020);
 SRVR:AM0PR08MB3268; 
x-ms-traffictypediagnostic: AM0PR08MB3268:
nodisclaimer: True
x-microsoft-exchange-diagnostics: 1; AM0PR08MB3268;
 20:NU164ZhoY6q0JGfRNLTVWD9StbD6EB2IaJJm1x16StxCSjXCvKwp9qvueq/34e35hklP+7R0/iNmaD/Ir83x1kU+xAqwB5txB1LEzJnqg+fwoFE35GUfLf8AphZdBfdMa2oKoTCrlnv5LuZejnffxdqYw97H3vpbQIGFE5KuRU8=
x-microsoft-antispam-prvs: <AM0PR08MB3268735782A7CCD1B489A841FF730@AM0PR08MB3268.eurprd08.prod.outlook.com>
x-forefront-prvs: 0968D37274
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10009020)(6029001)(7916004)(346002)(396003)(136003)(39860400002)(366004)(376002)(189003)(199004)(105586002)(256004)(99286004)(8676002)(6436002)(71200400001)(6486002)(9686003)(6512007)(6246003)(2906002)(97736004)(1076003)(53936002)(81156014)(81166006)(8936002)(33716001)(33656002)(102836004)(4326008)(6506007)(86362001)(25786009)(72206003)(386003)(66066001)(7736002)(305945005)(14454004)(71190400001)(316002)(229853002)(58126008)(52116002)(76176011)(54906003)(486006)(26005)(5660300002)(68736007)(478600001)(106356001)(3846002)(6116002)(186003)(44832011)(11346002)(446003)(6916009)(476003);
 DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR08MB3268;
 H:AM0PR08MB2980.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en;
 PTR:InfoNoRecords; MX:1; A:1; 
received-spf: None (protection.outlook.com: arm.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: au2RaBbApiDOAJJmAkC/+u2yFtufjOwnzLeEbJ8CIQMAAX8Lrnewh2qtKiqs+YymT5BgA/s/X5nRhkVioJtddD9VNXSwGy7DkKzSjbMjEo3eAo6tZm2h3ScqAl5wfuO+FMglgHJ4XkYOlZUMPR1jRr9C48EvCCZ5Qgth/fgZn/f1lWDTbB5bHVY13B2Ho7eHUWhlw1MVZLm1t83bmXeqpygkHRYyF12lSGNSgSnptdB49dfOMtrycu9QKnNdrw5GlQSvXSPOOR6EIIT700NYd5eYXKNEw2lxV6izvfqV+VCpeGQvA+XxKyNmvslwa8vMvo7Rm4eMWbba6A2Bis20575aYUv4p2sgsXxKTAttW6fzPYfgQgKvrh0X8W/ersMBEGVVM4Khsw/1NVvckMVYacxQol3qYYMdwG58c2coHjw=
MIME-Version: 1.0
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8d065858-92a8-408c-107e-08d6a254a3eb
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Mar 2019 16:56:13.2949 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB3268
Subject: Re: [PATCH 06/10] StandaloneMmPkg/Core: permit encapsulated firmware volumes
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
X-List-Received-Date: Wed, 06 Mar 2019 16:56:16 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-ID: <4E677C0BFB1369498AFDAC0BCDC4EF1E@eurprd08.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable

Reviewed-by: achin.gupta@arm.com

On Tue, Mar 05, 2019 at 02:32:44PM +0100, Ard Biesheuvel wrote:
> Standalone MM requires 4 KB section alignment for all images, so that
> strict permissions can be applied. Unfortunately, this results in a
> lot of wasted space, which is usually costly in the secure world
> environment that standalone MM is expected to operate in.
>
> So let's permit the standalone MM drivers (but not the core) to be
> delivered in a compressed firmware volume.
>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>  StandaloneMmPkg/Core/StandaloneMmCore.inf |  1 +
>  StandaloneMmPkg/Core/FwVol.c              | 99 ++++++++++++++++++--
>  2 files changed, 91 insertions(+), 9 deletions(-)
>
> diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf b/StandaloneMmPkg/=
Core/StandaloneMmCore.inf
> index ff2b8b9cef03..83d31e2d92c5 100644
> --- a/StandaloneMmPkg/Core/StandaloneMmCore.inf
> +++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf
> @@ -49,6 +49,7 @@ [LibraryClasses]
>    BaseMemoryLib
>    CacheMaintenanceLib
>    DebugLib
> +  ExtractGuidedSectionLib
>    FvLib
>    HobLib
>    MemoryAllocationLib
> diff --git a/StandaloneMmPkg/Core/FwVol.c b/StandaloneMmPkg/Core/FwVol.c
> index 5abf98c24797..d95491f252f9 100644
> --- a/StandaloneMmPkg/Core/FwVol.c
> +++ b/StandaloneMmPkg/Core/FwVol.c
> @@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITH=
ER EXPRESS OR IMPLIED.
>
>  #include "StandaloneMmCore.h"
>  #include <Library/FvLib.h>
> +#include <Library/ExtractGuidedSectionLib.h>
>
>  //
>  // List of file types supported by dispatcher
> @@ -65,15 +66,25 @@ Returns:
>
>  --*/
>  {
> -  EFI_STATUS          Status;
> -  EFI_STATUS          DepexStatus;
> -  EFI_FFS_FILE_HEADER *FileHeader;
> -  EFI_FV_FILETYPE     FileType;
> -  VOID                *Pe32Data;
> -  UINTN               Pe32DataSize;
> -  VOID                *Depex;
> -  UINTN               DepexSize;
> -  UINTN               Index;
> +  EFI_STATUS                              Status;
> +  EFI_STATUS                              DepexStatus;
> +  EFI_FFS_FILE_HEADER                     *FileHeader;
> +  EFI_FV_FILETYPE                         FileType;
> +  VOID                                    *Pe32Data;
> +  UINTN                                   Pe32DataSize;
> +  VOID                                    *Depex;
> +  UINTN                                   DepexSize;
> +  UINTN                                   Index;
> +  EFI_COMMON_SECTION_HEADER               *Section;
> +  VOID                                    *SectionData;
> +  UINTN                                   SectionDataSize;
> +  UINT32                                  DstBufferSize;
> +  VOID                                    *ScratchBuffer;
> +  UINT32                                  ScratchBufferSize;
> +  VOID                                    *DstBuffer;
> +  UINT16                                  SectionAttribute;
> +  UINT32                                  AuthenticationStatus;
> +  EFI_FIRMWARE_VOLUME_HEADER              *InnerFvHeader;
>
>    DEBUG ((DEBUG_INFO, "MmCoreFfsFindMmDriver - 0x%x\n", FwVolHeader));
>
> @@ -83,6 +94,71 @@ Returns:
>
>    FvIsBeingProcesssed (FwVolHeader);
>
> +  //
> +  // First check for encapsulated compressed firmware volumes
> +  //
> +  FileHeader =3D NULL;
> +  do {
> +    Status =3D FfsFindNextFile (EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE,
> +               FwVolHeader, &FileHeader);
> +    if (EFI_ERROR (Status)) {
> +      break;
> +    }
> +    Status =3D FfsFindSectionData (EFI_SECTION_GUID_DEFINED, FileHeader,
> +               &SectionData, &SectionDataSize);
> +    if (EFI_ERROR (Status)) {
> +      break;
> +    }
> +    Section =3D (EFI_COMMON_SECTION_HEADER *)(FileHeader + 1);
> +    Status =3D ExtractGuidedSectionGetInfo (Section, &DstBufferSize,
> +               &ScratchBufferSize, &SectionAttribute);
> +    if (EFI_ERROR (Status)) {
> +      break;
> +    }
> +
> +    //
> +    // Allocate scratch buffer
> +    //
> +    ScratchBuffer =3D (VOID *)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES (S=
cratchBufferSize));
> +    if (ScratchBuffer =3D=3D NULL) {
> +      return EFI_OUT_OF_RESOURCES;
> +    }
> +
> +    //
> +    // Allocate destination buffer, extra one page for adjustment
> +    //
> +    DstBuffer =3D (VOID *)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES (DstBu=
fferSize));
> +    if (DstBuffer =3D=3D NULL) {
> +      return EFI_OUT_OF_RESOURCES;
> +    }
> +
> +    //
> +    // Call decompress function
> +    //
> +    Status =3D ExtractGuidedSectionDecode (Section, &DstBuffer, ScratchB=
uffer,
> +                &AuthenticationStatus);
> +    FreePages (ScratchBuffer, EFI_SIZE_TO_PAGES (ScratchBufferSize));
> +    if (EFI_ERROR (Status)) {
> +      goto FreeDstBuffer;
> +    }
> +
> +    DEBUG ((DEBUG_INFO,
> +      "Processing compressed firmware volume (AuthenticationStatus =3D=
=3D %x)\n",
> +      AuthenticationStatus));
> +
> +    Status =3D FindFfsSectionInSections (DstBuffer, DstBufferSize,
> +               EFI_SECTION_FIRMWARE_VOLUME_IMAGE, &Section);
> +    if (EFI_ERROR (Status)) {
> +      goto FreeDstBuffer;
> +    }
> +
> +    InnerFvHeader =3D (VOID *)(Section + 1);
> +    Status =3D MmCoreFfsFindMmDriver (InnerFvHeader);
> +    if (EFI_ERROR (Status)) {
> +      goto FreeDstBuffer;
> +    }
> +  } while (TRUE);
> +
>    for (Index =3D 0; Index < sizeof (mMmFileTypes) / sizeof (mMmFileTypes=
[0]); Index++) {
>      DEBUG ((DEBUG_INFO, "Check MmFileTypes - 0x%x\n", mMmFileTypes[Index=
]));
>      FileType =3D mMmFileTypes[Index];
> @@ -100,5 +176,10 @@ Returns:
>      } while (!EFI_ERROR (Status));
>    }
>
> +  return EFI_SUCCESS;
> +
> +FreeDstBuffer:
> +  FreePages (DstBuffer, EFI_SIZE_TO_PAGES (DstBufferSize));
> +
>    return Status;
>  }
> --
> 2.20.1
>