From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from EUR01-VE1-obe.outbound.protection.outlook.com (EUR01-VE1-obe.outbound.protection.outlook.com [40.107.14.88]) by mx.groups.io with SMTP id smtpd.web12.7697.1611916162063864629 for ; Fri, 29 Jan 2021 02:29:22 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=TAvZwHxu; spf=pass (domain: arm.com, ip: 40.107.14.88, mailfrom: sami.mujawar@arm.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GSwJAR0a8ymwbiUX0q2i3iNNuHlGolknamTKLwRuZIo=; b=TAvZwHxu1xVIHB14DZEOolmwdaudZAnA3bqwd31ebedUkrS9C170Llj3ptKoapCSHB67XL68XrebNCn8pKozaiCXL/dF9uPCHCPefEgJPvwggkCqjKf5tZn8eGotYWla7F8FeHrx6ZkVio6+vTn086y0qd7cE5M49ztIH7WqDBk= Received: from AM6PR08CA0031.eurprd08.prod.outlook.com (2603:10a6:20b:c0::19) by AM6PR08MB4309.eurprd08.prod.outlook.com (2603:10a6:20b:bb::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.15; Fri, 29 Jan 2021 10:29:17 +0000 Received: from AM5EUR03FT013.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:c0:cafe::4c) by AM6PR08CA0031.outlook.office365.com (2603:10a6:20b:c0::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3805.16 via Frontend Transport; Fri, 29 Jan 2021 10:29:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; edk2.groups.io; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;edk2.groups.io; dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT013.mail.protection.outlook.com (10.152.16.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.11 via Frontend Transport; Fri, 29 Jan 2021 10:29:16 +0000 Received: ("Tessian outbound 2b57fdd78668:v71"); Fri, 29 Jan 2021 10:29:16 +0000 X-CR-MTA-TID: 64aa7808 Received: from b6e9b867faab.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 83DFEBDE-39A3-482B-B292-5E8D9456165B.1; Fri, 29 Jan 2021 10:29:11 +0000 Received: from EUR05-AM6-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id b6e9b867faab.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Fri, 29 Jan 2021 10:29:11 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ofDzgIYFx/TlF5Tsz+WKRJaQHIJrtPq2jjIVYcUseN//szVF5oR7wF4U3d2cpkmmreXiv6yzOhfIsdvT4dIROC3qvcMe/Bz74K6T/eyczwmI7vCwPPIbe2NHB8X+HgMZBCdcjhZFinvAiIbUAi2W2dxFwpwvkAJ1GLRBlVFNFvo5NP9/u0qTpXDr4D7OEPY7zIb+9lIGbRuh4shGNOLloTleQJv1j63F66YDwlOUCSJQ5XFIo5Dpa06QbSbnOQMq0LkUxaweEKH5PzyU5BZPWNujkgocVE+v/5S7BcPontE3DOHNwNJLP1IbaEtxy9Zvq9XSc8+i5oPDc2/5DV9QZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GSwJAR0a8ymwbiUX0q2i3iNNuHlGolknamTKLwRuZIo=; b=IsULg2g/XQl0kOz7NhJ/ue9QW3j1ZDv6MkemjJMJiregG/P3qFxNhyvnj+f8PNVwQPKzCMgnX+TKiL/+GKzYRH+HKMd7QNK+NWhZ2nvtDGaUkcbOFK2jF0TH++izUHUdu5cVyF3o+e6vsCQ4ESuxLk+qMnPGR3p+aq4j6+/4gEkuEwkvve6NAPIU3C4px7gHUVOB0CYsaUEXs4yGByG9AG9awJc1A6Ro/zxQhL5jrboviYhT7JRslox1ysqKXRYv9mlMDCZeMLU0PuudKPTPZe0OAvgZ4uz2m0hzbKdsmfXmXRnFSVz34PbZvfy7/wHs0MFU5EXUaApkh0YYM2s1Mw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GSwJAR0a8ymwbiUX0q2i3iNNuHlGolknamTKLwRuZIo=; b=TAvZwHxu1xVIHB14DZEOolmwdaudZAnA3bqwd31ebedUkrS9C170Llj3ptKoapCSHB67XL68XrebNCn8pKozaiCXL/dF9uPCHCPefEgJPvwggkCqjKf5tZn8eGotYWla7F8FeHrx6ZkVio6+vTn086y0qd7cE5M49ztIH7WqDBk= Received: from DB7PR08MB3097.eurprd08.prod.outlook.com (2603:10a6:5:1d::27) by DBBPR08MB6010.eurprd08.prod.outlook.com (2603:10a6:10:20a::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3763.10; Fri, 29 Jan 2021 10:29:09 +0000 Received: from DB7PR08MB3097.eurprd08.prod.outlook.com ([fe80::8c43:eec3:76be:9001]) by DB7PR08MB3097.eurprd08.prod.outlook.com ([fe80::8c43:eec3:76be:9001%4]) with mapi id 15.20.3784.021; Fri, 29 Jan 2021 10:29:09 +0000 From: "Sami Mujawar" To: Sughosh Ganu , "devel@edk2.groups.io" CC: "ardb+tianocore@kernel.org" , Leif Lindholm , Sahil Malhotra , Ilias Apalodimas , nd Subject: Re: [PATCH edk2-platforms v3 2/2] StMMRpmb: Add support for building StandaloneMm image for OP-TEE Thread-Topic: [PATCH edk2-platforms v3 2/2] StMMRpmb: Add support for building StandaloneMm image for OP-TEE Thread-Index: AQHW05v1A2Me7qtsTUqRPRmNXIhR6Ko+qGdA Date: Fri, 29 Jan 2021 10:29:09 +0000 Message-ID: References: <20201216110903.17995-1-sughosh.ganu@linaro.org> <20201216110903.17995-3-sughosh.ganu@linaro.org> In-Reply-To: <20201216110903.17995-3-sughosh.ganu@linaro.org> Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ts-tracking-id: 4C43D9E1ADE4864399BE2D8D2EB8BCA6.0 x-checkrecipientchecked: true Authentication-Results-Original: linaro.org; dkim=none (message not signed) header.d=none;linaro.org; dmarc=none action=none header.from=arm.com; x-originating-ip: [2a00:23c6:548a:4800:a85a:8907:8ce0:9f6e] x-ms-publictraffictype: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 12838d1b-2b4c-4386-0e7d-08d8c440bad8 x-ms-traffictypediagnostic: DBBPR08MB6010:|AM6PR08MB4309: X-Microsoft-Antispam-PRVS: x-checkrecipientrouted: true nodisclaimer: true x-ms-oob-tlc-oobclassifiers: OLM:1468;OLM:1468; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: f+Sm8Qhxz6+ck0BeAIdjnj6DEM84jAcs7gwL0S4X9pS7TCDvdCIO8U4BLlOcalihknQQDy7OUG0+/qx+t+tkHUW/+PQbLFtkdEm5NP+2209mg7sigjHL07027R+hVZY06hhKeg13BTmyGiguP+C8Qe8/V6Fv2YUx21oVZcPSQyxd5Yc01B3JYgMoMv+tg4gufCuz2MybNN/9FMCten3JeewSe00e5R2WpoDzK6r0JJTU2PXK5t8PlVM0m9twHkxyeghMfEYHUMlNH0dKM+Y7ePLSP7oeVE2n7JImRcbZG9o0EvOCSkdvkF0VGGd0RxfdPJsLtSb7aLHJFXzpFkmgzcTqXlCZX1mHnXNmbCpqhyIphLbf/8dV7AeevCZ0WHvap+2EP9MVO1Y8ktIv/zMFVKTQMAYD2ueV4WzvUvD28Qpbs7lfzQI+tWRSYbCN34ChuUgSIVVBSj3eLOVKgtdw4sUmqnAo/bW7CfcUUZGg0Zr14ZqQ9nin7aXaxE/2oOFxJ6P7qhtQlW1QkZmWeZfCUhy/4GIbCXGgJKbiVeB3oUetl/U1XHrye1DjnXmRR651+8rn+FqhS7tW111q022oFmwPjD7wXYbBy6sgJ2pKC/s= X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB7PR08MB3097.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(136003)(366004)(39860400002)(396003)(346002)(5660300002)(33656002)(71200400001)(66556008)(9686003)(55016002)(53546011)(4326008)(66446008)(2906002)(66946007)(6506007)(52536014)(86362001)(8936002)(966005)(64756008)(30864003)(66476007)(83380400001)(110136005)(76116006)(54906003)(7696005)(8676002)(478600001)(316002)(186003);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?EzibfSd7QsVJKn0sY0AhfzXNtCjPsetEY9n1CO/s3H861qSx/ldvPmy+osDo?= =?us-ascii?Q?5NwbfWgB4HjgrFG/TEb5b4vIXY/fjy5Rp69VPcpbkyLSQlq30ToO2MbdUruM?= =?us-ascii?Q?RH8KJ6luFYc9SlG5JMQhYzjI+ip7jPu7Zli8r3zG4DHyXfu676MHhM+TPYcu?= =?us-ascii?Q?Ihf727suQd3jIq/gBks8FqlZoy1G3jS03I/oB6RbRqn+7SA3sCQLxmlwA8xZ?= =?us-ascii?Q?5DxepHtfBxkVgS1ecI+dTt/6nDe7KmbSJ6SaxeW1sJw/EQElLLuihDpR/S/r?= =?us-ascii?Q?nVb6BXYZpW2J+2VmdaCE9TsaeilRZlQJy71N8Itbd8VdK76sNs3oHkxUwWpZ?= =?us-ascii?Q?ohNNMZV0T3/Rt3pwlQmYnFZSn+rwAQ9V6VG0M653IZ5T+9ABWPOCWSP8VjuR?= =?us-ascii?Q?LF8G5Er/DAV3j7FLiOFmh4U9Q61honMU2Yui5mFODrybaVi5TQmNGyBgZRmV?= =?us-ascii?Q?Nx+pC9P/p3+avkbvr1rCT6tA8sO/8JDqNjIYe47NUrCQmNzLTF1DHmXd3w6Z?= =?us-ascii?Q?sIBF5LL3VuApCgMSmhJq6/JliEh2HOHR3lmDmx8nfWZzYCHbMux2ml66Hubm?= =?us-ascii?Q?XEEVO+S3EOHLfuF0bp0r9jeFVlpS3PDtarq0UQXKtQnxonELNlESsdgNyTqP?= =?us-ascii?Q?tvaYiRwg4tfRFml/+8kPNCvfZGfeXjxmMp1zrH4MIJgjXRXfUoEDPqAOL4+6?= =?us-ascii?Q?3TUSuW1l/R5A6ovxoINU6ekbtPy8OEDQUwXj1i2BxE3+XwI7helih2V1XyL1?= =?us-ascii?Q?/JaUO2RnP82dz6dLP1tasmano2t01dHMK0ReUEwP3b0OGv3KtBzy2Nrkp3VC?= =?us-ascii?Q?yaEeSXXsed/MJ+q9s37kGiVeefEVt8bZoQkbKxlJccfxXbwlTiqLkKZzbKEI?= =?us-ascii?Q?m8Qnwts1a5g4MFEEfo67PzaJszlncB4AWxzuwzUcu0qwdegaf9QWA5219iPN?= =?us-ascii?Q?nZqXt0ifD5iqS4SiT2ncqnblgmcGdIlwVCllPYnl8PdZW6nVjZU81BRgckWh?= =?us-ascii?Q?6VimtQ+c3L4GRUYNhRz9ju55oPBOJE+BOuWF6RLsp/dw55j6AXSjknGbjUQJ?= =?us-ascii?Q?p499GNKSH9R5UydK8Yqm4QtxoUKQobJH0UO41vNXGM6RXMqKAI8jpg54N7dZ?= =?us-ascii?Q?Ph5SsXVPwyF+?= x-ms-exchange-transport-forked: True MIME-Version: 1.0 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBBPR08MB6010 Original-Authentication-Results: linaro.org; dkim=none (message not signed) header.d=none;linaro.org; dmarc=none action=none header.from=arm.com; Return-Path: Sami.Mujawar@arm.com X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT013.eop-EUR03.prod.protection.outlook.com X-MS-Office365-Filtering-Correlation-Id-Prvs: 5bf90fe3-9447-483e-9d3f-08d8c440b6cf X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: /3ksGdR728vgaAM2BaRO5Ensz23l2Dz7JTTzrNtm6J/NDQbd/vD09Zg6cIHvsB3A/9VYZtmewhOYo47feoU/jbx9zdU8d4m8vYctoQZND/Ns8uMSS1PmOHAfyhJJQtpGPO+AIDTLD5TAhqWjXDWUXdpp/aWk5+5kHCtLopXmmFfIvWhqwpsR4IPhuTcuVtZWj1OdL+9nlOfgIRv+dhlFWp7mwb/FF+E92PHothRcijNEg652+KxQnQrBSRtIwl1lsWOVZheM1Iv6i35RoLPK2UMCrDA54P5C9wlQ6xABs0UjURPh61KOej04dLBBYnaBARS1042DechrTYGDMIOPIEROpCX5DmMXoaY8TGfi3UkLepZPki6DMwNMTgPC7FiG/ZR5e9G+nNXUYBfc/jdae9OPVpYfBpiEaPoqPz5Nif0WbBI2XA/F0pUhg4oljfvAFS9X9Q5Drmwf+dEe7/ZUz0hAmr5Dn8IPJAupdEfanwW6BXoRCvpgHQpL1uGJpIPLxaV0726OGybK2GOrPZnSUBn1238aFKnPUrIAwIvwrHcltl86u+NvwkDFx6Gfno6b9+8nCLJ8oqpxFA+b83oahcYrlKtdrXKwfm0RyGraaEirHtNsM/RRV4l/xOffOg66cvMSi4UFBRlc6XDivGJhnrwxozdPbCNxjqmQ4lTqNrc= X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(4636009)(136003)(346002)(39860400002)(376002)(396003)(46966006)(54906003)(966005)(81166007)(70206006)(2906002)(33656002)(110136005)(52536014)(336012)(4326008)(47076005)(186003)(70586007)(55016002)(30864003)(6506007)(82740400003)(9686003)(8936002)(26005)(82310400003)(83380400001)(7696005)(8676002)(53546011)(316002)(356005)(86362001)(5660300002)(478600001);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Jan 2021 10:29:16.3818 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 12838d1b-2b4c-4386-0e7d-08d8c440bad8 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: AM5EUR03FT013.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4309 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Sughosh, Please find my response inline marked [SAMI]. There are a few minor suggestions, otherwise this patch looks good to me.=20 With that changed. Reviewed-by: Sami Mujawar Regards, Sami Mujawar -----Original Message----- From: Sughosh Ganu =20 Sent: 16 December 2020 11:09 AM To: devel@edk2.groups.io Cc: Sami Mujawar ; Ard Biesheuvel ; Leif Lindholm ; Sahil Malhotra ; Ilias Apalodimas Subject: [PATCH edk2-platforms v3 2/2] StMMRpmb: Add support for building S= tandaloneMm image for OP-TEE From: Ilias Apalodimas With some recent changes in OP-TEE [1] and U-Boot [2] we can compile StMM and launch it from an OP-TEE secure partition which is mimicking SPM. There's a number of advantages in this approach. In Arm world SPM, currently used for dispatching StMM, and SPD used for OP-TEE, are mutually exclusive. Since there's no application in OP-TEE for managing EFI variables, this means that one can have a secure OS or secure variable storage. By re-using StMM we have EDK2s approved application controlling variable storage and the ability to run a secure world OS. This also allows various firmware implementations to adopt EDK2 way of storing variables (including the FTW implementation), as long as OP-TEE is available on that given platform (or any other secure OS that can launch StMM and has a supplicant for handling the RPMB partition). Another advantage is that OP-TEE has the ability to access an eMMC RPMB partition to store those variables. This requires a normal world supplicant, which is implemented in U-Boot currently. The supplicant picks up the encrypted buffer from OP-TEE and wires it to the eMMC driver(s). Similar functionality can be added in EDK2 by porting the supplicant and adapt it to using the native eMMC drivers. There's is one drawback in using OP-TEE. The current SPM calls need to run to completion. This contradicts the current OP-TEE RPC call requirements, used to access the RPMB storage. Thats leads to two different SMC calls for entering secure world to access StMM. So let's add support for a platform that compiles StMM and an RPMB driver that communicates with OP-TEE to read/write the variables. For anyone interested in testing this there's repo that builds all the sources and works on QEMU [3]. [1] https://github.com/OP-TEE/optee_os/pull/3973 [2] http://u-boot.10912.n7.nabble.com/PATCH-0-7-v4-EFI-variable-support-via= -OP-TEE-td412499.html [3] https://git.linaro.org/people/ilias.apalodimas/efi_optee_variables.git/ Signed-off-by: Ilias Apalodimas --- Changes since V2: None Platform/StMMRpmb/PlatformStandaloneMm.dsc | 168 ++++++++++++++++++++ Platform/StMMRpmb/PlatformStandaloneMm.fdf | 111 +++++++++++++ 2 files changed, 279 insertions(+) diff --git a/Platform/StMMRpmb/PlatformStandaloneMm.dsc b/Platform/StMMRpmb= /PlatformStandaloneMm.dsc new file mode 100644 index 0000000000..93596c0630 --- /dev/null +++ b/Platform/StMMRpmb/PlatformStandaloneMm.dsc @@ -0,0 +1,168 @@ +# +# Copyright (c) 2018, ARM Limited. All rights reserved. +# Copyright (c) 2020, Linaro Ltd. All rights reserved. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# + +##########################################################################= ###### +# +# Defines Section - statements that will be processed to create a Makefile= . +# +##########################################################################= ###### +[Defines] + PLATFORM_NAME =3D MmStandaloneRpmb + PLATFORM_GUID =3D A27A486E-D7B9-4D70-9F37-FED9ABE041A2 + PLATFORM_VERSION =3D 1.0 + DSC_SPECIFICATION =3D 0x00010011 + OUTPUT_DIRECTORY =3D Build/$(PLATFORM_NAME) + SUPPORTED_ARCHITECTURES =3D AARCH64 + BUILD_TARGETS =3D DEBUG|RELEASE|NOOPT + SKUID_IDENTIFIER =3D DEFAULT + FLASH_DEFINITION =3D Platform/StMMRpmb/PlatformStandaloneM= m.fdf + DEFINE DEBUG_MESSAGE =3D TRUE + + # LzmaF86 + DEFINE COMPRESSION_TOOL_GUID =3D D42AE6BD-1352-4bfb-909A-CA72A6EAE889 + +##########################################################################= ###### +# +# Library Class section - list of all Library Classes needed by this Platf= orm. +# +##########################################################################= ###### +[LibraryClasses] + ArmSvcLib|ArmPkg/Library/ArmSvcLib/ArmSvcLib.inf + ArmLib|ArmPkg/Library/ArmLib/ArmBaseLib.inf + BaseLib|MdePkg/Library/BaseLib/BaseLib.inf + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf + BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.in= f + DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf + ExtractGuidedSectionLib|EmbeddedPkg/Library/PrePiExtractGuidedSectionLib= /PrePiExtractGuidedSectionLib.inf + FvLib|StandaloneMmPkg/Library/FvLib/FvLib.inf + HobLib|StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHo= bLib.inf + IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf + MemLib|StandaloneMmPkg/Library/StandaloneMmMemLib/StandaloneMmMemLib.inf + MemoryAllocationLib|StandaloneMmPkg/Library/StandaloneMmCoreMemoryAlloca= tionLib/StandaloneMmCoreMemoryAllocationLib.inf + PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf + PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf + ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseRepor= tStatusCodeLibNull.inf + + # + # Entry point + # + #StandaloneMmCoreEntryPoint|StandaloneMmPkg/Library/StandaloneMmCoreEntr= yPoint/StandaloneMmCoreEntryPoint.inf [SAMI] This line can be removed. [/SAMI] + StandaloneMmCoreEntryPoint|StandaloneMmPkg/Library/StandaloneMmCoreEntry= Point/StandaloneMmCoreEntryPoint.inf + StandaloneMmDriverEntryPoint|MdePkg/Library/StandaloneMmDriverEntryPoint= /StandaloneMmDriverEntryPoint.inf + + StandaloneMmMmuLib|ArmPkg/Library/StandaloneMmMmuLib/ArmMmuStandaloneMmL= ib.inf + #CacheMaintenanceLib|ArmPkg/Library/ArmCacheMaintenanceLib/ArmCacheMaint= enanceLib.inf [SAMI] remove? [/SAMI] + CacheMaintenanceLib|MdePkg/Library/BaseCacheMaintenanceLibNull/BaseCache= MaintenanceLibNull.inf + PeCoffExtraActionLib|StandaloneMmPkg/Library/StandaloneMmPeCoffExtraActi= onLib/StandaloneMmPeCoffExtraActionLib.inf + RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf + + SerialPortLib|MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull= .inf + DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf [SAMI] This appears twice. Can the previous instance be removed? [/SAMI] + + # + # It is not possible to prevent the ARM compiler for generic intrinsic f= unctions. + # This library provides the intrinsic functions generate by a given comp= iler. + # NULL means link this library into all ARM images. + # + NULL|ArmPkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf + +[LibraryClasses.common.MM_STANDALONE] + HobLib|StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf + MmServicesTableLib|MdePkg/Library/StandaloneMmServicesTableLib/Standalon= eMmServicesTableLib.inf + MemoryAllocationLib|StandaloneMmPkg/Library/StandaloneMmMemoryAllocation= Lib/StandaloneMmMemoryAllocationLib.inf + + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecu= reLibNull.inf + SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchroniza= tionLib.inf + TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat= e.inf +##########################################################################= ###### +# +# Pcd Section - list of all EDK II PCD Entries defined by this Platform +# +##########################################################################= ###### + +[PcdsFeatureFlag.common] + gArmTokenSpaceGuid.PcdFfaEnable|TRUE + +[PcdsFixedAtBuild] + gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x800000CF + gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0xff + gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x0f + + gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x2 + # Secure Storage + gEfiSecurityPkgTokenSpaceGuid.PcdUserPhysicalPresence|TRUE + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000 + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800 + + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0x00004000 + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize|0x0000400= 0 + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x00004000 + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x00004000 + +[PcdsPatchableInModule] + # Allocated memory for EDK2 uppers layers + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase|0x0 + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0x0 + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0x0 + +##########################################################################= ######################### +# +# Components Section - list of the modules and components that will be pro= cessed by compilation +# tools and the EDK II tools to generate PE32/PE32+/C= off image files. +# +# Note: The EDK II DSC file is not used to specify how compiled binary ima= ges get placed +# into firmware volume images. This section is just a list of module= s to compile from +# source into UEFI-compliant binaries. +# It is the FDF file that contains information on combining binary f= iles into firmware +# volume images, whose concept is beyond UEFI and is described in PI= specification. +# Binary modules do not need to be listed in this section, as they s= hould be +# specified in the FDF file. For example: Shell binary (Shell_Full.e= fi), FAT binary (Fat.efi), +# Logo (Logo.bmp), and etc. +# There may also be modules listed in this section that are not requ= ired in the FDF file, +# When a module listed here is excluded from FDF file, then UEFI-com= pliant binary will be +# generated for it, but the binary will not be put into any firmware= volume. +# +##########################################################################= ######################### +[Components.common] + # + # Standalone MM components + # + Drivers/OpTeeRpmb/OpTeeRpmbFv.inf + StandaloneMmPkg/Core/StandaloneMmCore.inf + StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/StandaloneMmCpu.inf + MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandalon= eMm.inf { + + NULL|Drivers/OpTeeRpmb/FixupPcd.inf + } + MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf { + + AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.= inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf + DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf + VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf + NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf + NULL|Drivers/OpTeeRpmb/FixupPcd.inf + } + +##########################################################################= ######################### +# +# BuildOptions Section - Define the module specific tool chain flags that = should be used as +# the default flags for a module. These flags are a= ppended to any +# standard flags that are defined by the build proc= ess. They can be +# applied for any modules or only those modules wit= h the specific +# module style (EDK or EDKII) specified in [Compone= nts] section. +# +##########################################################################= ######################### +[BuildOptions.AARCH64] +GCC:*_*_*_DLINK_FLAGS =3D -z common-page-size=3D0x1000 -march=3Darmv8-a+no= fp +GCC:*_*_*_CC_FLAGS =3D -mstrict-align diff --git a/Platform/StMMRpmb/PlatformStandaloneMm.fdf b/Platform/StMMRpmb= /PlatformStandaloneMm.fdf new file mode 100644 index 0000000000..febc6d0d95 --- /dev/null +++ b/Platform/StMMRpmb/PlatformStandaloneMm.fdf @@ -0,0 +1,111 @@ +# +# Copyright (c) 2018, ARM Limited. All rights reserved. +# Copyright (c) 2020, Linaro Ltd. All rights reserved. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# + +##########################################################################= ###### +# +# FD Section +# The [FD] Section is made up of the definition statements and a +# description of what goes into the Flash Device Image. Each FD section +# defines one flash "device" image. A flash device image may be one of +# the following: Removable media bootable image (like a boot floppy +# image,) an Option ROM image (that would be "flashed" into an add-in +# card,) a System "Flash" image (that would be burned into a system's +# flash) or an Update ("Capsule") image that will be used to update and +# existing system flash. +# +##########################################################################= ###### + +[FD.BL32_AP_MM] +BaseAddress =3D 0x1000 # any address apart from 0x0 +Size =3D 0x00300000 +ErasePolarity =3D 1 + +BlockSize =3D 0x00001000 +NumBlocks =3D 0x0300 + +##########################################################################= ###### +# +# Following are lists of FD Region layout which correspond to the location= s of different +# images within the flash device. +# +# Regions must be defined in ascending order and may not overlap. +# +# A Layout Region start with a eight digit hex offset (leading "0x" requir= ed) followed by +# the pipe "|" character, followed by the size of the region, also in hex = with the leading +# "0x" characters. Like: +# Offset|Size +# PcdOffsetCName|PcdSizeCName +# RegionType +# +##########################################################################= ###### + +0x00000000|0x00280000 +FV =3D FVMAIN_COMPACT + +[FV.FVMAIN_COMPACT] +FvAlignment =3D 8 +ERASE_POLARITY =3D 1 +MEMORY_MAPPED =3D TRUE +STICKY_WRITE =3D TRUE +LOCK_CAP =3D TRUE +LOCK_STATUS =3D TRUE +WRITE_DISABLED_CAP =3D TRUE +WRITE_ENABLED_CAP =3D TRUE +WRITE_STATUS =3D TRUE +WRITE_LOCK_CAP =3D TRUE +WRITE_LOCK_STATUS =3D TRUE +READ_DISABLED_CAP =3D TRUE +READ_ENABLED_CAP =3D TRUE +READ_STATUS =3D TRUE +READ_LOCK_CAP =3D TRUE +READ_LOCK_STATUS =3D TRUE + + INF StandaloneMmPkg/Core/StandaloneMmCore.inf + INF Drivers/OpTeeRpmb/OpTeeRpmbFv.inf + INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStand= aloneMm.inf + INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf + INF StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/StandaloneMmCpu.inf +##########################################################################= ###### +# +# Rules are use with the [FV] section's module INF type to define +# how an FFS file is created for a given INF file. The following Rule are = the default +# rules for the different module type. User can add the customized rules t= o define the +# content of the FFS file. +# +##########################################################################= ###### + + +##########################################################################= ## +# Example of a DXE_DRIVER FFS file with a Checksum encapsulation section = # +##########################################################################= ## +# +#[Rule.Common.DXE_DRIVER] +# FILE DRIVER =3D $(NAMED_GUID) { +# DXE_DEPEX DXE_DEPEX Optional $(INF_OUTPUT)/$(MODULE_= NAME).depex +# COMPRESS PI_STD { +# GUIDED { +# PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi +# UI STRING=3D"$(MODULE_NAME)" Optional +# VERSION STRING=3D"$(INF_VERSION)" Optional BUILD_NUM=3D$(BUILD_N= UMBER) +# } +# } +# } +# +##########################################################################= ## + +[Rule.Common.MM_CORE_STANDALONE] + FILE SEC =3D $(NAMED_GUID) FIXED { + PE32 PE32 Align =3D Auto $(INF_OUTPUT)/$(MODULE_NAME).efi + } + +[Rule.Common.MM_STANDALONE] + FILE MM_STANDALONE =3D $(NAMED_GUID) { + SMM_DEPEX SMM_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex + PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi + UI STRING=3D"$(MODULE_NAME)" Optional + VERSION STRING=3D"$(INF_VERSION)" Optional BUILD_NUM=3D$(BUILD_NUMBE= R) + } --=20 2.17.1