From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jiewen.yao@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.93; helo=mga11.intel.com;
 envelope-from=jiewen.yao@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga11.intel.com (mga11.intel.com [192.55.52.93])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 80948211D35C2
 for <edk2-devel@lists.01.org>; Tue,  5 Mar 2019 08:04:42 -0800 (PST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga004.fm.intel.com ([10.253.24.48])
 by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 05 Mar 2019 08:04:42 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.58,444,1544515200"; d="scan'208";a="149460753"
Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205])
 by fmsmga004.fm.intel.com with ESMTP; 05 Mar 2019 08:04:42 -0800
Received: from fmsmsx116.amr.corp.intel.com (10.18.116.20) by
 fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS)
 id 14.3.408.0; Tue, 5 Mar 2019 08:04:42 -0800
Received: from shsmsx105.ccr.corp.intel.com (10.239.4.158) by
 fmsmsx116.amr.corp.intel.com (10.18.116.20) with Microsoft SMTP Server (TLS)
 id 14.3.408.0; Tue, 5 Mar 2019 08:04:41 -0800
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.163]) by
 SHSMSX105.ccr.corp.intel.com ([169.254.11.113]) with mapi id 14.03.0415.000;
 Wed, 6 Mar 2019 00:04:39 +0800
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
CC: "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Thread-Topic: [edk2] [PATCH 10/10] ArmPkg/MmCommunicationDxe: signal
 architected PI events into MM context
Thread-Index: AQHU01gHsWIGO5SrkEKCv9e2NMWx8qX9EHRw//+bSYCAAIbkoA==
Date: Tue, 5 Mar 2019 16:04:38 +0000
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503F54F0BB@shsmsx102.ccr.corp.intel.com>
References: <20190305133248.4828-1-ard.biesheuvel@linaro.org>
 <20190305133248.4828-11-ard.biesheuvel@linaro.org>
 <74D8A39837DF1E4DA445A8C0B3885C503F54D1FD@shsmsx102.ccr.corp.intel.com>
 <CAKv+Gu--p6rzihv_9Bsyy_i4XvmTpted0-tk7pO6Zm7pdWOpRQ@mail.gmail.com>
In-Reply-To: <CAKv+Gu--p6rzihv_9Bsyy_i4XvmTpted0-tk7pO6Zm7pdWOpRQ@mail.gmail.com>
Accept-Language: zh-CN, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiMDkwZDcyNmYtMDczNC00NjgwLWEzZDctNzZlMTEyN2VhMmI0IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiWGROUThFRVwvSlF4RURpS2hIQ1JpalFtT1ZmTk1xWkEwRnhjdXoxT2dyWktyR1Z5K21GbGtSNGxhXC9CdzR6UjlwIn0=
x-ctpclassification: CTP_NT
dlp-product: dlpe-windows
dlp-version: 11.0.400.15
dlp-reaction: no-action
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [PATCH 10/10] ArmPkg/MmCommunicationDxe: signal architected PI events into MM context
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2019 16:04:42 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

OK. To keep the compatibility of existing MM driver. That makes sense.

If it is for security, I think EndOfDxe is the only point.
ReadyToBoot and ExitBootService cannot be used for security purpose.

Then do we need SmmReadyToLock ? :-)


Thank you
Yao Jiewen

> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
> Ard Biesheuvel
> Sent: Tuesday, March 5, 2019 7:58 AM
> To: Yao, Jiewen <jiewen.yao@intel.com>
> Cc: edk2-devel@lists.01.org
> Subject: Re: [edk2] [PATCH 10/10] ArmPkg/MmCommunicationDxe: signal
> architected PI events into MM context
>=20
> On Tue, 5 Mar 2019 at 16:56, Yao, Jiewen <jiewen.yao@intel.com> wrote:
> >
> > Hi
> > In original SMM infrastructure, there are lots of interaction that SMM =
has
> to know the DXE status.
> >
> > In StandaloneMm, I don't expect we have many interaction. Is there any
> specific example?
> >
> > I am totally OK to add those. And I just want to know more usage.
> >
> > Reviewed-by: Jiewen.yao@intel.com
> >
>=20
> Jiewen,
>=20
> Thanks for the review.
>=20
> It is not 100% clear at the moment, but since existing third party
> software designed to run in MM context may make assumptions about
> security of the platform (e.g., before vs after end of dxe) based on
> these events, we should at least signal the common ones added in this
> patch.
>=20
>=20
>=20
>=20
> > > -----Original Message-----
> > > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> > > Sent: Tuesday, March 5, 2019 5:33 AM
> > > To: edk2-devel@lists.01.org
> > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Achin Gupta
> > > <achin.gupta@arm.com>; Supreeth Venkatesh
> > > <supreeth.venkatesh@arm.com>; Yao, Jiewen <jiewen.yao@intel.com>;
> > > Leif Lindholm <leif.lindholm@linaro.org>; Jagadeesh Ujja
> > > <jagadeesh.ujja@arm.com>
> > > Subject: [PATCH 10/10] ArmPkg/MmCommunicationDxe: signal
> architected
> > > PI events into MM context
> > >
> > > PI defines a few architected events that have significance in the MM
> > > context as well as in the non-secure DXE context. So register notify
> > > handlers for these events, and relay them into the standalone MM worl=
d.
> > >
> > > Contributed-under: TianoCore Contribution Agreement 1.1
> > > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > > ---
> > >  ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.inf |  5
> +++
> > >  ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c   | 47
> > > +++++++++++++++++++-
> > >  2 files changed, 50 insertions(+), 2 deletions(-)
> > >
> > > diff --git
> a/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.inf
> > > b/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.inf
> > > index 88beafa39c05..8bf269270f9d 100644
> > > --- a/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.inf
> > > +++ b/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.inf
> > > @@ -48,6 +48,11 @@ [LibraryClasses]
> > >  [Protocols]
> > >    gEfiMmCommunicationProtocolGuid              ## PRODUCES
> > >
> > > +[Guids]
> > > +  gEfiEndOfDxeEventGroupGuid
> > > +  gEfiEventExitBootServicesGuid
> > > +  gEfiEventReadyToBootGuid
> > > +
> > >  [Pcd.common]
> > >    gArmTokenSpaceGuid.PcdMmBufferBase
> > >    gArmTokenSpaceGuid.PcdMmBufferSize
> > > diff --git
> a/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c
> > > b/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c
> > > index feb9fa9f4ead..3203cf801a19 100644
> > > --- a/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c
> > > +++ b/ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.c
> > > @@ -265,6 +265,43 @@ GetMmCompatibility ()
> > >    return Status;
> > >  }
> > >
> > > +STATIC EFI_GUID* CONST mGuidedEventGuid[] =3D {
> > > +  &gEfiEndOfDxeEventGroupGuid,
> > > +  &gEfiEventExitBootServicesGuid,
> > > +  &gEfiEventReadyToBootGuid,
> > > +};
> > > +
> > > +STATIC EFI_EVENT mGuidedEvent[ARRAY_SIZE (mGuidedEventGuid)];
> > > +
> > > +/**
> > > +  Event notification that is fired when GUIDed Event Group is signal=
ed.
> > > +
> > > +  @param  Event                 The Event that is being
> processed,
> > > not used.
> > > +  @param  Context               Event Context, not used.
> > > +
> > > +**/
> > > +STATIC
> > > +VOID
> > > +EFIAPI
> > > +MmGuidedEventNotify (
> > > +  IN EFI_EVENT  Event,
> > > +  IN VOID       *Context
> > > +  )
> > > +{
> > > +  EFI_MM_COMMUNICATE_HEADER   Header;
> > > +  UINTN                       Size;
> > > +
> > > +  //
> > > +  // Use Guid to initialize EFI_SMM_COMMUNICATE_HEADER structure
> > > +  //
> > > +  CopyGuid (&Header.HeaderGuid, Context);
> > > +  Header.MessageLength =3D 1;
> > > +  Header.Data[0] =3D 0;
> > > +
> > > +  Size =3D sizeof (Header);
> > > +  MmCommunicationCommunicate (&mMmCommunication, &Header,
> > > &Size);
> > > +}
> > > +
> > >  /**
> > >    The Entry Point for MM Communication
> > >
> > > @@ -287,6 +324,7 @@ MmCommunicationInitialize (
> > >    )
> > >  {
> > >    EFI_STATUS                 Status;
> > > +  UINTN                      Index;
> > >
> > >    // Check if we can make the MM call
> > >    Status =3D GetMmCompatibility ();
> > > @@ -351,8 +389,13 @@ MmCommunicationInitialize (
> > >                    NULL,
> > >                    &mSetVirtualAddressMapEvent
> > >                    );
> > > -  if (Status =3D=3D EFI_SUCCESS) {
> > > -    return Status;
> > > +  ASSERT_EFI_ERROR (Status);
> > > +
> > > +  for (Index =3D 0; Index < ARRAY_SIZE (mGuidedEventGuid); Index++) =
{
> > > +    Status =3D gBS->CreateEventEx (EVT_NOTIFY_SIGNAL,
> TPL_CALLBACK,
> > > +                    MmGuidedEventNotify,
> mGuidedEventGuid[Index],
> > > +                    mGuidedEventGuid[Index],
> > > &mGuidedEvent[Index]);
> > > +    ASSERT_EFI_ERROR (Status);
> > >    }
> > >
> > >    gBS->UninstallProtocolInterface (
> > > --
> > > 2.20.1
> >
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel