From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:4864:20::d2e; helo=mail-io1-xd2e.google.com; envelope-from=ard.biesheuvel@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-io1-xd2e.google.com (mail-io1-xd2e.google.com [IPv6:2607:f8b0:4864:20::d2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 9C89121197374 for ; Mon, 14 Jan 2019 10:51:27 -0800 (PST) Received: by mail-io1-xd2e.google.com with SMTP id v10so5843ios.13 for ; Mon, 14 Jan 2019 10:51:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=bQp2ZV76LG4WIgKe/062MzSaYOX+hVR8JfDWII6iW1Y=; b=VS5AMlq0y2rqIJ6c7gLzXCn+QNjMDZ7+cYtQ2V6SQjEJFYHKRKeNwrO1z4quWSmVe4 jeoH19yRbnkRWNuYRA/K9ScKa4ZQIXWUdrEwT0HuaStBh7/ck89ZSD/lK+OXa9hIg4a7 dCEV6GEo208bbTiZpWjru/DoRZcy+xl0uMUV8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=bQp2ZV76LG4WIgKe/062MzSaYOX+hVR8JfDWII6iW1Y=; b=JgmQUEhUoqTrViMcKW6gNByR2wqABWCPWaayDXu6eUOPHn4dgiy4wc2yMRXFQv7BD/ J/D0B3QJ4dtGdxSr2nj/wcOt/9btBvYwhP0yE3CTn/PSNWQOj/NVvJ2748zi6rzdZgN8 QbTCcfRSF8EGAsnyLJlZZ5HxubZxwHg6mCIPls9aeLc6V8vCredhosi93QqhlJfX8opg 2MOWVp+0t54xWbradndK6FbGXSsnkO5eFWba7/zuF7fZj/Ca19WH44jojhkXvy75gN1/ gspJ1VvT79mFNMBxso1OHMjua5P4F1moQK2jxn73QGEEBPKDqFe75nbx74uW3SpZVFJk 4bNQ== X-Gm-Message-State: AJcUukd2uuDjQxxf4QUFKgO/xgjFC4bt+Jffk4tD+7U29Gvf5yF5JTY3 J24/Fieu71mXOufqZCydNpFqwbeC/4z3ElH7cOyD9w== X-Google-Smtp-Source: ALg8bN43WPEaPfsC8/XpUF+J7/5fgsieLXDRP8S8nyQIQujIcnUDVcZNUNqhPvXdZw5FIR37MDMVgTvspWllvpPqSh0= X-Received: by 2002:a5e:c206:: with SMTP id v6mr17876501iop.60.1547491886657; Mon, 14 Jan 2019 10:51:26 -0800 (PST) MIME-Version: 1.0 References: <1546434828-24405-1-git-send-email-jagadeesh.ujja@arm.com> <1546434828-24405-5-git-send-email-jagadeesh.ujja@arm.com> <8a6e1c80-5b6e-e337-06af-5992bc38a844@redhat.com> <20190107185012.GF14419@e104320-lin> <20190107192137.GG14419@e104320-lin> In-Reply-To: From: Ard Biesheuvel Date: Mon, 14 Jan 2019 19:51:15 +0100 Message-ID: To: "Cohen, Eugene" Cc: Achin Gupta , "edk2-devel@lists.01.org" , "Gao, Liming" , "Kinney, Michael D" , nd , Laszlo Ersek , "Zhang, Chao B" Subject: Re: [PATCH v2 04/11] MdePkg/Include: Add StandaloneMmServicesTableLib library X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jan 2019 18:51:27 -0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Sun, 13 Jan 2019 at 13:42, Cohen, Eugene wrote: > > I saw this thread earlier this week and wanted to chime in. > > > > Also, there are some other pieces missing (which I mentioned in one o= f > > > the other threads but I suppose you may not have caught up yet): > > > EndOfDxe (as well as some other PI defined events) needs to be > > > signalled to the standalone MM context by some non-MM agent, and I > > > think there are other parts of the traditional SMM IPL that have not > > > been ported to standalone MM yet. > > I haven't been following closely the state of StandaloneMmPkg on edk2 - = as we were ready to sync up some of our earlier MM stuff to edk2 I learned = that the support in place is only partial as patches have been coming in sl= owly so we chose to implement a version based on the early joint prototype = work we did ("uefiproto" repo). In this there is a DXE component that prod= uces the SMM Communication protocol and also ensures that when key GUIDed e= vents occur in DXE that they are forwarded to MM including EndOfDxe. > > I don't see a strong argument for not forwarding the event signaling info= rmation to MM - MM can either use the information or ignore it as it sees f= it. I can see scenarios around variable services where knowing what phase = of boot the normal world is in is necessary. > I agree. If the normal world firmware is guaranteed to signal EndOfDxe before loading any third party modules, it is not unreasonable to use this on the secure side as a trust indicator as well.