From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.27375.1592138274427769811 for ; Sun, 14 Jun 2020 05:37:54 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=EQsUQGLd; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: jiewen.yao@intel.com) IronPort-SDR: hAJ19KISt3fUkujORlQvlOehDCW4dfzc5+OVBxbCAFT8u2ttTtKRzwLjd7qAmcwAS7sKWwcj7A xbeBgv0xQziA== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Jun 2020 05:37:54 -0700 IronPort-SDR: e0VhSlBbVPaQXpayHYdtI2TMtJg3PpSpacJkLuWAaxZbrOFrzT4iFKdneDTxgvzLfkeAIa5jhl X1ZQPePe44bA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,511,1583222400"; d="scan'208";a="316323235" Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204]) by FMSMGA003.fm.intel.com with ESMTP; 14 Jun 2020 05:37:54 -0700 Received: from fmsmsx118.amr.corp.intel.com (10.18.116.18) by FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS) id 14.3.439.0; Sun, 14 Jun 2020 05:37:53 -0700 Received: from FMSEDG002.ED.cps.intel.com (10.1.192.134) by fmsmsx118.amr.corp.intel.com (10.18.116.18) with Microsoft SMTP Server (TLS) id 14.3.439.0; Sun, 14 Jun 2020 05:37:53 -0700 Received: from NAM04-SN1-obe.outbound.protection.outlook.com (104.47.44.57) by edgegateway.intel.com (192.55.55.69) with Microsoft SMTP Server (TLS) id 14.3.439.0; Sun, 14 Jun 2020 05:37:53 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cP/woAZZ2BRg2TK9/CuOiDwlObeXBxayNuhOq4Z8Fqpt/5kXlJQld8SYpTLzx5upC/7o0wpbPkUSasQwaWk6Og/YA4o6ynUAMtGmBIIhFtwQybkvdc4NHlIcVd/vEY6eHLIcy890v8XUrjl/E/EFZ9hAgbYxYo0r/nSEIsBy+txxeIJ9hNoHSYOok+lW9wspULDZoycSNd4ac/ZUMl/34cjqv7AnzdEpxRHvj/iLj6pcY9PcLTcI5T3dBCQBLaKGOTdEgkwbVypU6u0f/UJKsemwNdNKDXChYFe5Rl2DaznDvw9XlynnEEP/pxBVLTpbX5CZJCo+o6mcKk94bR5igg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pPyAIa2LT43MDd21KYQAOPHstyr02K/ylT3MVr+lLVo=; b=odqYGi9rKezPL/D9oWLbPAyFWhhjzagOC2D5J1/UJHbUzDJl1PhJmePsKIuAQe9yFmV9KiBoyANqSJ9KIgWvI2s8ar78Po3PgCKPA4fKL/XP+4UvseeLLBrE30X2Kc0uWNPc4NKdTNZno4fdnjtXqicQ8LLKfo8jhZKg84R4/6i7uMHO6E9RlSswucNKNVhNa9dPVGZIYeWUgF+oWLza6RwO9RNnwzJ4Mn7RTJnZBbXl9U586jHw/Q1PyTqSj/Ws5etYtTAO8DS/O4GNSynGx1Zt0vdLobNFs9+uGjyONBUlBHJJqo3drLKNCWcI7yh/b1eo3/d6RxiL+stmwpcSyw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pPyAIa2LT43MDd21KYQAOPHstyr02K/ylT3MVr+lLVo=; b=EQsUQGLd9RjJxCeZkfDN1Yj+4AKiLzrmwtvm+yKGH62zNo09MuRJNnret+gsEP39YhH83FZazV0r8haC2Kpi+7A020NFmoXA5g7d5HZUVr3IPfXRpPn6jFLgsPXTFSWkMK7udVvD+MtxMb1GWr6XSCx/7wW+o05IXQzHa6yq7V4= Received: from BL0PR11MB3412.namprd11.prod.outlook.com (2603:10b6:208:7c::32) by MN2PR11MB4397.namprd11.prod.outlook.com (2603:10b6:208:190::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3088.24; Sun, 14 Jun 2020 12:37:52 +0000 Received: from BL0PR11MB3412.namprd11.prod.outlook.com ([fe80::a0dd:b860:2661:de87]) by BL0PR11MB3412.namprd11.prod.outlook.com ([fe80::a0dd:b860:2661:de87%6]) with mapi id 15.20.3088.028; Sun, 14 Jun 2020 12:37:52 +0000 From: "Yao, Jiewen" To: "devel@edk2.groups.io" , "ard.biesheuvel@arm.com" CC: "Kinney, Michael D" , "Gao, Liming" , Sami Mujawar , Ilias Apalodimas Subject: Re: [edk2-devel] [PATCH 5/5] StandaloneMmPkg/StandaloneMmCoreEntryPoint: relocate StMM core on the fly Thread-Topic: [edk2-devel] [PATCH 5/5] StandaloneMmPkg/StandaloneMmCoreEntryPoint: relocate StMM core on the fly Thread-Index: AQHWPv+utDgS6UYZCUuTElcDLsV3HKjYEwow Date: Sun, 14 Jun 2020 12:37:51 +0000 Message-ID: References: <20200610081740.54581-1-ard.biesheuvel@arm.com> <20200610081740.54581-6-ard.biesheuvel@arm.com> In-Reply-To: <20200610081740.54581-6-ard.biesheuvel@arm.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiOGUwZThjMGUtZDM3Ni00ODhhLTk3MTktODczMzdkYjg4ZTM0IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiNWw4YnlOczJUXC9cL3BuV2tldWI0aVM5dTV5ZUhtNVpXYnB6YlhIeWlhaTFDNlZBV0J5SHJMRUpRSE9XODhNSkVjIn0= x-ctpclassification: CTP_NT dlp-version: 11.2.0.6 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.55.52.207] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: eca6885b-127c-41fa-4927-08d8105fc12a x-ms-traffictypediagnostic: MN2PR11MB4397: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-forefront-prvs: 04347F8039 x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 2BuuEuHszCLpmEKh7oOIr70Ho/22CIqY6o/AZr1vuIh7GvKO1J35hXZiKlqVvz35vALwUtUxbjDMA6LACkZfNbt1zRPqZ3OShBJ9u5B4l4SW3jkVeOm9n+5uyJBRcxHmsJfZzcJpwo+IX0ddEHkY1SbZgH9g5gdcDpfClT9wwco6f6xnoo5B4BnMkyDCydWpRenuLzLg2SI2S68De+7RjDDfWr6GMGMXpVRNxtTcypODl3CYPVFG0iSZEFzlPltRCliX6Coo8I1f+ImV3ySUDjhmGPRqKH6pTn9UYgTS8EX2qhcVZ27+kPHZN2J4lJFCHYL41cRxnQza0mtOQz1w1jHLJ8I7FkIXjHwRkKVjCsRuCQC+OYxNwdjLjU3uegSx+qRFsMACeAIIV6839a/VDQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR11MB3412.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(6029001)(346002)(366004)(376002)(136003)(39860400002)(396003)(8936002)(9686003)(8676002)(6506007)(66446008)(76116006)(66946007)(966005)(66556008)(66476007)(53546011)(4326008)(478600001)(2906002)(186003)(64756008)(86362001)(55016002)(83380400001)(26005)(71200400001)(33656002)(110136005)(54906003)(7696005)(5660300002)(52536014)(316002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: ghcqOk3RG7Sp2PhrXf0a3E9+q0IpWhDrYDwxK6oZH23v4r1MpUMvTTgu3pQQRNpuWYfwt6+A+a5b7zlXHH5D8jlXGk29ErKl4UFZ1pSuLWQqY9US1cpxfMq0aCh4Bq+beKqqFqsVNinggMRDVjQA3qviN42uGuIJ4Ka0AY0R2M+GAHPWJkaUxjgD8L62aw2j1ttU15b4VTcH3SEMF/e0N094fiRNhbI9jAYft6gaBTLmfgneASfHv4ljGlOmdoBiLoYCI8kKg/f2amI6VstKk8K/tpymmhUs9F6pNLxIvtqowQIMr9YPOQ1V0r0CAoxZg6YBlaLCdTtMjem5XtL75JN8e0akdWu7l0mUWu+FYvD8vpQcB8bFLGXkR5l9OrmQRB2RFsa3RckE26AK6gkP2gCrys88IDAIRvjvzo5eadIBY/mj/4oK97NidWvyHkuOXbhNnzFaDEpy7vrUUxUVBaRQV4SNAGMW8wuskPLQ968= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: eca6885b-127c-41fa-4927-08d8105fc12a X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jun 2020 12:37:51.9817 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: GGYKpEQB3eLNufUiLxNbkAwJx+EbLbJyD3B7LaYr537Lk9ujB2A7iE/UE7QTAnxk0nY2GFVBs2FwYhL71XLnaw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4397 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Acked-by: Jiewen Yao I hope ARM expert can review this to double confirm. Thank you Yao Jiewen > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Ard > Biesheuvel > Sent: Wednesday, June 10, 2020 4:18 PM > To: devel@edk2.groups.io > Cc: Ard Biesheuvel ; Kinney, Michael D > ; Gao, Liming ; Yao, > Jiewen ; Sami Mujawar ; > Ilias Apalodimas > Subject: [edk2-devel] [PATCH 5/5] > StandaloneMmPkg/StandaloneMmCoreEntryPoint: relocate StMM core on the > fly >=20 > Apply PE/COFF fixups when starting up the standalone MM core, so that > it can execute at any address regardless of the link time address. >=20 > Note that this requires the PE/COFF image to be emitted with its > relocation section preserved. Special care is taken to ensure that > TE images are dealt with correctly as well. >=20 > Signed-off-by: Ard Biesheuvel > --- > StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h > | 2 ++ >=20 > StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermissi > ons.c | 11 +++++++--- >=20 > StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalone > MmCoreEntryPoint.c | 22 ++++++++++++++++++++ > 3 files changed, 32 insertions(+), 3 deletions(-) >=20 > diff --git > a/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h > b/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h > index 494bcf3dc28f..a3420699e6f1 100644 > --- > a/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h > +++ > b/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h > @@ -82,6 +82,7 @@ EFI_STATUS > EFIAPI >=20 > UpdateMmFoundationPeCoffPermissions ( >=20 > IN CONST PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext, >=20 > + IN EFI_PHYSICAL_ADDRESS ImageBase, >=20 > IN UINT32 SectionHeaderOffset, >=20 > IN CONST UINT16 NumberOfSections, >=20 > IN REGION_PERMISSION_UPDATE_FUNC TextUpdater, >=20 > @@ -107,6 +108,7 @@ EFIAPI > GetStandaloneMmCorePeCoffSections ( >=20 > IN VOID *TeData, >=20 > IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext, >=20 > + OUT EFI_PHYSICAL_ADDRESS *ImageBase, >=20 > IN OUT UINT32 *SectionHeaderOffset, >=20 > IN OUT UINT16 *NumberOfSections >=20 > ); >=20 > diff --git > a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermis > sions.c > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermis > sions.c > index 00f49c9d0558..bf9650d54629 100644 > --- > a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermis > sions.c > +++ > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermis > sions.c > @@ -29,6 +29,7 @@ EFI_STATUS > EFIAPI >=20 > UpdateMmFoundationPeCoffPermissions ( >=20 > IN CONST PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext, >=20 > + IN EFI_PHYSICAL_ADDRESS ImageBase, >=20 > IN UINT32 SectionHeaderOffset, >=20 > IN CONST UINT16 NumberOfSections, >=20 > IN REGION_PERMISSION_UPDATE_FUNC TextUpdater, >=20 > @@ -87,7 +88,7 @@ UpdateMmFoundationPeCoffPermissions ( > // if it is a writeable section then mark it appropriately as well. >=20 > // >=20 > if ((SectionHeader.Characteristics & EFI_IMAGE_SCN_MEM_EXECUTE) =3D= =3D 0) { >=20 > - Base =3D ImageContext->ImageAddress + SectionHeader.VirtualAddress= ; >=20 > + Base =3D ImageBase + SectionHeader.VirtualAddress; >=20 >=20 >=20 > TextUpdater (Base, SectionHeader.Misc.VirtualSize); >=20 >=20 >=20 > @@ -153,6 +154,7 @@ STATIC > EFI_STATUS >=20 > GetPeCoffSectionInformation ( >=20 > IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext, >=20 > + OUT EFI_PHYSICAL_ADDRESS *ImageBase, >=20 > OUT UINT32 *SectionHeaderOffset, >=20 > OUT UINT16 *NumberOfSections >=20 > ) >=20 > @@ -212,6 +214,7 @@ GetPeCoffSectionInformation ( > return Status; >=20 > } >=20 >=20 >=20 > + *ImageBase =3D ImageContext->ImageAddress; >=20 > if (!ImageContext->IsTeImage) { >=20 > ASSERT (Hdr.Pe32->Signature =3D=3D EFI_IMAGE_NT_SIGNATURE); >=20 >=20 >=20 > @@ -232,7 +235,7 @@ GetPeCoffSectionInformation ( > } else { >=20 > *SectionHeaderOffset =3D (UINTN)(sizeof (EFI_TE_IMAGE_HEADER)); >=20 > *NumberOfSections =3D Hdr.Te->NumberOfSections; >=20 > - ImageContext->ImageAddress -=3D (UINT32)Hdr.Te->StrippedSize - sizeo= f > (EFI_TE_IMAGE_HEADER); >=20 > + *ImageBase -=3D (UINT32)Hdr.Te->StrippedSize - sizeof > (EFI_TE_IMAGE_HEADER); >=20 > } >=20 > return RETURN_SUCCESS; >=20 > } >=20 > @@ -242,6 +245,7 @@ EFIAPI > GetStandaloneMmCorePeCoffSections ( >=20 > IN VOID *TeData, >=20 > IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext, >=20 > + OUT EFI_PHYSICAL_ADDRESS *ImageBase, >=20 > IN OUT UINT32 *SectionHeaderOffset, >=20 > IN OUT UINT16 *NumberOfSections >=20 > ) >=20 > @@ -255,7 +259,8 @@ GetStandaloneMmCorePeCoffSections ( >=20 >=20 > DEBUG ((DEBUG_INFO, "Found Standalone MM PE data - 0x%x\n", TeData)); >=20 >=20 >=20 > - Status =3D GetPeCoffSectionInformation (ImageContext, SectionHeaderOff= set, > NumberOfSections); >=20 > + Status =3D GetPeCoffSectionInformation (ImageContext, ImageBase, >=20 > + SectionHeaderOffset, NumberOfSections); >=20 > if (EFI_ERROR (Status)) { >=20 > DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM Core PE-COFF > Section information - %r\n", Status)); >=20 > return Status; >=20 > diff --git > a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon > eMmCoreEntryPoint.c > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon > eMmCoreEntryPoint.c > index 20723385113f..9cecfa667b90 100644 > --- > a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon > eMmCoreEntryPoint.c > +++ > b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalon > eMmCoreEntryPoint.c > @@ -225,6 +225,7 @@ _ModuleEntryPoint ( > VOID *HobStart; >=20 > VOID *TeData; >=20 > UINTN TeDataSize; >=20 > + EFI_PHYSICAL_ADDRESS ImageBase; >=20 >=20 >=20 > // Get Secure Partition Manager Version Information >=20 > Status =3D GetSpmVersion (); >=20 > @@ -253,6 +254,7 @@ _ModuleEntryPoint ( > Status =3D GetStandaloneMmCorePeCoffSections ( >=20 > TeData, >=20 > &ImageContext, >=20 > + &ImageBase, >=20 > &SectionHeaderOffset, >=20 > &NumberOfSections >=20 > ); >=20 > @@ -261,10 +263,21 @@ _ModuleEntryPoint ( > goto finish; >=20 > } >=20 >=20 >=20 > + // >=20 > + // ImageBase may deviate from ImageContext.ImageAddress if we are > dealing >=20 > + // with a TE image, in which case the latter points to the actual offs= et >=20 > + // of the image, whereas ImageBase refers to the address where the ima= ge >=20 > + // would start if the stripped PE headers were still in place. In eith= er >=20 > + // case, we need to fix up ImageBase so it refers to the actual curren= t >=20 > + // load address. >=20 > + // >=20 > + ImageBase +=3D (UINTN)TeData - ImageContext.ImageAddress; >=20 > + >=20 > // Update the memory access permissions of individual sections in the >=20 > // Standalone MM core module >=20 > Status =3D UpdateMmFoundationPeCoffPermissions ( >=20 > &ImageContext, >=20 > + ImageBase, >=20 > SectionHeaderOffset, >=20 > NumberOfSections, >=20 > ArmSetMemoryRegionNoExec, >=20 > @@ -276,6 +289,15 @@ _ModuleEntryPoint ( > goto finish; >=20 > } >=20 >=20 >=20 > + if (ImageContext.ImageAddress !=3D (UINTN)TeData) { >=20 > + ImageContext.ImageAddress =3D (UINTN)TeData; >=20 > + ArmSetMemoryRegionNoExec (ImageBase, SIZE_4KB); >=20 > + ArmClearMemoryRegionReadOnly (ImageBase, SIZE_4KB); >=20 > + >=20 > + Status =3D PeCoffLoaderRelocateImage (&ImageContext); >=20 > + ASSERT_EFI_ERROR (Status); >=20 > + } >=20 > + >=20 > // >=20 > // Create Hoblist based upon boot information passed by privileged sof= tware >=20 > // >=20 > -- > 2.26.2 >=20 >=20 > -=3D-=3D-=3D-=3D-=3D-=3D > Groups.io Links: You receive all messages sent to this group. >=20 > View/Reply Online (#61043): https://edk2.groups.io/g/devel/message/61043 > Mute This Topic: https://groups.io/mt/74792292/1772286 > Group Owner: devel+owner@edk2.groups.io > Unsubscribe: https://edk2.groups.io/g/devel/unsub [jiewen.yao@intel.com] > -=3D-=3D-=3D-=3D-=3D-=3D