From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>,
"ard.biesheuvel@arm.com" <ard.biesheuvel@arm.com>
Cc: "Kinney, Michael D" <michael.d.kinney@intel.com>,
"Gao, Liming" <liming.gao@intel.com>,
Sami Mujawar <sami.mujawar@arm.com>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>
Subject: Re: [edk2-devel] [PATCH 5/5] StandaloneMmPkg/StandaloneMmCoreEntryPoint: relocate StMM core on the fly
Date: Sun, 14 Jun 2020 12:37:51 +0000 [thread overview]
Message-ID: <BL0PR11MB3412C8CA0A71B68C83A3043F8C9F0@BL0PR11MB3412.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20200610081740.54581-6-ard.biesheuvel@arm.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
I hope ARM expert can review this to double confirm.
Thank you
Yao Jiewen
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Ard
> Biesheuvel
> Sent: Wednesday, June 10, 2020 4:18 PM
> To: devel@edk2.groups.io
> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Yao,
> Jiewen <jiewen.yao@intel.com>; Sami Mujawar <sami.mujawar@arm.com>;
> Ilias Apalodimas <ilias.apalodimas@linaro.org>
> Subject: [edk2-devel] [PATCH 5/5]
> StandaloneMmPkg/StandaloneMmCoreEntryPoint: relocate StMM core on the
> fly
>
> Apply PE/COFF fixups when starting up the standalone MM core, so that
> it can execute at any address regardless of the link time address.
>
> Note that this requires the PE/COFF image to be emitted with its
> relocation section preserved. Special care is taken to ensure that
> TE images are dealt with correctly as well.
>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
> ---
> StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h
> | 2 ++
>
> StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermissi
> ons.c | 11 +++++++---
>
> StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalone
> MmCoreEntryPoint.c | 22 ++++++++++++++++++++
> 3 files changed, 32 insertions(+), 3 deletions(-)
>
> diff --git
> a/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h
> b/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h
> index 494bcf3dc28f..a3420699e6f1 100644
> ---
> a/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h
> +++
> b/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h
> @@ -82,6 +82,7 @@ EFI_STATUS
> EFIAPI
>
> UpdateMmFoundationPeCoffPermissions (
>
> IN CONST PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext,
>
> + IN EFI_PHYSICAL_ADDRESS ImageBase,
>
> IN UINT32 SectionHeaderOffset,
>
> IN CONST UINT16 NumberOfSections,
>
> IN REGION_PERMISSION_UPDATE_FUNC TextUpdater,
>
> @@ -107,6 +108,7 @@ EFIAPI
> GetStandaloneMmCorePeCoffSections (
>
> IN VOID *TeData,
>
> IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext,
>
> + OUT EFI_PHYSICAL_ADDRESS *ImageBase,
>
> IN OUT UINT32 *SectionHeaderOffset,
>
> IN OUT UINT16 *NumberOfSections
>
> );
>
> diff --git
> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermis
> sions.c
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermis
> sions.c
> index 00f49c9d0558..bf9650d54629 100644
> ---
> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermis
> sions.c
> +++
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermis
> sions.c
> @@ -29,6 +29,7 @@ EFI_STATUS
> EFIAPI
>
> UpdateMmFoundationPeCoffPermissions (
>
> IN CONST PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext,
>
> + IN EFI_PHYSICAL_ADDRESS ImageBase,
>
> IN UINT32 SectionHeaderOffset,
>
> IN CONST UINT16 NumberOfSections,
>
> IN REGION_PERMISSION_UPDATE_FUNC TextUpdater,
>
> @@ -87,7 +88,7 @@ UpdateMmFoundationPeCoffPermissions (
> // if it is a writeable section then mark it appropriately as well.
>
> //
>
> if ((SectionHeader.Characteristics & EFI_IMAGE_SCN_MEM_EXECUTE) == 0) {
>
> - Base = ImageContext->ImageAddress + SectionHeader.VirtualAddress;
>
> + Base = ImageBase + SectionHeader.VirtualAddress;
>
>
>
> TextUpdater (Base, SectionHeader.Misc.VirtualSize);
>
>
>
> @@ -153,6 +154,7 @@ STATIC
> EFI_STATUS
>
> GetPeCoffSectionInformation (
>
> IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext,
>
> + OUT EFI_PHYSICAL_ADDRESS *ImageBase,
>
> OUT UINT32 *SectionHeaderOffset,
>
> OUT UINT16 *NumberOfSections
>
> )
>
> @@ -212,6 +214,7 @@ GetPeCoffSectionInformation (
> return Status;
>
> }
>
>
>
> + *ImageBase = ImageContext->ImageAddress;
>
> if (!ImageContext->IsTeImage) {
>
> ASSERT (Hdr.Pe32->Signature == EFI_IMAGE_NT_SIGNATURE);
>
>
>
> @@ -232,7 +235,7 @@ GetPeCoffSectionInformation (
> } else {
>
> *SectionHeaderOffset = (UINTN)(sizeof (EFI_TE_IMAGE_HEADER));
>
> *NumberOfSections = Hdr.Te->NumberOfSections;
>
> - ImageContext->ImageAddress -= (UINT32)Hdr.Te->StrippedSize - sizeof
> (EFI_TE_IMAGE_HEADER);
>
> + *ImageBase -= (UINT32)Hdr.Te->StrippedSize - sizeof
> (EFI_TE_IMAGE_HEADER);
>
> }
>
> return RETURN_SUCCESS;
>
> }
>
> @@ -242,6 +245,7 @@ EFIAPI
> GetStandaloneMmCorePeCoffSections (
>
> IN VOID *TeData,
>
> IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext,
>
> + OUT EFI_PHYSICAL_ADDRESS *ImageBase,
>
> IN OUT UINT32 *SectionHeaderOffset,
>
> IN OUT UINT16 *NumberOfSections
>
> )
>
> @@ -255,7 +259,8 @@ GetStandaloneMmCorePeCoffSections (
>
>
> DEBUG ((DEBUG_INFO, "Found Standalone MM PE data - 0x%x\n", TeData));
>
>
>
> - Status = GetPeCoffSectionInformation (ImageContext, SectionHeaderOffset,
> NumberOfSections);
>
> + Status = GetPeCoffSectionInformation (ImageContext, ImageBase,
>
> + SectionHeaderOffset, NumberOfSections);
>
> if (EFI_ERROR (Status)) {
>
> DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM Core PE-COFF
> Section information - %r\n", Status));
>
> return Status;
>
> diff --git
> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> eMmCoreEntryPoint.c
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> eMmCoreEntryPoint.c
> index 20723385113f..9cecfa667b90 100644
> ---
> a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> eMmCoreEntryPoint.c
> +++
> b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon
> eMmCoreEntryPoint.c
> @@ -225,6 +225,7 @@ _ModuleEntryPoint (
> VOID *HobStart;
>
> VOID *TeData;
>
> UINTN TeDataSize;
>
> + EFI_PHYSICAL_ADDRESS ImageBase;
>
>
>
> // Get Secure Partition Manager Version Information
>
> Status = GetSpmVersion ();
>
> @@ -253,6 +254,7 @@ _ModuleEntryPoint (
> Status = GetStandaloneMmCorePeCoffSections (
>
> TeData,
>
> &ImageContext,
>
> + &ImageBase,
>
> &SectionHeaderOffset,
>
> &NumberOfSections
>
> );
>
> @@ -261,10 +263,21 @@ _ModuleEntryPoint (
> goto finish;
>
> }
>
>
>
> + //
>
> + // ImageBase may deviate from ImageContext.ImageAddress if we are
> dealing
>
> + // with a TE image, in which case the latter points to the actual offset
>
> + // of the image, whereas ImageBase refers to the address where the image
>
> + // would start if the stripped PE headers were still in place. In either
>
> + // case, we need to fix up ImageBase so it refers to the actual current
>
> + // load address.
>
> + //
>
> + ImageBase += (UINTN)TeData - ImageContext.ImageAddress;
>
> +
>
> // Update the memory access permissions of individual sections in the
>
> // Standalone MM core module
>
> Status = UpdateMmFoundationPeCoffPermissions (
>
> &ImageContext,
>
> + ImageBase,
>
> SectionHeaderOffset,
>
> NumberOfSections,
>
> ArmSetMemoryRegionNoExec,
>
> @@ -276,6 +289,15 @@ _ModuleEntryPoint (
> goto finish;
>
> }
>
>
>
> + if (ImageContext.ImageAddress != (UINTN)TeData) {
>
> + ImageContext.ImageAddress = (UINTN)TeData;
>
> + ArmSetMemoryRegionNoExec (ImageBase, SIZE_4KB);
>
> + ArmClearMemoryRegionReadOnly (ImageBase, SIZE_4KB);
>
> +
>
> + Status = PeCoffLoaderRelocateImage (&ImageContext);
>
> + ASSERT_EFI_ERROR (Status);
>
> + }
>
> +
>
> //
>
> // Create Hoblist based upon boot information passed by privileged software
>
> //
>
> --
> 2.26.2
>
>
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
>
> View/Reply Online (#61043): https://edk2.groups.io/g/devel/message/61043
> Mute This Topic: https://groups.io/mt/74792292/1772286
> Group Owner: devel+owner@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub [jiewen.yao@intel.com]
> -=-=-=-=-=-=
next prev parent reply other threads:[~2020-06-14 12:37 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-10 8:17 [PATCH 0/5] StandaloneMmPkg: make StMM core relocatable Ard Biesheuvel
2020-06-10 8:17 ` [PATCH 1/5] MdePkg/BasePrintLib: avoid absolute addresses for error strings Ard Biesheuvel
2020-06-10 8:37 ` Ard Biesheuvel
2020-06-10 15:09 ` [edk2-devel] " Michael D Kinney
2020-06-10 16:39 ` Ard Biesheuvel
2020-06-10 8:17 ` [PATCH 2/5] StandaloneMmPkg/Core: fix bogus FV pointer in DEBUG string Ard Biesheuvel
2020-06-14 12:35 ` [edk2-devel] " Yao, Jiewen
2020-06-15 12:42 ` Sami Mujawar
2020-06-10 8:17 ` [PATCH 3/5] StandaloneMmPkg/Core: add missing GUID reference Ard Biesheuvel
2020-06-14 12:36 ` Yao, Jiewen
2020-06-15 12:49 ` [edk2-devel] " Sami Mujawar
2020-06-10 8:17 ` [PATCH 4/5] StandaloneMmPkg: generate position independent code for StMM core Ard Biesheuvel
2020-06-10 18:21 ` [edk2-devel] " Sean
2020-06-10 18:33 ` Ard Biesheuvel
2020-06-14 12:38 ` Yao, Jiewen
2020-06-10 8:17 ` [PATCH 5/5] StandaloneMmPkg/StandaloneMmCoreEntryPoint: relocate StMM core on the fly Ard Biesheuvel
2020-06-14 12:37 ` Yao, Jiewen [this message]
2020-06-15 13:59 ` [edk2-devel] " Sami Mujawar
2020-06-15 14:12 ` Ard Biesheuvel
2020-06-15 14:40 ` Sami Mujawar
2020-06-10 10:21 ` [PATCH 0/5] StandaloneMmPkg: make StMM core relocatable Ilias Apalodimas
2020-06-12 9:58 ` Ard Biesheuvel
2020-06-16 16:16 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BL0PR11MB3412C8CA0A71B68C83A3043F8C9F0@BL0PR11MB3412.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox