From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=104.47.2.83; helo=eur01-db5-obe.outbound.protection.outlook.com; envelope-from=supreeth.venkatesh@arm.com; receiver=edk2-devel@lists.01.org Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-db5eur01on0083.outbound.protection.outlook.com [104.47.2.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 1C728203BEA3A for ; Fri, 4 May 2018 16:21:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=QxZqHOk4nPY0E8w12AzyjDSaB2XBDUTarFWgVhHmChM=; b=UQwId7VYQfmTHKktvyUVcqCQcSYN/7UODlXSlrVKRJKwbhnjowwVRDO6r8t6ZWaChWe68aY6P6F5fW+C9G3Ipa/NifJkWUPe41OoweSi2bULrEUs/lxoEqe3jJNlzzFty3Pez4LG5yaGz7pelNcxY3kSCWkfeArR0igfh4p/hhE= Received: from AM4PR0802MB2306.eurprd08.prod.outlook.com (10.172.218.15) by AM4PR0802MB2196.eurprd08.prod.outlook.com (10.172.217.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.735.16; Fri, 4 May 2018 23:21:28 +0000 Received: from AM4PR0802MB2306.eurprd08.prod.outlook.com ([fe80::e117:6f62:6a9b:6be4]) by AM4PR0802MB2306.eurprd08.prod.outlook.com ([fe80::e117:6f62:6a9b:6be4%8]) with mapi id 15.20.0735.016; Fri, 4 May 2018 23:21:28 +0000 From: Supreeth Venkatesh To: Achin Gupta CC: "edk2-devel@lists.01.org" Thread-Topic: [PATCH v1 08/18] StandaloneMmPkg/MemLib: AARCH64 Specific instance of memory check library. Thread-Index: AQHTzbWb3/TMvIa9t0C56x/JGsZY36QDj2SAgByCRgA= Date: Fri, 4 May 2018 23:21:28 +0000 Message-ID: References: <20180406144223.10931-1-supreeth.venkatesh@arm.com> <20180406144223.10931-9-supreeth.venkatesh@arm.com> <20180416151258.GP663@e104320-lin> In-Reply-To: <20180416151258.GP663@e104320-lin> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Supreeth.Venkatesh@arm.com; x-originating-ip: [217.140.111.135] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; AM4PR0802MB2196; 7:w8Upu5LBBLJqkQBRPJ+tBhkhIrkdI5pU3ubxvjyGOS9AWeaSSbsA+dgvMOzRP0qJ48jMzdw1vjhpCX3+sPzimflGssdNvaXJOzfpgpY03t/C42LvjNp5Nz50zBbxEWm+2FT+Il5zT3NfG8lr10Wk9gkpxf4685A1Tm2gRdR+q348snyPAP7aWLPBA74fddVJCsnl+bLa6lsKIieoBpo6fatkKRrrg0MYIs59c9zym6KCI/VVfIhSWDYuB/JngYv9 x-ms-exchange-antispam-srfa-diagnostics: SOS;SOR; x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(2017052603328)(7153060)(7193020); SRVR:AM4PR0802MB2196; x-ms-traffictypediagnostic: AM4PR0802MB2196: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(180628864354917)(192374486261705)(162533806227266)(228905959029699); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231254)(944501410)(52105095)(10201501046)(93006095)(93001095)(3002001)(6055026)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123560045)(20161123562045)(20161123558120)(6072148)(201708071742011); SRVR:AM4PR0802MB2196; BCL:0; PCL:0; RULEID:; SRVR:AM4PR0802MB2196; x-forefront-prvs: 06628F7CA4 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6029001)(39860400002)(346002)(39380400002)(396003)(376002)(366004)(13464003)(199004)(189003)(40434004)(105586002)(446003)(8936002)(106356001)(4326008)(11346002)(476003)(486006)(966005)(72206003)(5660300001)(6116002)(478600001)(305945005)(7736002)(3846002)(25786009)(81156014)(81166006)(8676002)(66066001)(14454004)(97736004)(316002)(5250100002)(3280700002)(99286004)(6246003)(86362001)(3660700001)(53946003)(74316002)(6306002)(9686003)(55016002)(6436002)(229853002)(102836004)(6862004)(2906002)(6636002)(6506007)(68736007)(59450400001)(53546011)(15188155005)(16799955002)(53376002)(33656002)(26005)(2900100001)(76176011)(7696005)(53936002)(5890100001)(579004); DIR:OUT; SFP:1101; SCL:1; SRVR:AM4PR0802MB2196; H:AM4PR0802MB2306.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: GbWrPUtp3P2Ot+ipk2p6la6uppqxWkSNMheqnkZ2VdVkSMka8uqjqRkOvhSgLrCNxjXxoX+XSsO6epeikDpAV8YqNhS9JVRzAJ1/KGoRVBb4p9XRqa3CTl8ixEYgjKJ77gISEdEKWrnfz0Qm0j4P2Pvx+DXcCSZ1xJSRwn1EVbmey4nvaHjHSXwYIaulQCZb spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: 8b35c30c-ab5f-48a2-e180-08d5b215c387 X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8b35c30c-ab5f-48a2-e180-08d5b215c387 X-MS-Exchange-CrossTenant-originalarrivaltime: 04 May 2018 23:21:28.6375 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR0802MB2196 Subject: Re: [PATCH v1 08/18] StandaloneMmPkg/MemLib: AARCH64 Specific instance of memory check library. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 May 2018 23:21:31 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable My response inline. -----Original Message----- From: Achin Gupta Sent: Monday, April 16, 2018 10:13 AM To: Supreeth Venkatesh Cc: edk2-devel@lists.01.org; michael.d.kinney@intel.com; liming.gao@intel.c= om; jiewen.yao@intel.com; leif.lindholm@linaro.org; ard.biesheuvel@linaro.o= rg; nd Subject: Re: [PATCH v1 08/18] StandaloneMmPkg/MemLib: AARCH64 Specific inst= ance of memory check library. Hi Supreeth, On Fri, Apr 06, 2018 at 03:42:13PM +0100, Supreeth Venkatesh wrote: > MM memory check library library implementation. This library consumes > MM_ACCESS_PROTOCOL to get MMRAM information. In order to use this > library instance, the platform should produce all MMRAM range via > MM_ACCESS_PROTOCOL, including the range for firmware (like MM Core and > MM driver) and/or specific dedicated hardware. > > This patch provides services for MM Memory Operation. > The management mode Mem Library provides function for checking if > buffer is outside MMRAM and valid. It also provides functions for copy > data from MMRAM to non-MMRAM, from non-MMRAM to MMRAM, from non-MMRAM > to non-MMRAM, or set data in non-MMRAM. > > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Achin Gupta > Signed-off-by: Supreeth Venkatesh > --- > StandaloneMmPkg/Include/Library/MemLib.h | 140 ++++++++++++++ > StandaloneMmPkg/Library/MemLib/Arm/MemLib.c | 276 > ++++++++++++++++++++++++++++ Why is this Library Arm specific. Apart from cosmetics tweaks, it has not c= hanged since it was originally contributed? [Supreeth] Modified it to separate out MmMemLibInternalCalculateMaximumSupp= ortAddress() specific to archictecture as mentioned by Jiewen. Rest of them= are generic. cheers, Achin > StandaloneMmPkg/Library/MemLib/MemLib.inf | 47 +++++ > 3 files changed, 463 insertions(+) > create mode 100644 StandaloneMmPkg/Include/Library/MemLib.h > create mode 100644 StandaloneMmPkg/Library/MemLib/Arm/MemLib.c > create mode 100644 StandaloneMmPkg/Library/MemLib/MemLib.inf > > diff --git a/StandaloneMmPkg/Include/Library/MemLib.h > b/StandaloneMmPkg/Include/Library/MemLib.h > new file mode 100644 > index 0000000000..3264f10010 > --- /dev/null > +++ b/StandaloneMmPkg/Include/Library/MemLib.h > @@ -0,0 +1,140 @@ > +/** @file > + Provides services for MM Memory Operation. > + > + The MM Mem Library provides function for checking if buffer is outside= MMRAM and valid. > + It also provides functions for copy data from MMRAM to non-MMRAM, > + from non-MMRAM to MMRAM, from non-MMRAM to non-MMRAM, or set data in n= on-MMRAM. > + > + Copyright (c) 2015, Intel Corporation. All rights reserved.
> + Copyright (c) 2016 - 2017, ARM Limited. All rights reserved.
> + > + This program and the accompanying materials are licensed and made > + available under the terms and conditions of the BSD License which > + accompanies this distribution. The full text of the license may be > + found at http://opensource.org/licenses/bsd-license.php > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" > + BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRE= SS OR IMPLIED. > + > +**/ > + > +#ifndef _MM_MEM_LIB_H_ > +#define _MM_MEM_LIB_H_ > + > +/** > + This function check if the buffer is valid per processor architecture = and not overlap with MMRAM. > + > + @param Buffer The buffer start address to be checked. > + @param Length The buffer length to be checked. > + > + @retval TRUE This buffer is valid per processor architecture and not = overlap with MMRAM. > + @retval FALSE This buffer is not valid per processor architecture or o= verlap with MMRAM. > +**/ > +BOOLEAN > +EFIAPI > +MmIsBufferOutsideMmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64 Length > + ); > + > +/** > + Copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buff= er (MMRAM). > + It checks if source buffer is valid per processor architecture and not= overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it return EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of t= he memory copy. > + @param SourceBuffer The pointer to the source buffer of the me= mory copy. > + @param Length The number of bytes to copy from SourceBuf= fer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per process= or architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemToSmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ); > + > +/** > + Copies a source buffer (MMRAM) to a destination buffer (NON-MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buff= er (MMRAM). > + It checks if destination buffer is valid per processor architecture an= d not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of t= he memory copy. > + @param SourceBuffer The pointer to the source buffer of the me= mory copy. > + @param Length The number of bytes to copy from SourceBuf= fer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per pro= cessor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemFromSmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ); > + > +/** > + Copies a source buffer (NON-MMRAM) to a destination buffer (NON-MMRAM)= . > + > + This function copies a source buffer (non-MMRAM) to a destination buff= er (MMRAM). > + It checks if source buffer and destination buffer are valid per proces= sor architecture and not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant, and it must handle the case wher= e source buffer overlaps destination buffer. > + > + @param DestinationBuffer The pointer to the destination buffer of t= he memory copy. > + @param SourceBuffer The pointer to the source buffer of the me= mory copy. > + @param Length The number of bytes to copy from SourceBuf= fer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per pro= cessor architecture or overlap with MMRAM. > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per process= or architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMem ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ); > + > +/** > + Fills a target buffer (NON-MMRAM) with a byte value. > + > + This function fills a target buffer (non-MMRAM) with a byte value. > + It checks if target buffer is valid per processor architecture and not= overlap with MMRAM. > + If the check passes, it fills memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + > + @param Buffer The memory to set. > + @param Length The number of bytes to set. > + @param Value The value with which to fill Length bytes of Buffer. > + > + @retval EFI_SECURITY_VIOLATION The Buffer is invalid per processor arc= hitecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is set. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmSetMem ( > + OUT VOID *Buffer, > + IN UINTN Length, > + IN UINT8 Value > + ); > + > +#endif > diff --git a/StandaloneMmPkg/Library/MemLib/Arm/MemLib.c > b/StandaloneMmPkg/Library/MemLib/Arm/MemLib.c > new file mode 100644 > index 0000000000..432a45698b > --- /dev/null > +++ b/StandaloneMmPkg/Library/MemLib/Arm/MemLib.c > @@ -0,0 +1,276 @@ > +/** @file > + Instance of MM memory check library. > + > + MM memory check library library implementation. This library > + consumes MM_ACCESS_PROTOCOL to get MMRAM information. In order to > + use this library instance, the platform should produce all MMRAM > + range via MM_ACCESS_PROTOCOL, including the range for firmware (like MM= Core and MM driver) and/or specific dedicated hardware. > + > + Copyright (c) 2015, Intel Corporation. All rights reserved.
> + Copyright (c) 2016 - 2017, ARM Limited. All rights reserved.
> + > + This program and the accompanying materials are licensed and made > + available under the terms and conditions of the BSD License which > + accompanies this distribution. The full text of the license may be > + found at http://opensource.org/licenses/bsd-license.php > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" > + BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRE= SS OR IMPLIED. > + > +**/ > + > + > +#include > + > +#include > +#include > +#include > + > +EFI_MMRAM_DESCRIPTOR *mMmMemLibInternalMmramRanges; > +UINTN mMmMemLibInternalMmramCount; > + > +// > +// Maximum support address used to check input buffer // > +EFI_PHYSICAL_ADDRESS mMmMemLibInternalMaximumSupportAddress =3D 0; > + > +/** > + Calculate and save the maximum support address. > + > +**/ > +VOID > +MmMemLibInternalCalculateMaximumSupportAddress ( > + VOID > + ) > +{ > + UINT8 PhysicalAddressBits; > + > + PhysicalAddressBits =3D 36; > + > + // > + // Save the maximum support address in one global variable > + // > + mMmMemLibInternalMaximumSupportAddress =3D > +(EFI_PHYSICAL_ADDRESS)(UINTN)(LShiftU64 (1, PhysicalAddressBits) - > +1); > + DEBUG ((DEBUG_INFO, "mMmMemLibInternalMaximumSupportAddress =3D > +0x%lx\n", mMmMemLibInternalMaximumSupportAddress)); > +} > + > +/** > + This function check if the buffer is valid per processor architecture = and not overlap with MMRAM. > + > + @param Buffer The buffer start address to be checked. > + @param Length The buffer length to be checked. > + > + @retval TRUE This buffer is valid per processor architecture and not = overlap with MMRAM. > + @retval FALSE This buffer is not valid per processor architecture or o= verlap with MMRAM. > +**/ > +BOOLEAN > +EFIAPI > +MmIsBufferOutsideMmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64 Length > + ) > +{ > + UINTN Index; > + > + // > + // Check override. > + // NOTE: (B:0->L:4G) is invalid for IA32, but (B:1->L:4G-1)/(B:4G-1->L= :1) is valid. > + // > + if ((Length > mMmMemLibInternalMaximumSupportAddress) || > + (Buffer > mMmMemLibInternalMaximumSupportAddress) || > + ((Length !=3D 0) && (Buffer > (mMmMemLibInternalMaximumSupportAddr= ess - (Length - 1)))) ) { > + // > + // Overflow happen > + // > + DEBUG (( > + DEBUG_ERROR, > + "MmIsBufferOutsideMmValid: Overflow: Buffer (0x%lx) - Length (0x%l= x), MaximumSupportAddress (0x%lx)\n", > + Buffer, > + Length, > + mMmMemLibInternalMaximumSupportAddress > + )); > + return FALSE; > + } > + > + for (Index =3D 0; Index < mMmMemLibInternalMmramCount; Index ++) { > + if (((Buffer >=3D mMmMemLibInternalMmramRanges[Index].CpuStart) && (= Buffer < mMmMemLibInternalMmramRanges[Index].CpuStart + mMmMemLibInternalMm= ramRanges[Index].PhysicalSize)) || > + ((mMmMemLibInternalMmramRanges[Index].CpuStart >=3D Buffer) && (= mMmMemLibInternalMmramRanges[Index].CpuStart < Buffer + Length))) { > + DEBUG (( > + DEBUG_ERROR, > + "MmIsBufferOutsideMmValid: Overlap: Buffer (0x%lx) - Length (0x%= lx), ", > + Buffer, > + Length > + )); > + DEBUG (( > + DEBUG_ERROR, > + "CpuStart (0x%lx) - PhysicalSize (0x%lx)\n", > + mMmMemLibInternalMmramRanges[Index].CpuStart, > + mMmMemLibInternalMmramRanges[Index].PhysicalSize > + )); > + return FALSE; > + } > + } > + > + return TRUE; > +} > + > +/** > + Copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buff= er (MMRAM). > + It checks if source buffer is valid per processor architecture and not= overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it return EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of t= he memory copy. > + @param SourceBuffer The pointer to the source buffer of the me= mory copy. > + @param Length The number of bytes to copy from SourceBuf= fer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per process= or architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemToMmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ) > +{ > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)SourceBuff= er, Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMemToMmram: Security Violation: Source (= 0x%x), Length (0x%x)\n", SourceBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + CopyMem (DestinationBuffer, SourceBuffer, Length); > + return EFI_SUCCESS; > +} > + > +/** > + Copies a source buffer (MMRAM) to a destination buffer (NON-MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buff= er (MMRAM). > + It checks if destination buffer is valid per processor architecture an= d not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of t= he memory copy. > + @param SourceBuffer The pointer to the source buffer of the me= mory copy. > + @param Length The number of bytes to copy from SourceBuf= fer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per pro= cessor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemFromMmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ) > +{ > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)Destinatio= nBuffer, Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMemFromMmram: Security Violation: Destin= ation (0x%x), Length (0x%x)\n", DestinationBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + CopyMem (DestinationBuffer, SourceBuffer, Length); > + return EFI_SUCCESS; > +} > + > +/** > + Copies a source buffer (NON-MMRAM) to a destination buffer (NON-MMRAM)= . > + > + This function copies a source buffer (non-MMRAM) to a destination buff= er (MMRAM). > + It checks if source buffer and destination buffer are valid per proces= sor architecture and not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant, and it must handle the case wher= e source buffer overlaps destination buffer. > + > + @param DestinationBuffer The pointer to the destination buffer of t= he memory copy. > + @param SourceBuffer The pointer to the source buffer of the me= mory copy. > + @param Length The number of bytes to copy from SourceBuf= fer to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per pro= cessor architecture or overlap with MMRAM. > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per process= or architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMem ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ) > +{ > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)Destinatio= nBuffer, Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMem: Security Violation: Destination (0x= %x), Length (0x%x)\n", DestinationBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)SourceBuff= er, Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMem: Security Violation: Source (0x%x), = Length (0x%x)\n", SourceBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + CopyMem (DestinationBuffer, SourceBuffer, Length); > + return EFI_SUCCESS; > +} > + > +/** > + Fills a target buffer (NON-MMRAM) with a byte value. > + > + This function fills a target buffer (non-MMRAM) with a byte value. > + It checks if target buffer is valid per processor architecture and not= overlap with MMRAM. > + If the check passes, it fills memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + > + @param Buffer The memory to set. > + @param Length The number of bytes to set. > + @param Value The value with which to fill Length bytes of Buffer. > + > + @retval EFI_SECURITY_VIOLATION The Buffer is invalid per processor arc= hitecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is set. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmSetMem ( > + OUT VOID *Buffer, > + IN UINTN Length, > + IN UINT8 Value > + ) > +{ > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)Buffer, Le= ngth)) { > + DEBUG ((DEBUG_ERROR, "MmSetMem: Security Violation: Source (0x%x), L= ength (0x%x)\n", Buffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + SetMem (Buffer, Length, Value); > + return EFI_SUCCESS; > +} > + > +/** > + The constructor function initializes the Mm Mem library > + > + @param ImageHandle The firmware allocated handle for the EFI image. > + @param SystemTable A pointer to the EFI System Table. > + > + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. > + > +**/ > +EFI_STATUS > +EFIAPI > +MemLibConstructor ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_MM_SYSTEM_TABLE *MmSystemTable > + ) > +{ > + > + // > + // Calculate and save maximum support address // > + MmMemLibInternalCalculateMaximumSupportAddress (); > + > + return EFI_SUCCESS; > +} > diff --git a/StandaloneMmPkg/Library/MemLib/MemLib.inf > b/StandaloneMmPkg/Library/MemLib/MemLib.inf > new file mode 100644 > index 0000000000..52b7c06397 > --- /dev/null > +++ b/StandaloneMmPkg/Library/MemLib/MemLib.inf > @@ -0,0 +1,47 @@ > +## @file > +# Instance of MM memory check library. > +# > +# MM memory check library library implementation. This library > +consumes MM_ACCESS_PROTOCOL # to get MMRAM information. In order to > +use this library instance, the platform should produce # all MMRAM > +range via MM_ACCESS_PROTOCOL, including the range for firmware (like MM = Core # and MM driver) and/or specific dedicated hardware. > +# > +# Copyright (c) 2015, Intel Corporation. All rights reserved.
# > +Copyright (c) 2016 - 2017, ARM Limited. All rights reserved.
# # > +This program and the accompanying materials # are licensed and made > +available under the terms and conditions of the BSD License # which > +accompanies this distribution. The full text of the license may be > +found at # http://opensource.org/licenses/bsd-license.php > +# > +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" > +BASIS, # WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPR= ESS OR IMPLIED. > +# > +## > + > +[Defines] > + INF_VERSION =3D 0x0001001A > + BASE_NAME =3D MemLib > + FILE_GUID =3D EA355F14-6409-4716-829F-37B3BC7C7F2= 6 > + MODULE_TYPE =3D MM_STANDALONE > + VERSION_STRING =3D 1.0 > + PI_SPECIFICATION_VERSION =3D 0x00010032 > + LIBRARY_CLASS =3D MemLib|MM_STANDALONE MM_CORE_STANDA= LONE > + CONSTRUCTOR =3D MemLibConstructor > + > +# > +# The following information is for reference only and not required by th= e build tools. > +# > +# VALID_ARCHITECTURES =3D AARCH64 > +# > + > +[Sources.AARCH64] > + Arm/MemLib.c > + > +[Packages] > + MdePkg/MdePkg.dec > + StandaloneMmPkg/StandaloneMmPkg.dec > + > +[LibraryClasses] > + BaseMemoryLib > + DebugLib > -- > 2.16.2 > IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in = any medium. Thank you.