From nobody Mon May 20 01:26:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+60835+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+60835+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1591548961; cv=none; d=zohomail.com; s=zohoarc; b=gVATHTSFW2YosnoP6p8JdoOqqnUZQtFSgdKgDej/Bnwo41h1eAaqFPGlOzyixirGt5q5xgrGOI4DHU9PBP+BBpQt9xIhNjsh6QMJ9GIzCkU58e0s/jPHAui0JUWTy/L2GZ3LAr0I22iSBkCJ2ZHETXqpQcFJFnKA32OiYLKAHkQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591548961; h=Content-Transfer-Encoding:Cc:Date:From:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Sender:Subject:To; bh=zMX1+tSbLTYq0+Lu2/1IhT+asUPkcoXBQCuHUSGZFMI=; b=Ays8AQmlWadTezwmBCseKR6Vdx6UjCGPNDtx0kD4d/eB/Zlk/8BAKbiN5LYsFgdkiTvRRRQZ26QYtESlHoZ3D1KWf4ecodjFyCur4FfbLGEnV9MRIHi5PTITQ0AlqekWFqPwT8kYdi8k4CidjyVpM9WMOk5mLkVKnhyoHcrS15g= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+60835+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1591548961370649.9759536132676; Sun, 7 Jun 2020 09:56:01 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id c8HBYY1788612xLfQdeoWjaA; Sun, 07 Jun 2020 09:56:01 -0700 X-Received: from mail-wr1-f66.google.com (mail-wr1-f66.google.com [209.85.221.66]) by mx.groups.io with SMTP id smtpd.web11.6756.1591433533954126122 for ; Sat, 06 Jun 2020 01:52:14 -0700 X-Received: by mail-wr1-f66.google.com with SMTP id l10so12027590wrr.10 for ; Sat, 06 Jun 2020 01:52:13 -0700 (PDT) X-Gm-Message-State: FUgbmlZ4jwgB0PCMFXMNYZjcx1787277AA= X-Google-Smtp-Source: ABdhPJxU5F9x0AyRlBMk/eO7FeVmJQoEbtVIHOqK3//bZvPwWKDRSgG05tmK34hgW+7XSPaRhUj1jA== X-Received: by 2002:a5d:4d4d:: with SMTP id a13mr13863586wru.252.1591433532275; Sat, 06 Jun 2020 01:52:12 -0700 (PDT) X-Received: from apalos.home ([2a02:587:460c:6776:2e56:dcff:fe9a:8f06]) by smtp.gmail.com with ESMTPSA id w17sm15752517wra.71.2020.06.06.01.52.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 06 Jun 2020 01:52:11 -0700 (PDT) From: Ilias Apalodimas To: ard.biesheuvel@arm.com, sami.mujawar@arm.com, jiewen.yao@intel.com, supreeth.venkatesh@arm.com Cc: devel@edk2.groups.io, Ilias Apalodimas Subject: [edk2-devel] [RFC edk2 v1] StandaloneMmPkg: Relocatable version for StandAloneMM Date: Sat, 6 Jun 2020 11:52:09 +0300 Message-Id: <20200606085209.1161547-1-ilias.apalodimas@linaro.org> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ilias.apalodimas@linaro.org Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1591548961; bh=64Nkr4vqGmie67GAj8p1nG0EYh+S9wTTg9LRM2+HPCs=; h=Cc:Date:From:Reply-To:Subject:To; b=ax2JpoX5xqLThL1UNkbbf5Rqyd4fTgMBhsy9grLIzGeisWSDU9qLfgC9LU2hQ0qnpLF CE3HaTi7zxQRgswlK8OKlMa5JtcSPrqAG32fPVY83g3FvDm9EUoR6mygN4pGwHF8NzccY I2iCzzCuNQlNf1IxY9kae6QM8NtQI68+SQw= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" With work currently being done in OP-TEE [1] and U-boot [2], we can compile StandAloneMM as a single binary [3] and load it from OP-TEE in an isolated partition that behahes similarly to SPM. By doing so we reuse existing code from EDK2 for the UEFI variable storage regardless of the firmware implementation. Another advantage is that OP-TEE combined with U-Boot's OP-TEE supplicant can use the RPMB partition of an eMMC and securely store EFI variables instead of solely relying on a secure world flash [4]. Since StMM can be compiled as a binary that runs on OP-TEE, we need to make it self-relocatable. OP-TEE load address can be arbitrary depending on memory layout or ASLR. We could keep the current StandAloneMM implementation as-is and duplicate StandaloneMmCoreEntryPoint.c. Instead add two more .inf files for the relocatable option and the relevant linker script, move the current entry point into asm and add a FeaturePcd for enabling/disabling the relocatable option. [1] https://github.com/apalos/optee_os/tree/stmm_upstream_03_clean [2] https://github.com/u-boot/u-boot/blob/master/lib/efi_loader/efi_variabl= e_tee.c [3] https://git.linaro.org/people/ilias.apalodimas/edk2-platforms.git/tree/= Platform/QemuVirt/PlatformStandaloneMm.dsc?h=3Dstmm_reloc_combined [4] https://git.linaro.org/people/ilias.apalodimas/edk2-platforms.git/tree/= Silicon/QemuVirt/Drivers/OpTeeRpmbFv/OpTeeRpmbFv.c?h=3Dstmm_reloc_combined Signed-off-by: Ilias Apalodimas --- StandaloneMmPkg/Core/Scripts/StMM-PIE.lds | 54 +++++++++ StandaloneMmPkg/Core/StandaloneMmCore.inf | 3 + .../Core/StandaloneMmCoreRelocatable.inf | 80 ++++++++++++++ .../AArch64/ModuleEntryPoint.S | 103 ++++++++++++++++++ .../AArch64/StandaloneMmCoreEntryPoint.c | 7 +- .../StandaloneMmCoreEntryPoint.inf | 4 + .../StandaloneMmCoreEntryPointRelocatable.inf | 54 +++++++++ StandaloneMmPkg/StandaloneMmPkg.dec | 2 + 8 files changed, 306 insertions(+), 1 deletion(-) create mode 100644 StandaloneMmPkg/Core/Scripts/StMM-PIE.lds create mode 100644 StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf create mode 100644 StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArc= h64/ModuleEntryPoint.S create mode 100644 StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/Stan= daloneMmCoreEntryPointRelocatable.inf diff --git a/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds b/StandaloneMmPkg/Co= re/Scripts/StMM-PIE.lds new file mode 100644 index 000000000000..a1d7012c4ca3 --- /dev/null +++ b/StandaloneMmPkg/Core/Scripts/StMM-PIE.lds @@ -0,0 +1,54 @@ +/** @file + + Copyright (c) 2015, Linaro Ltd. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +SECTIONS +{ + PROVIDE(__reloc_base =3D .); + + . =3D PECOFF_HEADER_SIZE; + .text : ALIGN(CONSTANT(COMMONPAGESIZE)) { + *(.text.reloc*) + . =3D ALIGN(0x1000); + PROVIDE(__stmm_start =3D .); + *(.text .text*) + . =3D ALIGN(0x20); + PROVIDE(__reloc_start =3D .); + *(.rel .rel.*) + *(.rela .rela.*) + PROVIDE(__reloc_end =3D .); + } + PROVIDE(__ro_start =3D .); + .got : ALIGN(CONSTANT(COMMONPAGESIZE)) { + *(.got .got*) + } + .rodata : ALIGN(CONSTANT(COMMONPAGESIZE)) { + *(.rodata .rodata*) + } + PROVIDE(__ro_end =3D .); + .data : ALIGN(CONSTANT(COMMONPAGESIZE)) { + *(.data .data*) + } + .bss : ALIGN(CONSTANT(COMMONPAGESIZE)) { + *(.bss .bss*) + } + PROVIDE(__stmm_end =3D .); + + .note (INFO) : { *(.note.gnu.build-id) } + + /DISCARD/ : { + *(.note.GNU-stack) + *(.gnu.hash) + *(.gnu_debuglink) + *(.interp) + *(.dynamic) + *(.dynsym) + *(.dynstr) + *(.hash) + *(.comment) + } +} diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf b/StandaloneMmPkg/Co= re/StandaloneMmCore.inf index 7d590b49bd3f..fdd4b61b3665 100644 --- a/StandaloneMmPkg/Core/StandaloneMmCore.inf +++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf @@ -74,3 +74,6 @@ gEfiEventLegacyBootGuid gEfiEventExitBootServicesGuid gEfiEventReadyToBootGuid + +[BuildOptions] + GCC:*_*_*_DLINK_FLAGS =3D -Wl,-T,$(MODULE_DIR)/Scripts/StMM-PIE.lds diff --git a/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf b/Standal= oneMmPkg/Core/StandaloneMmCoreRelocatable.inf new file mode 100644 index 000000000000..69049080ef78 --- /dev/null +++ b/StandaloneMmPkg/Core/StandaloneMmCoreRelocatable.inf @@ -0,0 +1,80 @@ +## @file +# This module provide an SMM CIS compliant implementation of SMM Core. +# +# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2016 - 2018, ARM Limited. All rights reserved.
+# Copyright (c) 2020, Linaro Limited. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION =3D 0x0001001A + BASE_NAME =3D StandaloneMmCore + FILE_GUID =3D 6E14B6FD-3600-4DD6-A17A-206B3B6DCE16 + MODULE_TYPE =3D MM_CORE_STANDALONE + VERSION_STRING =3D 1.0 + PI_SPECIFICATION_VERSION =3D 0x00010032 + ENTRY_POINT =3D StandaloneMmMain + +# VALID_ARCHITECTURES =3D IA32 X64 AARCH64 + +[Sources] + StandaloneMmCore.c + StandaloneMmCore.h + StandaloneMmCorePrivateData.h + Page.c + Pool.c + Handle.c + Locate.c + Notify.c + Dependency.c + Dispatcher.c + Mmi.c + InstallConfigurationTable.c + FwVol.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + StandaloneMmPkg/StandaloneMmPkg.dec + +[LibraryClasses] + BaseLib + BaseMemoryLib + CacheMaintenanceLib + DebugLib + ExtractGuidedSectionLib + FvLib + HobLib + MemoryAllocationLib + MemLib + PeCoffLib + ReportStatusCodeLib + StandaloneMmCoreEntryPoint + +[Protocols] + gEfiDxeMmReadyToLockProtocolGuid ## UNDEFINED # SmiHandlerRe= gister + gEfiMmReadyToLockProtocolGuid ## PRODUCES + gEfiMmEndOfDxeProtocolGuid ## PRODUCES + gEfiLoadedImageProtocolGuid ## PRODUCES + gEfiMmConfigurationProtocolGuid ## CONSUMES + +[Guids] + gAprioriGuid ## SOMETIMES_CONSUMES ##= File + gEfiEventDxeDispatchGuid ## PRODUCES ##= GUID # SmiHandlerRegister + gEfiEndOfDxeEventGroupGuid ## PRODUCES ##= GUID # SmiHandlerRegister + ## SOMETIMES_CONSUMES ## GUID # Locate protocol + ## SOMETIMES_PRODUCES ## GUID # SmiHandlerRegister + gEdkiiMemoryProfileGuid + gZeroGuid ## SOMETIMES_CONSUMES ##= GUID + gEfiHobListGuid + gMmCoreDataHobGuid + gMmFvDispatchGuid + gEfiEventLegacyBootGuid + gEfiEventExitBootServicesGuid + gEfiEventReadyToBootGuid + +[BuildOptions] + GCC:*_*_*_DLINK_FLAGS =3D -Wl,-Bsymbolic,-pie,-T,$(MODULE_DIR)/Scripts/S= tMM-PIE.lds diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Mod= uleEntryPoint.S b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch6= 4/ModuleEntryPoint.S new file mode 100644 index 000000000000..90ff4579daa6 --- /dev/null +++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/ModuleEntr= yPoint.S @@ -0,0 +1,103 @@ +// +// Copyright (c) 2011-2013, ARM Limited. All rights reserved. +// Copyright (c) 2015-2020, Linaro Limited. All rights reserved. +// +// SPDX-License-Identifier: BSD-2-Clause-Patent +// +// + +#include +ASM_FUNC(_ModuleEntryPoint) + adr x8, FeaturePcdGet (PcdStMMReloc) + ldrb w9, [x8] + cmp x9, #0 + // If PcdStMMReloc is set to TRUE, go ahead and fixup the relocations he= re + beq .Llaunch + adr x8, __reloc_base + adr x9, __reloc_start + adr x10, __reloc_end + bl ASM_PFX(_DoReloc) +.Llaunch: + b ModuleEntryPoint + +.section .text.reloc, "ax" +ASM_PFX(_DoReloc): + mov x20, x0 + mov x21, x1 + mov x22, x2 + mov x23, x3 + + // Set all of the memory as r/w + adr x11, __stmm_start + adr x2, __stmm_end + ldr x0, =3D0xC4000065 + and x1, x11, #~0x0fff // Align to page + sub x2, x2, x11 + add x2, x2, #0xfff + lsr x2, x2, #12 // nr pages + ldr x3, =3D0x5 // Set perms to r/w + svc #0 + // Prevent speculative execution beyond svc instruction + dsb nsh + isb + +.Lreloc_loop: + cmp x9, x10 + bhs .Lreloc_done + // + // We are built as a ET_DYN PIE executable, so we need to process all + // relative relocations regardless of whether or not we are executing fr= om + // the same offset we were linked at. This is only possible if we are + // running from RAM. + // + // AArch64 uses the ELF64 RELA format, which means each entry in the + // relocation table consists of + // + // UINT64 offset : the relative offset of the value that need= s to + // be relocated + // UINT64 info : relocation type and symbol index (the latt= er is + // not used for R_AARCH64_RELATIVE relocation= s) + // UINT64 addend : value to be added to the value being reloc= ated + // + ldp x11, x12, [x9], #24 // read offset into x11 and info into x12 + cmp x12, #0x403 // check info =3D=3D R_AARCH64_RELATIVE? + bne .Lreloc_loop // not a relative relocation? then skip + ldr x12, [x9, #-8] // read addend into x12 + add x12, x12, x8 // add reloc base to addend to get relocated= value + str x12, [x11, x8] // write relocated value at offset + b .Lreloc_loop + +.Lreloc_done: + // set memory per section + adr x11, __stmm_start + adr x2, __reloc_end + ldr x0, =3D0xC4000065 + and x1, x11, #~0x0fff // Align to page + sub x2, x2, x11 + add x2, x2, #0xfff + lsr x2, x2, #12 // nr pages + ldr x3, =3D0x3 // Set perms to r/x + svc #0 + // Prevent speculative execution beyond svc instruction + dsb nsh + isb + + adr x11, __ro_start + adr x2, __ro_end + ldr x0, =3D0xC4000065 + and x1, x11, #~0x0fff // Align to page + sub x2, x2, x11 + add x2, x2, #0xfff + lsr x2, x2, #12 // nr pages + ldr x3, =3D0x1 // Set perms to r/o + svc #0 + // Prevent speculative execution beyond svc instruction + dsb nsh + isb + + mov x0, x20 + mov x1, x21 + mov x2, x22 + mov x3, x23 + + ret diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Sta= ndaloneMmCoreEntryPoint.c b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPo= int/AArch64/StandaloneMmCoreEntryPoint.c index 20723385113f..57c3162ab5d0 100644 --- a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalone= MmCoreEntryPoint.c +++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalone= MmCoreEntryPoint.c @@ -22,6 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include #include =20 #include @@ -209,7 +210,7 @@ GetSpmVersion (VOID) **/ VOID EFIAPI -_ModuleEntryPoint ( +ModuleEntryPoint ( IN VOID *SharedBufAddress, IN UINT64 SharedBufSize, IN UINT64 cookie1, @@ -238,6 +239,9 @@ _ModuleEntryPoint ( goto finish; } =20 + if (FeaturePcdGet (PcdStMMReloc)) { + goto skip_remap; + } // Locate PE/COFF File information for the Standalone MM core module Status =3D LocateStandaloneMmCorePeCoffData ( (EFI_FIRMWARE_VOLUME_HEADER *) PayloadBootInfo->SpImageBase, @@ -276,6 +280,7 @@ _ModuleEntryPoint ( goto finish; } =20 +skip_remap: // // Create Hoblist based upon boot information passed by privileged softw= are // diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneM= mCoreEntryPoint.inf b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/St= andaloneMmCoreEntryPoint.inf index 891c292e92f8..6659219404a5 100644 --- a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEn= tryPoint.inf +++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEn= tryPoint.inf @@ -25,6 +25,7 @@ AArch64/StandaloneMmCoreEntryPoint.c AArch64/SetPermissions.c AArch64/CreateHobList.c + AArch64/ModuleEntryPoint.S =20 [Packages] MdePkg/MdePkg.dec @@ -48,3 +49,6 @@ gEfiMmPeiMmramMemoryReserveGuid gEfiStandaloneMmNonSecureBufferGuid gEfiArmTfCpuDriverEpDescriptorGuid + +[FeaturePcd] + gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|FALSE diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneM= mCoreEntryPointRelocatable.inf b/StandaloneMmPkg/Library/StandaloneMmCoreEn= tryPoint/StandaloneMmCoreEntryPointRelocatable.inf new file mode 100644 index 000000000000..10cdae1b4018 --- /dev/null +++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEn= tryPointRelocatable.inf @@ -0,0 +1,54 @@ +## @file +# Module entry point library for DXE core. +# +# Copyright (c) 2020, ARM Ltd. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# +## + +[Defines] + INF_VERSION =3D 0x0001001A + BASE_NAME =3D StandaloneMmCoreEntryPoint + FILE_GUID =3D C97AC593-109A-4C63-905C-675FDE2689E8 + MODULE_TYPE =3D MM_CORE_STANDALONE + VERSION_STRING =3D 1.0 + PI_SPECIFICATION_VERSION =3D 0x00010032 + LIBRARY_CLASS =3D StandaloneMmCoreEntryPoint|MM_CORE_ST= ANDALONE + +# +# VALID_ARCHITECTURES =3D IA32 X64 IPF EBC (EBC is for build on= ly) +# + +[Sources.AARCH64] + AArch64/StandaloneMmCoreEntryPoint.c + AArch64/SetPermissions.c + AArch64/CreateHobList.c + AArch64/ModuleEntryPoint.S + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + StandaloneMmPkg/StandaloneMmPkg.dec + +[Packages.AARCH64] + ArmPkg/ArmPkg.dec + ArmPlatformPkg/ArmPlatformPkg.dec + +[LibraryClasses] + BaseLib + DebugLib + +[LibraryClasses.AARCH64] + StandaloneMmMmuLib + ArmSvcLib + +[Guids] + gMpInformationHobGuid + gEfiMmPeiMmramMemoryReserveGuid + gEfiStandaloneMmNonSecureBufferGuid + gEfiArmTfCpuDriverEpDescriptorGuid + +[FeaturePcd] + gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|TRUE diff --git a/StandaloneMmPkg/StandaloneMmPkg.dec b/StandaloneMmPkg/Standalo= neMmPkg.dec index 82cb62568b53..cc572321a5b6 100644 --- a/StandaloneMmPkg/StandaloneMmPkg.dec +++ b/StandaloneMmPkg/StandaloneMmPkg.dec @@ -33,3 +33,5 @@ gEfiStandaloneMmNonSecureBufferGuid =3D { 0xf00497e3, 0xbfa2, 0x41a= 1, { 0x9d, 0x29, 0x54, 0xc2, 0xe9, 0x37, 0x21, 0xc5 }} gEfiArmTfCpuDriverEpDescriptorGuid =3D { 0x6ecbd5a1, 0xc0f8, 0x470= 2, { 0x83, 0x01, 0x4f, 0xc2, 0xc5, 0x47, 0x0a, 0x51 }} =20 +[PcdsFeatureFlag] + gStandaloneMmPkgTokenSpaceGuid.PcdStMMReloc|FALSE|BOOLEAN|0x00000001 --=20 2.27.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#60835): https://edk2.groups.io/g/devel/message/60835 Mute This Topic: https://groups.io/mt/74724586/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-