From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Subject: Re: [PATCH 06/10] StandaloneMmPkg/Core: permit encapsulated firmware volumes
Date: Tue, 5 Mar 2019 15:50:47 +0000 [thread overview]
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503F54D127@shsmsx102.ccr.corp.intel.com> (raw)
In-Reply-To: <20190305133248.4828-7-ard.biesheuvel@linaro.org>
Reviewed-by: jiewen.yao@intel.com
> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Tuesday, March 5, 2019 5:33 AM
> To: edk2-devel@lists.01.org
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Achin Gupta
> <achin.gupta@arm.com>; Supreeth Venkatesh
> <supreeth.venkatesh@arm.com>; Yao, Jiewen <jiewen.yao@intel.com>;
> Leif Lindholm <leif.lindholm@linaro.org>; Jagadeesh Ujja
> <jagadeesh.ujja@arm.com>
> Subject: [PATCH 06/10] StandaloneMmPkg/Core: permit encapsulated
> firmware volumes
>
> Standalone MM requires 4 KB section alignment for all images, so that
> strict permissions can be applied. Unfortunately, this results in a
> lot of wasted space, which is usually costly in the secure world
> environment that standalone MM is expected to operate in.
>
> So let's permit the standalone MM drivers (but not the core) to be
> delivered in a compressed firmware volume.
>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> StandaloneMmPkg/Core/StandaloneMmCore.inf | 1 +
> StandaloneMmPkg/Core/FwVol.c | 99
> ++++++++++++++++++--
> 2 files changed, 91 insertions(+), 9 deletions(-)
>
> diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf
> b/StandaloneMmPkg/Core/StandaloneMmCore.inf
> index ff2b8b9cef03..83d31e2d92c5 100644
> --- a/StandaloneMmPkg/Core/StandaloneMmCore.inf
> +++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf
> @@ -49,6 +49,7 @@ [LibraryClasses]
> BaseMemoryLib
> CacheMaintenanceLib
> DebugLib
> + ExtractGuidedSectionLib
> FvLib
> HobLib
> MemoryAllocationLib
> diff --git a/StandaloneMmPkg/Core/FwVol.c
> b/StandaloneMmPkg/Core/FwVol.c
> index 5abf98c24797..d95491f252f9 100644
> --- a/StandaloneMmPkg/Core/FwVol.c
> +++ b/StandaloneMmPkg/Core/FwVol.c
> @@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF
> ANY KIND, EITHER EXPRESS OR IMPLIED.
>
> #include "StandaloneMmCore.h"
> #include <Library/FvLib.h>
> +#include <Library/ExtractGuidedSectionLib.h>
>
> //
> // List of file types supported by dispatcher
> @@ -65,15 +66,25 @@ Returns:
>
> --*/
> {
> - EFI_STATUS Status;
> - EFI_STATUS DepexStatus;
> - EFI_FFS_FILE_HEADER *FileHeader;
> - EFI_FV_FILETYPE FileType;
> - VOID *Pe32Data;
> - UINTN Pe32DataSize;
> - VOID *Depex;
> - UINTN DepexSize;
> - UINTN Index;
> + EFI_STATUS Status;
> + EFI_STATUS DepexStatus;
> + EFI_FFS_FILE_HEADER *FileHeader;
> + EFI_FV_FILETYPE FileType;
> + VOID *Pe32Data;
> + UINTN Pe32DataSize;
> + VOID *Depex;
> + UINTN DepexSize;
> + UINTN Index;
> + EFI_COMMON_SECTION_HEADER *Section;
> + VOID *SectionData;
> + UINTN SectionDataSize;
> + UINT32 DstBufferSize;
> + VOID *ScratchBuffer;
> + UINT32 ScratchBufferSize;
> + VOID *DstBuffer;
> + UINT16 SectionAttribute;
> + UINT32 AuthenticationStatus;
> + EFI_FIRMWARE_VOLUME_HEADER *InnerFvHeader;
>
> DEBUG ((DEBUG_INFO, "MmCoreFfsFindMmDriver - 0x%x\n",
> FwVolHeader));
>
> @@ -83,6 +94,71 @@ Returns:
>
> FvIsBeingProcesssed (FwVolHeader);
>
> + //
> + // First check for encapsulated compressed firmware volumes
> + //
> + FileHeader = NULL;
> + do {
> + Status = FfsFindNextFile
> (EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE,
> + FwVolHeader, &FileHeader);
> + if (EFI_ERROR (Status)) {
> + break;
> + }
> + Status = FfsFindSectionData (EFI_SECTION_GUID_DEFINED,
> FileHeader,
> + &SectionData, &SectionDataSize);
> + if (EFI_ERROR (Status)) {
> + break;
> + }
> + Section = (EFI_COMMON_SECTION_HEADER *)(FileHeader + 1);
> + Status = ExtractGuidedSectionGetInfo (Section, &DstBufferSize,
> + &ScratchBufferSize, &SectionAttribute);
> + if (EFI_ERROR (Status)) {
> + break;
> + }
> +
> + //
> + // Allocate scratch buffer
> + //
> + ScratchBuffer = (VOID *)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES
> (ScratchBufferSize));
> + if (ScratchBuffer == NULL) {
> + return EFI_OUT_OF_RESOURCES;
> + }
> +
> + //
> + // Allocate destination buffer, extra one page for adjustment
> + //
> + DstBuffer = (VOID *)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES
> (DstBufferSize));
> + if (DstBuffer == NULL) {
> + return EFI_OUT_OF_RESOURCES;
> + }
> +
> + //
> + // Call decompress function
> + //
> + Status = ExtractGuidedSectionDecode (Section, &DstBuffer,
> ScratchBuffer,
> + &AuthenticationStatus);
> + FreePages (ScratchBuffer, EFI_SIZE_TO_PAGES (ScratchBufferSize));
> + if (EFI_ERROR (Status)) {
> + goto FreeDstBuffer;
> + }
> +
> + DEBUG ((DEBUG_INFO,
> + "Processing compressed firmware volume (AuthenticationStatus
> == %x)\n",
> + AuthenticationStatus));
> +
> + Status = FindFfsSectionInSections (DstBuffer, DstBufferSize,
> + EFI_SECTION_FIRMWARE_VOLUME_IMAGE, &Section);
> + if (EFI_ERROR (Status)) {
> + goto FreeDstBuffer;
> + }
> +
> + InnerFvHeader = (VOID *)(Section + 1);
> + Status = MmCoreFfsFindMmDriver (InnerFvHeader);
> + if (EFI_ERROR (Status)) {
> + goto FreeDstBuffer;
> + }
> + } while (TRUE);
> +
> for (Index = 0; Index < sizeof (mMmFileTypes) / sizeof (mMmFileTypes[0]);
> Index++) {
> DEBUG ((DEBUG_INFO, "Check MmFileTypes - 0x%x\n",
> mMmFileTypes[Index]));
> FileType = mMmFileTypes[Index];
> @@ -100,5 +176,10 @@ Returns:
> } while (!EFI_ERROR (Status));
> }
>
> + return EFI_SUCCESS;
> +
> +FreeDstBuffer:
> + FreePages (DstBuffer, EFI_SIZE_TO_PAGES (DstBufferSize));
> +
> return Status;
> }
> --
> 2.20.1
next prev parent reply other threads:[~2019-03-05 15:50 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-05 13:32 [PATCH 00/10] StandaloneMmPkg, ArmPkg: cleanups and improvements Ard Biesheuvel
2019-03-05 13:32 ` [PATCH 01/10] StandaloneMmPkg: drop redundant definition of gEfiMmConfigurationProtocolGuid Ard Biesheuvel
2019-03-05 13:53 ` Yao, Jiewen
2019-03-05 13:32 ` [PATCH 02/10] StandaloneMmPkg: drop unused PCD PcdStandaloneMmEnable Ard Biesheuvel
2019-03-05 13:55 ` Yao, Jiewen
2019-03-06 15:16 ` Achin Gupta
2019-03-06 15:17 ` Ard Biesheuvel
2019-03-06 15:37 ` Achin Gupta
2019-03-07 10:09 ` Ard Biesheuvel
2019-03-07 11:14 ` Achin Gupta
2019-03-05 13:32 ` [PATCH 03/10] StandaloneMmPkg: switch to NULL DebugLib resolution Ard Biesheuvel
2019-03-05 14:22 ` Yao, Jiewen
2019-03-06 15:38 ` Achin Gupta
2019-03-05 13:32 ` [PATCH 04/10] StandaloneMmPkg: remove redundant StandaloneMmDriverEntryPoint driver Ard Biesheuvel
2019-03-05 14:22 ` Yao, Jiewen
2019-03-05 13:32 ` [PATCH 05/10] StandaloneMmPkg/StandaloneMmCoreEntryPoint: drop explicit SerialPortLib call Ard Biesheuvel
2019-03-05 13:52 ` Yao, Jiewen
2019-03-06 16:35 ` Achin Gupta
2019-03-06 16:41 ` Ard Biesheuvel
2019-03-06 16:55 ` Achin Gupta
2019-03-05 13:32 ` [PATCH 06/10] StandaloneMmPkg/Core: permit encapsulated firmware volumes Ard Biesheuvel
2019-03-05 15:50 ` Yao, Jiewen [this message]
2019-03-06 16:56 ` Achin Gupta
2019-03-05 13:32 ` [PATCH 07/10] StandaloneMmPkg/Core: dispatch all drivers at init time Ard Biesheuvel
2019-03-05 15:51 ` Yao, Jiewen
2019-03-06 16:56 ` Achin Gupta
2019-03-05 13:32 ` [PATCH 08/10] StandaloneMmPkg/Core: drop support for dispatching FVs into MM Ard Biesheuvel
2019-03-05 15:51 ` Yao, Jiewen
2019-03-06 16:58 ` Achin Gupta
2019-03-05 13:32 ` [PATCH 09/10] StandaloneMmPkg/Core: remove legacy boot support Ard Biesheuvel
2019-03-05 13:52 ` Yao, Jiewen
2019-03-06 16:59 ` Achin Gupta
2019-03-05 13:32 ` [PATCH 10/10] ArmPkg/MmCommunicationDxe: signal architected PI events into MM context Ard Biesheuvel
2019-03-05 15:55 ` Yao, Jiewen
2019-03-05 15:58 ` Ard Biesheuvel
2019-03-05 16:04 ` Yao, Jiewen
2019-03-05 16:07 ` Ard Biesheuvel
2019-03-05 16:19 ` Yao, Jiewen
2019-03-05 16:53 ` Felix Polyudov
2019-03-05 17:29 ` Ard Biesheuvel
2019-03-06 16:58 ` Achin Gupta
2019-03-11 11:54 ` [PATCH 00/10] StandaloneMmPkg, ArmPkg: cleanups and improvements Ard Biesheuvel
2019-03-11 11:59 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=74D8A39837DF1E4DA445A8C0B3885C503F54D127@shsmsx102.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox