From nobody Tue Apr 30 17:31:47 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain
 of lists.01.org)  smtp.mailfrom=edk2-devel-bounces@lists.01.org;
	dmarc=fail(p=none dis=none)  header.from=intel.com
Return-Path: <edk2-devel-bounces@lists.01.org>
Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com
	with SMTPS id 1527848577881459.6204225936011;
 Fri, 1 Jun 2018 03:22:57 -0700 (PDT)
Received: from [127.0.0.1] (localhost [IPv6:::1])
	by ml01.01.org (Postfix) with ESMTP id BDAD7210E2A57;
	Fri,  1 Jun 2018 03:22:56 -0700 (PDT)
Received: from mga17.intel.com (mga17.intel.com [192.55.52.151])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id E03102096DCEE
 for <edk2-devel@lists.01.org>; Fri,  1 Jun 2018 03:22:54 -0700 (PDT)
Received: from orsmga003.jf.intel.com ([10.7.209.27])
 by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 01 Jun 2018 03:22:54 -0700
Received: from zwei4-mobl1.ccr.corp.intel.com ([10.239.158.63])
 by orsmga003.jf.intel.com with ESMTP; 01 Jun 2018 03:22:53 -0700
X-Original-To: edk2-devel@lists.01.org
Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by
 domain of lists.01.org) client-ip=198.145.21.10;
 envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org;
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.151; helo=mga17.intel.com;
 envelope-from=david.wei@intel.com; receiver=edk2-devel@lists.01.org
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.49,465,1520924400"; d="scan'208";a="55719846"
From: zwei4 <david.wei@intel.com>
To: edk2-devel@lists.01.org
Date: Fri,  1 Jun 2018 18:22:47 +0800
Message-Id: <20180601102247.18544-1-david.wei@intel.com>
X-Mailer: git-send-email 2.14.1.windows.1
Subject: [edk2] [Patch][edk2-platforms/devel-MinnowBoardMax-UDK2017] Lock
 SMRAM at proper point.
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
Cc: Yao@ml01.01.org, Jiewen <jiewen.yao@intel.com>, Mang@ml01.01.org
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Errors-To: edk2-devel-bounces@lists.01.org
Sender: "edk2-devel" <edk2-devel-bounces@lists.01.org>
X-ZohoMail: RSF_4  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

(1) Lock SMRAM with EFI_SMM_ACCESS2_PROTOCOL.Lock() before PCI bus enumerat=
ion. This is for DMA protection.
(2) Call InstallReadyToLock after PCI enumeration and  initialization of tr=
usted console. If InstallReadyToLock is called before PCI enumeration, some=
 silicon drivers would fail to save S3 boot script.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: zwei4 <david.wei@intel.com>
CC: Yao, Jiewen <jiewen.yao@intel.com>
CC: Mang, Guo <mang.guo@intel.com>
---
 .../Library/PlatformBdsLib/BdsPlatform.c           | 111 ++++++++++++++++-=
----
 1 file changed, 88 insertions(+), 23 deletions(-)

diff --git a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c b/Vlv2T=
bltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
index 22cdb4382f..cb5711a620 100644
--- a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
+++ b/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
@@ -143,8 +143,8 @@ DisableAhciCtlr (
 }
=20
 /**
-  Issues EndOfDxe event, installs gExitPmAuthProtocolGuid, and issues SMM =
lock envent. Bus Master DMA mus
-  not be enabled before SMM lock.
+  Lock SMRAM with EFI_SMM_ACCESS2_PROTOCOL. To prevent DMA attack, Bus Mas=
ter DMA of untrusetd PCI devices
+  must not be enabled before SMRAM lock.
=20
   @param VOID
=20
@@ -152,14 +152,12 @@ DisableAhciCtlr (
=20
 **/
 VOID
-InstallReadyToLock (
+SmramLock (
   VOID
   )
 {
   EFI_STATUS                Status;
-  EFI_HANDLE                Handle;
   EFI_SMM_ACCESS2_PROTOCOL  *SmmAccess;
-  EFI_ACPI_S3_SAVE_PROTOCOL *AcpiS3Save;
   UINTN                      PciDeviceConfigAdd;
   UINT16                     VendorID;
   UINT16                     CommandReg;
@@ -167,7 +165,7 @@ InstallReadyToLock (
   UINT8                      FunIndex;
=20
   //=20
-  // Check Buster Master Enable bit of PCI devices,including PCIe root por=
ts, on bus 0.
+  // Check Buster Master Enable bit of untrusted PCI devices,including PCI=
e root ports, on bus 0.
   //
   DEBUG ((DEBUG_ERROR, "BDS: Check Bus Master Enable of PCI devices before=
 SMRAM lock: \n"));
  =20
@@ -204,12 +202,50 @@ InstallReadyToLock (
       // Report error if Bus Master has been enabled.
       //
       if (((CommandReg & BIT2) =3D=3D BIT2)) {
-          DEBUG ((DEBUG_ERROR, "Error: Bus Master is enabled before SMRAM =
lock!\n"));
+          DEBUG ((DEBUG_ERROR, "Error: Bus Master of above device is enabl=
ed before SMRAM lock!\n"));
           ASSERT_EFI_ERROR(FALSE);
       }
     }
   }
  =20
+  //
+  // Lock SMRAM.
+  //
+  Status =3D gBS->LocateProtocol (
+                  &gEfiSmmAccess2ProtocolGuid,
+                  NULL,
+                  (VOID **) &SmmAccess
+                  );
+  if (!EFI_ERROR (Status)) {
+    //
+    //
+    //
+    Status =3D SmmAccess->Lock(SmmAccess);
+    DEBUG ((DEBUG_ERROR, "SMRAM is locked by EFI_SMM_ACCESS2_PROTOCOL!\n")=
);
+    ASSERT_EFI_ERROR (Status);
+  }
+
+  return ;
+}
+
+/**
+  Issues EndOfDxe event, installs gExitPmAuthProtocolGuid, and issues SMM =
lock envent.
+
+  @param VOID
+
+  @retval  None.
+
+**/
+VOID
+InstallReadyToLock (
+  VOID
+  )
+{
+  EFI_STATUS                Status;
+  EFI_HANDLE                Handle;
+  EFI_SMM_ACCESS2_PROTOCOL  *SmmAccess;
+  EFI_ACPI_S3_SAVE_PROTOCOL *AcpiS3Save;
+
   //
   // Install DxeSmmReadyToLock protocol prior to the processing of boot op=
tions
   //
@@ -240,11 +276,14 @@ InstallReadyToLock (
                     NULL
                     );
     ASSERT_EFI_ERROR (Status);
+
+    DEBUG ((DEBUG_INFO, "Signal gEfiEndOfDxeEventGroupGuid event! End of D=
XE!\n"));
     //
     // Signal EndOfDxe PI Event
     //
     EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid);
=20
+    DEBUG ((DEBUG_INFO, "Signal gEfiDxeSmmReadyToLockProtocolGuid event!\n=
"));
     Handle =3D NULL;
     Status =3D gBS->InstallProtocolInterface (
                     &Handle,
@@ -1855,14 +1894,19 @@ PlatformBdsPolicyBehavior (
     #ifdef FTPM_ENABLE
     TrEEPhysicalPresenceLibProcessRequest(NULL);
     #endif
+
     //
-    // Close boot script and install ready to lock
+    // Lock SMRAM.
     //
-    InstallReadyToLock ();
+    SmramLock ();
    =20
     PlatformBdsInitHotKeyEvent ();
     PlatformBdsConnectSimpleConsole (gPlatformSimpleConsole);
=20
+    //
+    // Close boot script and install ready to lock.
+    //
+    InstallReadyToLock ();
=20
     //
     // Check to see if it's needed to dispatch more DXE drivers.
@@ -1951,9 +1995,9 @@ PlatformBdsPolicyBehavior (
   case BOOT_ASSUMING_NO_CONFIGURATION_CHANGES:
=20
     //
-    // Close boot script and install ready to lock
+    // Lock SMRAM.
     //
-    InstallReadyToLock ();
+    SmramLock ();
=20
     //
     // In no-configuration boot mode, we can connect the
@@ -1962,6 +2006,11 @@ PlatformBdsPolicyBehavior (
     BdsLibConnectAllDefaultConsoles ();
     PlatformBdsDiagnostics (IGNORE, FALSE, BaseMemoryTest);
=20
+    //
+    // Close boot script and install ready to lock
+    //
+    InstallReadyToLock ();
+
     //
     // Perform some platform specific connect sequence
     //
@@ -1996,7 +2045,10 @@ PlatformBdsPolicyBehavior (
=20
   case BOOT_ON_FLASH_UPDATE:
=20
-
+    //
+    // Lock SMRAM.
+    //
+    SmramLock ();
=20
     //
     // Boot with the specific configuration
@@ -2048,9 +2100,9 @@ PlatformBdsPolicyBehavior (
   case BOOT_IN_RECOVERY_MODE:
=20
     //
-    // Close boot script and install ready to lock
+    // Lock SMRAM.
     //
-    InstallReadyToLock ();
+    SmramLock ();
=20
     //
     // In recovery mode, just connect platform console
@@ -2058,6 +2110,12 @@ PlatformBdsPolicyBehavior (
     //
     PlatformBdsConnectConsole (gPlatformConsole);
     PlatformBdsDiagnostics (EXTENSIVE, FALSE, BaseMemoryTest);
+
+    //
+    // Close boot script and install ready to lock
+    //
+    InstallReadyToLock ();
+       =20
     BdsLibConnectAll ();
=20
     //
@@ -2097,11 +2155,13 @@ FULL_CONFIGURATION:
     if (EsrtManagement !=3D NULL) {
       EsrtManagement->SyncEsrtFmp();
     }
+
+
     //
-    // Close boot script and install ready to lock
+    // Lock SMRAM.
     //
-    InstallReadyToLock ();
-    =20
+    SmramLock ();
+
     //
     // Connect platform console
     //
@@ -2115,7 +2175,12 @@ FULL_CONFIGURATION:
     }
=20
     //
-    // Chenyunh[TODO]: This is Workgroud to show the fs for uSDcard,
+    // Close boot script and install ready to lock.
+    //
+    InstallReadyToLock ();
+
+    //
+    // This is Workgroud to show the fs for uSDcard,
     // Need to root cause this issue.
     //
     DEBUG ((DEBUG_ERROR, "Start to reconnect all driver.\n"));
@@ -2168,11 +2233,11 @@ FULL_CONFIGURATION:
     //
     PlatformBdsEnterFrontPageWithHotKey (Timeout, FALSE);
=20
-	//
-	// Give one chance to enter the setup if we=20
-	// select Gummiboot "Reboot Into Firmware Interface"
-	//
-	BootIntoFirmwareInterface();
+    //
+    // Give one chance to enter the setup if we=20
+    // select Gummiboot "Reboot Into Firmware Interface"
+    //
+    BootIntoFirmwareInterface();
=20
     //
     // In default boot mode, always find all boot
--=20
2.14.1.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel