From nobody Sun Feb 8 19:38:15 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108884+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108884+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171501; cv=none; d=zohomail.com; s=zohoarc; b=Os2MCRq1MKgfvo/6tvjDHJ3JqWZV/EGBowkd8OCWPx/cksms6U9AqGLaNzFnZyQqzRVdk/Zv8d0P1H+uHorQEI5jVcPAZ1yTYaT9uAoKA3ymgZP3FqN9VKC4Tu6luxNAwyBvBaUvc89fEJO5WT2iP6de+0dTu2NqKyLM3F2uL0w= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171501; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=FPj44NynQ9TTrrV1fE+zZBI9CsshGF5EVTS2f9g8veI=; b=IVqT53Vvf2aNTRtkGfeTwdOoRPQ81xWYx6xAmFn/XLPaYpBuX8DK95sIwcy8zC2uESs+EkSwnJ96Iq4jG4GnCdFELe0Q1ctD58VRLUc7i1fWqY2kK92EIRtNU92zvqzX+8IQQxCBTCjEybDPjfB2c3+no93Joil/hWJ31iirYdk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108884+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171501274370.83983835845777; Tue, 19 Sep 2023 17:58:21 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=6wR2YsgX0G7FrsrdLxqa6WnAgkNpS/qn5gllgyLIZw0=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171500; v=1; b=XznFiCWSN4DMvPLbnIZkUXekNrT48vg0XSTqQuWL9WeDIg1gXnFYyuXyNC27gQ/wjdONerho NBqveRei1ik4PMkhkbqcsBrqva0rSMjEHwxW2JCSf1SK0r73N9kNzXEc+5JW6FtBK3MTXmSkJuF YROH4ttKKqx/0F6Yzz0fiivw= X-Received: by 127.0.0.2 with SMTP id iswfYY1788612x6618is2z7n; Tue, 19 Sep 2023 17:58:20 -0700 X-Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by mx.groups.io with SMTP id smtpd.web10.26795.1695171500433385795 for ; Tue, 19 Sep 2023 17:58:20 -0700 X-Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-1c3d6d88231so50443975ad.0 for ; Tue, 19 Sep 2023 17:58:20 -0700 (PDT) X-Gm-Message-State: SVv1U4wXkd4A0K0MWLzevUsDx1787277AA= X-Google-Smtp-Source: AGHT+IFrQvKSjxFPFMxSeyVHp9aMcqjv1LNxUvg5UQ1CLszKTbto5ijjKZFYbO0cNGuSUYKnuFVfTw== X-Received: by 2002:a17:902:c1cc:b0:1bb:7b0a:374 with SMTP id c12-20020a170902c1cc00b001bb7b0a0374mr1103350plc.4.1695171499753; Tue, 19 Sep 2023 17:58:19 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:19 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann Subject: [edk2-devel] [PATCH v4 22/28] OvmfPkg: Add MemoryProtectionConfigLib Date: Tue, 19 Sep 2023 17:57:45 -0700 Message-ID: <20230920005752.2041-23-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171502136100085 Content-Type: text/plain; charset="utf-8" MemoryProtectionConfigLib enables parsing the fw_cfg for the memory protection profile. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann --- OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfigLib.c | = 118 ++++++++++++++++++++ OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc | = 1 + OvmfPkg/Include/Library/MemoryProtectionConfigLib.h | = 49 ++++++++ OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfigLib.inf | = 35 ++++++ OvmfPkg/OvmfPkg.dec | = 4 + 5 files changed, 207 insertions(+) diff --git a/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConf= igLib.c b/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfigL= ib.c new file mode 100644 index 000000000000..b568665f407c --- /dev/null +++ b/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfigLib.c @@ -0,0 +1,118 @@ +/** @file + Parses the fw_cfg file for the DXE and MM memory protection settings pro= file. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +#include +#include +#include +#include +#include + +#define DXE_MEMORY_PROTECTION_PROFILE_FWCFG_FILE \ + "opt/org.tianocore/DxeMemoryProtectionProfile" + +#define MM_MEMORY_PROTECTION_PROFILE_FWCFG_FILE \ + "opt/org.tianocore/MmMemoryProtectionProfile" + +/** + Parses the fw_cfg file for the MM memory protection settings profile. + + @param[in] MmSettings The MM memory protection settings profile to popu= late. + + @retval EFI_SUCCESS The MM memory protection settings profil= e was populated. + @retval EFI_INVALID_PARAMETER MmSettings is NULL. + @retval EFI_ABORTED The MM memory protection settings profil= e name found in + fw_cfg was invalid. + @retval EFI_NOT_FOUND The MM memory protection settings profil= e was not found. +**/ +EFI_STATUS +EFIAPI +ParseFwCfgMmMemoryProtectionSettings ( + IN MM_MEMORY_PROTECTION_SETTINGS *MmSettings + ) +{ + CHAR8 String[100]; + UINTN StringSize; + UINTN Index; + + if (MmSettings =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + StringSize =3D sizeof (String); + + if (!EFI_ERROR (QemuFwCfgParseString (MM_MEMORY_PROTECTION_PROFILE_FWCFG= _FILE, &StringSize, String))) { + Index =3D 0; + do { + if (AsciiStriCmp (MmMemoryProtectionProfiles[Index].Name, String) = =3D=3D 0) { + DEBUG ((DEBUG_INFO, "Setting MM Memory Protection Profile: %a\n", = String)); + break; + } + } while (++Index < MmMemoryProtectionSettingsMax); + + if (Index >=3D MmMemoryProtectionSettingsMax) { + DEBUG ((DEBUG_ERROR, "Invalid MM memory protection profile: %a\n", S= tring)); + ASSERT (Index < MmMemoryProtectionSettingsMax); + return EFI_ABORTED; + } else { + CopyMem (MmSettings, &MmMemoryProtectionProfiles[Index].Settings, si= zeof (MM_MEMORY_PROTECTION_SETTINGS)); + return EFI_SUCCESS; + } + } + + return EFI_NOT_FOUND; +} + +/** + Parses the fw_cfg file for the DXE memory protection settings profile. + + @param[in] DxeSettings The DXE memory protection settings profile to po= pulate. + + @retval EFI_SUCCESS The DXE memory protection settings profi= le was populated. + @retval EFI_INVALID_PARAMETER DxeSettings is NULL. + @retval EFI_ABORTED The DXE memory protection settings profi= le name found in + fw_cfg was invalid. + @retval EFI_NOT_FOUND The DXE memory protection settings profi= le was not found. +**/ +EFI_STATUS +EFIAPI +ParseFwCfgDxeMemoryProtectionSettings ( + IN DXE_MEMORY_PROTECTION_SETTINGS *DxeSettings + ) +{ + CHAR8 String[100]; + UINTN StringSize; + UINTN Index; + + if (DxeSettings =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + StringSize =3D sizeof (String); + + if (!EFI_ERROR (QemuFwCfgParseString (DXE_MEMORY_PROTECTION_PROFILE_FWCF= G_FILE, &StringSize, String))) { + Index =3D 0; + do { + if (AsciiStriCmp (DxeMemoryProtectionProfiles[Index].Name, String) = =3D=3D 0) { + DEBUG ((DEBUG_INFO, "Setting DXE Memory Protection Profile: %a\n",= String)); + break; + } + } while (++Index < DxeMemoryProtectionSettingsMax); + + if (Index >=3D DxeMemoryProtectionSettingsMax) { + DEBUG ((DEBUG_ERROR, "Invalid DXE memory protection profile: %a\n", = String)); + ASSERT (Index < DxeMemoryProtectionSettingsMax); + return EFI_ABORTED; + } else { + CopyMem (DxeSettings, &DxeMemoryProtectionProfiles[Index].Settings, = sizeof (DXE_MEMORY_PROTECTION_SETTINGS)); + return EFI_SUCCESS; + } + } + + return EFI_NOT_FOUND; +} diff --git a/OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc b/OvmfPk= g/Include/Dsc/MemoryProtectionLibraries.dsc.inc index 049fdef3f0c1..fcd8ef23c5a5 100644 --- a/OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc +++ b/OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc @@ -7,6 +7,7 @@ # [LibraryClasses.common] SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/Set= MemoryProtectionsLib.inf + MemoryProtectionConfigLib|OvmfPkg/Library/MemoryProtectionConfigLib/Memo= ryProtectionConfigLib.inf =20 [LibraryClasses.common.SMM_CORE, LibraryClasses.common.DXE_SMM_DRIVER, Lib= raryClasses.common.MM_CORE_STANDALONE, LibraryClasses.common.MM_STANDALONE] GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/MmG= etMemoryProtectionsLib.inf diff --git a/OvmfPkg/Include/Library/MemoryProtectionConfigLib.h b/OvmfPkg/= Include/Library/MemoryProtectionConfigLib.h new file mode 100644 index 000000000000..d30de58001c3 --- /dev/null +++ b/OvmfPkg/Include/Library/MemoryProtectionConfigLib.h @@ -0,0 +1,49 @@ +/** @file + Parses the fw_cfg file for the DXE and MM memory protection settings pro= file. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MEMORY_PROTECTION_CONFIG_LIB_H_ +#define MEMORY_PROTECTION_CONFIG_LIB_H_ + +#include + +#include + +/** + Parses the fw_cfg file for the MM memory protection settings profile. + + @param[in] MmSettings The MM memory protection settings profile to popu= late. + + @retval EFI_SUCCESS The MM memory protection settings profil= e was populated. + @retval EFI_INVALID_PARAMETER MmSettings is NULL. + @retval EFI_ABORTED The MM memory protection settings profil= e name found in + fw_cfg was invalid. + @retval EFI_NOT_FOUND The MM memory protection settings profil= e was not found. +**/ +EFI_STATUS +EFIAPI +ParseFwCfgMmMemoryProtectionSettings ( + IN MM_MEMORY_PROTECTION_SETTINGS *MmSettings + ); + +/** + Parses the fw_cfg file for the DXE memory protection settings profile. + + @param[in] DxeSettings The DXE memory protection settings profile to po= pulate. + + @retval EFI_SUCCESS The DXE memory protection settings profi= le was populated. + @retval EFI_INVALID_PARAMETER DxeSettings is NULL. + @retval EFI_ABORTED The DXE memory protection settings profi= le name found in + fw_cfg was invalid. + @retval EFI_NOT_FOUND The DXE memory protection settings profi= le was not found. +**/ +EFI_STATUS +EFIAPI +ParseFwCfgDxeMemoryProtectionSettings ( + IN DXE_MEMORY_PROTECTION_SETTINGS *DxeSettings + ); + +#endif diff --git a/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConf= igLib.inf b/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfi= gLib.inf new file mode 100644 index 000000000000..0ff431752901 --- /dev/null +++ b/OvmfPkg/Library/MemoryProtectionConfigLib/MemoryProtectionConfigLib.i= nf @@ -0,0 +1,35 @@ +## @file +# Parses the fw_cfg file for the DXE and MM memory protection settings pro= file. +# +# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D MemoryProtectionConfigLib + FILE_GUID =3D 865BFF85-CC3A-43E7-82E1-36E1894BC8EF + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D MemoryProtectionConfigLib|SEC PEI_COR= E PEIM + +# +# The following information is for reference only and not required by the = build +# tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 +# + +[Sources] + MemoryProtectionConfigLib.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + OvmfPkg/OvmfPkg.dec + +[LibraryClasses] + BaseLib + BaseMemoryLib + DebugLib + QemuFwCfgSimpleParserLib diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec index e3861e5c1b39..126be04ca302 100644 --- a/OvmfPkg/OvmfPkg.dec +++ b/OvmfPkg/OvmfPkg.dec @@ -42,6 +42,10 @@ [LibraryClasses] # MemEncryptTdxLib|Include/Library/MemEncryptTdxLib.h =20 + ## @libraryclass Declares helper functions for parsing fw_cfg for + # the memory protection profile strings + MemoryProtectionConfigLib|Include/Library/MemoryProtectionConfigLib.h + ## @libraryclass Handle TPL changes within nested interrupt handlers # NestedInterruptTplLib|Include/Library/NestedInterruptTplLib.h --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108884): https://edk2.groups.io/g/devel/message/108884 Mute This Topic: https://groups.io/mt/101469962/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-