From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.31; helo=mga06.intel.com; envelope-from=star.zeng@intel.com; receiver=edk2-devel@lists.01.org Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 87B61211AEA76 for ; Wed, 9 Jan 2019 23:20:30 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Jan 2019 23:20:30 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,460,1539673200"; d="scan'208";a="124903590" Received: from shzintpr04.sh.intel.com (HELO [10.7.209.21]) ([10.239.4.101]) by orsmga002.jf.intel.com with ESMTP; 09 Jan 2019 23:20:27 -0800 To: Ard Biesheuvel , edk2-devel@lists.01.org Cc: Hao Wu , Liming Gao , Michael D Kinney , Laszlo Ersek , star.zeng@intel.com References: <20190103182825.32231-1-ard.biesheuvel@linaro.org> <20190103182825.32231-7-ard.biesheuvel@linaro.org> From: "Zeng, Star" Message-ID: <7a32163a-e90c-95ef-f231-d9b796e8bd39@intel.com> Date: Thu, 10 Jan 2019 15:19:56 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: <20190103182825.32231-7-ard.biesheuvel@linaro.org> Subject: Re: [PATCH 5/6] MdeModulePkg/VariableRuntimeDxe: factor out boot service accesses X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jan 2019 07:20:30 -0000 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Hi Ard, Some minor feedback added inline. On 2019/1/4 2:28, Ard Biesheuvel wrote: > In preparation of providing a standalone MM based variable runtime > driver, move the existing SMM driver to the new MM services table, > and factor out some pieces that are specific to the traditional > driver, mainly related to the use of UEFI boot services, which are > not accessible to standalone MM drivers. > > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Ard Biesheuvel > --- > MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c | 18 +--- > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h | 50 +++++++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 59 ++++------ > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf | 5 +- > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c | 114 ++++++++++++++++++++ > 5 files changed, 187 insertions(+), 59 deletions(-) > > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c > index 28aa2893c6f8..009d96c3a65e 100644 > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c > @@ -21,7 +21,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > #include > #include > #include > -#include > #include "Variable.h" > > typedef struct { > @@ -419,8 +418,6 @@ MorLockInitAtEndOfDxe ( > { > UINTN MorSize; > EFI_STATUS MorStatus; > - EFI_STATUS TcgStatus; > - VOID *TcgInterface; > > if (!mMorLockInitializationRequired) { > // > @@ -458,20 +455,7 @@ MorLockInitAtEndOfDxe ( > // can be deduced from the absence of the TCG / TCG2 protocols, as edk2's > // MOR implementation depends on (one of) those protocols. > // > - TcgStatus = gBS->LocateProtocol ( > - &gEfiTcg2ProtocolGuid, > - NULL, // Registration > - &TcgInterface > - ); > - if (EFI_ERROR (TcgStatus)) { > - TcgStatus = gBS->LocateProtocol ( > - &gEfiTcgProtocolGuid, > - NULL, // Registration > - &TcgInterface > - ); > - } > - > - if (!EFI_ERROR (TcgStatus)) { > + if (VariableHaveTcgProtocols ()) { > // > // The MOR variable originates from the platform firmware; set the MOR > // Control Lock variable to report the locking capability to the OS. > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h > index 938eb5de61fa..11822575ac4d 100644 > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h > @@ -924,4 +924,54 @@ VariableExLibAtRuntime ( > VOID > ); > > +/** > + Notify the system that the SMM variable driver is ready > +**/ > +VOID > +VariableNotifySmmReady ( > + VOID > + ); > + > +/** > + Notify the system that the SMM variable write driver is ready > +**/ > +VOID > +VariableNotifySmmWriteReady ( > + VOID > + ); > + > +/** > + Variable service MM driver entry point > +**/ > +EFI_STATUS > +EFIAPI > +MmVariableServiceInitialize ( > + VOID > + ); > + > +/** > + This function check if the buffer is valid per processor architecture and not overlap with SMRAM. > + > + @param Buffer The buffer start address to be checked. > + @param Length The buffer length to be checked. > + > + @retval TRUE This buffer is valid per processor architecture and not overlap with SMRAM. > + @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM. > +**/ > +BOOLEAN > +VariableSmmIsBufferOutsideSmmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64 Length > + ); > + > +/** > + Whether the TCG or TCG2 protocols are installed in the UEFI protocol database. > + This information is used by the MorLock code to infer whether an existing > + MOR variable is legitimate or not. Add a line for return description? > +**/ > +BOOLEAN > +VariableHaveTcgProtocols ( > + VOID > + ); > + > #endif > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c > index 8c53f84ff6e8..7245587052df 100644 > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c > @@ -15,6 +15,7 @@ > SmmVariableGetStatistics() should also do validation based on its own knowledge. > > Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.
> This program and the accompanying materials > are licensed and made available under the terms and conditions of the BSD License > which accompanies this distribution. The full text of the license may be found at > @@ -28,18 +29,15 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > #include > #include > #include > -#include > +#include > #include > > -#include > -#include > +#include > > #include > #include "Variable.h" > > extern VARIABLE_INFO_ENTRY *gVariableInfo; > -EFI_HANDLE mSmmVariableHandle = NULL; > -EFI_HANDLE mVariableHandle = NULL; > BOOLEAN mAtRuntime = FALSE; > UINT8 *mVariableBufferPayload = NULL; > UINTN mVariableBufferPayloadSize; > @@ -218,7 +216,7 @@ GetFtwProtocol ( > // > // Locate Smm Fault Tolerent Write protocol > // > - Status = gSmst->SmmLocateProtocol ( > + Status = gMmst->MmLocateProtocol ( > &gEfiSmmFaultTolerantWriteProtocolGuid, > NULL, > FtwProtocol > @@ -248,7 +246,7 @@ GetFvbByHandle ( > // > // To get the SMM FVB protocol interface on the handle > // > - return gSmst->SmmHandleProtocol ( > + return gMmst->MmHandleProtocol ( > FvBlockHandle, > &gEfiSmmFirmwareVolumeBlockProtocolGuid, > (VOID **) FvBlock > @@ -287,7 +285,7 @@ GetFvbCountAndBuffer ( > BufferSize = 0; > *NumberHandles = 0; > *Buffer = NULL; > - Status = gSmst->SmmLocateHandle ( > + Status = gMmst->MmLocateHandle ( > ByProtocol, > &gEfiSmmFirmwareVolumeBlockProtocolGuid, > NULL, > @@ -303,7 +301,7 @@ GetFvbCountAndBuffer ( > return EFI_OUT_OF_RESOURCES; > } > > - Status = gSmst->SmmLocateHandle ( > + Status = gMmst->MmLocateHandle ( > ByProtocol, > &gEfiSmmFirmwareVolumeBlockProtocolGuid, > NULL, > @@ -500,7 +498,7 @@ SmmVariableHandler ( > return EFI_SUCCESS; > } > > - if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) { > + if (!VariableSmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) { > DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n")); > return EFI_SUCCESS; > } > @@ -911,13 +909,7 @@ SmmFtwNotificationEvent ( > // > // Notify the variable wrapper driver the variable write service is ready > // > - Status = gBS->InstallProtocolInterface ( > - &mSmmVariableHandle, > - &gSmmVariableWriteGuid, > - EFI_NATIVE_INTERFACE, > - NULL > - ); > - ASSERT_EFI_ERROR (Status); > + VariableNotifySmmWriteReady (); > > return EFI_SUCCESS; > } > @@ -928,18 +920,11 @@ SmmFtwNotificationEvent ( > runtime services in the EFI System Table and installs arch protocols > for variable read and write services being available. It also registers > a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event. > - > - @param[in] ImageHandle The firmware allocated handle for the EFI image. > - @param[in] SystemTable A pointer to the EFI System Table. > - > - @retval EFI_SUCCESS Variable service successfully initialized. > - > **/ > EFI_STATUS > EFIAPI > -VariableServiceInitialize ( > - IN EFI_HANDLE ImageHandle, > - IN EFI_SYSTEM_TABLE *SystemTable > +MmVariableServiceInitialize ( > + VOID > ) > { > EFI_STATUS Status; > @@ -957,7 +942,7 @@ VariableServiceInitialize ( > // Install the Smm Variable Protocol on a new handle. > // > VariableHandle = NULL; > - Status = gSmst->SmmInstallProtocolInterface ( > + Status = gMmst->MmInstallProtocolInterface ( > &VariableHandle, > &gEfiSmmVariableProtocolGuid, > EFI_NATIVE_INTERFACE, > @@ -965,7 +950,7 @@ VariableServiceInitialize ( > ); > ASSERT_EFI_ERROR (Status); > > - Status = gSmst->SmmInstallProtocolInterface ( > + Status = gMmst->MmInstallProtocolInterface ( > &VariableHandle, > &gEdkiiSmmVarCheckProtocolGuid, > EFI_NATIVE_INTERFACE, > @@ -976,7 +961,7 @@ VariableServiceInitialize ( > mVariableBufferPayloadSize = GetMaxVariableSize () + > OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) - GetVariableHeaderSize (); > > - Status = gSmst->SmmAllocatePool ( > + Status = gMmst->MmAllocatePool ( > EfiRuntimeServicesData, > mVariableBufferPayloadSize, > (VOID **)&mVariableBufferPayload > @@ -987,25 +972,19 @@ VariableServiceInitialize ( > /// Register SMM variable SMI handler > /// > VariableHandle = NULL; > - Status = gSmst->SmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle); > + Status = gMmst->MmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle); > ASSERT_EFI_ERROR (Status); > > // > // Notify the variable wrapper driver the variable service is ready > // > - Status = SystemTable->BootServices->InstallProtocolInterface ( > - &mVariableHandle, > - &gEfiSmmVariableProtocolGuid, > - EFI_NATIVE_INTERFACE, > - &gSmmVariable > - ); > - ASSERT_EFI_ERROR (Status); > + VariableNotifySmmReady (); > > // > // Register EFI_SMM_END_OF_DXE_PROTOCOL_GUID notify function. > // > - Status = gSmst->SmmRegisterProtocolNotify ( > - &gEfiSmmEndOfDxeProtocolGuid, > + Status = gMmst->MmRegisterProtocolNotify ( > + &gEfiMmEndOfDxeProtocolGuid, > SmmEndOfDxeCallback, > &SmmEndOfDxeRegistration > ); > @@ -1014,7 +993,7 @@ VariableServiceInitialize ( > // > // Register FtwNotificationEvent () notify function. > // > - Status = gSmst->SmmRegisterProtocolNotify ( > + Status = gMmst->MmRegisterProtocolNotify ( > &gEfiSmmFaultTolerantWriteProtocolGuid, > SmmFtwNotificationEvent, > &SmmFtwRegistration > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf > index db7d220e06df..ed7392cbcffc 100644 > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf > @@ -48,6 +48,7 @@ [Defines] > [Sources] > Reclaim.c > Variable.c > + VariableTraditionalMm.c > VariableSmm.c > VarCheck.c > Variable.h > @@ -66,7 +67,7 @@ [LibraryClasses] > BaseLib > SynchronizationLib > UefiLib > - SmmServicesTableLib > + MmServicesTableLib > BaseMemoryLib > DebugLib > DxeServicesTableLib > @@ -85,7 +86,7 @@ [Protocols] > ## PRODUCES > ## UNDEFINED # SmiHandlerRegister > gEfiSmmVariableProtocolGuid > - gEfiSmmEndOfDxeProtocolGuid ## NOTIFY > + gEfiMmEndOfDxeProtocolGuid ## NOTIFY > gEdkiiSmmVarCheckProtocolGuid ## PRODUCES > gEfiTcgProtocolGuid ## SOMETIMES_CONSUMES > gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c > new file mode 100644 > index 000000000000..2143d3337e87 > --- /dev/null > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c > @@ -0,0 +1,114 @@ > +/** @file > + > + Parts of the SMM/MM implementation that are specific to traditional MM > + > +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.
> +This program and the accompanying materials > +are licensed and made available under the terms and conditions of the BSD License > +which accompanies this distribution. The full text of the license may be found at > +http://opensource.org/licenses/bsd-license.php > + > +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > + > +**/ > + > +#include > +#include > +#include "Variable.h" > + > +BOOLEAN > +VariableSmmIsBufferOutsideSmmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64 Length > + ) > +{ > + if (!SmmIsBufferOutsideSmmValid (Buffer, Length)) { > + DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n")); Remove this debug message printing code? > + return FALSE; > + } > + return TRUE; > +} Please add function comment header for it. > + > +/** > + Notify the system that the SMM variable driver is ready > +**/ > +VOID > +VariableNotifySmmReady ( > + VOID > + ) > +{ > + EFI_STATUS Status; > + EFI_HANDLE Handle; > + > + Handle = NULL; > + Status = gBS->InstallProtocolInterface ( > + &Handle, > + &gEfiSmmVariableProtocolGuid, > + EFI_NATIVE_INTERFACE, > + NULL > + ); > + ASSERT_EFI_ERROR (Status); > +} > + > +/** > + Notify the system that the SMM variable write driver is ready > +**/ > +VOID > +VariableNotifySmmWriteReady ( > + VOID > + ) > +{ > + EFI_STATUS Status; > + EFI_HANDLE Handle; > + > + Handle = NULL; > + Status = gBS->InstallProtocolInterface ( > + &Handle, > + &gSmmVariableWriteGuid, > + EFI_NATIVE_INTERFACE, > + NULL > + ); > + ASSERT_EFI_ERROR (Status); > +} > + > +EFI_STATUS > +EFIAPI > +VariableServiceInitialize ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_SYSTEM_TABLE *SystemTable > + ) > +{ > + return MmVariableServiceInitialize (); > +} Please add function comment header for it. > + > +/** > + Whether the TCG or TCG2 protocols are installed in the UEFI protocol database. > + This information is used by the MorLock code to infer whether an existing > + MOR variable is legitimate or not. Add a line for return description? Thanks, Star > +**/ > +BOOLEAN > +VariableHaveTcgProtocols ( > + VOID > + ) > +{ > + EFI_STATUS Status; > + VOID *Interface; > + > + Status = gBS->LocateProtocol ( > + &gEfiTcg2ProtocolGuid, > + NULL, // Registration > + &Interface > + ); > + if (!EFI_ERROR (Status)) { > + return TRUE; > + } > + > + Status = gBS->LocateProtocol ( > + &gEfiTcgProtocolGuid, > + NULL, // Registration > + &Interface > + ); > + return !EFI_ERROR (Status); > +} >