From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Kun Qin <kun.q@outlook.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>,
Sami Mujawar <sami.mujawar@arm.com>,
Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Subject: Re: [PATCH v1 04/15] StandaloneMmPkg: StandaloneMmMemLib: Extends support for X64 architecture
Date: Mon, 28 Dec 2020 06:24:02 +0000 [thread overview]
Message-ID: <CY4PR11MB12884DC5C03B889A355735808CD90@CY4PR11MB1288.namprd11.prod.outlook.com> (raw)
In-Reply-To: <MWHPR06MB31029087C07954C196EE0E08F3D90@MWHPR06MB3102.namprd06.prod.outlook.com>
[-- Attachment #1: Type: text/plain, Size: 6695 bytes --]
I am not familiar with AArch64. So I will let ARM people comment it.
For X86, I think it is security hole, if we do not fill mMmMemLibInternalMmramRanges.
A partial fix with known security vulnerability is not the best idea.
I prefer to we give a full fix, or no fix it in V2.
Thank you
Yao Jiewen
From: Kun Qin <kun.q@outlook.com>
Sent: Monday, December 28, 2020 12:15 PM
To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>; Sami Mujawar <sami.mujawar@arm.com>; Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Subject: RE: [PATCH v1 04/15] StandaloneMmPkg: StandaloneMmMemLib: Extends support for X64 architecture
Hi Jiewen,
I did not fill these 2 variables for this patch because I thought to follow up fix for this issue separately because the AARCH64 instance does not fill it either and I meant for this patch to solely extends the coverage to x64 (and IA32). But please let me know if you think otherwise, I can add the x64 fix in this patch as well. But I do not have fix for AARCH64 since I am not familiar with how it should work.
Thanks,
Kun
From: Yao, Jiewen<mailto:jiewen.yao@intel.com>
Sent: Sunday, December 27, 2020 16:18
To: Kun Qin<mailto:kun.q@outlook.com>; devel@edk2.groups.io<mailto:devel@edk2.groups.io>
Cc: Ard Biesheuvel<mailto:ard.biesheuvel@arm.com>; Sami Mujawar<mailto:sami.mujawar@arm.com>; Supreeth Venkatesh<mailto:supreeth.venkatesh@arm.com>
Subject: RE: [PATCH v1 04/15] StandaloneMmPkg: StandaloneMmMemLib: Extends support for X64 architecture
May I know where is the code to fill below?
EFI_MMRAM_DESCRIPTOR *mMmMemLibInternalMmramRanges;
UINTN mMmMemLibInternalMmramCount;
> -----Original Message-----
> From: Kun Qin <kun.q@outlook.com<mailto:kun.q@outlook.com>>
> Sent: Saturday, December 19, 2020 2:50 AM
> To: devel@edk2.groups.io<mailto:devel@edk2.groups.io>
> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com<mailto:ard.biesheuvel@arm.com>>; Sami Mujawar
> <sami.mujawar@arm.com<mailto:sami.mujawar@arm.com>>; Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; Supreeth
> Venkatesh <supreeth.venkatesh@arm.com<mailto:supreeth.venkatesh@arm.com>>
> Subject: [PATCH v1 04/15] StandaloneMmPkg: StandaloneMmMemLib:
> Extends support for X64 architecture
>
> This change extends StandaloneMmMemLib library to support X64
> architecture. The implementation is ported from
> MdePkg/Library/SmmMemLib.
>
> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com<mailto:ard.biesheuvel@arm.com>>
> Cc: Sami Mujawar <sami.mujawar@arm.com<mailto:sami.mujawar@arm.com>>
> Cc: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Cc: Supreeth Venkatesh <supreeth.venkatesh@arm.com<mailto:supreeth.venkatesh@arm.com>>
>
> Signed-off-by: Kun Qin <kun.q@outlook.com<mailto:kun.q@outlook.com>>
> ---
>
> StandaloneMmPkg/Library/StandaloneMmMemLib/X64/StandaloneMmMe
> mLibInternal.c | 67 ++++++++++++++++++++
>
> StandaloneMmPkg/Library/StandaloneMmMemLib/StandaloneMmMemLib
> .inf | 6 +-
> 2 files changed, 72 insertions(+), 1 deletion(-)
>
> diff --git
> a/StandaloneMmPkg/Library/StandaloneMmMemLib/X64/StandaloneMm
> MemLibInternal.c
> b/StandaloneMmPkg/Library/StandaloneMmMemLib/X64/StandaloneMm
> MemLibInternal.c
> new file mode 100644
> index 000000000000..c5e21c583f44
> --- /dev/null
> +++
> b/StandaloneMmPkg/Library/StandaloneMmMemLib/X64/StandaloneMm
> MemLibInternal.c
> @@ -0,0 +1,67 @@
> +/** @file
> + Internal ARCH Specific file of MM memory check library.
> +
> + MM memory check library implementation. This library consumes
> MM_ACCESS_PROTOCOL
> + to get MMRAM information. In order to use this library instance, the
> platform should produce
> + all MMRAM range via MM_ACCESS_PROTOCOL, including the range for
> firmware (like MM Core
> + and MM driver) and/or specific dedicated hardware.
> +
> + Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
> + Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.<BR>
> +
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +#include <Library/BaseLib.h>
> +#include <Library/BaseMemoryLib.h>
> +#include <Library/DebugLib.h>
> +#include <Library/HobLib.h>
> +//
> +// Maximum support address used to check input buffer
> +//
> +extern EFI_PHYSICAL_ADDRESS
> mMmMemLibInternalMaximumSupportAddress;
> +
> +/**
> + Calculate and save the maximum support address.
> +
> +**/
> +VOID
> +MmMemLibInternalCalculateMaximumSupportAddress (
> + VOID
> + )
> +{
> + VOID *Hob;
> + UINT32 RegEax;
> + UINT8 PhysicalAddressBits;
> +
> + //
> + // Get physical address bits supported.
> + //
> + Hob = GetFirstHob (EFI_HOB_TYPE_CPU);
> + if (Hob != NULL) {
> + PhysicalAddressBits = ((EFI_HOB_CPU *) Hob)->SizeOfMemorySpace;
> + } else {
> + AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);
> + if (RegEax >= 0x80000008) {
> + AsmCpuid (0x80000008, &RegEax, NULL, NULL, NULL);
> + PhysicalAddressBits = (UINT8) RegEax;
> + } else {
> + PhysicalAddressBits = 36;
> + }
> + }
> + //
> + // IA-32e paging translates 48-bit linear addresses to 52-bit physical
> addresses.
> + //
> + ASSERT (PhysicalAddressBits <= 52);
> + if (PhysicalAddressBits > 48) {
> + PhysicalAddressBits = 48;
> + }
> +
> + //
> + // Save the maximum support address in one global variable
> + //
> + mMmMemLibInternalMaximumSupportAddress =
> (EFI_PHYSICAL_ADDRESS)(UINTN)(LShiftU64 (1, PhysicalAddressBits) - 1);
> + DEBUG ((DEBUG_INFO, "mMmMemLibInternalMaximumSupportAddress
> = 0x%lx\n", mMmMemLibInternalMaximumSupportAddress));
> +}
> +
> +
> diff --git
> a/StandaloneMmPkg/Library/StandaloneMmMemLib/StandaloneMmMem
> Lib.inf
> b/StandaloneMmPkg/Library/StandaloneMmMemLib/StandaloneMmMem
> Lib.inf
> index 49da02e54e6d..65ad0a48905c 100644
> ---
> a/StandaloneMmPkg/Library/StandaloneMmMemLib/StandaloneMmMem
> Lib.inf
> +++
> b/StandaloneMmPkg/Library/StandaloneMmMemLib/StandaloneMmMem
> Lib.inf
> @@ -26,12 +26,15 @@ [Defines]
> #
> # The following information is for reference only and not required by the
> build tools.
> #
> -# VALID_ARCHITECTURES = AARCH64
> +# VALID_ARCHITECTURES = X64 AARCH64
> #
>
> [Sources.Common]
> StandaloneMmMemLib.c
>
> +[Sources.X64]
> + X64/StandaloneMmMemLibInternal.c
> +
> [Sources.AARCH64]
> AArch64/StandaloneMmMemLibInternal.c
>
> @@ -42,3 +45,4 @@ [Packages]
> [LibraryClasses]
> BaseMemoryLib
> DebugLib
> + HobLib
> --
> 2.28.0.windows.1
[-- Attachment #2: Type: text/html, Size: 11967 bytes --]
next prev parent reply other threads:[~2020-12-28 6:24 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20201218185011.1366-1-kun.q@outlook.com>
2020-12-18 18:49 ` [PATCH v1 01/15] StandaloneMmPkg: StandaloneMmCoreEntryPoint: Extends support for X64 Kun Qin
2020-12-28 0:11 ` [edk2-devel] " Yao, Jiewen
2020-12-18 18:49 ` [PATCH v1 02/15] StandaloneMmPkg: StandaloneMmCoreHobLib: Extend support for x64 Mm Core Kun Qin
2020-12-28 0:12 ` Yao, Jiewen
2021-03-24 20:33 ` [edk2-devel] " Dawn
2020-12-18 18:49 ` [PATCH v1 03/15] StandaloneMmPkg: StandaloneMmCoreMemoryAllocationLib: Fix compiler warning Kun Qin
2020-12-28 0:14 ` Yao, Jiewen
2020-12-28 4:07 ` Kun Qin
2020-12-18 18:50 ` [PATCH v1 04/15] StandaloneMmPkg: StandaloneMmMemLib: Extends support for X64 architecture Kun Qin
2020-12-28 0:18 ` Yao, Jiewen
2020-12-28 4:15 ` Kun Qin
2020-12-28 6:24 ` Yao, Jiewen [this message]
2020-12-28 6:36 ` Kun Qin
2020-12-28 6:37 ` [edk2-devel] " Yao, Jiewen
2020-12-18 18:50 ` [PATCH v1 05/15] MdeModulePkg: SmmLockBoxSmmLib: Support StandaloneMm for SmmLockBoxLib Kun Qin
2020-12-22 8:35 ` [edk2-devel] " Wu, Hao A
2020-12-18 18:50 ` [PATCH v1 06/15] MdeModulePkg: SmmReportStatusCodeLib: ReportStatusCodeLib in StandaloneMm Kun Qin
2020-12-22 8:35 ` [edk2-devel] " Wu, Hao A
2020-12-22 19:15 ` Kun Qin
2020-12-23 6:09 ` Wu, Hao A
2020-12-24 1:53 ` 回复: " gaoliming
2020-12-24 9:11 ` Kun Qin
2020-12-29 1:23 ` 回复: " gaoliming
2020-12-29 1:31 ` Kun Qin
2020-12-18 18:50 ` [PATCH v1 07/15] MdeModulePkg: FirmwarePerformanceDataTable: Added StandaloneMm support Kun Qin
2020-12-22 8:36 ` Wu, Hao A
2020-12-22 20:06 ` [edk2-devel] " Kun Qin
2020-12-18 18:50 ` [PATCH v1 08/15] MdeModulePkg: ReportStatusCodeRouter: Support StandaloneMm RSC Router Kun Qin
2020-12-22 8:42 ` Wu, Hao A
2020-12-18 18:50 ` [PATCH v1 09/15] MdePkg: UefiDevicePathLib: Support UefiDevicePathLib under StandaloneMm Kun Qin
2021-01-04 18:32 ` [edk2-devel] " Kun Qin
2021-01-05 13:25 ` 回复: " gaoliming
2020-12-18 18:50 ` [PATCH v1 10/15] PcAtChipsetPkg: AcpiTimerLib: Added StandaloneMm instance of AcpiTimerLib Kun Qin
2021-01-04 18:30 ` [edk2-devel] " Kun Qin
2020-12-18 18:50 ` [PATCH v1 11/15] SecurityPkg: Tcg2PhysicalPresenceLib: Introduce StandaloneMm instance Kun Qin
2020-12-28 0:08 ` Yao, Jiewen
2020-12-18 18:50 ` [PATCH v1 12/15] SecurityPkg: Tcg2PpVendorLibNull: Added support for MM_STANDALONE type Kun Qin
2020-12-28 0:08 ` Yao, Jiewen
2020-12-18 18:50 ` [PATCH v1 13/15] SecurityPkg: Tpm2DeviceLibDTpm: Introduce StandaloneMm instance Kun Qin
2020-12-28 0:08 ` Yao, Jiewen
2020-12-18 18:50 ` [PATCH v1 14/15] UefiCpuPkg: CpuIo2Smm: Support of CpuIo driver under StandaloneMm Kun Qin
2021-01-04 18:31 ` [edk2-devel] " Kun Qin
2020-12-18 18:50 ` [PATCH v1 15/15] UefiCpuPkg: SmmCpuExceptionHandlerLib: Added StandaloneMm module support Kun Qin
2021-01-04 18:30 ` [edk2-devel] " Kun Qin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CY4PR11MB12884DC5C03B889A355735808CD90@CY4PR11MB1288.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox