From: "Laszlo Ersek" <lersek@redhat.com>
To: devel@edk2.groups.io, guomin.jiang@intel.com
Cc: Michael Kubacki <michael.a.kubacki@intel.com>,
Eric Dong <eric.dong@intel.com>, Ray Ni <ray.ni@intel.com>,
Rahul Kumar <rahul1.kumar@intel.com>,
Debkumar De <debkumar.de@intel.com>,
Harry Han <harry.han@intel.com>,
Catharine West <catharine.west@intel.com>
Subject: Re: [edk2-devel] [PATCH v2 3/9] UefiCpuPkg/SecMigrationPei: Add initial PEIM (CVE-2019-11098)
Date: Fri, 3 Jul 2020 13:38:29 +0200 [thread overview]
Message-ID: <88685b8d-1944-e864-2219-e0687f4446c2@redhat.com> (raw)
In-Reply-To: <20200702051525.1102-4-guomin.jiang@intel.com>
On 07/02/20 07:15, Guomin Jiang wrote:
> From: Michael Kubacki <michael.a.kubacki@intel.com>
>
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614
>
> Adds a PEIM that republishes structures produced in SEC. This
> is done because SEC modules may not be shadowed in some platforms
> due to space constraints or special alignment requirements. The
> SecMigrationPei module locates interfaces that may be published in
> SEC and reinstalls the interface with permanent memory addresses.
>
> This is important if pre-memory address access is forbidden after
> memory initialization and data such as a PPI descriptor, PPI GUID,
> or PPI inteface reside in pre-memory.
>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Rahul Kumar <rahul1.kumar@intel.com>
> Cc: Debkumar De <debkumar.de@intel.com>
> Cc: Harry Han <harry.han@intel.com>
> Cc: Catharine West <catharine.west@intel.com>
> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
> ---
> UefiCpuPkg/Include/Ppi/RepublishSecPpi.h | 54 +++
> UefiCpuPkg/SecCore/SecCore.inf | 2 +
> UefiCpuPkg/SecCore/SecMain.c | 26 +-
> UefiCpuPkg/SecCore/SecMain.h | 1 +
> UefiCpuPkg/SecMigrationPei/SecMigrationPei.c | 372 ++++++++++++++++++
> UefiCpuPkg/SecMigrationPei/SecMigrationPei.h | 170 ++++++++
> .../SecMigrationPei/SecMigrationPei.inf | 64 +++
> .../SecMigrationPei/SecMigrationPei.uni | 13 +
> UefiCpuPkg/UefiCpuPkg.dec | 4 +
> UefiCpuPkg/UefiCpuPkg.dsc | 1 +
> 10 files changed, 705 insertions(+), 2 deletions(-)
> create mode 100644 UefiCpuPkg/Include/Ppi/RepublishSecPpi.h
> create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.c
> create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.h
> create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf
> create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.uni
So this patch introduces SecMigrationPei, and a new PPI. OVMF doesn't
use those.
The patch also changes the existent UefiCpuPkg/SecCore module. OVMF
doesn't use that either.
Because of the above, I defer to Eric and Ray on this patch.
Thanks
Laszlo
>
> diff --git a/UefiCpuPkg/Include/Ppi/RepublishSecPpi.h b/UefiCpuPkg/Include/Ppi/RepublishSecPpi.h
> new file mode 100644
> index 000000000000..6fb9f1b005b4
> --- /dev/null
> +++ b/UefiCpuPkg/Include/Ppi/RepublishSecPpi.h
> @@ -0,0 +1,54 @@
> +/** @file
> + This file declares Sec Platform Information PPI.
> +
> + This service is the primary handoff state into the PEI Foundation.
> + The Security (SEC) component creates the early, transitory memory
> + environment and also encapsulates knowledge of at least the
> + location of the Boot Firmware Volume (BFV).
> +
> + Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> + @par Revision Reference:
> + This PPI is introduced in PI Version 1.0.
> +
> +**/
> +
> +#ifndef __REPUBLISH_SEC_PPI_H__
> +#define __REPUBLISH_SEC_PPI_H__
> +
> +#include <Pi/PiPeiCis.h>
> +
> +#define REPUBLISH_SEC_PPI_PPI_GUID \
> + { \
> + 0x27a71b1e, 0x73ee, 0x43d6, { 0xac, 0xe3, 0x52, 0x1a, 0x2d, 0xc5, 0xd0, 0x92 } \
> + }
> +
> +typedef struct _REPUBLISH_SEC_PPI_PPI REPUBLISH_SEC_PPI_PPI;
> +
> +/**
> + This interface re-installs PPIs installed in SecCore from a post-memory PEIM.
> +
> + This is to allow a platform that may not support relocation of SecCore to update the PPI instance to a post-memory
> + copy from a PEIM that has been shadowed to permanent memory.
> +
> + @retval EFI_SUCCESS The SecCore PPIs were re-installed successfully.
> + @retval Others An error occurred re-installing the SecCore PPIs.
> +
> +**/
> +typedef
> +EFI_STATUS
> +(EFIAPI *REPUBLISH_SEC_PPI_REPUBLISH_SEC_PPIS)(
> + VOID
> + );
> +
> +///
> +///
> +///
> +struct _REPUBLISH_SEC_PPI_PPI {
> + REPUBLISH_SEC_PPI_REPUBLISH_SEC_PPIS RepublishSecPpis;
> +};
> +
> +extern EFI_GUID gRepublishSecPpiPpiGuid;
> +
> +#endif
> diff --git a/UefiCpuPkg/SecCore/SecCore.inf b/UefiCpuPkg/SecCore/SecCore.inf
> index 0562820c95e0..545781d6b4b3 100644
> --- a/UefiCpuPkg/SecCore/SecCore.inf
> +++ b/UefiCpuPkg/SecCore/SecCore.inf
> @@ -68,6 +68,8 @@ [Ppis]
> ## SOMETIMES_CONSUMES
> gPeiSecPerformancePpiGuid
> gEfiPeiCoreFvLocationPpiGuid
> + ## CONSUMES
> + gRepublishSecPpiPpiGuid
>
> [Guids]
> ## SOMETIMES_PRODUCES ## HOB
> diff --git a/UefiCpuPkg/SecCore/SecMain.c b/UefiCpuPkg/SecCore/SecMain.c
> index 5d5e7f17dced..155be49a6011 100644
> --- a/UefiCpuPkg/SecCore/SecMain.c
> +++ b/UefiCpuPkg/SecCore/SecMain.c
> @@ -370,13 +370,35 @@ SecTemporaryRamDone (
> VOID
> )
> {
> - BOOLEAN State;
> + EFI_STATUS Status;
> + EFI_STATUS Status2;
> + UINTN Index;
> + BOOLEAN State;
> + EFI_PEI_PPI_DESCRIPTOR *PeiPpiDescriptor;
> + REPUBLISH_SEC_PPI_PPI *RepublishSecPpiPpi;
>
> //
> // Republish Sec Platform Information(2) PPI
> //
> RepublishSecPlatformInformationPpi ();
>
> + //
> + // Re-install SEC PPIs using a PEIM produced service if published
> + //
> + for (Index = 0, Status = EFI_SUCCESS; Status == EFI_SUCCESS; Index++) {
> + Status = PeiServicesLocatePpi (
> + &gRepublishSecPpiPpiGuid,
> + Index,
> + &PeiPpiDescriptor,
> + (VOID **) &RepublishSecPpiPpi
> + );
> + if (!EFI_ERROR (Status)) {
> + DEBUG ((DEBUG_INFO, "Calling RepublishSecPpi instance %d.\n", Index));
> + Status2 = RepublishSecPpiPpi->RepublishSecPpis ();
> + ASSERT_EFI_ERROR (Status2);
> + }
> + }
> +
> //
> // Migrate DebugAgentContext.
> //
> @@ -385,7 +407,7 @@ SecTemporaryRamDone (
> //
> // Disable interrupts and save current interrupt state
> //
> - State = SaveAndDisableInterrupts();
> + State = SaveAndDisableInterrupts ();
>
> //
> // Disable Temporary RAM after Stack and Heap have been migrated at this point.
> diff --git a/UefiCpuPkg/SecCore/SecMain.h b/UefiCpuPkg/SecCore/SecMain.h
> index e8c05d713668..e20bcf86532c 100644
> --- a/UefiCpuPkg/SecCore/SecMain.h
> +++ b/UefiCpuPkg/SecCore/SecMain.h
> @@ -15,6 +15,7 @@
> #include <Ppi/TemporaryRamDone.h>
> #include <Ppi/SecPerformance.h>
> #include <Ppi/PeiCoreFvLocation.h>
> +#include <Ppi/RepublishSecPpi.h>
>
> #include <Guid/FirmwarePerformance.h>
>
> diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.c b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.c
> new file mode 100644
> index 000000000000..f96013b09b21
> --- /dev/null
> +++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.c
> @@ -0,0 +1,372 @@
> +/** @file
> + Migrates SEC structures after permanent memory is installed.
> +
> + Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include <Base.h>
> +
> +#include <Library/BaseLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/HobLib.h>
> +#include <Library/MemoryAllocationLib.h>
> +#include <Library/PeiServicesLib.h>
> +#include <Library/PeiServicesTablePointerLib.h>
> +
> +#include "SecMigrationPei.h"
> +
> +STATIC REPUBLISH_SEC_PPI_PPI mEdkiiRepublishSecPpiPpi = {
> + RepublishSecPpis
> + };
> +
> +GLOBAL_REMOVE_IF_UNREFERENCED EFI_SEC_PLATFORM_INFORMATION_PPI mSecPlatformInformationPostMemoryPpi = {
> + SecPlatformInformationPostMemory
> + };
> +
> +
> +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_TEMPORARY_RAM_DONE_PPI mSecTemporaryRamDonePostMemoryPpi = {
> + SecTemporaryRamDonePostMemory
> + };
> +
> +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI mSecTemporaryRamSupportPostMemoryPpi = {
> + SecTemporaryRamSupportPostMemory
> + };
> +
> +GLOBAL_REMOVE_IF_UNREFERENCED PEI_SEC_PERFORMANCE_PPI mSecPerformancePpi = {
> + GetPerformancePostMemory
> + };
> +
> +STATIC EFI_PEI_PPI_DESCRIPTOR mEdkiiRepublishSecPpiDescriptor = {
> + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
> + &gRepublishSecPpiPpiGuid,
> + &mEdkiiRepublishSecPpiPpi
> + };
> +
> +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR mSecPlatformInformationPostMemoryDescriptor = {
> + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
> + &gEfiSecPlatformInformationPpiGuid,
> + &mSecPlatformInformationPostMemoryPpi
> + };
> +
> +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR mSecTemporaryRamDonePostMemoryDescriptor = {
> + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
> + &gEfiTemporaryRamDonePpiGuid,
> + &mSecTemporaryRamDonePostMemoryPpi
> + };
> +
> +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR mSecTemporaryRamSupportPostMemoryDescriptor = {
> + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
> + &gEfiTemporaryRamSupportPpiGuid,
> + &mSecTemporaryRamSupportPostMemoryPpi
> + };
> +
> +GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR mSecPerformancePpiDescriptor = {
> + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
> + &gPeiSecPerformancePpiGuid,
> + &mSecPerformancePpi
> + };
> +
> +/**
> + Disables the use of Temporary RAM.
> +
> + If present, this service is invoked by the PEI Foundation after
> + the EFI_PEI_PERMANANT_MEMORY_INSTALLED_PPI is installed.
> +
> + @retval EFI_SUCCESS Use of Temporary RAM was disabled.
> + @retval EFI_INVALID_PARAMETER Temporary RAM could not be disabled.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +SecTemporaryRamDonePostMemory (
> + VOID
> + )
> +{
> + //
> + // Temporary RAM Done is already done in post-memory
> + // install a stub function that is located in permanent memory
> + //
> + return EFI_SUCCESS;
> +}
> +
> +/**
> + This service of the EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI that migrates temporary RAM into
> + permanent memory.
> +
> + @param PeiServices Pointer to the PEI Services Table.
> + @param TemporaryMemoryBase Source Address in temporary memory from which the SEC or PEIM will copy the
> + Temporary RAM contents.
> + @param PermanentMemoryBase Destination Address in permanent memory into which the SEC or PEIM will copy the
> + Temporary RAM contents.
> + @param CopySize Amount of memory to migrate from temporary to permanent memory.
> +
> + @retval EFI_SUCCESS The data was successfully returned.
> + @retval EFI_INVALID_PARAMETER PermanentMemoryBase + CopySize > TemporaryMemoryBase when
> + TemporaryMemoryBase > PermanentMemoryBase.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +SecTemporaryRamSupportPostMemory (
> + IN CONST EFI_PEI_SERVICES **PeiServices,
> + IN EFI_PHYSICAL_ADDRESS TemporaryMemoryBase,
> + IN EFI_PHYSICAL_ADDRESS PermanentMemoryBase,
> + IN UINTN CopySize
> + )
> +{
> + //
> + // Temporary RAM Support is already done in post-memory
> + // install a stub function that is located in permanent memory
> + //
> + return EFI_SUCCESS;
> +}
> +
> +/**
> + This interface conveys performance information out of the Security (SEC) phase into PEI.
> +
> + This service is published by the SEC phase. The SEC phase handoff has an optional
> + EFI_PEI_PPI_DESCRIPTOR list as its final argument when control is passed from SEC into the
> + PEI Foundation. As such, if the platform supports collecting performance data in SEC,
> + this information is encapsulated into the data structure abstracted by this service.
> + This information is collected for the boot-strap processor (BSP) on IA-32.
> +
> + @param[in] PeiServices The pointer to the PEI Services Table.
> + @param[in] This The pointer to this instance of the PEI_SEC_PERFORMANCE_PPI.
> + @param[out] Performance The pointer to performance data collected in SEC phase.
> +
> + @retval EFI_SUCCESS The performance data was successfully returned.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +GetPerformancePostMemory (
> + IN CONST EFI_PEI_SERVICES **PeiServices,
> + IN PEI_SEC_PERFORMANCE_PPI *This,
> + OUT FIRMWARE_SEC_PERFORMANCE *Performance
> + )
> +{
> + SEC_PLATFORM_INFORMATION_CONTEXT_HOB *SecPlatformInformationContexHob;
> +
> + if (This == NULL || Performance == NULL) {
> + return EFI_INVALID_PARAMETER;
> + }
> +
> + SecPlatformInformationContexHob = GetFirstGuidHob (&gEfiCallerIdGuid);
> + if (SecPlatformInformationContexHob == NULL) {
> + return EFI_NOT_FOUND;
> + }
> +
> + Performance->ResetEnd = SecPlatformInformationContexHob->FirmwareSecPerformance.ResetEnd;
> +
> + return EFI_SUCCESS;
> +}
> +
> +/**
> + This interface conveys state information out of the Security (SEC) phase into PEI.
> +
> + @param[in] PeiServices Pointer to the PEI Services Table.
> + @param[in,out] StructureSize Pointer to the variable describing size of the input buffer.
> + @param[out] PlatformInformationRecord Pointer to the EFI_SEC_PLATFORM_INFORMATION_RECORD.
> +
> + @retval EFI_SUCCESS The data was successfully returned.
> + @retval EFI_BUFFER_TOO_SMALL The buffer was too small.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +SecPlatformInformationPostMemory (
> + IN CONST EFI_PEI_SERVICES **PeiServices,
> + IN OUT UINT64 *StructureSize,
> + OUT EFI_SEC_PLATFORM_INFORMATION_RECORD *PlatformInformationRecord
> + )
> +{
> + SEC_PLATFORM_INFORMATION_CONTEXT_HOB *SecPlatformInformationContexHob;
> +
> + if (StructureSize == NULL) {
> + return EFI_INVALID_PARAMETER;
> + }
> +
> + SecPlatformInformationContexHob = GetFirstGuidHob (&gEfiCallerIdGuid);
> + if (SecPlatformInformationContexHob == NULL) {
> + return EFI_NOT_FOUND;
> + }
> +
> + if (*StructureSize < SecPlatformInformationContexHob->Context.StructureSize) {
> + *StructureSize = SecPlatformInformationContexHob->Context.StructureSize;
> + return EFI_BUFFER_TOO_SMALL;
> + }
> +
> + if (PlatformInformationRecord == NULL) {
> + return EFI_INVALID_PARAMETER;
> + }
> +
> + *StructureSize = SecPlatformInformationContexHob->Context.StructureSize;
> + CopyMem (
> + (VOID *) PlatformInformationRecord,
> + (VOID *) SecPlatformInformationContexHob->Context.PlatformInformationRecord,
> + (UINTN) SecPlatformInformationContexHob->Context.StructureSize
> + );
> +
> + return EFI_SUCCESS;
> +}
> +
> +/**
> + This interface re-installs PPIs installed in SecCore from a post-memory PEIM.
> +
> + This is to allow a platform that may not support relocation of SecCore to update the PPI instance to a post-memory
> + copy from a PEIM that has been shadowed to permanent memory.
> +
> + @retval EFI_SUCCESS The SecCore PPIs were re-installed successfully.
> + @retval Others An error occurred re-installing the SecCore PPIs.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +RepublishSecPpis (
> + VOID
> + )
> +{
> + EFI_STATUS Status;
> + EFI_PEI_PPI_DESCRIPTOR *PeiPpiDescriptor;
> + VOID *PeiPpi;
> + SEC_PLATFORM_INFORMATION_CONTEXT_HOB *SecPlatformInformationContextHob;
> + EFI_SEC_PLATFORM_INFORMATION_RECORD *SecPlatformInformationPtr;
> + UINT64 SecStructureSize;
> +
> + SecPlatformInformationPtr = NULL;
> + SecStructureSize = 0;
> +
> + Status = PeiServicesLocatePpi (
> + &gEfiTemporaryRamDonePpiGuid,
> + 0,
> + &PeiPpiDescriptor,
> + (VOID **) &PeiPpi
> + );
> + if (!EFI_ERROR (Status)) {
> + Status = PeiServicesReInstallPpi (
> + PeiPpiDescriptor,
> + &mSecTemporaryRamDonePostMemoryDescriptor
> + );
> + ASSERT_EFI_ERROR (Status);
> + }
> +
> + Status = PeiServicesLocatePpi (
> + &gEfiTemporaryRamSupportPpiGuid,
> + 0,
> + &PeiPpiDescriptor,
> + (VOID **) &PeiPpi
> + );
> + if (!EFI_ERROR (Status)) {
> + Status = PeiServicesReInstallPpi (
> + PeiPpiDescriptor,
> + &mSecTemporaryRamSupportPostMemoryDescriptor
> + );
> + ASSERT_EFI_ERROR (Status);
> + }
> +
> + Status = PeiServicesCreateHob (
> + EFI_HOB_TYPE_GUID_EXTENSION,
> + sizeof (SEC_PLATFORM_INFORMATION_CONTEXT_HOB),
> + (VOID **) &SecPlatformInformationContextHob
> + );
> + ASSERT_EFI_ERROR (Status);
> + if (EFI_ERROR (Status)) {
> + DEBUG ((DEBUG_ERROR, "SecPlatformInformation Context HOB could not be created.\n"));
> + return Status;
> + }
> +
> + SecPlatformInformationContextHob->Header.Name = gEfiCallerIdGuid;
> + SecPlatformInformationContextHob->Revision = 1;
> +
> + Status = PeiServicesLocatePpi (
> + &gPeiSecPerformancePpiGuid,
> + 0,
> + &PeiPpiDescriptor,
> + (VOID **) &PeiPpi
> + );
> + if (!EFI_ERROR (Status)) {
> + Status = ((PEI_SEC_PERFORMANCE_PPI *) PeiPpi)->GetPerformance (
> + GetPeiServicesTablePointer (),
> + (PEI_SEC_PERFORMANCE_PPI *) PeiPpi,
> + &SecPlatformInformationContextHob->FirmwareSecPerformance
> + );
> + ASSERT_EFI_ERROR (Status);
> + if (!EFI_ERROR (Status)) {
> + Status = PeiServicesReInstallPpi (
> + PeiPpiDescriptor,
> + &mSecPerformancePpiDescriptor
> + );
> + ASSERT_EFI_ERROR (Status);
> + }
> + }
> +
> + Status = PeiServicesLocatePpi (
> + &gEfiSecPlatformInformationPpiGuid,
> + 0,
> + &PeiPpiDescriptor,
> + (VOID **) &PeiPpi
> + );
> + if (!EFI_ERROR (Status)) {
> + Status = ((EFI_SEC_PLATFORM_INFORMATION_PPI *) PeiPpi)->PlatformInformation (
> + GetPeiServicesTablePointer (),
> + &SecStructureSize,
> + SecPlatformInformationPtr
> + );
> + ASSERT (Status == EFI_BUFFER_TOO_SMALL);
> + if (Status != EFI_BUFFER_TOO_SMALL) {
> + return EFI_NOT_FOUND;
> + }
> +
> + ZeroMem ((VOID *) &(SecPlatformInformationContextHob->Context), sizeof (SEC_PLATFORM_INFORMATION_CONTEXT));
> + SecPlatformInformationContextHob->Context.PlatformInformationRecord = AllocatePool ((UINTN) SecStructureSize);
> + ASSERT (SecPlatformInformationContextHob->Context.PlatformInformationRecord != NULL);
> + if (SecPlatformInformationContextHob->Context.PlatformInformationRecord == NULL) {
> + return EFI_OUT_OF_RESOURCES;
> + }
> + SecPlatformInformationContextHob->Context.StructureSize = SecStructureSize;
> +
> + Status = ((EFI_SEC_PLATFORM_INFORMATION_PPI *) PeiPpi)->PlatformInformation (
> + GetPeiServicesTablePointer (),
> + &(SecPlatformInformationContextHob->Context.StructureSize),
> + SecPlatformInformationContextHob->Context.PlatformInformationRecord
> + );
> + ASSERT_EFI_ERROR (Status);
> + if (!EFI_ERROR (Status)) {
> + Status = PeiServicesReInstallPpi (
> + PeiPpiDescriptor,
> + &mSecPlatformInformationPostMemoryDescriptor
> + );
> + ASSERT_EFI_ERROR (Status);
> + }
> + }
> +
> + return EFI_SUCCESS;
> +}
> +
> +/**
> + This function is the entry point which installs an instance of REPUBLISH_SEC_PPI_PPI.
> +
> + @param[in] FileHandle Pointer to image file handle.
> + @param[in] PeiServices Pointer to PEI Services Table
> +
> + @retval EFI_SUCCESS An instance of REPUBLISH_SEC_PPI_PPI was installed successfully.
> + @retval Others An error occurred installing and instance of REPUBLISH_SEC_PPI_PPI.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +SecMigrationPeiInitialize (
> + IN EFI_PEI_FILE_HANDLE FileHandle,
> + IN CONST EFI_PEI_SERVICES **PeiServices
> + )
> +{
> + EFI_STATUS Status;
> +
> + Status = PeiServicesInstallPpi (&mEdkiiRepublishSecPpiDescriptor);
> + ASSERT_EFI_ERROR (Status);
> +
> + return Status;
> +}
> diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.h b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.h
> new file mode 100644
> index 000000000000..372f8044bdb2
> --- /dev/null
> +++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.h
> @@ -0,0 +1,170 @@
> +/** @file
> + Migrates SEC structures after permanent memory is installed.
> +
> + Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#ifndef __SEC_MIGRATION_H__
> +#define __SEC_MIGRATION_H__
> +
> +#include <Base.h>
> +
> +#include <Pi/PiPeiCis.h>
> +#include <Ppi/RepublishSecPpi.h>
> +#include <Ppi/SecPerformance.h>
> +#include <Ppi/SecPlatformInformation.h>
> +#include <Ppi/SecPlatformInformation2.h>
> +#include <Ppi/TemporaryRamDone.h>
> +#include <Ppi/TemporaryRamSupport.h>
> +
> +/**
> + This interface conveys state information out of the Security (SEC) phase into PEI.
> +
> + @param[in] PeiServices Pointer to the PEI Services Table.
> + @param[in,out] StructureSize Pointer to the variable describing size of the input buffer.
> + @param[out] PlatformInformationRecord Pointer to the EFI_SEC_PLATFORM_INFORMATION_RECORD.
> +
> + @retval EFI_SUCCESS The data was successfully returned.
> + @retval EFI_BUFFER_TOO_SMALL The buffer was too small.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +SecPlatformInformationPostMemory (
> + IN CONST EFI_PEI_SERVICES **PeiServices,
> + IN OUT UINT64 *StructureSize,
> + OUT EFI_SEC_PLATFORM_INFORMATION_RECORD *PlatformInformationRecord
> + );
> +
> +/**
> + Re-installs the SEC Platform Information PPIs to implementation in this module to support post-memory.
> +
> + @param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
> + @param[in] NotifyDescriptor Address of the notification descriptor data structure.
> + @param[in] Ppi Address of the PPI that was installed.
> +
> + @retval EFI_SUCCESS The SEC Platform Information PPI could not be re-installed.
> + @return Others An error occurred during PPI re-install.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +SecPlatformInformationPpiNotifyCallback (
> + IN EFI_PEI_SERVICES **PeiServices,
> + IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
> + IN VOID *Ppi
> + );
> +
> +/**
> + This interface re-installs PPIs installed in SecCore from a post-memory PEIM.
> +
> + This is to allow a platform that may not support relocation of SecCore to update the PPI instance to a post-memory
> + copy from a PEIM that has been shadowed to permanent memory.
> +
> + @retval EFI_SUCCESS The SecCore PPIs were re-installed successfully.
> + @retval Others An error occurred re-installing the SecCore PPIs.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +RepublishSecPpis (
> + VOID
> + );
> +
> +/**
> + Disables the use of Temporary RAM.
> +
> + If present, this service is invoked by the PEI Foundation after
> + the EFI_PEI_PERMANANT_MEMORY_INSTALLED_PPI is installed.
> +
> + @retval EFI_SUCCESS Use of Temporary RAM was disabled.
> + @retval EFI_INVALID_PARAMETER Temporary RAM could not be disabled.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +SecTemporaryRamDonePostMemory (
> + VOID
> + );
> +
> +/**
> + This service of the EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI that migrates temporary RAM into
> + permanent memory.
> +
> + @param PeiServices Pointer to the PEI Services Table.
> + @param TemporaryMemoryBase Source Address in temporary memory from which the SEC or PEIM will copy the
> + Temporary RAM contents.
> + @param PermanentMemoryBase Destination Address in permanent memory into which the SEC or PEIM will copy the
> + Temporary RAM contents.
> + @param CopySize Amount of memory to migrate from temporary to permanent memory.
> +
> + @retval EFI_SUCCESS The data was successfully returned.
> + @retval EFI_INVALID_PARAMETER PermanentMemoryBase + CopySize > TemporaryMemoryBase when
> + TemporaryMemoryBase > PermanentMemoryBase.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +SecTemporaryRamSupportPostMemory (
> + IN CONST EFI_PEI_SERVICES **PeiServices,
> + IN EFI_PHYSICAL_ADDRESS TemporaryMemoryBase,
> + IN EFI_PHYSICAL_ADDRESS PermanentMemoryBase,
> + IN UINTN CopySize
> + );
> +
> +/**
> + This interface conveys performance information out of the Security (SEC) phase into PEI.
> +
> + This service is published by the SEC phase. The SEC phase handoff has an optional
> + EFI_PEI_PPI_DESCRIPTOR list as its final argument when control is passed from SEC into the
> + PEI Foundation. As such, if the platform supports collecting performance data in SEC,
> + this information is encapsulated into the data structure abstracted by this service.
> + This information is collected for the boot-strap processor (BSP) on IA-32.
> +
> + @param[in] PeiServices The pointer to the PEI Services Table.
> + @param[in] This The pointer to this instance of the PEI_SEC_PERFORMANCE_PPI.
> + @param[out] Performance The pointer to performance data collected in SEC phase.
> +
> + @retval EFI_SUCCESS The performance data was successfully returned.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +GetPerformancePostMemory (
> + IN CONST EFI_PEI_SERVICES **PeiServices,
> + IN PEI_SEC_PERFORMANCE_PPI *This,
> + OUT FIRMWARE_SEC_PERFORMANCE *Performance
> + );
> +
> +// /**
> +// Disables the use of Temporary RAM.
> +
> +// If present, this service is invoked by the PEI Foundation after
> +// the EFI_PEI_PERMANANT_MEMORY_INSTALLED_PPI is installed.
> +
> +// @retval EFI_SUCCESS Use of Temporary RAM was disabled.
> +// @retval EFI_INVALID_PARAMETER Temporary RAM could not be disabled.
> +
> +// **/
> +// EFI_STATUS
> +// EFIAPI
> +// SecTemporaryRamDonePostMemory (
> +// VOID
> +// );
> +
> +typedef struct {
> + UINT64 StructureSize;
> + EFI_SEC_PLATFORM_INFORMATION_RECORD *PlatformInformationRecord;
> +} SEC_PLATFORM_INFORMATION_CONTEXT;
> +
> +typedef struct {
> + EFI_HOB_GUID_TYPE Header;
> + UINT8 Revision;
> + UINT8 Reserved[3];
> + FIRMWARE_SEC_PERFORMANCE FirmwareSecPerformance;
> + SEC_PLATFORM_INFORMATION_CONTEXT Context;
> +} SEC_PLATFORM_INFORMATION_CONTEXT_HOB;
> +
> +#endif
> diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf
> new file mode 100644
> index 000000000000..e29c04710941
> --- /dev/null
> +++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf
> @@ -0,0 +1,64 @@
> +## @file
> +# Migrates SEC structures after permanent memory is installed.
> +#
> +# Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
> +#
> +##
> +
> +[Defines]
> + INF_VERSION = 0x00010005
> + BASE_NAME = SecMigrationPei
> + MODULE_UNI_FILE = SecMigrationPei.uni
> + FILE_GUID = 58B35361-8922-41BC-B313-EF7ED9ADFDF7
> + MODULE_TYPE = PEIM
> + VERSION_STRING = 1.0
> + ENTRY_POINT = SecMigrationPeiInitialize
> +
> +#
> +# The following information is for reference only and not required by the build tools.
> +#
> +# VALID_ARCHITECTURES = IA32 X64 EBC
> +#
> +
> +[Sources]
> + SecMigrationPei.c
> +
> +[Packages]
> + MdePkg/MdePkg.dec
> + MdeModulePkg/MdeModulePkg.dec
> + UefiCpuPkg/UefiCpuPkg.dec
> +
> +[LibraryClasses]
> + BaseLib
> + BaseMemoryLib
> + DebugLib
> + HobLib
> + MemoryAllocationLib
> + PeimEntryPoint
> + PeiServicesLib
> + PeiServicesTablePointerLib
> +
> +[Ppis]
> + ## PRODUCES
> + gRepublishSecPpiPpiGuid
> +
> + ## SOMETIMES_PRODUCES
> + gEfiTemporaryRamDonePpiGuid
> +
> + ## SOMETIME_PRODUCES
> + gEfiTemporaryRamSupportPpiGuid
> +
> + ## SOMETIMES_PRODUCES
> + gPeiSecPerformancePpiGuid
> +
> + ## SOMETIMES_CONSUMES
> + ## PRODUCES
> + gEfiSecPlatformInformationPpiGuid
> +
> + ## SOMETIMES_CONSUMES
> + ## SOMETIMES_PRODUCES
> + gEfiSecPlatformInformation2PpiGuid
> +
> +[Depex]
> + TRUE
> diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.uni b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.uni
> new file mode 100644
> index 000000000000..62c2064ba217
> --- /dev/null
> +++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.uni
> @@ -0,0 +1,13 @@
> +// /** @file
> +// Migrates SEC structures after permanent memory is installed.
> +//
> +// Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> +// SPDX-License-Identifier: BSD-2-Clause-Patent
> +//
> +// **/
> +
> +
> +#string STR_MODULE_ABSTRACT #language en-US "Migrates SEC structures after permanent memory is installed"
> +
> +#string STR_MODULE_DESCRIPTION #language en-US "Migrates SEC structures after permanent memory is installed."
> +
> diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
> index 762badf5d239..0a005bd20311 100644
> --- a/UefiCpuPkg/UefiCpuPkg.dec
> +++ b/UefiCpuPkg/UefiCpuPkg.dec
> @@ -66,6 +66,10 @@ [Guids]
> ## Include/Guid/MicrocodePatchHob.h
> gEdkiiMicrocodePatchHobGuid = { 0xd178f11d, 0x8716, 0x418e, { 0xa1, 0x31, 0x96, 0x7d, 0x2a, 0xc4, 0x28, 0x43 }}
>
> +[Ppis]
> + ## Include/Ppi/RepublishSecPpi.h
> + gRepublishSecPpiPpiGuid = { 0x27a71b1e, 0x73ee, 0x43d6, { 0xac, 0xe3, 0x52, 0x1a, 0x2d, 0xc5, 0xd0, 0x92 }}
> +
> [Protocols]
> ## Include/Protocol/SmmCpuService.h
> gEfiSmmCpuServiceProtocolGuid = { 0x1d202cab, 0xc8ab, 0x4d5c, { 0x94, 0xf7, 0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }}
> diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
> index afa304128221..964720048dd7 100644
> --- a/UefiCpuPkg/UefiCpuPkg.dsc
> +++ b/UefiCpuPkg/UefiCpuPkg.dsc
> @@ -146,6 +146,7 @@ [Components.IA32, Components.X64]
> UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationPei.inf
> UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationSmm.inf
> UefiCpuPkg/SecCore/SecCore.inf
> + UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf
> UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf
> UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf {
> <Defines>
>
next prev parent reply other threads:[~2020-07-03 11:38 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-02 5:15 [PATCH v2 0/9] Migrate Pointer from flash to permanent memory (CVE-2019-11098) Guomin Jiang
2020-07-02 5:15 ` [PATCH v2 1/9] MdeModulePkg/PeiCore: Enable T-RAM evacuation in PeiCore (CVE-2019-11098) Guomin Jiang
2020-07-03 12:22 ` [edk2-devel] " Laszlo Ersek
2020-07-03 13:52 ` Laszlo Ersek
2020-07-02 5:15 ` [PATCH v2 2/9] UefiCpuPkg/CpuMpPei: Add GDT and IDT migration support (CVE-2019-11098) Guomin Jiang
2020-07-02 7:36 ` [edk2-devel] " Ni, Ray
2020-07-03 11:36 ` Laszlo Ersek
2020-07-03 11:52 ` Laszlo Ersek
2020-07-03 13:57 ` Laszlo Ersek
2020-07-03 14:33 ` Laszlo Ersek
2020-07-02 5:15 ` [PATCH v2 3/9] UefiCpuPkg/SecMigrationPei: Add initial PEIM (CVE-2019-11098) Guomin Jiang
2020-07-03 11:38 ` Laszlo Ersek [this message]
2020-07-02 5:15 ` [PATCH v2 4/9] MdeModulePkg/DxeIplPeim: Register for shadow on S3 shadowed boot (CVE-2019-11098) Guomin Jiang
2020-07-03 14:00 ` [edk2-devel] " Laszlo Ersek
2020-07-03 14:23 ` Laszlo Ersek
2020-07-02 5:15 ` [PATCH v2 5/9] MdeModulePkg/Core: Create Migrated FV Info Hob for calculating hash (CVE-2019-11098) Guomin Jiang
2020-07-03 14:03 ` [edk2-devel] " Laszlo Ersek
2020-07-02 5:15 ` [PATCH v2 6/9] SecurityPkg/Tcg2Pei: Use " Guomin Jiang
2020-07-02 5:15 ` [PATCH v2 7/9] MdeModulePkg/Core: Add switch to enable or disable TOCTOU feature (CVE-2019-11098) Guomin Jiang
2020-07-03 12:48 ` [edk2-devel] " Laszlo Ersek
2020-07-02 5:15 ` [PATCH v2 8/9] UefiCpuPkg/SecMigrationPei: Add switch to control if produce PPI (CVE-2019-11098) Guomin Jiang
2020-07-03 14:05 ` [edk2-devel] " Laszlo Ersek
2020-07-02 5:15 ` [PATCH v2 9/9] UefiCpuPkg/CpuMpPei: Enable paging and set NP flag to avoid TOCTOU (CVE-2019-11098) Guomin Jiang
2020-07-03 13:11 ` [edk2-devel] " Laszlo Ersek
2020-07-03 14:06 ` [edk2-devel] [PATCH v2 0/9] Migrate Pointer from flash to permanent memory (CVE-2019-11098) Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=88685b8d-1944-e864-2219-e0687f4446c2@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox