From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.31; helo=mga06.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 00DE4211AEA7A for ; Wed, 9 Jan 2019 17:50:22 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Jan 2019 17:50:22 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,459,1539673200"; d="scan'208";a="265920908" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by orsmga004.jf.intel.com with ESMTP; 09 Jan 2019 17:50:22 -0800 Received: from fmsmsx102.amr.corp.intel.com (10.18.124.200) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.408.0; Wed, 9 Jan 2019 17:50:21 -0800 Received: from shsmsx154.ccr.corp.intel.com (10.239.6.54) by FMSMSX102.amr.corp.intel.com (10.18.124.200) with Microsoft SMTP Server (TLS) id 14.3.408.0; Wed, 9 Jan 2019 17:50:21 -0800 Received: from shsmsx107.ccr.corp.intel.com ([169.254.9.239]) by SHSMSX154.ccr.corp.intel.com ([169.254.7.46]) with mapi id 14.03.0415.000; Thu, 10 Jan 2019 09:50:19 +0800 From: "Wang, Jian J" To: Ard Biesheuvel , "edk2-devel@lists.01.org" CC: Laszlo Ersek , Leif Lindholm , "Kinney, Michael D" , "Gao, Liming" , "Wu, Hao A" , Jagadeesh Ujja , Achin Gupta , Thomas Panakamattam Abraham , Sami Mujawar Thread-Topic: [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement standalone MM version Thread-Index: AQHUo5I2xLVK5z1lxE29Bp+oswvCiqWnxmEQ Date: Thu, 10 Jan 2019 01:50:19 +0000 Message-ID: References: <20190103182825.32231-1-ard.biesheuvel@linaro.org> <20190103182825.32231-8-ard.biesheuvel@linaro.org> In-Reply-To: <20190103182825.32231-8-ard.biesheuvel@linaro.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZTQ1ZTZiZTktYzI1Ni00MGY3LWIxMDktZTUxODk4YWFjNTkyIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiTkRnWm9BOGZSN0RldVorWUF1RjlqZitCN3JWM0s5RlFiQStuNENKMHErOHFiUDd2Wkx6N1dKbWhQQ0lRcDNIZyJ9 x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.0.400.15 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement standalone MM version X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jan 2019 01:50:23 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jian J Wang > -----Original Message----- > From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org] > Sent: Friday, January 04, 2019 2:28 AM > To: edk2-devel@lists.01.org > Cc: Ard Biesheuvel ; Laszlo Ersek > ; Leif Lindholm ; Kinney, > Michael D ; Gao, Liming ; > Wang, Jian J ; Wu, Hao A ; > Jagadeesh Ujja ; Achin Gupta > ; Thomas Panakamattam Abraham > ; Sami Mujawar > Subject: [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement > standalone MM version >=20 > Reuse most of the existing code to implement a variable runtime > driver that will be able to execute in the context of standalone > MM. >=20 > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Ard Biesheuvel > --- > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c | > 69 ++++++++++ > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | > 135 ++++++++++++++++++++ > 2 files changed, 204 insertions(+) >=20 > diff --git > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c > new file mode 100644 > index 000000000000..fbc99467c057 > --- /dev/null > +++ > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c > @@ -0,0 +1,69 @@ > +/** @file > + > + Parts of the SMM/MM implementation that are specific to standalone MM > + > +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved.
> +This program and the accompanying materials > +are licensed and made available under the terms and conditions of the BS= D > License > +which accompanies this distribution. The full text of the license may b= e found > at > +http://opensource.org/licenses/bsd-license.php > + > +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS > OR IMPLIED. > + > +**/ > + > +#include "Variable.h" > + > +BOOLEAN > +VariableSmmIsBufferOutsideSmmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64 Length > + ) > +{ > + return TRUE; > +} > + > +/** > + Notify the system that the SMM variable driver is ready > +**/ > +VOID > +VariableNotifySmmReady ( > + VOID > + ) > +{ > +} > + > +/** > + Notify the system that the SMM variable write driver is ready > +**/ > +VOID > +VariableNotifySmmWriteReady ( > + VOID > + ) > +{ > +} > + > +EFI_STATUS > +EFIAPI > +VariableServiceInitialize ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_MM_SYSTEM_TABLE *MmSystemTable > + ) > +{ > + return MmVariableServiceInitialize (); > +} > + > +/** > + Whether the TCG or TCG2 protocols are installed in the UEFI protocol > database. > + This information is used by the MorLock code to infer whether an exist= ing > + MOR variable is legitimate or not. > +**/ > +BOOLEAN > +VariableHaveTcgProtocols ( > + VOID > + ) > +{ > + return FALSE; > +} > diff --git > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf > new file mode 100644 > index 000000000000..54d647af914c > --- /dev/null > +++ > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf > @@ -0,0 +1,135 @@ > +## @file > +# Provides SMM variable service. > +# > +# This module installs SMM variable protocol into SMM protocol database= , > +# which can be used by SMM driver, and installs SMM variable protocol > +# into BS protocol database, which can be used to notify the SMM Runtim= e > +# Dxe driver that the SMM variable service is ready. > +# This module should be used with SMM Runtime DXE module together. The > +# SMM Runtime DXE module would install variable arch protocol and varia= ble > +# write arch protocol based on SMM variable module. > +# > +# Caution: This module requires additional review when modified. > +# This driver will have external input - variable data and communicate = buffer in > SMM mode. > +# This external input must be validated carefully to avoid security iss= ues such > as > +# buffer overflow or integer overflow. > +# The whole SMM authentication variable design relies on the integrit= y of > flash part and SMM. > +# which is assumed to be protected by platform. All variable code and > metadata in flash/SMM Memory > +# may not be modified without authorization. If platform fails to prote= ct these > resources, > +# the authentication service provided in this driver will be broken, an= d the > behavior is undefined. > +# > +# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
> +# This program and the accompanying materials > +# are licensed and made available under the terms and conditions of the = BSD > License > +# which accompanies this distribution. The full text of the license may = be found > at > +# http://opensource.org/licenses/bsd-license.php > +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" > BASIS, > +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER > EXPRESS OR IMPLIED. > +# > +## > + > +[Defines] > + INF_VERSION =3D 0x0001001A > + BASE_NAME =3D VariableStandaloneMm > + FILE_GUID =3D 7ee2c0c1-c21a-4113-a53a-66824a95696= f > + MODULE_TYPE =3D MM_STANDALONE > + VERSION_STRING =3D 1.0 > + PI_SPECIFICATION_VERSION =3D 0x00010032 > + ENTRY_POINT =3D VariableServiceInitialize > + > +# > +# The following information is for reference only and not required by th= e build > tools. > +# > +# VALID_ARCHITECTURES =3D AARCH64 > +# > + > + > +[Sources] > + Reclaim.c > + Variable.c > + VariableSmm.c > + VariableStandaloneMm.c > + VarCheck.c > + Variable.h > + PrivilegePolymorphic.h > + VariableExLib.c > + TcgMorLockSmm.c > + SpeculationBarrierSmm.c > + > +[Packages] > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + StandaloneMmPkg/StandaloneMmPkg.dec > + > +[LibraryClasses] > + AuthVariableLib > + BaseLib > + BaseMemoryLib > + DebugLib > + HobLib > + MemoryAllocationLib > + MmServicesTableLib > + StandaloneMmDriverEntryPoint > + SynchronizationLib > + VarCheckLib > + > +[Protocols] > + gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES > + ## CONSUMES > + ## NOTIFY > + gEfiSmmFaultTolerantWriteProtocolGuid > + ## PRODUCES > + ## UNDEFINED # SmiHandlerRegister > + gEfiSmmVariableProtocolGuid > + gEfiMmEndOfDxeProtocolGuid ## NOTIFY > + gEdkiiSmmVarCheckProtocolGuid ## PRODUCES > + > +[Guids] > + ## SOMETIMES_CONSUMES ## GUID # Signature of Variable store header > + ## SOMETIMES_PRODUCES ## GUID # Signature of Variable store header > + ## SOMETIMES_CONSUMES ## HOB > + ## SOMETIMES_PRODUCES ## SystemTable > + gEfiAuthenticatedVariableGuid > + > + ## SOMETIMES_CONSUMES ## GUID # Signature of Variable store header > + ## SOMETIMES_PRODUCES ## GUID # Signature of Variable store header > + ## SOMETIMES_CONSUMES ## HOB > + ## SOMETIMES_PRODUCES ## SystemTable > + gEfiVariableGuid > + > + ## SOMETIMES_CONSUMES ## Variable:L"PlatformLang" > + ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang" > + ## SOMETIMES_CONSUMES ## Variable:L"Lang" > + ## SOMETIMES_PRODUCES ## Variable:L"Lang" > + gEfiGlobalVariableGuid > + > + gEfiMemoryOverwriteControlDataGuid ## SOMETIMES_CONSUMES = ## > Variable:L"MemoryOverwriteRequestControl" > + gEfiMemoryOverwriteRequestControlLockGuid ## SOMETIMES_PRODUCES > ## Variable:L"MemoryOverwriteRequestControlLock" > + > + gEfiSystemNvDataFvGuid ## CONSUMES = ## GUID > + gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES = ## HOB > + > + ## SOMETIMES_CONSUMES ## Variable:L"VarErrorFlag" > + ## SOMETIMES_PRODUCES ## Variable:L"VarErrorFlag" > + gEdkiiVarErrorFlagGuid > + > +[FixedPcd] > + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## > CONSUMES > + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## > SOMETIMES_CONSUMES > + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## > CONSUMES > + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## > CONSUMES > + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize ## > CONSUMES > + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize ## > CONSUMES > + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## > CONSUMES > + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## > CONSUMES > + gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## > CONSUMES > + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxUserNvVariableSpaceSize > ## CONSUMES > + > gEfiMdeModulePkgTokenSpaceGuid.PcdBoottimeReservedNvVariableSpaceSize > ## CONSUMES > + gEfiMdeModulePkgTokenSpaceGuid.PcdReclaimVariableSpaceAtEndOfDxe > ## CONSUMES > + > +[FeaturePcd] > + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## > CONSUMES # statistic the information of variable. > + gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## > CONSUMES # Auto update PlatformLang/Lang > + > +[Depex] > + TRUE > -- > 2.17.1