From nobody Tue Feb 10 01:15:38 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+61043+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61043+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1591777079; cv=none; d=zohomail.com; s=zohoarc; b=fSEo7FdtmfCforEZenL2c1eeBb5z/5TLRJR/fpWhf4cjj9aKh5k7Bfj+/EPfb+YqKTwiegsu2OwDnQVtxDgOBUCwl7Xf/9M74P3sV+06YVNTM+d2xh+uxN0p63d+tt4Lu8eggM6sOKbVUHlNHV8iKC+2Rs2cV5W83j/5M7t88iY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591777079; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=ZytpzQk1O+TptUu8GV/DfEUIhCAcaR4vPkn+F5dtKa0=; b=aN5EwRijVrII8jtuVUDpX5XJMA0UigPDVH0/HIUYWDCTKX7oqr3HyJ2SPIgE9hdsp9H15+4eScelymVQQcv5qRQVn2C8WgOMya0HDTd1cB6Om4VJ9iEKTY6iUYhP7JiDN4ueDgATlOvJ895PTzfNtD3Vu8S1ft52/0nX7SuVug0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+61043+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1591777079902794.0634736938747; Wed, 10 Jun 2020 01:17:59 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id P5qjYY1788612xybuQ39rQI4; Wed, 10 Jun 2020 01:17:59 -0700 X-Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web12.6159.1591777078941542949 for ; Wed, 10 Jun 2020 01:17:59 -0700 X-Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9C90931B; Wed, 10 Jun 2020 01:17:58 -0700 (PDT) X-Received: from localhost.localdomain (unknown [10.37.8.184]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 116533F6CF; Wed, 10 Jun 2020 01:17:56 -0700 (PDT) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael D Kinney , Liming Gao , Jiewen Yao , Sami Mujawar , Ilias Apalodimas Subject: [edk2-devel] [PATCH 5/5] StandaloneMmPkg/StandaloneMmCoreEntryPoint: relocate StMM core on the fly Date: Wed, 10 Jun 2020 10:17:40 +0200 Message-Id: <20200610081740.54581-6-ard.biesheuvel@arm.com> In-Reply-To: <20200610081740.54581-1-ard.biesheuvel@arm.com> References: <20200610081740.54581-1-ard.biesheuvel@arm.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ard.biesheuvel@arm.com X-Gm-Message-State: gGVAYmO2s6JCHfMMCGgdsuzax1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1591777079; bh=po9XjGAs/iJdon+lBA2/0dQxTTFfpxkkG25omhQ9DEE=; h=Cc:Date:From:Reply-To:Subject:To; b=BL27qAdVo8EG4hLOaa2b8wHxz2FJHGt4eJ3/ttSCnbIRJQyJj+whZDl3LKTB1gB67i2 5ZIaGpc97mEWFLZdkKnGwfwn8PSAqlOO8nySwTHqSHYj3XMdqFEQKIdR/MWiN9fnH37us kayheNnndGtjkWomL7vmcNRaKuhK8UlW/Fg= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" Apply PE/COFF fixups when starting up the standalone MM core, so that it can execute at any address regardless of the link time address. Note that this requires the PE/COFF image to be emitted with its relocation section preserved. Special care is taken to ensure that TE images are dealt with correctly as well. Signed-off-by: Ard Biesheuvel Acked-by: Jiewen Yao Reviewed-by: Sami Mujawar --- StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h = | 2 ++ StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermissions.= c | 11 +++++++--- StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCor= eEntryPoint.c | 22 ++++++++++++++++++++ 3 files changed, 32 insertions(+), 3 deletions(-) diff --git a/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryP= oint.h b/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint= .h index 494bcf3dc28f..a3420699e6f1 100644 --- a/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h +++ b/StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h @@ -82,6 +82,7 @@ EFI_STATUS EFIAPI UpdateMmFoundationPeCoffPermissions ( IN CONST PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext, + IN EFI_PHYSICAL_ADDRESS ImageBase, IN UINT32 SectionHeaderOffset, IN CONST UINT16 NumberOfSections, IN REGION_PERMISSION_UPDATE_FUNC TextUpdater, @@ -107,6 +108,7 @@ EFIAPI GetStandaloneMmCorePeCoffSections ( IN VOID *TeData, IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext, + OUT EFI_PHYSICAL_ADDRESS *ImageBase, IN OUT UINT32 *SectionHeaderOffset, IN OUT UINT16 *NumberOfSections ); diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Set= Permissions.c b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/= SetPermissions.c index 00f49c9d0558..bf9650d54629 100644 --- a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermiss= ions.c +++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermiss= ions.c @@ -29,6 +29,7 @@ EFI_STATUS EFIAPI UpdateMmFoundationPeCoffPermissions ( IN CONST PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext, + IN EFI_PHYSICAL_ADDRESS ImageBase, IN UINT32 SectionHeaderOffset, IN CONST UINT16 NumberOfSections, IN REGION_PERMISSION_UPDATE_FUNC TextUpdater, @@ -87,7 +88,7 @@ UpdateMmFoundationPeCoffPermissions ( // if it is a writeable section then mark it appropriately as well. // if ((SectionHeader.Characteristics & EFI_IMAGE_SCN_MEM_EXECUTE) =3D=3D= 0) { - Base =3D ImageContext->ImageAddress + SectionHeader.VirtualAddress; + Base =3D ImageBase + SectionHeader.VirtualAddress; =20 TextUpdater (Base, SectionHeader.Misc.VirtualSize); =20 @@ -153,6 +154,7 @@ STATIC EFI_STATUS GetPeCoffSectionInformation ( IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext, + OUT EFI_PHYSICAL_ADDRESS *ImageBase, OUT UINT32 *SectionHeaderOffset, OUT UINT16 *NumberOfSections ) @@ -212,6 +214,7 @@ GetPeCoffSectionInformation ( return Status; } =20 + *ImageBase =3D ImageContext->ImageAddress; if (!ImageContext->IsTeImage) { ASSERT (Hdr.Pe32->Signature =3D=3D EFI_IMAGE_NT_SIGNATURE); =20 @@ -232,7 +235,7 @@ GetPeCoffSectionInformation ( } else { *SectionHeaderOffset =3D (UINTN)(sizeof (EFI_TE_IMAGE_HEADER)); *NumberOfSections =3D Hdr.Te->NumberOfSections; - ImageContext->ImageAddress -=3D (UINT32)Hdr.Te->StrippedSize - sizeof = (EFI_TE_IMAGE_HEADER); + *ImageBase -=3D (UINT32)Hdr.Te->StrippedSize - sizeof (EFI_TE_IMAGE_HE= ADER); } return RETURN_SUCCESS; } @@ -242,6 +245,7 @@ EFIAPI GetStandaloneMmCorePeCoffSections ( IN VOID *TeData, IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext, + OUT EFI_PHYSICAL_ADDRESS *ImageBase, IN OUT UINT32 *SectionHeaderOffset, IN OUT UINT16 *NumberOfSections ) @@ -255,7 +259,8 @@ GetStandaloneMmCorePeCoffSections ( =20 DEBUG ((DEBUG_INFO, "Found Standalone MM PE data - 0x%x\n", TeData)); =20 - Status =3D GetPeCoffSectionInformation (ImageContext, SectionHeaderOffse= t, NumberOfSections); + Status =3D GetPeCoffSectionInformation (ImageContext, ImageBase, + SectionHeaderOffset, NumberOfSections); if (EFI_ERROR (Status)) { DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM Core PE-COFF Sect= ion information - %r\n", Status)); return Status; diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Sta= ndaloneMmCoreEntryPoint.c b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPo= int/AArch64/StandaloneMmCoreEntryPoint.c index 20723385113f..9cecfa667b90 100644 --- a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalone= MmCoreEntryPoint.c +++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standalone= MmCoreEntryPoint.c @@ -225,6 +225,7 @@ _ModuleEntryPoint ( VOID *HobStart; VOID *TeData; UINTN TeDataSize; + EFI_PHYSICAL_ADDRESS ImageBase; =20 // Get Secure Partition Manager Version Information Status =3D GetSpmVersion (); @@ -253,6 +254,7 @@ _ModuleEntryPoint ( Status =3D GetStandaloneMmCorePeCoffSections ( TeData, &ImageContext, + &ImageBase, &SectionHeaderOffset, &NumberOfSections ); @@ -261,10 +263,21 @@ _ModuleEntryPoint ( goto finish; } =20 + // + // ImageBase may deviate from ImageContext.ImageAddress if we are dealing + // with a TE image, in which case the latter points to the actual offset + // of the image, whereas ImageBase refers to the address where the image + // would start if the stripped PE headers were still in place. In either + // case, we need to fix up ImageBase so it refers to the actual current + // load address. + // + ImageBase +=3D (UINTN)TeData - ImageContext.ImageAddress; + // Update the memory access permissions of individual sections in the // Standalone MM core module Status =3D UpdateMmFoundationPeCoffPermissions ( &ImageContext, + ImageBase, SectionHeaderOffset, NumberOfSections, ArmSetMemoryRegionNoExec, @@ -276,6 +289,15 @@ _ModuleEntryPoint ( goto finish; } =20 + if (ImageContext.ImageAddress !=3D (UINTN)TeData) { + ImageContext.ImageAddress =3D (UINTN)TeData; + ArmSetMemoryRegionNoExec (ImageBase, SIZE_4KB); + ArmClearMemoryRegionReadOnly (ImageBase, SIZE_4KB); + + Status =3D PeCoffLoaderRelocateImage (&ImageContext); + ASSERT_EFI_ERROR (Status); + } + // // Create Hoblist based upon boot information passed by privileged softw= are // --=20 2.26.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#61043): https://edk2.groups.io/g/devel/message/61043 Mute This Topic: https://groups.io/mt/74792292/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-