From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.136; helo=mga12.intel.com; envelope-from=star.zeng@intel.com; receiver=edk2-devel@lists.01.org Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 7AF9D211B7F89 for ; Tue, 15 Jan 2019 20:58:16 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 15 Jan 2019 20:58:15 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,484,1539673200"; d="scan'208";a="267472564" Received: from shzintpr02.sh.intel.com (HELO [10.7.209.38]) ([10.239.4.160]) by orsmga004.jf.intel.com with ESMTP; 15 Jan 2019 20:58:14 -0800 To: Ard Biesheuvel , edk2-devel@lists.01.org Cc: Hao Wu , Liming Gao , Michael D Kinney , Laszlo Ersek , star.zeng@intel.com References: <20190114132758.24054-1-ard.biesheuvel@linaro.org> <20190114132758.24054-8-ard.biesheuvel@linaro.org> From: "Zeng, Star" Message-ID: <69caeeee-827e-c0a2-9563-852240621f47@intel.com> Date: Wed, 16 Jan 2019 12:57:43 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: <20190114132758.24054-8-ard.biesheuvel@linaro.org> Subject: Re: [PATCH v2 07/17] MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jan 2019 04:58:16 -0000 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Some minor comments. With them handled, Reviewed-by: Star Zeng On 2019/1/14 21:27, Ard Biesheuvel wrote: > In preparation of providing a standalone MM based variable runtime > driver, move the existing SMM driver to the new MM services table, > and factor out some pieces that are specific to the traditional > driver, mainly related to the use of UEFI boot services, which are > not accessible to standalone MM drivers. > > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Ard Biesheuvel > Regression-tested-by: Laszlo Ersek > --- > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf | 5 +- > MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h | 58 +++++++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c | 18 +-- > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 59 +++------ > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c | 130 ++++++++++++++++++++ > 5 files changed, 211 insertions(+), 59 deletions(-) > [Trimmed] > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h > index 7af22a4ad671..eb84589fc404 100644 > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h > @@ -97,4 +97,62 @@ VariableSpeculationBarrier ( > VOID > ); > > +/** > + Notify the system that the SMM variable driver is ready > +**/ > +VOID > +VariableNotifySmmReady ( > + VOID > + ); > + > +/** > + Notify the system that the SMM variable write driver is ready > +**/ > +VOID > +VariableNotifySmmWriteReady ( > + VOID > + ); > + > +/** > + Variable service MM driver entry point The block should be matched with the MmVariableServiceInitialize implementation in VariableSmm.c. But not SmmVariableServiceInitialize implementation in VariableTraditionalMm.c > +**/ > +EFI_STATUS > +EFIAPI > +MmVariableServiceInitialize ( > + VOID > + ); > + > +/** > + This function checks if the buffer is valid per processor architecture and > + does not overlap with SMRAM. > + > + @param Buffer The buffer start address to be checked. > + @param Length The buffer length to be checked. > + > + @retval TRUE This buffer is valid per processor architecture and does not > + overlap with SMRAM. > + @retval FALSE This buffer is not valid per processor architecture or overlaps > + with SMRAM. > +**/ > +BOOLEAN > +VariableSmmIsBufferOutsideSmmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64 Length > + ); > + > +/** > + Whether the TCG or TCG2 protocols are installed in the UEFI protocol database. > + This information is used by the MorLock code to infer whether an existing > + MOR variable is legitimate or not. > + > + @retval TRUE Either the TCG or TCG2 protocol is installed in the UEFI > + protocol database > + @retval FALSE Neither the TCG nor the TCG2 protocol is installed in the UEFI > + protocol database > +**/ > +BOOLEAN > +VariableHaveTcgProtocols ( > + VOID > + ); > + > #endif [Trimmed] > @@ -928,18 +920,11 @@ SmmFtwNotificationEvent ( > runtime services in the EFI System Table and installs arch protocols > for variable read and write services being available. It also registers > a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event. > - > - @param[in] ImageHandle The firmware allocated handle for the EFI image. > - @param[in] SystemTable A pointer to the EFI System Table. > - > - @retval EFI_SUCCESS Variable service successfully initialized. This line needs to be kept. > - > **/ > EFI_STATUS > EFIAPI > -VariableServiceInitialize ( > - IN EFI_HANDLE ImageHandle, > - IN EFI_SYSTEM_TABLE *SystemTable > +MmVariableServiceInitialize ( > + VOID > ) > { > EFI_STATUS Status; > @@ -957,7 +942,7 @@ VariableServiceInitialize ( > // Install the Smm Variable Protocol on a new handle. > // > VariableHandle = NULL; > - Status = gSmst->SmmInstallProtocolInterface ( > + Status = gMmst->MmInstallProtocolInterface ( > &VariableHandle, > &gEfiSmmVariableProtocolGuid, > EFI_NATIVE_INTERFACE, > @@ -965,7 +950,7 @@ VariableServiceInitialize ( > ); > ASSERT_EFI_ERROR (Status); > > - Status = gSmst->SmmInstallProtocolInterface ( > + Status = gMmst->MmInstallProtocolInterface ( > &VariableHandle, > &gEdkiiSmmVarCheckProtocolGuid, > EFI_NATIVE_INTERFACE, > @@ -976,7 +961,7 @@ VariableServiceInitialize ( > mVariableBufferPayloadSize = GetMaxVariableSize () + > OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) - GetVariableHeaderSize (); > > - Status = gSmst->SmmAllocatePool ( > + Status = gMmst->MmAllocatePool ( > EfiRuntimeServicesData, > mVariableBufferPayloadSize, > (VOID **)&mVariableBufferPayload > @@ -987,25 +972,19 @@ VariableServiceInitialize ( > /// Register SMM variable SMI handler > /// > VariableHandle = NULL; > - Status = gSmst->SmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle); > + Status = gMmst->MmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle); > ASSERT_EFI_ERROR (Status); > > // > // Notify the variable wrapper driver the variable service is ready > // > - Status = SystemTable->BootServices->InstallProtocolInterface ( > - &mVariableHandle, > - &gEfiSmmVariableProtocolGuid, > - EFI_NATIVE_INTERFACE, > - &gSmmVariable > - ); > - ASSERT_EFI_ERROR (Status); > + VariableNotifySmmReady (); > > // > // Register EFI_SMM_END_OF_DXE_PROTOCOL_GUID notify function. > // > - Status = gSmst->SmmRegisterProtocolNotify ( > - &gEfiSmmEndOfDxeProtocolGuid, > + Status = gMmst->MmRegisterProtocolNotify ( > + &gEfiMmEndOfDxeProtocolGuid, > SmmEndOfDxeCallback, > &SmmEndOfDxeRegistration > ); > @@ -1014,7 +993,7 @@ VariableServiceInitialize ( > // > // Register FtwNotificationEvent () notify function. > // > - Status = gSmst->SmmRegisterProtocolNotify ( > + Status = gMmst->MmRegisterProtocolNotify ( > &gEfiSmmFaultTolerantWriteProtocolGuid, > SmmFtwNotificationEvent, > &SmmFtwRegistration > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c > new file mode 100644 > index 000000000000..d702c8f8db67 > --- /dev/null > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c > @@ -0,0 +1,130 @@ [Trimmed] > + > +/** > + Variable service MM driver entry point The comments block should have description for the two parameters. Thanks, Star > +**/ > +EFI_STATUS > +EFIAPI > +VariableServiceInitialize ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_SYSTEM_TABLE *SystemTable > + ) > +{ > + return MmVariableServiceInitialize (); > +} > + > +/** > + Whether the TCG or TCG2 protocols are installed in the UEFI protocol database. > + This information is used by the MorLock code to infer whether an existing > + MOR variable is legitimate or not. > + > + @retval TRUE Either the TCG or TCG2 protocol is installed in the UEFI > + protocol database > + @retval FALSE Neither the TCG nor the TCG2 protocol is installed in the UEFI > + protocol database > +**/ > +BOOLEAN > +VariableHaveTcgProtocols ( > + VOID > + ) > +{ > + EFI_STATUS Status; > + VOID *Interface; > + > + Status = gBS->LocateProtocol ( > + &gEfiTcg2ProtocolGuid, > + NULL, // Registration > + &Interface > + ); > + if (!EFI_ERROR (Status)) { > + return TRUE; > + } > + > + Status = gBS->LocateProtocol ( > + &gEfiTcgProtocolGuid, > + NULL, // Registration > + &Interface > + ); > + return !EFI_ERROR (Status); > +} >