* [RFC edk2 v1] StandaloneMmPkg: Relocatable version for StandAloneMM
@ 2020-06-06 8:52 Ilias Apalodimas
2020-06-07 1:17 ` Yao, Jiewen
0 siblings, 1 reply; 4+ messages in thread
From: Ilias Apalodimas @ 2020-06-06 8:52 UTC (permalink / raw)
To: ard.biesheuvel, sami.mujawar, jiewen.yao, supreeth.venkatesh
Cc: devel, Ilias Apalodimas
With work currently being done in OP-TEE [1] and U-boot [2], we can
compile StandAloneMM as a single binary [3] and load it from OP-TEE in
an isolated partition that behahes similarly to SPM.
By doing so we reuse existing code from EDK2 for the UEFI variable
storage regardless of the firmware implementation. Another advantage is
that OP-TEE combined with U-Boot's OP-TEE supplicant can use the RPMB
partition of an eMMC and securely store EFI variables instead of solely
relying on a secure world flash [4].
Since StMM can be compiled as a binary that runs on OP-TEE, we need to
make it self-relocatable. OP-TEE load address can be arbitrary depending
on memory layout or ASLR.
We could keep the current StandAloneMM implementation as-is and duplicate
StandaloneMmCoreEntryPoint.c. Instead add two more .inf files for the
relocatable option and the relevant linker script, move the current
entry point into asm and add a FeaturePcd for enabling/disabling the
relocatable option.
[1] https://github.com/apalos/optee_os/tree/stmm_upstream_03_clean
[2] https://github.com/u-boot/u-boot/blob/master/lib/efi_loader/efi_variable_tee.c
[3] https://git.linaro.org/people/ilias.apalodimas/edk2-platforms.git/tree/Platform/QemuVirt/PlatformStandaloneMm.dsc?h=stmm_reloc_combined
[4] https://git.linaro.org/people/ilias.apalodimas/edk2-platforms.git/tree/Silicon/QemuVirt/Drivers/OpTeeRpmbFv/OpTeeRpmbFv.c?h=stmm_reloc_combined
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
StandaloneMmPkg/Core/Scripts/StMM-PIE.lds | 54 +++++++++
StandaloneMmPkg/Core/StandaloneMmCore.inf | 3 +
.../Core/StandaloneMmCoreRelocatable.inf | 80 ++++++++++++++
.../AArch64/ModuleEntryPoint.S | 103 ++++++++++++++++++
.../AArch64/StandaloneMmCoreEntryPoint.c | 7 +-
.../StandaloneMmCoreEntryPoint.inf | 4 +
.../StandaloneMmCoreEntryPointRelocatable.inf | 54 +++++++++
StandaloneMmPkg/StandaloneMmPkg.dec | 2 +
8 files changed, 306 insertions(+), 1 deletion(-)
create mode 100644 StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
create mode 100644 StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
create mode 100644 StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEntryPoint.S
create mode 100644 StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPointRelocatable.inf
diff --git a/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds b/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
new file mode 100644
index 000000000000..a1d7012c4ca3
--- /dev/null
+++ b/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
@@ -0,0 +1,54 @@
+/** @file
+
+ Copyright (c) 2015, Linaro Ltd. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+SECTIONS
+{
+ PROVIDE(__reloc_base = .);
+
+ . = PECOFF_HEADER_SIZE;
+ .text : ALIGN(CONSTANT(COMMONPAGESIZE)) {
+ *(.text.reloc*)
+ . = ALIGN(0x1000);
+ PROVIDE(__stmm_start = .);
+ *(.text .text*)
+ . = ALIGN(0x20);
+ PROVIDE(__reloc_start = .);
+ *(.rel .rel.*)
+ *(.rela .rela.*)
+ PROVIDE(__reloc_end = .);
+ }
+ PROVIDE(__ro_start = .);
+ .got : ALIGN(CONSTANT(COMMONPAGESIZE)) {
+ *(.got .got*)
+ }
+ .rodata : ALIGN(CONSTANT(COMMONPAGESIZE)) {
+ *(.rodata .rodata*)
+ }
+ PROVIDE(__ro_end = .);
+ .data : ALIGN(CONSTANT(COMMONPAGESIZE)) {
+ *(.data .data*)
+ }
+ .bss : ALIGN(CONSTANT(COMMONPAGESIZE)) {
+ *(.bss .bss*)
+ }
+ PROVIDE(__stmm_end = .);
+
+ .note (INFO) : { *(.note.gnu.build-id) }
+
+ /DISCARD/ : {
+ *(.note.GNU-stack)
+ *(.gnu.hash)
+ *(.gnu_debuglink)
+ *(.interp)
+ *(.dynamic)
+ *(.dynsym)
+ *(.dynstr)
+ *(.hash)
+ *(.comment)
+ }
+}
diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf b/StandaloneMmPkg/Core/StandaloneMmCore.inf
index 7d590b49bd3f..fdd4b61b3665 100644
--- a/StandaloneMmPkg/Core/StandaloneMmCore.inf
+++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf
@@ -74,3 +74,6 @@
gEfiEventLegacyBootGuid
gEfiEventExitBootServicesGuid
gEfiEventReadyToBootGuid
+
+[BuildOptions]
+ GCC:*_*_*_DLINK_FLAGS = -Wl,-T,$(MODULE_DIR)/Scripts/StMM-PIE.lds
diff --git a/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf b/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
new file mode 100644
index 000000000000..69049080ef78
--- /dev/null
+++ b/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
@@ -0,0 +1,80 @@
+## @file
+# This module provide an SMM CIS compliant implementation of SMM Core.
+#
+# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
+# Copyright (c) 2020, Linaro Limited. All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x0001001A
+ BASE_NAME = StandaloneMmCore
+ FILE_GUID = 6E14B6FD-3600-4DD6-A17A-206B3B6DCE16
+ MODULE_TYPE = MM_CORE_STANDALONE
+ VERSION_STRING = 1.0
+ PI_SPECIFICATION_VERSION = 0x00010032
+ ENTRY_POINT = StandaloneMmMain
+
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+
+[Sources]
+ StandaloneMmCore.c
+ StandaloneMmCore.h
+ StandaloneMmCorePrivateData.h
+ Page.c
+ Pool.c
+ Handle.c
+ Locate.c
+ Notify.c
+ Dependency.c
+ Dispatcher.c
+ Mmi.c
+ InstallConfigurationTable.c
+ FwVol.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ CacheMaintenanceLib
+ DebugLib
+ ExtractGuidedSectionLib
+ FvLib
+ HobLib
+ MemoryAllocationLib
+ MemLib
+ PeCoffLib
+ ReportStatusCodeLib
+ StandaloneMmCoreEntryPoint
+
+[Protocols]
+ gEfiDxeMmReadyToLockProtocolGuid ## UNDEFINED # SmiHandlerRegister
+ gEfiMmReadyToLockProtocolGuid ## PRODUCES
+ gEfiMmEndOfDxeProtocolGuid ## PRODUCES
+ gEfiLoadedImageProtocolGuid ## PRODUCES
+ gEfiMmConfigurationProtocolGuid ## CONSUMES
+
+[Guids]
+ gAprioriGuid ## SOMETIMES_CONSUMES ## File
+ gEfiEventDxeDispatchGuid ## PRODUCES ## GUID # SmiHandlerRegister
+ gEfiEndOfDxeEventGroupGuid ## PRODUCES ## GUID # SmiHandlerRegister
+ ## SOMETIMES_CONSUMES ## GUID # Locate protocol
+ ## SOMETIMES_PRODUCES ## GUID # SmiHandlerRegister
+ gEdkiiMemoryProfileGuid
+ gZeroGuid ## SOMETIMES_CONSUMES ## GUID
+ gEfiHobListGuid
+ gMmCoreDataHobGuid
+ gMmFvDispatchGuid
+ gEfiEventLegacyBootGuid
+ gEfiEventExitBootServicesGuid
+ gEfiEventReadyToBootGuid
+
+[BuildOptions]
+ GCC:*_*_*_DLINK_FLAGS = -Wl,-Bsymbolic,-pie,-T,$(MODULE_DIR)/Scripts/StMM-PIE.lds
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEntryPoint.S b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEntryPoint.S
new file mode 100644
index 000000000000..90ff4579daa6
--- /dev/null
+++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEntryPoint.S
@@ -0,0 +1,103 @@
+//
+// Copyright (c) 2011-2013, ARM Limited. All rights reserved.
+// Copyright (c) 2015-2020, Linaro Limited. All rights reserved.
+//
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+//
+//
+
+#include <AsmMacroIoLibV8.h>
+ASM_FUNC(_ModuleEntryPoint)
+ adr x8, FeaturePcdGet (PcdStMMReloc)
+ ldrb w9, [x8]
+ cmp x9, #0
+ // If PcdStMMReloc is set to TRUE, go ahead and fixup the relocations here
+ beq .Llaunch
+ adr x8, __reloc_base
+ adr x9, __reloc_start
+ adr x10, __reloc_end
+ bl ASM_PFX(_DoReloc)
+.Llaunch:
+ b ModuleEntryPoint
+
+.section .text.reloc, "ax"
+ASM_PFX(_DoReloc):
+ mov x20, x0
+ mov x21, x1
+ mov x22, x2
+ mov x23, x3
+
+ // Set all of the memory as r/w
+ adr x11, __stmm_start
+ adr x2, __stmm_end
+ ldr x0, =0xC4000065
+ and x1, x11, #~0x0fff // Align to page
+ sub x2, x2, x11
+ add x2, x2, #0xfff
+ lsr x2, x2, #12 // nr pages
+ ldr x3, =0x5 // Set perms to r/w
+ svc #0
+ // Prevent speculative execution beyond svc instruction
+ dsb nsh
+ isb
+
+.Lreloc_loop:
+ cmp x9, x10
+ bhs .Lreloc_done
+ //
+ // We are built as a ET_DYN PIE executable, so we need to process all
+ // relative relocations regardless of whether or not we are executing from
+ // the same offset we were linked at. This is only possible if we are
+ // running from RAM.
+ //
+ // AArch64 uses the ELF64 RELA format, which means each entry in the
+ // relocation table consists of
+ //
+ // UINT64 offset : the relative offset of the value that needs to
+ // be relocated
+ // UINT64 info : relocation type and symbol index (the latter is
+ // not used for R_AARCH64_RELATIVE relocations)
+ // UINT64 addend : value to be added to the value being relocated
+ //
+ ldp x11, x12, [x9], #24 // read offset into x11 and info into x12
+ cmp x12, #0x403 // check info == R_AARCH64_RELATIVE?
+ bne .Lreloc_loop // not a relative relocation? then skip
+ ldr x12, [x9, #-8] // read addend into x12
+ add x12, x12, x8 // add reloc base to addend to get relocated value
+ str x12, [x11, x8] // write relocated value at offset
+ b .Lreloc_loop
+
+.Lreloc_done:
+ // set memory per section
+ adr x11, __stmm_start
+ adr x2, __reloc_end
+ ldr x0, =0xC4000065
+ and x1, x11, #~0x0fff // Align to page
+ sub x2, x2, x11
+ add x2, x2, #0xfff
+ lsr x2, x2, #12 // nr pages
+ ldr x3, =0x3 // Set perms to r/x
+ svc #0
+ // Prevent speculative execution beyond svc instruction
+ dsb nsh
+ isb
+
+ adr x11, __ro_start
+ adr x2, __ro_end
+ ldr x0, =0xC4000065
+ and x1, x11, #~0x0fff // Align to page
+ sub x2, x2, x11
+ add x2, x2, #0xfff
+ lsr x2, x2, #12 // nr pages
+ ldr x3, =0x1 // Set perms to r/o
+ svc #0
+ // Prevent speculative execution beyond svc instruction
+ dsb nsh
+ isb
+
+ mov x0, x20
+ mov x1, x21
+ mov x2, x22
+ mov x3, x23
+
+ ret
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCoreEntryPoint.c b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCoreEntryPoint.c
index 20723385113f..57c3162ab5d0 100644
--- a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCoreEntryPoint.c
+++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCoreEntryPoint.c
@@ -22,6 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/HobLib.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
+#include <Library/PcdLib.h>
#include <Library/SerialPortLib.h>
#include <IndustryStandard/ArmStdSmc.h>
@@ -209,7 +210,7 @@ GetSpmVersion (VOID)
**/
VOID
EFIAPI
-_ModuleEntryPoint (
+ModuleEntryPoint (
IN VOID *SharedBufAddress,
IN UINT64 SharedBufSize,
IN UINT64 cookie1,
@@ -238,6 +239,9 @@ _ModuleEntryPoint (
goto finish;
}
+ if (FeaturePcdGet (PcdStMMReloc)) {
+ goto skip_remap;
+ }
// Locate PE/COFF File information for the Standalone MM core module
Status = LocateStandaloneMmCorePeCoffData (
(EFI_FIRMWARE_VOLUME_HEADER *) PayloadBootInfo->SpImageBase,
@@ -276,6 +280,7 @@ _ModuleEntryPoint (
goto finish;
}
+skip_remap:
//
// Create Hoblist based upon boot information passed by privileged software
//
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf
index 891c292e92f8..6659219404a5 100644
--- a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf
+++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf
@@ -25,6 +25,7 @@
AArch64/StandaloneMmCoreEntryPoint.c
AArch64/SetPermissions.c
AArch64/CreateHobList.c
+ AArch64/ModuleEntryPoint.S
[Packages]
MdePkg/MdePkg.dec
@@ -48,3 +49,6 @@
gEfiMmPeiMmramMemoryReserveGuid
gEfiStandaloneMmNonSecureBufferGuid
gEfiArmTfCpuDriverEpDescriptorGuid
+
+[FeaturePcd]
+ gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|FALSE
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPointRelocatable.inf b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPointRelocatable.inf
new file mode 100644
index 000000000000..10cdae1b4018
--- /dev/null
+++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPointRelocatable.inf
@@ -0,0 +1,54 @@
+## @file
+# Module entry point library for DXE core.
+#
+# Copyright (c) 2020, ARM Ltd. All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+#
+##
+
+[Defines]
+ INF_VERSION = 0x0001001A
+ BASE_NAME = StandaloneMmCoreEntryPoint
+ FILE_GUID = C97AC593-109A-4C63-905C-675FDE2689E8
+ MODULE_TYPE = MM_CORE_STANDALONE
+ VERSION_STRING = 1.0
+ PI_SPECIFICATION_VERSION = 0x00010032
+ LIBRARY_CLASS = StandaloneMmCoreEntryPoint|MM_CORE_STANDALONE
+
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF EBC (EBC is for build only)
+#
+
+[Sources.AARCH64]
+ AArch64/StandaloneMmCoreEntryPoint.c
+ AArch64/SetPermissions.c
+ AArch64/CreateHobList.c
+ AArch64/ModuleEntryPoint.S
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
+
+[Packages.AARCH64]
+ ArmPkg/ArmPkg.dec
+ ArmPlatformPkg/ArmPlatformPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ DebugLib
+
+[LibraryClasses.AARCH64]
+ StandaloneMmMmuLib
+ ArmSvcLib
+
+[Guids]
+ gMpInformationHobGuid
+ gEfiMmPeiMmramMemoryReserveGuid
+ gEfiStandaloneMmNonSecureBufferGuid
+ gEfiArmTfCpuDriverEpDescriptorGuid
+
+[FeaturePcd]
+ gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|TRUE
diff --git a/StandaloneMmPkg/StandaloneMmPkg.dec b/StandaloneMmPkg/StandaloneMmPkg.dec
index 82cb62568b53..cc572321a5b6 100644
--- a/StandaloneMmPkg/StandaloneMmPkg.dec
+++ b/StandaloneMmPkg/StandaloneMmPkg.dec
@@ -33,3 +33,5 @@
gEfiStandaloneMmNonSecureBufferGuid = { 0xf00497e3, 0xbfa2, 0x41a1, { 0x9d, 0x29, 0x54, 0xc2, 0xe9, 0x37, 0x21, 0xc5 }}
gEfiArmTfCpuDriverEpDescriptorGuid = { 0x6ecbd5a1, 0xc0f8, 0x4702, { 0x83, 0x01, 0x4f, 0xc2, 0xc5, 0x47, 0x0a, 0x51 }}
+[PcdsFeatureFlag]
+ gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|FALSE|BOOLEAN|0x00000001
--
2.27.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [RFC edk2 v1] StandaloneMmPkg: Relocatable version for StandAloneMM
2020-06-06 8:52 [RFC edk2 v1] StandaloneMmPkg: Relocatable version for StandAloneMM Ilias Apalodimas
@ 2020-06-07 1:17 ` Yao, Jiewen
2020-06-08 16:56 ` Ilias Apalodimas
2020-06-08 22:25 ` Ard Biesheuvel
0 siblings, 2 replies; 4+ messages in thread
From: Yao, Jiewen @ 2020-06-07 1:17 UTC (permalink / raw)
To: Ilias Apalodimas, ard.biesheuvel@arm.com, sami.mujawar@arm.com,
supreeth.venkatesh@arm.com
Cc: devel@edk2.groups.io
Hi Ilias
It seems a good idea to support relocatable StMM.
Thought on StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
Usually we do not add special link option in INF and build a module to be ELF for some special purposes.
Things might be broken if X86 platform uses this INF to build Relocatable image with visual studio or with GCC.
Do you think if it is possible to still create a self-relocatable StandaloneMmCore as a PE image, instead of ELF ?
One example is at : https://github.com/jyao1/STM/blob/master/Stm/StmPkg/Core/Init/StmInit.c#L1096
Then we may reuse the generic PeCoff library in C code before any global variable access.
No special assembly code or link script required. And no need to add a PCD.
Thank you
Yao Jiewen
> -----Original Message-----
> From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> Sent: Saturday, June 6, 2020 4:52 PM
> To: ard.biesheuvel@arm.com; sami.mujawar@arm.com; Yao, Jiewen
> <jiewen.yao@intel.com>; supreeth.venkatesh@arm.com
> Cc: devel@edk2.groups.io; Ilias Apalodimas <ilias.apalodimas@linaro.org>
> Subject: [RFC edk2 v1] StandaloneMmPkg: Relocatable version for
> StandAloneMM
>
> With work currently being done in OP-TEE [1] and U-boot [2], we can
> compile StandAloneMM as a single binary [3] and load it from OP-TEE in
> an isolated partition that behahes similarly to SPM.
> By doing so we reuse existing code from EDK2 for the UEFI variable
> storage regardless of the firmware implementation. Another advantage is
> that OP-TEE combined with U-Boot's OP-TEE supplicant can use the RPMB
> partition of an eMMC and securely store EFI variables instead of solely
> relying on a secure world flash [4].
>
> Since StMM can be compiled as a binary that runs on OP-TEE, we need to
> make it self-relocatable. OP-TEE load address can be arbitrary depending
> on memory layout or ASLR.
> We could keep the current StandAloneMM implementation as-is and duplicate
> StandaloneMmCoreEntryPoint.c. Instead add two more .inf files for the
> relocatable option and the relevant linker script, move the current
> entry point into asm and add a FeaturePcd for enabling/disabling the
> relocatable option.
>
> [1] https://github.com/apalos/optee_os/tree/stmm_upstream_03_clean
> [2] https://github.com/u-boot/u-
> boot/blob/master/lib/efi_loader/efi_variable_tee.c
> [3] https://git.linaro.org/people/ilias.apalodimas/edk2-
> platforms.git/tree/Platform/QemuVirt/PlatformStandaloneMm.dsc?h=stmm_rel
> oc_combined
> [4] https://git.linaro.org/people/ilias.apalodimas/edk2-
> platforms.git/tree/Silicon/QemuVirt/Drivers/OpTeeRpmbFv/OpTeeRpmbFv.c?h=
> stmm_reloc_combined
>
> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> ---
> StandaloneMmPkg/Core/Scripts/StMM-PIE.lds | 54 +++++++++
> StandaloneMmPkg/Core/StandaloneMmCore.inf | 3 +
> .../Core/StandaloneMmCoreRelocatable.inf | 80 ++++++++++++++
> .../AArch64/ModuleEntryPoint.S | 103 ++++++++++++++++++
> .../AArch64/StandaloneMmCoreEntryPoint.c | 7 +-
> .../StandaloneMmCoreEntryPoint.inf | 4 +
> .../StandaloneMmCoreEntryPointRelocatable.inf | 54 +++++++++
> StandaloneMmPkg/StandaloneMmPkg.dec | 2 +
> 8 files changed, 306 insertions(+), 1 deletion(-)
> create mode 100644 StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
> create mode 100644
> StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
> create mode 100644
> StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEntr
> yPoint.S
> create mode 100644
> StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreE
> ntryPointRelocatable.inf
>
> diff --git a/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
> b/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
> new file mode 100644
> index 000000000000..a1d7012c4ca3
> --- /dev/null
> +++ b/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
> @@ -0,0 +1,54 @@
> +/** @file
>
> +
>
> + Copyright (c) 2015, Linaro Ltd. All rights reserved.<BR>
>
> +
>
> + SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +SECTIONS
>
> +{
>
> + PROVIDE(__reloc_base = .);
>
> +
>
> + . = PECOFF_HEADER_SIZE;
>
> + .text : ALIGN(CONSTANT(COMMONPAGESIZE)) {
>
> + *(.text.reloc*)
>
> + . = ALIGN(0x1000);
>
> + PROVIDE(__stmm_start = .);
>
> + *(.text .text*)
>
> + . = ALIGN(0x20);
>
> + PROVIDE(__reloc_start = .);
>
> + *(.rel .rel.*)
>
> + *(.rela .rela.*)
>
> + PROVIDE(__reloc_end = .);
>
> + }
>
> + PROVIDE(__ro_start = .);
>
> + .got : ALIGN(CONSTANT(COMMONPAGESIZE)) {
>
> + *(.got .got*)
>
> + }
>
> + .rodata : ALIGN(CONSTANT(COMMONPAGESIZE)) {
>
> + *(.rodata .rodata*)
>
> + }
>
> + PROVIDE(__ro_end = .);
>
> + .data : ALIGN(CONSTANT(COMMONPAGESIZE)) {
>
> + *(.data .data*)
>
> + }
>
> + .bss : ALIGN(CONSTANT(COMMONPAGESIZE)) {
>
> + *(.bss .bss*)
>
> + }
>
> + PROVIDE(__stmm_end = .);
>
> +
>
> + .note (INFO) : { *(.note.gnu.build-id) }
>
> +
>
> + /DISCARD/ : {
>
> + *(.note.GNU-stack)
>
> + *(.gnu.hash)
>
> + *(.gnu_debuglink)
>
> + *(.interp)
>
> + *(.dynamic)
>
> + *(.dynsym)
>
> + *(.dynstr)
>
> + *(.hash)
>
> + *(.comment)
>
> + }
>
> +}
>
> diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf
> b/StandaloneMmPkg/Core/StandaloneMmCore.inf
> index 7d590b49bd3f..fdd4b61b3665 100644
> --- a/StandaloneMmPkg/Core/StandaloneMmCore.inf
> +++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf
> @@ -74,3 +74,6 @@
> gEfiEventLegacyBootGuid
>
> gEfiEventExitBootServicesGuid
>
> gEfiEventReadyToBootGuid
>
> +
>
> +[BuildOptions]
>
> + GCC:*_*_*_DLINK_FLAGS = -Wl,-T,$(MODULE_DIR)/Scripts/StMM-PIE.lds
>
> diff --git a/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
> b/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
> new file mode 100644
> index 000000000000..69049080ef78
> --- /dev/null
> +++ b/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
> @@ -0,0 +1,80 @@
> +## @file
>
> +# This module provide an SMM CIS compliant implementation of SMM Core.
>
> +#
>
> +# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
>
> +# Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
>
> +# Copyright (c) 2020, Linaro Limited. All rights reserved.<BR>
>
> +#
>
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +#
>
> +##
>
> +
>
> +[Defines]
>
> + INF_VERSION = 0x0001001A
>
> + BASE_NAME = StandaloneMmCore
>
> + FILE_GUID = 6E14B6FD-3600-4DD6-A17A-206B3B6DCE16
>
> + MODULE_TYPE = MM_CORE_STANDALONE
>
> + VERSION_STRING = 1.0
>
> + PI_SPECIFICATION_VERSION = 0x00010032
>
> + ENTRY_POINT = StandaloneMmMain
>
> +
>
> +# VALID_ARCHITECTURES = IA32 X64 AARCH64
>
> +
>
> +[Sources]
>
> + StandaloneMmCore.c
>
> + StandaloneMmCore.h
>
> + StandaloneMmCorePrivateData.h
>
> + Page.c
>
> + Pool.c
>
> + Handle.c
>
> + Locate.c
>
> + Notify.c
>
> + Dependency.c
>
> + Dispatcher.c
>
> + Mmi.c
>
> + InstallConfigurationTable.c
>
> + FwVol.c
>
> +
>
> +[Packages]
>
> + MdePkg/MdePkg.dec
>
> + MdeModulePkg/MdeModulePkg.dec
>
> + StandaloneMmPkg/StandaloneMmPkg.dec
>
> +
>
> +[LibraryClasses]
>
> + BaseLib
>
> + BaseMemoryLib
>
> + CacheMaintenanceLib
>
> + DebugLib
>
> + ExtractGuidedSectionLib
>
> + FvLib
>
> + HobLib
>
> + MemoryAllocationLib
>
> + MemLib
>
> + PeCoffLib
>
> + ReportStatusCodeLib
>
> + StandaloneMmCoreEntryPoint
>
> +
>
> +[Protocols]
>
> + gEfiDxeMmReadyToLockProtocolGuid ## UNDEFINED #
> SmiHandlerRegister
>
> + gEfiMmReadyToLockProtocolGuid ## PRODUCES
>
> + gEfiMmEndOfDxeProtocolGuid ## PRODUCES
>
> + gEfiLoadedImageProtocolGuid ## PRODUCES
>
> + gEfiMmConfigurationProtocolGuid ## CONSUMES
>
> +
>
> +[Guids]
>
> + gAprioriGuid ## SOMETIMES_CONSUMES ## File
>
> + gEfiEventDxeDispatchGuid ## PRODUCES ## GUID #
> SmiHandlerRegister
>
> + gEfiEndOfDxeEventGroupGuid ## PRODUCES ## GUID #
> SmiHandlerRegister
>
> + ## SOMETIMES_CONSUMES ## GUID # Locate protocol
>
> + ## SOMETIMES_PRODUCES ## GUID # SmiHandlerRegister
>
> + gEdkiiMemoryProfileGuid
>
> + gZeroGuid ## SOMETIMES_CONSUMES ## GUID
>
> + gEfiHobListGuid
>
> + gMmCoreDataHobGuid
>
> + gMmFvDispatchGuid
>
> + gEfiEventLegacyBootGuid
>
> + gEfiEventExitBootServicesGuid
>
> + gEfiEventReadyToBootGuid
>
> +
>
> +[BuildOptions]
>
> + GCC:*_*_*_DLINK_FLAGS = -Wl,-Bsymbolic,-pie,-
> T,$(MODULE_DIR)/Scripts/StMM-PIE.lds
>
> diff --git
> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEn
> tryPoint.S
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEn
> tryPoint.S
> new file mode 100644
> index 000000000000..90ff4579daa6
> --- /dev/null
> +++
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEn
> tryPoint.S
> @@ -0,0 +1,103 @@
> +//
>
> +// Copyright (c) 2011-2013, ARM Limited. All rights reserved.
>
> +// Copyright (c) 2015-2020, Linaro Limited. All rights reserved.
>
> +//
>
> +// SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +//
>
> +//
>
> +
>
> +#include <AsmMacroIoLibV8.h>
>
> +ASM_FUNC(_ModuleEntryPoint)
>
> + adr x8, FeaturePcdGet (PcdStMMReloc)
>
> + ldrb w9, [x8]
>
> + cmp x9, #0
>
> + // If PcdStMMReloc is set to TRUE, go ahead and fixup the relocations here
>
> + beq .Llaunch
>
> + adr x8, __reloc_base
>
> + adr x9, __reloc_start
>
> + adr x10, __reloc_end
>
> + bl ASM_PFX(_DoReloc)
>
> +.Llaunch:
>
> + b ModuleEntryPoint
>
> +
>
> +.section .text.reloc, "ax"
>
> +ASM_PFX(_DoReloc):
>
> + mov x20, x0
>
> + mov x21, x1
>
> + mov x22, x2
>
> + mov x23, x3
>
> +
>
> + // Set all of the memory as r/w
>
> + adr x11, __stmm_start
>
> + adr x2, __stmm_end
>
> + ldr x0, =0xC4000065
>
> + and x1, x11, #~0x0fff // Align to page
>
> + sub x2, x2, x11
>
> + add x2, x2, #0xfff
>
> + lsr x2, x2, #12 // nr pages
>
> + ldr x3, =0x5 // Set perms to r/w
>
> + svc #0
>
> + // Prevent speculative execution beyond svc instruction
>
> + dsb nsh
>
> + isb
>
> +
>
> +.Lreloc_loop:
>
> + cmp x9, x10
>
> + bhs .Lreloc_done
>
> + //
>
> + // We are built as a ET_DYN PIE executable, so we need to process all
>
> + // relative relocations regardless of whether or not we are executing from
>
> + // the same offset we were linked at. This is only possible if we are
>
> + // running from RAM.
>
> + //
>
> + // AArch64 uses the ELF64 RELA format, which means each entry in the
>
> + // relocation table consists of
>
> + //
>
> + // UINT64 offset : the relative offset of the value that needs to
>
> + // be relocated
>
> + // UINT64 info : relocation type and symbol index (the latter is
>
> + // not used for R_AARCH64_RELATIVE relocations)
>
> + // UINT64 addend : value to be added to the value being relocated
>
> + //
>
> + ldp x11, x12, [x9], #24 // read offset into x11 and info into x12
>
> + cmp x12, #0x403 // check info == R_AARCH64_RELATIVE?
>
> + bne .Lreloc_loop // not a relative relocation? then skip
>
> + ldr x12, [x9, #-8] // read addend into x12
>
> + add x12, x12, x8 // add reloc base to addend to get relocated value
>
> + str x12, [x11, x8] // write relocated value at offset
>
> + b .Lreloc_loop
>
> +
>
> +.Lreloc_done:
>
> + // set memory per section
>
> + adr x11, __stmm_start
>
> + adr x2, __reloc_end
>
> + ldr x0, =0xC4000065
>
> + and x1, x11, #~0x0fff // Align to page
>
> + sub x2, x2, x11
>
> + add x2, x2, #0xfff
>
> + lsr x2, x2, #12 // nr pages
>
> + ldr x3, =0x3 // Set perms to r/x
>
> + svc #0
>
> + // Prevent speculative execution beyond svc instruction
>
> + dsb nsh
>
> + isb
>
> +
>
> + adr x11, __ro_start
>
> + adr x2, __ro_end
>
> + ldr x0, =0xC4000065
>
> + and x1, x11, #~0x0fff // Align to page
>
> + sub x2, x2, x11
>
> + add x2, x2, #0xfff
>
> + lsr x2, x2, #12 // nr pages
>
> + ldr x3, =0x1 // Set perms to r/o
>
> + svc #0
>
> + // Prevent speculative execution beyond svc instruction
>
> + dsb nsh
>
> + isb
>
> +
>
> + mov x0, x20
>
> + mov x1, x21
>
> + mov x2, x22
>
> + mov x3, x23
>
> +
>
> + ret
>
> diff --git
> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> eMmCoreEntryPoint.c
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> eMmCoreEntryPoint.c
> index 20723385113f..57c3162ab5d0 100644
> ---
> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> eMmCoreEntryPoint.c
> +++
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> eMmCoreEntryPoint.c
> @@ -22,6 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> #include <Library/HobLib.h>
>
> #include <Library/BaseLib.h>
>
> #include <Library/BaseMemoryLib.h>
>
> +#include <Library/PcdLib.h>
>
> #include <Library/SerialPortLib.h>
>
>
>
> #include <IndustryStandard/ArmStdSmc.h>
>
> @@ -209,7 +210,7 @@ GetSpmVersion (VOID)
> **/
>
> VOID
>
> EFIAPI
>
> -_ModuleEntryPoint (
>
> +ModuleEntryPoint (
>
> IN VOID *SharedBufAddress,
>
> IN UINT64 SharedBufSize,
>
> IN UINT64 cookie1,
>
> @@ -238,6 +239,9 @@ _ModuleEntryPoint (
> goto finish;
>
> }
>
>
>
> + if (FeaturePcdGet (PcdStMMReloc)) {
>
> + goto skip_remap;
>
> + }
>
> // Locate PE/COFF File information for the Standalone MM core module
>
> Status = LocateStandaloneMmCorePeCoffData (
>
> (EFI_FIRMWARE_VOLUME_HEADER *) PayloadBootInfo->SpImageBase,
>
> @@ -276,6 +280,7 @@ _ModuleEntryPoint (
> goto finish;
>
> }
>
>
>
> +skip_remap:
>
> //
>
> // Create Hoblist based upon boot information passed by privileged software
>
> //
>
> diff --git
> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> eEntryPoint.inf
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> eEntryPoint.inf
> index 891c292e92f8..6659219404a5 100644
> ---
> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> eEntryPoint.inf
> +++
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> eEntryPoint.inf
> @@ -25,6 +25,7 @@
> AArch64/StandaloneMmCoreEntryPoint.c
>
> AArch64/SetPermissions.c
>
> AArch64/CreateHobList.c
>
> + AArch64/ModuleEntryPoint.S
>
>
>
> [Packages]
>
> MdePkg/MdePkg.dec
>
> @@ -48,3 +49,6 @@
> gEfiMmPeiMmramMemoryReserveGuid
>
> gEfiStandaloneMmNonSecureBufferGuid
>
> gEfiArmTfCpuDriverEpDescriptorGuid
>
> +
>
> +[FeaturePcd]
>
> + gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|FALSE
>
> diff --git
> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> eEntryPointRelocatable.inf
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> eEntryPointRelocatable.inf
> new file mode 100644
> index 000000000000..10cdae1b4018
> --- /dev/null
> +++
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> eEntryPointRelocatable.inf
> @@ -0,0 +1,54 @@
> +## @file
>
> +# Module entry point library for DXE core.
>
> +#
>
> +# Copyright (c) 2020, ARM Ltd. All rights reserved.<BR>
>
> +#
>
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +#
>
> +#
>
> +##
>
> +
>
> +[Defines]
>
> + INF_VERSION = 0x0001001A
>
> + BASE_NAME = StandaloneMmCoreEntryPoint
>
> + FILE_GUID = C97AC593-109A-4C63-905C-675FDE2689E8
>
> + MODULE_TYPE = MM_CORE_STANDALONE
>
> + VERSION_STRING = 1.0
>
> + PI_SPECIFICATION_VERSION = 0x00010032
>
> + LIBRARY_CLASS =
> StandaloneMmCoreEntryPoint|MM_CORE_STANDALONE
>
> +
>
> +#
>
> +# VALID_ARCHITECTURES = IA32 X64 IPF EBC (EBC is for build only)
>
> +#
>
> +
>
> +[Sources.AARCH64]
>
> + AArch64/StandaloneMmCoreEntryPoint.c
>
> + AArch64/SetPermissions.c
>
> + AArch64/CreateHobList.c
>
> + AArch64/ModuleEntryPoint.S
>
> +
>
> +[Packages]
>
> + MdePkg/MdePkg.dec
>
> + MdeModulePkg/MdeModulePkg.dec
>
> + StandaloneMmPkg/StandaloneMmPkg.dec
>
> +
>
> +[Packages.AARCH64]
>
> + ArmPkg/ArmPkg.dec
>
> + ArmPlatformPkg/ArmPlatformPkg.dec
>
> +
>
> +[LibraryClasses]
>
> + BaseLib
>
> + DebugLib
>
> +
>
> +[LibraryClasses.AARCH64]
>
> + StandaloneMmMmuLib
>
> + ArmSvcLib
>
> +
>
> +[Guids]
>
> + gMpInformationHobGuid
>
> + gEfiMmPeiMmramMemoryReserveGuid
>
> + gEfiStandaloneMmNonSecureBufferGuid
>
> + gEfiArmTfCpuDriverEpDescriptorGuid
>
> +
>
> +[FeaturePcd]
>
> + gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|TRUE
>
> diff --git a/StandaloneMmPkg/StandaloneMmPkg.dec
> b/StandaloneMmPkg/StandaloneMmPkg.dec
> index 82cb62568b53..cc572321a5b6 100644
> --- a/StandaloneMmPkg/StandaloneMmPkg.dec
> +++ b/StandaloneMmPkg/StandaloneMmPkg.dec
> @@ -33,3 +33,5 @@
> gEfiStandaloneMmNonSecureBufferGuid = { 0xf00497e3, 0xbfa2, 0x41a1,
> { 0x9d, 0x29, 0x54, 0xc2, 0xe9, 0x37, 0x21, 0xc5 }}
>
> gEfiArmTfCpuDriverEpDescriptorGuid = { 0x6ecbd5a1, 0xc0f8, 0x4702,
> { 0x83, 0x01, 0x4f, 0xc2, 0xc5, 0x47, 0x0a, 0x51 }}
>
>
>
> +[PcdsFeatureFlag]
>
> +
> gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|FALSE|BOOLEAN|0x00000
> 001
>
> --
> 2.27.0
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [RFC edk2 v1] StandaloneMmPkg: Relocatable version for StandAloneMM
2020-06-07 1:17 ` Yao, Jiewen
@ 2020-06-08 16:56 ` Ilias Apalodimas
2020-06-08 22:25 ` Ard Biesheuvel
1 sibling, 0 replies; 4+ messages in thread
From: Ilias Apalodimas @ 2020-06-08 16:56 UTC (permalink / raw)
To: Yao, Jiewen
Cc: ard.biesheuvel@arm.com, sami.mujawar@arm.com,
supreeth.venkatesh@arm.com, devel@edk2.groups.io
Hi Jiewen,
On Sun, Jun 07, 2020 at 01:17:11AM +0000, Yao, Jiewen wrote:
> Hi Ilias
> It seems a good idea to support relocatable StMM.
>
> Thought on StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
> Usually we do not add special link option in INF and build a module to be ELF for some special purposes.
> Things might be broken if X86 platform uses this INF to build Relocatable image with visual studio or with GCC.
Great I've mostly seen the Arm related pieces of the relevant EDK2 parts, so the
X86 help is appreciated!
>
> Do you think if it is possible to still create a self-relocatable StandaloneMmCore as a PE image, instead of ELF ?
> One example is at : https://github.com/jyao1/STM/blob/master/Stm/StmPkg/Core/Init/StmInit.c#L1096
I don't know, but that sounds like a good idea. I'll have a look and let you know.
> Then we may reuse the generic PeCoff library in C code before any global variable access.
> No special assembly code or link script required. And no need to add a PCD.
The PCD is there (apart from the asm usage), because the BaseAddress defined in the .fdf is
included in the PE/COFF header.
The StMM library [1] parts that parse that header and use the BaseAddress also need a fixup.
Maybe with your suggestion that goes away as well?
[1] https://github.com/tianocore/edk2/blob/master/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCoreEntryPoint.c#L266
Thanks for the pointers!
/Ilias
>
> Thank you
> Yao Jiewen
>
>
> > -----Original Message-----
> > From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> > Sent: Saturday, June 6, 2020 4:52 PM
> > To: ard.biesheuvel@arm.com; sami.mujawar@arm.com; Yao, Jiewen
> > <jiewen.yao@intel.com>; supreeth.venkatesh@arm.com
> > Cc: devel@edk2.groups.io; Ilias Apalodimas <ilias.apalodimas@linaro.org>
> > Subject: [RFC edk2 v1] StandaloneMmPkg: Relocatable version for
> > StandAloneMM
> >
> > With work currently being done in OP-TEE [1] and U-boot [2], we can
> > compile StandAloneMM as a single binary [3] and load it from OP-TEE in
> > an isolated partition that behahes similarly to SPM.
> > By doing so we reuse existing code from EDK2 for the UEFI variable
> > storage regardless of the firmware implementation. Another advantage is
> > that OP-TEE combined with U-Boot's OP-TEE supplicant can use the RPMB
> > partition of an eMMC and securely store EFI variables instead of solely
> > relying on a secure world flash [4].
> >
> > Since StMM can be compiled as a binary that runs on OP-TEE, we need to
> > make it self-relocatable. OP-TEE load address can be arbitrary depending
> > on memory layout or ASLR.
> > We could keep the current StandAloneMM implementation as-is and duplicate
> > StandaloneMmCoreEntryPoint.c. Instead add two more .inf files for the
> > relocatable option and the relevant linker script, move the current
> > entry point into asm and add a FeaturePcd for enabling/disabling the
> > relocatable option.
> >
> > [1] https://github.com/apalos/optee_os/tree/stmm_upstream_03_clean
> > [2] https://github.com/u-boot/u-
> > boot/blob/master/lib/efi_loader/efi_variable_tee.c
> > [3] https://git.linaro.org/people/ilias.apalodimas/edk2-
> > platforms.git/tree/Platform/QemuVirt/PlatformStandaloneMm.dsc?h=stmm_rel
> > oc_combined
> > [4] https://git.linaro.org/people/ilias.apalodimas/edk2-
> > platforms.git/tree/Silicon/QemuVirt/Drivers/OpTeeRpmbFv/OpTeeRpmbFv.c?h=
> > stmm_reloc_combined
> >
> > Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> > ---
> > StandaloneMmPkg/Core/Scripts/StMM-PIE.lds | 54 +++++++++
> > StandaloneMmPkg/Core/StandaloneMmCore.inf | 3 +
> > .../Core/StandaloneMmCoreRelocatable.inf | 80 ++++++++++++++
> > .../AArch64/ModuleEntryPoint.S | 103 ++++++++++++++++++
> > .../AArch64/StandaloneMmCoreEntryPoint.c | 7 +-
> > .../StandaloneMmCoreEntryPoint.inf | 4 +
> > .../StandaloneMmCoreEntryPointRelocatable.inf | 54 +++++++++
> > StandaloneMmPkg/StandaloneMmPkg.dec | 2 +
> > 8 files changed, 306 insertions(+), 1 deletion(-)
> > create mode 100644 StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
> > create mode 100644
> > StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
> > create mode 100644
> > StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEntr
> > yPoint.S
> > create mode 100644
> > StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreE
> > ntryPointRelocatable.inf
> >
> > diff --git a/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
> > b/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
> > new file mode 100644
> > index 000000000000..a1d7012c4ca3
> > --- /dev/null
> > +++ b/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
> > @@ -0,0 +1,54 @@
> > +/** @file
> >
> > +
> >
> > + Copyright (c) 2015, Linaro Ltd. All rights reserved.<BR>
> >
> > +
> >
> > + SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +
> >
> > +**/
> >
> > +
> >
> > +SECTIONS
> >
> > +{
> >
> > + PROVIDE(__reloc_base = .);
> >
> > +
> >
> > + . = PECOFF_HEADER_SIZE;
> >
> > + .text : ALIGN(CONSTANT(COMMONPAGESIZE)) {
> >
> > + *(.text.reloc*)
> >
> > + . = ALIGN(0x1000);
> >
> > + PROVIDE(__stmm_start = .);
> >
> > + *(.text .text*)
> >
> > + . = ALIGN(0x20);
> >
> > + PROVIDE(__reloc_start = .);
> >
> > + *(.rel .rel.*)
> >
> > + *(.rela .rela.*)
> >
> > + PROVIDE(__reloc_end = .);
> >
> > + }
> >
> > + PROVIDE(__ro_start = .);
> >
> > + .got : ALIGN(CONSTANT(COMMONPAGESIZE)) {
> >
> > + *(.got .got*)
> >
> > + }
> >
> > + .rodata : ALIGN(CONSTANT(COMMONPAGESIZE)) {
> >
> > + *(.rodata .rodata*)
> >
> > + }
> >
> > + PROVIDE(__ro_end = .);
> >
> > + .data : ALIGN(CONSTANT(COMMONPAGESIZE)) {
> >
> > + *(.data .data*)
> >
> > + }
> >
> > + .bss : ALIGN(CONSTANT(COMMONPAGESIZE)) {
> >
> > + *(.bss .bss*)
> >
> > + }
> >
> > + PROVIDE(__stmm_end = .);
> >
> > +
> >
> > + .note (INFO) : { *(.note.gnu.build-id) }
> >
> > +
> >
> > + /DISCARD/ : {
> >
> > + *(.note.GNU-stack)
> >
> > + *(.gnu.hash)
> >
> > + *(.gnu_debuglink)
> >
> > + *(.interp)
> >
> > + *(.dynamic)
> >
> > + *(.dynsym)
> >
> > + *(.dynstr)
> >
> > + *(.hash)
> >
> > + *(.comment)
> >
> > + }
> >
> > +}
> >
> > diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf
> > b/StandaloneMmPkg/Core/StandaloneMmCore.inf
> > index 7d590b49bd3f..fdd4b61b3665 100644
> > --- a/StandaloneMmPkg/Core/StandaloneMmCore.inf
> > +++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf
> > @@ -74,3 +74,6 @@
> > gEfiEventLegacyBootGuid
> >
> > gEfiEventExitBootServicesGuid
> >
> > gEfiEventReadyToBootGuid
> >
> > +
> >
> > +[BuildOptions]
> >
> > + GCC:*_*_*_DLINK_FLAGS = -Wl,-T,$(MODULE_DIR)/Scripts/StMM-PIE.lds
> >
> > diff --git a/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
> > b/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
> > new file mode 100644
> > index 000000000000..69049080ef78
> > --- /dev/null
> > +++ b/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
> > @@ -0,0 +1,80 @@
> > +## @file
> >
> > +# This module provide an SMM CIS compliant implementation of SMM Core.
> >
> > +#
> >
> > +# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
> >
> > +# Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
> >
> > +# Copyright (c) 2020, Linaro Limited. All rights reserved.<BR>
> >
> > +#
> >
> > +# SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +#
> >
> > +##
> >
> > +
> >
> > +[Defines]
> >
> > + INF_VERSION = 0x0001001A
> >
> > + BASE_NAME = StandaloneMmCore
> >
> > + FILE_GUID = 6E14B6FD-3600-4DD6-A17A-206B3B6DCE16
> >
> > + MODULE_TYPE = MM_CORE_STANDALONE
> >
> > + VERSION_STRING = 1.0
> >
> > + PI_SPECIFICATION_VERSION = 0x00010032
> >
> > + ENTRY_POINT = StandaloneMmMain
> >
> > +
> >
> > +# VALID_ARCHITECTURES = IA32 X64 AARCH64
> >
> > +
> >
> > +[Sources]
> >
> > + StandaloneMmCore.c
> >
> > + StandaloneMmCore.h
> >
> > + StandaloneMmCorePrivateData.h
> >
> > + Page.c
> >
> > + Pool.c
> >
> > + Handle.c
> >
> > + Locate.c
> >
> > + Notify.c
> >
> > + Dependency.c
> >
> > + Dispatcher.c
> >
> > + Mmi.c
> >
> > + InstallConfigurationTable.c
> >
> > + FwVol.c
> >
> > +
> >
> > +[Packages]
> >
> > + MdePkg/MdePkg.dec
> >
> > + MdeModulePkg/MdeModulePkg.dec
> >
> > + StandaloneMmPkg/StandaloneMmPkg.dec
> >
> > +
> >
> > +[LibraryClasses]
> >
> > + BaseLib
> >
> > + BaseMemoryLib
> >
> > + CacheMaintenanceLib
> >
> > + DebugLib
> >
> > + ExtractGuidedSectionLib
> >
> > + FvLib
> >
> > + HobLib
> >
> > + MemoryAllocationLib
> >
> > + MemLib
> >
> > + PeCoffLib
> >
> > + ReportStatusCodeLib
> >
> > + StandaloneMmCoreEntryPoint
> >
> > +
> >
> > +[Protocols]
> >
> > + gEfiDxeMmReadyToLockProtocolGuid ## UNDEFINED #
> > SmiHandlerRegister
> >
> > + gEfiMmReadyToLockProtocolGuid ## PRODUCES
> >
> > + gEfiMmEndOfDxeProtocolGuid ## PRODUCES
> >
> > + gEfiLoadedImageProtocolGuid ## PRODUCES
> >
> > + gEfiMmConfigurationProtocolGuid ## CONSUMES
> >
> > +
> >
> > +[Guids]
> >
> > + gAprioriGuid ## SOMETIMES_CONSUMES ## File
> >
> > + gEfiEventDxeDispatchGuid ## PRODUCES ## GUID #
> > SmiHandlerRegister
> >
> > + gEfiEndOfDxeEventGroupGuid ## PRODUCES ## GUID #
> > SmiHandlerRegister
> >
> > + ## SOMETIMES_CONSUMES ## GUID # Locate protocol
> >
> > + ## SOMETIMES_PRODUCES ## GUID # SmiHandlerRegister
> >
> > + gEdkiiMemoryProfileGuid
> >
> > + gZeroGuid ## SOMETIMES_CONSUMES ## GUID
> >
> > + gEfiHobListGuid
> >
> > + gMmCoreDataHobGuid
> >
> > + gMmFvDispatchGuid
> >
> > + gEfiEventLegacyBootGuid
> >
> > + gEfiEventExitBootServicesGuid
> >
> > + gEfiEventReadyToBootGuid
> >
> > +
> >
> > +[BuildOptions]
> >
> > + GCC:*_*_*_DLINK_FLAGS = -Wl,-Bsymbolic,-pie,-
> > T,$(MODULE_DIR)/Scripts/StMM-PIE.lds
> >
> > diff --git
> > a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEn
> > tryPoint.S
> > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEn
> > tryPoint.S
> > new file mode 100644
> > index 000000000000..90ff4579daa6
> > --- /dev/null
> > +++
> > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEn
> > tryPoint.S
> > @@ -0,0 +1,103 @@
> > +//
> >
> > +// Copyright (c) 2011-2013, ARM Limited. All rights reserved.
> >
> > +// Copyright (c) 2015-2020, Linaro Limited. All rights reserved.
> >
> > +//
> >
> > +// SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +//
> >
> > +//
> >
> > +
> >
> > +#include <AsmMacroIoLibV8.h>
> >
> > +ASM_FUNC(_ModuleEntryPoint)
> >
> > + adr x8, FeaturePcdGet (PcdStMMReloc)
> >
> > + ldrb w9, [x8]
> >
> > + cmp x9, #0
> >
> > + // If PcdStMMReloc is set to TRUE, go ahead and fixup the relocations here
> >
> > + beq .Llaunch
> >
> > + adr x8, __reloc_base
> >
> > + adr x9, __reloc_start
> >
> > + adr x10, __reloc_end
> >
> > + bl ASM_PFX(_DoReloc)
> >
> > +.Llaunch:
> >
> > + b ModuleEntryPoint
> >
> > +
> >
> > +.section .text.reloc, "ax"
> >
> > +ASM_PFX(_DoReloc):
> >
> > + mov x20, x0
> >
> > + mov x21, x1
> >
> > + mov x22, x2
> >
> > + mov x23, x3
> >
> > +
> >
> > + // Set all of the memory as r/w
> >
> > + adr x11, __stmm_start
> >
> > + adr x2, __stmm_end
> >
> > + ldr x0, =0xC4000065
> >
> > + and x1, x11, #~0x0fff // Align to page
> >
> > + sub x2, x2, x11
> >
> > + add x2, x2, #0xfff
> >
> > + lsr x2, x2, #12 // nr pages
> >
> > + ldr x3, =0x5 // Set perms to r/w
> >
> > + svc #0
> >
> > + // Prevent speculative execution beyond svc instruction
> >
> > + dsb nsh
> >
> > + isb
> >
> > +
> >
> > +.Lreloc_loop:
> >
> > + cmp x9, x10
> >
> > + bhs .Lreloc_done
> >
> > + //
> >
> > + // We are built as a ET_DYN PIE executable, so we need to process all
> >
> > + // relative relocations regardless of whether or not we are executing from
> >
> > + // the same offset we were linked at. This is only possible if we are
> >
> > + // running from RAM.
> >
> > + //
> >
> > + // AArch64 uses the ELF64 RELA format, which means each entry in the
> >
> > + // relocation table consists of
> >
> > + //
> >
> > + // UINT64 offset : the relative offset of the value that needs to
> >
> > + // be relocated
> >
> > + // UINT64 info : relocation type and symbol index (the latter is
> >
> > + // not used for R_AARCH64_RELATIVE relocations)
> >
> > + // UINT64 addend : value to be added to the value being relocated
> >
> > + //
> >
> > + ldp x11, x12, [x9], #24 // read offset into x11 and info into x12
> >
> > + cmp x12, #0x403 // check info == R_AARCH64_RELATIVE?
> >
> > + bne .Lreloc_loop // not a relative relocation? then skip
> >
> > + ldr x12, [x9, #-8] // read addend into x12
> >
> > + add x12, x12, x8 // add reloc base to addend to get relocated value
> >
> > + str x12, [x11, x8] // write relocated value at offset
> >
> > + b .Lreloc_loop
> >
> > +
> >
> > +.Lreloc_done:
> >
> > + // set memory per section
> >
> > + adr x11, __stmm_start
> >
> > + adr x2, __reloc_end
> >
> > + ldr x0, =0xC4000065
> >
> > + and x1, x11, #~0x0fff // Align to page
> >
> > + sub x2, x2, x11
> >
> > + add x2, x2, #0xfff
> >
> > + lsr x2, x2, #12 // nr pages
> >
> > + ldr x3, =0x3 // Set perms to r/x
> >
> > + svc #0
> >
> > + // Prevent speculative execution beyond svc instruction
> >
> > + dsb nsh
> >
> > + isb
> >
> > +
> >
> > + adr x11, __ro_start
> >
> > + adr x2, __ro_end
> >
> > + ldr x0, =0xC4000065
> >
> > + and x1, x11, #~0x0fff // Align to page
> >
> > + sub x2, x2, x11
> >
> > + add x2, x2, #0xfff
> >
> > + lsr x2, x2, #12 // nr pages
> >
> > + ldr x3, =0x1 // Set perms to r/o
> >
> > + svc #0
> >
> > + // Prevent speculative execution beyond svc instruction
> >
> > + dsb nsh
> >
> > + isb
> >
> > +
> >
> > + mov x0, x20
> >
> > + mov x1, x21
> >
> > + mov x2, x22
> >
> > + mov x3, x23
> >
> > +
> >
> > + ret
> >
> > diff --git
> > a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> > eMmCoreEntryPoint.c
> > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> > eMmCoreEntryPoint.c
> > index 20723385113f..57c3162ab5d0 100644
> > ---
> > a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> > eMmCoreEntryPoint.c
> > +++
> > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> > eMmCoreEntryPoint.c
> > @@ -22,6 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> > #include <Library/HobLib.h>
> >
> > #include <Library/BaseLib.h>
> >
> > #include <Library/BaseMemoryLib.h>
> >
> > +#include <Library/PcdLib.h>
> >
> > #include <Library/SerialPortLib.h>
> >
> >
> >
> > #include <IndustryStandard/ArmStdSmc.h>
> >
> > @@ -209,7 +210,7 @@ GetSpmVersion (VOID)
> > **/
> >
> > VOID
> >
> > EFIAPI
> >
> > -_ModuleEntryPoint (
> >
> > +ModuleEntryPoint (
> >
> > IN VOID *SharedBufAddress,
> >
> > IN UINT64 SharedBufSize,
> >
> > IN UINT64 cookie1,
> >
> > @@ -238,6 +239,9 @@ _ModuleEntryPoint (
> > goto finish;
> >
> > }
> >
> >
> >
> > + if (FeaturePcdGet (PcdStMMReloc)) {
> >
> > + goto skip_remap;
> >
> > + }
> >
> > // Locate PE/COFF File information for the Standalone MM core module
> >
> > Status = LocateStandaloneMmCorePeCoffData (
> >
> > (EFI_FIRMWARE_VOLUME_HEADER *) PayloadBootInfo->SpImageBase,
> >
> > @@ -276,6 +280,7 @@ _ModuleEntryPoint (
> > goto finish;
> >
> > }
> >
> >
> >
> > +skip_remap:
> >
> > //
> >
> > // Create Hoblist based upon boot information passed by privileged software
> >
> > //
> >
> > diff --git
> > a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> > eEntryPoint.inf
> > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> > eEntryPoint.inf
> > index 891c292e92f8..6659219404a5 100644
> > ---
> > a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> > eEntryPoint.inf
> > +++
> > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> > eEntryPoint.inf
> > @@ -25,6 +25,7 @@
> > AArch64/StandaloneMmCoreEntryPoint.c
> >
> > AArch64/SetPermissions.c
> >
> > AArch64/CreateHobList.c
> >
> > + AArch64/ModuleEntryPoint.S
> >
> >
> >
> > [Packages]
> >
> > MdePkg/MdePkg.dec
> >
> > @@ -48,3 +49,6 @@
> > gEfiMmPeiMmramMemoryReserveGuid
> >
> > gEfiStandaloneMmNonSecureBufferGuid
> >
> > gEfiArmTfCpuDriverEpDescriptorGuid
> >
> > +
> >
> > +[FeaturePcd]
> >
> > + gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|FALSE
> >
> > diff --git
> > a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> > eEntryPointRelocatable.inf
> > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> > eEntryPointRelocatable.inf
> > new file mode 100644
> > index 000000000000..10cdae1b4018
> > --- /dev/null
> > +++
> > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
> > eEntryPointRelocatable.inf
> > @@ -0,0 +1,54 @@
> > +## @file
> >
> > +# Module entry point library for DXE core.
> >
> > +#
> >
> > +# Copyright (c) 2020, ARM Ltd. All rights reserved.<BR>
> >
> > +#
> >
> > +# SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +#
> >
> > +#
> >
> > +##
> >
> > +
> >
> > +[Defines]
> >
> > + INF_VERSION = 0x0001001A
> >
> > + BASE_NAME = StandaloneMmCoreEntryPoint
> >
> > + FILE_GUID = C97AC593-109A-4C63-905C-675FDE2689E8
> >
> > + MODULE_TYPE = MM_CORE_STANDALONE
> >
> > + VERSION_STRING = 1.0
> >
> > + PI_SPECIFICATION_VERSION = 0x00010032
> >
> > + LIBRARY_CLASS =
> > StandaloneMmCoreEntryPoint|MM_CORE_STANDALONE
> >
> > +
> >
> > +#
> >
> > +# VALID_ARCHITECTURES = IA32 X64 IPF EBC (EBC is for build only)
> >
> > +#
> >
> > +
> >
> > +[Sources.AARCH64]
> >
> > + AArch64/StandaloneMmCoreEntryPoint.c
> >
> > + AArch64/SetPermissions.c
> >
> > + AArch64/CreateHobList.c
> >
> > + AArch64/ModuleEntryPoint.S
> >
> > +
> >
> > +[Packages]
> >
> > + MdePkg/MdePkg.dec
> >
> > + MdeModulePkg/MdeModulePkg.dec
> >
> > + StandaloneMmPkg/StandaloneMmPkg.dec
> >
> > +
> >
> > +[Packages.AARCH64]
> >
> > + ArmPkg/ArmPkg.dec
> >
> > + ArmPlatformPkg/ArmPlatformPkg.dec
> >
> > +
> >
> > +[LibraryClasses]
> >
> > + BaseLib
> >
> > + DebugLib
> >
> > +
> >
> > +[LibraryClasses.AARCH64]
> >
> > + StandaloneMmMmuLib
> >
> > + ArmSvcLib
> >
> > +
> >
> > +[Guids]
> >
> > + gMpInformationHobGuid
> >
> > + gEfiMmPeiMmramMemoryReserveGuid
> >
> > + gEfiStandaloneMmNonSecureBufferGuid
> >
> > + gEfiArmTfCpuDriverEpDescriptorGuid
> >
> > +
> >
> > +[FeaturePcd]
> >
> > + gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|TRUE
> >
> > diff --git a/StandaloneMmPkg/StandaloneMmPkg.dec
> > b/StandaloneMmPkg/StandaloneMmPkg.dec
> > index 82cb62568b53..cc572321a5b6 100644
> > --- a/StandaloneMmPkg/StandaloneMmPkg.dec
> > +++ b/StandaloneMmPkg/StandaloneMmPkg.dec
> > @@ -33,3 +33,5 @@
> > gEfiStandaloneMmNonSecureBufferGuid = { 0xf00497e3, 0xbfa2, 0x41a1,
> > { 0x9d, 0x29, 0x54, 0xc2, 0xe9, 0x37, 0x21, 0xc5 }}
> >
> > gEfiArmTfCpuDriverEpDescriptorGuid = { 0x6ecbd5a1, 0xc0f8, 0x4702,
> > { 0x83, 0x01, 0x4f, 0xc2, 0xc5, 0x47, 0x0a, 0x51 }}
> >
> >
> >
> > +[PcdsFeatureFlag]
> >
> > +
> > gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|FALSE|BOOLEAN|0x00000
> > 001
> >
> > --
> > 2.27.0
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [RFC edk2 v1] StandaloneMmPkg: Relocatable version for StandAloneMM
2020-06-07 1:17 ` Yao, Jiewen
2020-06-08 16:56 ` Ilias Apalodimas
@ 2020-06-08 22:25 ` Ard Biesheuvel
1 sibling, 0 replies; 4+ messages in thread
From: Ard Biesheuvel @ 2020-06-08 22:25 UTC (permalink / raw)
To: Yao, Jiewen, Ilias Apalodimas, sami.mujawar@arm.com,
supreeth.venkatesh@arm.com
Cc: devel@edk2.groups.io
On 6/7/20 3:17 AM, Yao, Jiewen wrote:
> Hi Ilias
> It seems a good idea to support relocatable StMM.
>
Agreed.
> Thought on StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
> Usually we do not add special link option in INF and build a module to be ELF for some special purposes.
> Things might be broken if X86 platform uses this INF to build Relocatable image with visual studio or with GCC.
>
We do for some platforms in ArmVirtPkg, but I agree it is better to use
the PE/COFF library code for this.
I have sent out some patches to update the ArmVirtPkg use cases (note to
Sami: we will need to update the KvmTool port accordingly as well), and
I will work with Ilias to adopt this approach for the standalone MM core.
> Do you think if it is possible to still create a self-relocatable StandaloneMmCore as a PE image, instead of ELF ?
> One example is at : https://github.com/jyao1/STM/blob/master/Stm/StmPkg/Core/Init/StmInit.c#L1096
> Then we may reuse the generic PeCoff library in C code before any global variable access.
> No special assembly code or link script required. And no need to add a PCD.
>
> Thank you
> Yao Jiewen
>
>
>> -----Original Message-----
>> From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
>> Sent: Saturday, June 6, 2020 4:52 PM
>> To: ard.biesheuvel@arm.com; sami.mujawar@arm.com; Yao, Jiewen
>> <jiewen.yao@intel.com>; supreeth.venkatesh@arm.com
>> Cc: devel@edk2.groups.io; Ilias Apalodimas <ilias.apalodimas@linaro.org>
>> Subject: [RFC edk2 v1] StandaloneMmPkg: Relocatable version for
>> StandAloneMM
>>
>> With work currently being done in OP-TEE [1] and U-boot [2], we can
>> compile StandAloneMM as a single binary [3] and load it from OP-TEE in
>> an isolated partition that behahes similarly to SPM.
>> By doing so we reuse existing code from EDK2 for the UEFI variable
>> storage regardless of the firmware implementation. Another advantage is
>> that OP-TEE combined with U-Boot's OP-TEE supplicant can use the RPMB
>> partition of an eMMC and securely store EFI variables instead of solely
>> relying on a secure world flash [4].
>>
>> Since StMM can be compiled as a binary that runs on OP-TEE, we need to
>> make it self-relocatable. OP-TEE load address can be arbitrary depending
>> on memory layout or ASLR.
>> We could keep the current StandAloneMM implementation as-is and duplicate
>> StandaloneMmCoreEntryPoint.c. Instead add two more .inf files for the
>> relocatable option and the relevant linker script, move the current
>> entry point into asm and add a FeaturePcd for enabling/disabling the
>> relocatable option.
>>
>> [1] https://github.com/apalos/optee_os/tree/stmm_upstream_03_clean
>> [2] https://github.com/u-boot/u-
>> boot/blob/master/lib/efi_loader/efi_variable_tee.c
>> [3] https://git.linaro.org/people/ilias.apalodimas/edk2-
>> platforms.git/tree/Platform/QemuVirt/PlatformStandaloneMm.dsc?h=stmm_rel
>> oc_combined
>> [4] https://git.linaro.org/people/ilias.apalodimas/edk2-
>> platforms.git/tree/Silicon/QemuVirt/Drivers/OpTeeRpmbFv/OpTeeRpmbFv.c?h=
>> stmm_reloc_combined
>>
>> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
>> ---
>> StandaloneMmPkg/Core/Scripts/StMM-PIE.lds | 54 +++++++++
>> StandaloneMmPkg/Core/StandaloneMmCore.inf | 3 +
>> .../Core/StandaloneMmCoreRelocatable.inf | 80 ++++++++++++++
>> .../AArch64/ModuleEntryPoint.S | 103 ++++++++++++++++++
>> .../AArch64/StandaloneMmCoreEntryPoint.c | 7 +-
>> .../StandaloneMmCoreEntryPoint.inf | 4 +
>> .../StandaloneMmCoreEntryPointRelocatable.inf | 54 +++++++++
>> StandaloneMmPkg/StandaloneMmPkg.dec | 2 +
>> 8 files changed, 306 insertions(+), 1 deletion(-)
>> create mode 100644 StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
>> create mode 100644
>> StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
>> create mode 100644
>> StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEntr
>> yPoint.S
>> create mode 100644
>> StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreE
>> ntryPointRelocatable.inf
>>
>> diff --git a/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
>> b/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
>> new file mode 100644
>> index 000000000000..a1d7012c4ca3
>> --- /dev/null
>> +++ b/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds
>> @@ -0,0 +1,54 @@
>> +/** @file
>>
>> +
>>
>> + Copyright (c) 2015, Linaro Ltd. All rights reserved.<BR>
>>
>> +
>>
>> + SPDX-License-Identifier: BSD-2-Clause-Patent
>>
>> +
>>
>> +**/
>>
>> +
>>
>> +SECTIONS
>>
>> +{
>>
>> + PROVIDE(__reloc_base = .);
>>
>> +
>>
>> + . = PECOFF_HEADER_SIZE;
>>
>> + .text : ALIGN(CONSTANT(COMMONPAGESIZE)) {
>>
>> + *(.text.reloc*)
>>
>> + . = ALIGN(0x1000);
>>
>> + PROVIDE(__stmm_start = .);
>>
>> + *(.text .text*)
>>
>> + . = ALIGN(0x20);
>>
>> + PROVIDE(__reloc_start = .);
>>
>> + *(.rel .rel.*)
>>
>> + *(.rela .rela.*)
>>
>> + PROVIDE(__reloc_end = .);
>>
>> + }
>>
>> + PROVIDE(__ro_start = .);
>>
>> + .got : ALIGN(CONSTANT(COMMONPAGESIZE)) {
>>
>> + *(.got .got*)
>>
>> + }
>>
>> + .rodata : ALIGN(CONSTANT(COMMONPAGESIZE)) {
>>
>> + *(.rodata .rodata*)
>>
>> + }
>>
>> + PROVIDE(__ro_end = .);
>>
>> + .data : ALIGN(CONSTANT(COMMONPAGESIZE)) {
>>
>> + *(.data .data*)
>>
>> + }
>>
>> + .bss : ALIGN(CONSTANT(COMMONPAGESIZE)) {
>>
>> + *(.bss .bss*)
>>
>> + }
>>
>> + PROVIDE(__stmm_end = .);
>>
>> +
>>
>> + .note (INFO) : { *(.note.gnu.build-id) }
>>
>> +
>>
>> + /DISCARD/ : {
>>
>> + *(.note.GNU-stack)
>>
>> + *(.gnu.hash)
>>
>> + *(.gnu_debuglink)
>>
>> + *(.interp)
>>
>> + *(.dynamic)
>>
>> + *(.dynsym)
>>
>> + *(.dynstr)
>>
>> + *(.hash)
>>
>> + *(.comment)
>>
>> + }
>>
>> +}
>>
>> diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf
>> b/StandaloneMmPkg/Core/StandaloneMmCore.inf
>> index 7d590b49bd3f..fdd4b61b3665 100644
>> --- a/StandaloneMmPkg/Core/StandaloneMmCore.inf
>> +++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf
>> @@ -74,3 +74,6 @@
>> gEfiEventLegacyBootGuid
>>
>> gEfiEventExitBootServicesGuid
>>
>> gEfiEventReadyToBootGuid
>>
>> +
>>
>> +[BuildOptions]
>>
>> + GCC:*_*_*_DLINK_FLAGS = -Wl,-T,$(MODULE_DIR)/Scripts/StMM-PIE.lds
>>
>> diff --git a/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
>> b/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
>> new file mode 100644
>> index 000000000000..69049080ef78
>> --- /dev/null
>> +++ b/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf
>> @@ -0,0 +1,80 @@
>> +## @file
>>
>> +# This module provide an SMM CIS compliant implementation of SMM Core.
>>
>> +#
>>
>> +# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
>>
>> +# Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
>>
>> +# Copyright (c) 2020, Linaro Limited. All rights reserved.<BR>
>>
>> +#
>>
>> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>>
>> +#
>>
>> +##
>>
>> +
>>
>> +[Defines]
>>
>> + INF_VERSION = 0x0001001A
>>
>> + BASE_NAME = StandaloneMmCore
>>
>> + FILE_GUID = 6E14B6FD-3600-4DD6-A17A-206B3B6DCE16
>>
>> + MODULE_TYPE = MM_CORE_STANDALONE
>>
>> + VERSION_STRING = 1.0
>>
>> + PI_SPECIFICATION_VERSION = 0x00010032
>>
>> + ENTRY_POINT = StandaloneMmMain
>>
>> +
>>
>> +# VALID_ARCHITECTURES = IA32 X64 AARCH64
>>
>> +
>>
>> +[Sources]
>>
>> + StandaloneMmCore.c
>>
>> + StandaloneMmCore.h
>>
>> + StandaloneMmCorePrivateData.h
>>
>> + Page.c
>>
>> + Pool.c
>>
>> + Handle.c
>>
>> + Locate.c
>>
>> + Notify.c
>>
>> + Dependency.c
>>
>> + Dispatcher.c
>>
>> + Mmi.c
>>
>> + InstallConfigurationTable.c
>>
>> + FwVol.c
>>
>> +
>>
>> +[Packages]
>>
>> + MdePkg/MdePkg.dec
>>
>> + MdeModulePkg/MdeModulePkg.dec
>>
>> + StandaloneMmPkg/StandaloneMmPkg.dec
>>
>> +
>>
>> +[LibraryClasses]
>>
>> + BaseLib
>>
>> + BaseMemoryLib
>>
>> + CacheMaintenanceLib
>>
>> + DebugLib
>>
>> + ExtractGuidedSectionLib
>>
>> + FvLib
>>
>> + HobLib
>>
>> + MemoryAllocationLib
>>
>> + MemLib
>>
>> + PeCoffLib
>>
>> + ReportStatusCodeLib
>>
>> + StandaloneMmCoreEntryPoint
>>
>> +
>>
>> +[Protocols]
>>
>> + gEfiDxeMmReadyToLockProtocolGuid ## UNDEFINED #
>> SmiHandlerRegister
>>
>> + gEfiMmReadyToLockProtocolGuid ## PRODUCES
>>
>> + gEfiMmEndOfDxeProtocolGuid ## PRODUCES
>>
>> + gEfiLoadedImageProtocolGuid ## PRODUCES
>>
>> + gEfiMmConfigurationProtocolGuid ## CONSUMES
>>
>> +
>>
>> +[Guids]
>>
>> + gAprioriGuid ## SOMETIMES_CONSUMES ## File
>>
>> + gEfiEventDxeDispatchGuid ## PRODUCES ## GUID #
>> SmiHandlerRegister
>>
>> + gEfiEndOfDxeEventGroupGuid ## PRODUCES ## GUID #
>> SmiHandlerRegister
>>
>> + ## SOMETIMES_CONSUMES ## GUID # Locate protocol
>>
>> + ## SOMETIMES_PRODUCES ## GUID # SmiHandlerRegister
>>
>> + gEdkiiMemoryProfileGuid
>>
>> + gZeroGuid ## SOMETIMES_CONSUMES ## GUID
>>
>> + gEfiHobListGuid
>>
>> + gMmCoreDataHobGuid
>>
>> + gMmFvDispatchGuid
>>
>> + gEfiEventLegacyBootGuid
>>
>> + gEfiEventExitBootServicesGuid
>>
>> + gEfiEventReadyToBootGuid
>>
>> +
>>
>> +[BuildOptions]
>>
>> + GCC:*_*_*_DLINK_FLAGS = -Wl,-Bsymbolic,-pie,-
>> T,$(MODULE_DIR)/Scripts/StMM-PIE.lds
>>
>> diff --git
>> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEn
>> tryPoint.S
>> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEn
>> tryPoint.S
>> new file mode 100644
>> index 000000000000..90ff4579daa6
>> --- /dev/null
>> +++
>> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEn
>> tryPoint.S
>> @@ -0,0 +1,103 @@
>> +//
>>
>> +// Copyright (c) 2011-2013, ARM Limited. All rights reserved.
>>
>> +// Copyright (c) 2015-2020, Linaro Limited. All rights reserved.
>>
>> +//
>>
>> +// SPDX-License-Identifier: BSD-2-Clause-Patent
>>
>> +//
>>
>> +//
>>
>> +
>>
>> +#include <AsmMacroIoLibV8.h>
>>
>> +ASM_FUNC(_ModuleEntryPoint)
>>
>> + adr x8, FeaturePcdGet (PcdStMMReloc)
>>
>> + ldrb w9, [x8]
>>
>> + cmp x9, #0
>>
>> + // If PcdStMMReloc is set to TRUE, go ahead and fixup the relocations here
>>
>> + beq .Llaunch
>>
>> + adr x8, __reloc_base
>>
>> + adr x9, __reloc_start
>>
>> + adr x10, __reloc_end
>>
>> + bl ASM_PFX(_DoReloc)
>>
>> +.Llaunch:
>>
>> + b ModuleEntryPoint
>>
>> +
>>
>> +.section .text.reloc, "ax"
>>
>> +ASM_PFX(_DoReloc):
>>
>> + mov x20, x0
>>
>> + mov x21, x1
>>
>> + mov x22, x2
>>
>> + mov x23, x3
>>
>> +
>>
>> + // Set all of the memory as r/w
>>
>> + adr x11, __stmm_start
>>
>> + adr x2, __stmm_end
>>
>> + ldr x0, =0xC4000065
>>
>> + and x1, x11, #~0x0fff // Align to page
>>
>> + sub x2, x2, x11
>>
>> + add x2, x2, #0xfff
>>
>> + lsr x2, x2, #12 // nr pages
>>
>> + ldr x3, =0x5 // Set perms to r/w
>>
>> + svc #0
>>
>> + // Prevent speculative execution beyond svc instruction
>>
>> + dsb nsh
>>
>> + isb
>>
>> +
>>
>> +.Lreloc_loop:
>>
>> + cmp x9, x10
>>
>> + bhs .Lreloc_done
>>
>> + //
>>
>> + // We are built as a ET_DYN PIE executable, so we need to process all
>>
>> + // relative relocations regardless of whether or not we are executing from
>>
>> + // the same offset we were linked at. This is only possible if we are
>>
>> + // running from RAM.
>>
>> + //
>>
>> + // AArch64 uses the ELF64 RELA format, which means each entry in the
>>
>> + // relocation table consists of
>>
>> + //
>>
>> + // UINT64 offset : the relative offset of the value that needs to
>>
>> + // be relocated
>>
>> + // UINT64 info : relocation type and symbol index (the latter is
>>
>> + // not used for R_AARCH64_RELATIVE relocations)
>>
>> + // UINT64 addend : value to be added to the value being relocated
>>
>> + //
>>
>> + ldp x11, x12, [x9], #24 // read offset into x11 and info into x12
>>
>> + cmp x12, #0x403 // check info == R_AARCH64_RELATIVE?
>>
>> + bne .Lreloc_loop // not a relative relocation? then skip
>>
>> + ldr x12, [x9, #-8] // read addend into x12
>>
>> + add x12, x12, x8 // add reloc base to addend to get relocated value
>>
>> + str x12, [x11, x8] // write relocated value at offset
>>
>> + b .Lreloc_loop
>>
>> +
>>
>> +.Lreloc_done:
>>
>> + // set memory per section
>>
>> + adr x11, __stmm_start
>>
>> + adr x2, __reloc_end
>>
>> + ldr x0, =0xC4000065
>>
>> + and x1, x11, #~0x0fff // Align to page
>>
>> + sub x2, x2, x11
>>
>> + add x2, x2, #0xfff
>>
>> + lsr x2, x2, #12 // nr pages
>>
>> + ldr x3, =0x3 // Set perms to r/x
>>
>> + svc #0
>>
>> + // Prevent speculative execution beyond svc instruction
>>
>> + dsb nsh
>>
>> + isb
>>
>> +
>>
>> + adr x11, __ro_start
>>
>> + adr x2, __ro_end
>>
>> + ldr x0, =0xC4000065
>>
>> + and x1, x11, #~0x0fff // Align to page
>>
>> + sub x2, x2, x11
>>
>> + add x2, x2, #0xfff
>>
>> + lsr x2, x2, #12 // nr pages
>>
>> + ldr x3, =0x1 // Set perms to r/o
>>
>> + svc #0
>>
>> + // Prevent speculative execution beyond svc instruction
>>
>> + dsb nsh
>>
>> + isb
>>
>> +
>>
>> + mov x0, x20
>>
>> + mov x1, x21
>>
>> + mov x2, x22
>>
>> + mov x3, x23
>>
>> +
>>
>> + ret
>>
>> diff --git
>> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
>> eMmCoreEntryPoint.c
>> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
>> eMmCoreEntryPoint.c
>> index 20723385113f..57c3162ab5d0 100644
>> ---
>> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
>> eMmCoreEntryPoint.c
>> +++
>> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
>> eMmCoreEntryPoint.c
>> @@ -22,6 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>> #include <Library/HobLib.h>
>>
>> #include <Library/BaseLib.h>
>>
>> #include <Library/BaseMemoryLib.h>
>>
>> +#include <Library/PcdLib.h>
>>
>> #include <Library/SerialPortLib.h>
>>
>>
>>
>> #include <IndustryStandard/ArmStdSmc.h>
>>
>> @@ -209,7 +210,7 @@ GetSpmVersion (VOID)
>> **/
>>
>> VOID
>>
>> EFIAPI
>>
>> -_ModuleEntryPoint (
>>
>> +ModuleEntryPoint (
>>
>> IN VOID *SharedBufAddress,
>>
>> IN UINT64 SharedBufSize,
>>
>> IN UINT64 cookie1,
>>
>> @@ -238,6 +239,9 @@ _ModuleEntryPoint (
>> goto finish;
>>
>> }
>>
>>
>>
>> + if (FeaturePcdGet (PcdStMMReloc)) {
>>
>> + goto skip_remap;
>>
>> + }
>>
>> // Locate PE/COFF File information for the Standalone MM core module
>>
>> Status = LocateStandaloneMmCorePeCoffData (
>>
>> (EFI_FIRMWARE_VOLUME_HEADER *) PayloadBootInfo->SpImageBase,
>>
>> @@ -276,6 +280,7 @@ _ModuleEntryPoint (
>> goto finish;
>>
>> }
>>
>>
>>
>> +skip_remap:
>>
>> //
>>
>> // Create Hoblist based upon boot information passed by privileged software
>>
>> //
>>
>> diff --git
>> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
>> eEntryPoint.inf
>> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
>> eEntryPoint.inf
>> index 891c292e92f8..6659219404a5 100644
>> ---
>> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
>> eEntryPoint.inf
>> +++
>> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
>> eEntryPoint.inf
>> @@ -25,6 +25,7 @@
>> AArch64/StandaloneMmCoreEntryPoint.c
>>
>> AArch64/SetPermissions.c
>>
>> AArch64/CreateHobList.c
>>
>> + AArch64/ModuleEntryPoint.S
>>
>>
>>
>> [Packages]
>>
>> MdePkg/MdePkg.dec
>>
>> @@ -48,3 +49,6 @@
>> gEfiMmPeiMmramMemoryReserveGuid
>>
>> gEfiStandaloneMmNonSecureBufferGuid
>>
>> gEfiArmTfCpuDriverEpDescriptorGuid
>>
>> +
>>
>> +[FeaturePcd]
>>
>> + gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|FALSE
>>
>> diff --git
>> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
>> eEntryPointRelocatable.inf
>> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
>> eEntryPointRelocatable.inf
>> new file mode 100644
>> index 000000000000..10cdae1b4018
>> --- /dev/null
>> +++
>> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCor
>> eEntryPointRelocatable.inf
>> @@ -0,0 +1,54 @@
>> +## @file
>>
>> +# Module entry point library for DXE core.
>>
>> +#
>>
>> +# Copyright (c) 2020, ARM Ltd. All rights reserved.<BR>
>>
>> +#
>>
>> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>>
>> +#
>>
>> +#
>>
>> +##
>>
>> +
>>
>> +[Defines]
>>
>> + INF_VERSION = 0x0001001A
>>
>> + BASE_NAME = StandaloneMmCoreEntryPoint
>>
>> + FILE_GUID = C97AC593-109A-4C63-905C-675FDE2689E8
>>
>> + MODULE_TYPE = MM_CORE_STANDALONE
>>
>> + VERSION_STRING = 1.0
>>
>> + PI_SPECIFICATION_VERSION = 0x00010032
>>
>> + LIBRARY_CLASS =
>> StandaloneMmCoreEntryPoint|MM_CORE_STANDALONE
>>
>> +
>>
>> +#
>>
>> +# VALID_ARCHITECTURES = IA32 X64 IPF EBC (EBC is for build only)
>>
>> +#
>>
>> +
>>
>> +[Sources.AARCH64]
>>
>> + AArch64/StandaloneMmCoreEntryPoint.c
>>
>> + AArch64/SetPermissions.c
>>
>> + AArch64/CreateHobList.c
>>
>> + AArch64/ModuleEntryPoint.S
>>
>> +
>>
>> +[Packages]
>>
>> + MdePkg/MdePkg.dec
>>
>> + MdeModulePkg/MdeModulePkg.dec
>>
>> + StandaloneMmPkg/StandaloneMmPkg.dec
>>
>> +
>>
>> +[Packages.AARCH64]
>>
>> + ArmPkg/ArmPkg.dec
>>
>> + ArmPlatformPkg/ArmPlatformPkg.dec
>>
>> +
>>
>> +[LibraryClasses]
>>
>> + BaseLib
>>
>> + DebugLib
>>
>> +
>>
>> +[LibraryClasses.AARCH64]
>>
>> + StandaloneMmMmuLib
>>
>> + ArmSvcLib
>>
>> +
>>
>> +[Guids]
>>
>> + gMpInformationHobGuid
>>
>> + gEfiMmPeiMmramMemoryReserveGuid
>>
>> + gEfiStandaloneMmNonSecureBufferGuid
>>
>> + gEfiArmTfCpuDriverEpDescriptorGuid
>>
>> +
>>
>> +[FeaturePcd]
>>
>> + gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|TRUE
>>
>> diff --git a/StandaloneMmPkg/StandaloneMmPkg.dec
>> b/StandaloneMmPkg/StandaloneMmPkg.dec
>> index 82cb62568b53..cc572321a5b6 100644
>> --- a/StandaloneMmPkg/StandaloneMmPkg.dec
>> +++ b/StandaloneMmPkg/StandaloneMmPkg.dec
>> @@ -33,3 +33,5 @@
>> gEfiStandaloneMmNonSecureBufferGuid = { 0xf00497e3, 0xbfa2, 0x41a1,
>> { 0x9d, 0x29, 0x54, 0xc2, 0xe9, 0x37, 0x21, 0xc5 }}
>>
>> gEfiArmTfCpuDriverEpDescriptorGuid = { 0x6ecbd5a1, 0xc0f8, 0x4702,
>> { 0x83, 0x01, 0x4f, 0xc2, 0xc5, 0x47, 0x0a, 0x51 }}
>>
>>
>>
>> +[PcdsFeatureFlag]
>>
>> +
>> gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|FALSE|BOOLEAN|0x00000
>> 001
>>
>> --
>> 2.27.0
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-06-08 22:25 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-06-06 8:52 [RFC edk2 v1] StandaloneMmPkg: Relocatable version for StandAloneMM Ilias Apalodimas
2020-06-07 1:17 ` Yao, Jiewen
2020-06-08 16:56 ` Ilias Apalodimas
2020-06-08 22:25 ` Ard Biesheuvel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox