From: Michael Kubacki <michael.a.kuba...@intel.com>

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614

Adds a PEIM that republishes structures produced in SEC. This
is done because SEC modules may not be shadowed in some platforms
due to space constraints or special alignment requirements. The
SecMigrationPei module locates interfaces that may be published in
SEC and reinstalls the interface with permanent memory addresses.

This is important if pre-memory address access is forbidden after
memory initialization and data such as a PPI descriptor, PPI GUID,
or PPI inteface reside in pre-memory.

Cc: Eric Dong <eric.d...@intel.com>
Cc: Ray Ni <ray...@intel.com>
Cc: Laszlo Ersek <ler...@redhat.com>
Cc: Rahul Kumar <rahul1.ku...@intel.com>
Cc: Debkumar De <debkumar...@intel.com>
Cc: Harry Han <harry....@intel.com>
Cc: Catharine West <catharine.w...@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kuba...@intel.com>
---
 UefiCpuPkg/Include/Ppi/RepublishSecPpi.h      |  54 +++
 UefiCpuPkg/SecCore/SecCore.inf                |   2 +
 UefiCpuPkg/SecCore/SecMain.c                  |  26 +-
 UefiCpuPkg/SecCore/SecMain.h                  |   1 +
 UefiCpuPkg/SecMigrationPei/SecMigrationPei.c  | 372 ++++++++++++++++++
 UefiCpuPkg/SecMigrationPei/SecMigrationPei.h  | 170 ++++++++
 .../SecMigrationPei/SecMigrationPei.inf       |  64 +++
 .../SecMigrationPei/SecMigrationPei.uni       |  13 +
 UefiCpuPkg/UefiCpuPkg.dec                     |   4 +
 UefiCpuPkg/UefiCpuPkg.dsc                     |   1 +
 10 files changed, 705 insertions(+), 2 deletions(-)
 create mode 100644 UefiCpuPkg/Include/Ppi/RepublishSecPpi.h
 create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.c
 create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.h
 create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf
 create mode 100644 UefiCpuPkg/SecMigrationPei/SecMigrationPei.uni

diff --git a/UefiCpuPkg/Include/Ppi/RepublishSecPpi.h 
b/UefiCpuPkg/Include/Ppi/RepublishSecPpi.h
new file mode 100644
index 000000000000..6fb9f1b005b4
--- /dev/null
+++ b/UefiCpuPkg/Include/Ppi/RepublishSecPpi.h
@@ -0,0 +1,54 @@
+/** @file
+  This file declares Sec Platform Information PPI.
+
+  This service is the primary handoff state into the PEI Foundation.
+  The Security (SEC) component creates the early, transitory memory
+  environment and also encapsulates knowledge of at least the
+  location of the Boot Firmware Volume (BFV).
+
+  Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+  @par Revision Reference:
+  This PPI is introduced in PI Version 1.0.
+
+**/
+
+#ifndef __REPUBLISH_SEC_PPI_H__
+#define __REPUBLISH_SEC_PPI_H__
+
+#include <Pi/PiPeiCis.h>
+
+#define REPUBLISH_SEC_PPI_PPI_GUID \
+  { \
+    0x27a71b1e, 0x73ee, 0x43d6, { 0xac, 0xe3, 0x52, 0x1a, 0x2d, 0xc5, 0xd0, 
0x92 } \
+  }
+
+typedef struct _REPUBLISH_SEC_PPI_PPI REPUBLISH_SEC_PPI_PPI;
+
+/**
+  This interface re-installs PPIs installed in SecCore from a post-memory PEIM.
+
+  This is to allow a platform that may not support relocation of SecCore to 
update the PPI instance to a post-memory
+  copy from a PEIM that has been shadowed to permanent memory.
+
+  @retval EFI_SUCCESS    The SecCore PPIs were re-installed successfully.
+  @retval Others         An error occurred re-installing the SecCore PPIs.
+
+**/
+typedef
+EFI_STATUS
+(EFIAPI *REPUBLISH_SEC_PPI_REPUBLISH_SEC_PPIS)(
+  VOID
+  );
+
+///
+///
+///
+struct _REPUBLISH_SEC_PPI_PPI {
+  REPUBLISH_SEC_PPI_REPUBLISH_SEC_PPIS  RepublishSecPpis;
+};
+
+extern EFI_GUID gRepublishSecPpiPpiGuid;
+
+#endif
diff --git a/UefiCpuPkg/SecCore/SecCore.inf b/UefiCpuPkg/SecCore/SecCore.inf
index 0562820c95e0..545781d6b4b3 100644
--- a/UefiCpuPkg/SecCore/SecCore.inf
+++ b/UefiCpuPkg/SecCore/SecCore.inf
@@ -68,6 +68,8 @@ [Ppis]
   ## SOMETIMES_CONSUMES
   gPeiSecPerformancePpiGuid
   gEfiPeiCoreFvLocationPpiGuid
+  ## CONSUMES
+  gRepublishSecPpiPpiGuid
 
 [Guids]
   ## SOMETIMES_PRODUCES   ## HOB
diff --git a/UefiCpuPkg/SecCore/SecMain.c b/UefiCpuPkg/SecCore/SecMain.c
index 5d5e7f17dced..155be49a6011 100644
--- a/UefiCpuPkg/SecCore/SecMain.c
+++ b/UefiCpuPkg/SecCore/SecMain.c
@@ -370,13 +370,35 @@ SecTemporaryRamDone (
   VOID
   )
 {
-  BOOLEAN  State;
+  EFI_STATUS                    Status;
+  EFI_STATUS                    Status2;
+  UINTN                         Index;
+  BOOLEAN                       State;
+  EFI_PEI_PPI_DESCRIPTOR        *PeiPpiDescriptor;
+  REPUBLISH_SEC_PPI_PPI         *RepublishSecPpiPpi;
 
   //
   // Republish Sec Platform Information(2) PPI
   //
   RepublishSecPlatformInformationPpi ();
 
+  //
+  // Re-install SEC PPIs using a PEIM produced service if published
+  //
+  for (Index = 0, Status = EFI_SUCCESS; Status == EFI_SUCCESS; Index++) {
+    Status = PeiServicesLocatePpi (
+               &gRepublishSecPpiPpiGuid,
+               Index,
+               &PeiPpiDescriptor,
+               (VOID **) &RepublishSecPpiPpi
+               );
+    if (!EFI_ERROR (Status)) {
+      DEBUG ((DEBUG_INFO, "Calling RepublishSecPpi instance %d.\n", Index));
+      Status2 = RepublishSecPpiPpi->RepublishSecPpis ();
+      ASSERT_EFI_ERROR (Status2);
+    }
+  }
+
   //
   // Migrate DebugAgentContext.
   //
@@ -385,7 +407,7 @@ SecTemporaryRamDone (
   //
   // Disable interrupts and save current interrupt state
   //
-  State = SaveAndDisableInterrupts();
+  State = SaveAndDisableInterrupts ();
 
   //
   // Disable Temporary RAM after Stack and Heap have been migrated at this 
point.
diff --git a/UefiCpuPkg/SecCore/SecMain.h b/UefiCpuPkg/SecCore/SecMain.h
index e8c05d713668..e20bcf86532c 100644
--- a/UefiCpuPkg/SecCore/SecMain.h
+++ b/UefiCpuPkg/SecCore/SecMain.h
@@ -15,6 +15,7 @@
 #include <Ppi/TemporaryRamDone.h>
 #include <Ppi/SecPerformance.h>
 #include <Ppi/PeiCoreFvLocation.h>
+#include <Ppi/RepublishSecPpi.h>
 
 #include <Guid/FirmwarePerformance.h>
 
diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.c 
b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.c
new file mode 100644
index 000000000000..f96013b09b21
--- /dev/null
+++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.c
@@ -0,0 +1,372 @@
+/** @file
+  Migrates SEC structures after permanent memory is installed.
+
+  Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Base.h>
+
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/HobLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/PeiServicesLib.h>
+#include <Library/PeiServicesTablePointerLib.h>
+
+#include "SecMigrationPei.h"
+
+STATIC REPUBLISH_SEC_PPI_PPI  mEdkiiRepublishSecPpiPpi = {
+                                RepublishSecPpis
+                                };
+
+GLOBAL_REMOVE_IF_UNREFERENCED EFI_SEC_PLATFORM_INFORMATION_PPI  
mSecPlatformInformationPostMemoryPpi = {
+                                                                  
SecPlatformInformationPostMemory
+                                                                  };
+
+
+GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_TEMPORARY_RAM_DONE_PPI 
mSecTemporaryRamDonePostMemoryPpi = {
+                                                               
SecTemporaryRamDonePostMemory
+                                                               };
+
+GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI 
mSecTemporaryRamSupportPostMemoryPpi = {
+                                                                  
SecTemporaryRamSupportPostMemory
+                                                                  };
+
+GLOBAL_REMOVE_IF_UNREFERENCED PEI_SEC_PERFORMANCE_PPI mSecPerformancePpi = {
+                                                        
GetPerformancePostMemory
+                                                        };
+
+STATIC EFI_PEI_PPI_DESCRIPTOR mEdkiiRepublishSecPpiDescriptor = {
+  (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
+  &gRepublishSecPpiPpiGuid,
+  &mEdkiiRepublishSecPpiPpi
+  };
+
+GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR 
mSecPlatformInformationPostMemoryDescriptor = {
+  (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
+  &gEfiSecPlatformInformationPpiGuid,
+  &mSecPlatformInformationPostMemoryPpi
+  };
+
+GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR 
mSecTemporaryRamDonePostMemoryDescriptor = {
+  (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
+  &gEfiTemporaryRamDonePpiGuid,
+  &mSecTemporaryRamDonePostMemoryPpi
+  };
+
+GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR 
mSecTemporaryRamSupportPostMemoryDescriptor = {
+  (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
+  &gEfiTemporaryRamSupportPpiGuid,
+  &mSecTemporaryRamSupportPostMemoryPpi
+  };
+
+GLOBAL_REMOVE_IF_UNREFERENCED EFI_PEI_PPI_DESCRIPTOR 
mSecPerformancePpiDescriptor = {
+  (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
+  &gPeiSecPerformancePpiGuid,
+  &mSecPerformancePpi
+  };
+
+/**
+  Disables the use of Temporary RAM.
+
+  If present, this service is invoked by the PEI Foundation after
+  the EFI_PEI_PERMANANT_MEMORY_INSTALLED_PPI is installed.
+
+  @retval EFI_SUCCESS           Use of Temporary RAM was disabled.
+  @retval EFI_INVALID_PARAMETER Temporary RAM could not be disabled.
+
+**/
+EFI_STATUS
+EFIAPI
+SecTemporaryRamDonePostMemory (
+  VOID
+  )
+{
+  //
+  // Temporary RAM Done is already done in post-memory
+  // install a stub function that is located in permanent memory
+  //
+  return EFI_SUCCESS;
+}
+
+/**
+  This service of the EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI that migrates 
temporary RAM into
+  permanent memory.
+
+  @param PeiServices            Pointer to the PEI Services Table.
+  @param TemporaryMemoryBase    Source Address in temporary memory from which 
the SEC or PEIM will copy the
+                                Temporary RAM contents.
+  @param PermanentMemoryBase    Destination Address in permanent memory into 
which the SEC or PEIM will copy the
+                                Temporary RAM contents.
+  @param CopySize               Amount of memory to migrate from temporary to 
permanent memory.
+
+  @retval EFI_SUCCESS           The data was successfully returned.
+  @retval EFI_INVALID_PARAMETER PermanentMemoryBase + CopySize > 
TemporaryMemoryBase when
+                                TemporaryMemoryBase > PermanentMemoryBase.
+
+**/
+EFI_STATUS
+EFIAPI
+SecTemporaryRamSupportPostMemory (
+  IN CONST EFI_PEI_SERVICES   **PeiServices,
+  IN EFI_PHYSICAL_ADDRESS     TemporaryMemoryBase,
+  IN EFI_PHYSICAL_ADDRESS     PermanentMemoryBase,
+  IN UINTN                    CopySize
+  )
+{
+  //
+  // Temporary RAM Support is already done in post-memory
+  // install a stub function that is located in permanent memory
+  //
+  return EFI_SUCCESS;
+}
+
+/**
+  This interface conveys performance information out of the Security (SEC) 
phase into PEI.
+
+  This service is published by the SEC phase. The SEC phase handoff has an 
optional
+  EFI_PEI_PPI_DESCRIPTOR list as its final argument when control is passed 
from SEC into the
+  PEI Foundation. As such, if the platform supports collecting performance 
data in SEC,
+  this information is encapsulated into the data structure abstracted by this 
service.
+  This information is collected for the boot-strap processor (BSP) on IA-32.
+
+  @param[in]  PeiServices  The pointer to the PEI Services Table.
+  @param[in]  This         The pointer to this instance of the 
PEI_SEC_PERFORMANCE_PPI.
+  @param[out] Performance  The pointer to performance data collected in SEC 
phase.
+
+  @retval EFI_SUCCESS      The performance data was successfully returned.
+
+**/
+EFI_STATUS
+EFIAPI
+GetPerformancePostMemory (
+  IN CONST EFI_PEI_SERVICES          **PeiServices,
+  IN       PEI_SEC_PERFORMANCE_PPI   *This,
+  OUT      FIRMWARE_SEC_PERFORMANCE  *Performance
+  )
+{
+  SEC_PLATFORM_INFORMATION_CONTEXT_HOB  *SecPlatformInformationContexHob;
+
+  if (This == NULL || Performance == NULL) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  SecPlatformInformationContexHob = GetFirstGuidHob (&gEfiCallerIdGuid);
+  if (SecPlatformInformationContexHob == NULL) {
+    return EFI_NOT_FOUND;
+  }
+
+  Performance->ResetEnd = 
SecPlatformInformationContexHob->FirmwareSecPerformance.ResetEnd;
+
+  return EFI_SUCCESS;
+}
+
+/**
+  This interface conveys state information out of the Security (SEC) phase 
into PEI.
+
+  @param[in]     PeiServices               Pointer to the PEI Services Table.
+  @param[in,out] StructureSize             Pointer to the variable describing 
size of the input buffer.
+  @param[out]    PlatformInformationRecord Pointer to the 
EFI_SEC_PLATFORM_INFORMATION_RECORD.
+
+  @retval EFI_SUCCESS           The data was successfully returned.
+  @retval EFI_BUFFER_TOO_SMALL  The buffer was too small.
+
+**/
+EFI_STATUS
+EFIAPI
+SecPlatformInformationPostMemory (
+  IN CONST EFI_PEI_SERVICES                     **PeiServices,
+  IN OUT   UINT64                               *StructureSize,
+     OUT   EFI_SEC_PLATFORM_INFORMATION_RECORD  *PlatformInformationRecord
+  )
+{
+  SEC_PLATFORM_INFORMATION_CONTEXT_HOB  *SecPlatformInformationContexHob;
+
+  if (StructureSize == NULL) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  SecPlatformInformationContexHob = GetFirstGuidHob (&gEfiCallerIdGuid);
+  if (SecPlatformInformationContexHob == NULL) {
+    return EFI_NOT_FOUND;
+  }
+
+  if (*StructureSize < SecPlatformInformationContexHob->Context.StructureSize) 
{
+    *StructureSize = SecPlatformInformationContexHob->Context.StructureSize;
+    return EFI_BUFFER_TOO_SMALL;
+  }
+
+  if (PlatformInformationRecord == NULL) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  *StructureSize = SecPlatformInformationContexHob->Context.StructureSize;
+  CopyMem (
+    (VOID *) PlatformInformationRecord,
+    (VOID *) 
SecPlatformInformationContexHob->Context.PlatformInformationRecord,
+    (UINTN) SecPlatformInformationContexHob->Context.StructureSize
+    );
+
+  return EFI_SUCCESS;
+}
+
+/**
+  This interface re-installs PPIs installed in SecCore from a post-memory PEIM.
+
+  This is to allow a platform that may not support relocation of SecCore to 
update the PPI instance to a post-memory
+  copy from a PEIM that has been shadowed to permanent memory.
+
+  @retval EFI_SUCCESS    The SecCore PPIs were re-installed successfully.
+  @retval Others         An error occurred re-installing the SecCore PPIs.
+
+**/
+EFI_STATUS
+EFIAPI
+RepublishSecPpis (
+  VOID
+  )
+{
+  EFI_STATUS                            Status;
+  EFI_PEI_PPI_DESCRIPTOR                *PeiPpiDescriptor;
+  VOID                                  *PeiPpi;
+  SEC_PLATFORM_INFORMATION_CONTEXT_HOB  *SecPlatformInformationContextHob;
+  EFI_SEC_PLATFORM_INFORMATION_RECORD   *SecPlatformInformationPtr;
+  UINT64                                SecStructureSize;
+
+  SecPlatformInformationPtr = NULL;
+  SecStructureSize = 0;
+
+  Status = PeiServicesLocatePpi (
+             &gEfiTemporaryRamDonePpiGuid,
+             0,
+             &PeiPpiDescriptor,
+             (VOID **) &PeiPpi
+             );
+  if (!EFI_ERROR (Status)) {
+    Status = PeiServicesReInstallPpi (
+               PeiPpiDescriptor,
+               &mSecTemporaryRamDonePostMemoryDescriptor
+               );
+    ASSERT_EFI_ERROR (Status);
+  }
+
+  Status = PeiServicesLocatePpi (
+             &gEfiTemporaryRamSupportPpiGuid,
+             0,
+             &PeiPpiDescriptor,
+             (VOID **) &PeiPpi
+             );
+  if (!EFI_ERROR (Status)) {
+    Status = PeiServicesReInstallPpi (
+               PeiPpiDescriptor,
+               &mSecTemporaryRamSupportPostMemoryDescriptor
+               );
+    ASSERT_EFI_ERROR (Status);
+  }
+
+  Status = PeiServicesCreateHob (
+             EFI_HOB_TYPE_GUID_EXTENSION,
+             sizeof (SEC_PLATFORM_INFORMATION_CONTEXT_HOB),
+             (VOID **) &SecPlatformInformationContextHob
+             );
+  ASSERT_EFI_ERROR (Status);
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "SecPlatformInformation Context HOB could not be 
created.\n"));
+    return Status;
+  }
+
+  SecPlatformInformationContextHob->Header.Name = gEfiCallerIdGuid;
+  SecPlatformInformationContextHob->Revision    = 1;
+
+  Status = PeiServicesLocatePpi (
+             &gPeiSecPerformancePpiGuid,
+             0,
+             &PeiPpiDescriptor,
+             (VOID **) &PeiPpi
+             );
+  if (!EFI_ERROR (Status)) {
+    Status = ((PEI_SEC_PERFORMANCE_PPI *) PeiPpi)->GetPerformance (
+                                                     
GetPeiServicesTablePointer (),
+                                                     (PEI_SEC_PERFORMANCE_PPI 
*) PeiPpi,
+                                                     
&SecPlatformInformationContextHob->FirmwareSecPerformance
+                                                     );
+    ASSERT_EFI_ERROR (Status);
+    if (!EFI_ERROR (Status)) {
+      Status = PeiServicesReInstallPpi (
+                 PeiPpiDescriptor,
+                 &mSecPerformancePpiDescriptor
+                 );
+      ASSERT_EFI_ERROR (Status);
+    }
+  }
+
+  Status = PeiServicesLocatePpi (
+             &gEfiSecPlatformInformationPpiGuid,
+             0,
+             &PeiPpiDescriptor,
+             (VOID **) &PeiPpi
+             );
+  if (!EFI_ERROR (Status)) {
+    Status = ((EFI_SEC_PLATFORM_INFORMATION_PPI *) 
PeiPpi)->PlatformInformation (
+                                                              
GetPeiServicesTablePointer (),
+                                                              
&SecStructureSize,
+                                                              
SecPlatformInformationPtr
+                                                              );
+    ASSERT (Status == EFI_BUFFER_TOO_SMALL);
+    if (Status != EFI_BUFFER_TOO_SMALL) {
+      return EFI_NOT_FOUND;
+    }
+
+    ZeroMem ((VOID *) &(SecPlatformInformationContextHob->Context), sizeof 
(SEC_PLATFORM_INFORMATION_CONTEXT));
+    SecPlatformInformationContextHob->Context.PlatformInformationRecord = 
AllocatePool ((UINTN) SecStructureSize);
+    ASSERT 
(SecPlatformInformationContextHob->Context.PlatformInformationRecord != NULL);
+    if (SecPlatformInformationContextHob->Context.PlatformInformationRecord == 
NULL) {
+      return EFI_OUT_OF_RESOURCES;
+    }
+    SecPlatformInformationContextHob->Context.StructureSize = SecStructureSize;
+
+    Status = ((EFI_SEC_PLATFORM_INFORMATION_PPI *) 
PeiPpi)->PlatformInformation (
+                                                              
GetPeiServicesTablePointer (),
+                                                              
&(SecPlatformInformationContextHob->Context.StructureSize),
+                                                              
SecPlatformInformationContextHob->Context.PlatformInformationRecord
+                                                              );
+    ASSERT_EFI_ERROR (Status);
+    if (!EFI_ERROR (Status)) {
+      Status = PeiServicesReInstallPpi (
+                 PeiPpiDescriptor,
+                 &mSecPlatformInformationPostMemoryDescriptor
+                 );
+      ASSERT_EFI_ERROR (Status);
+    }
+  }
+
+  return EFI_SUCCESS;
+}
+
+/**
+  This function is the entry point which installs an instance of 
REPUBLISH_SEC_PPI_PPI.
+
+  @param[in]  FileHandle   Pointer to image file handle.
+  @param[in]  PeiServices  Pointer to PEI Services Table
+
+  @retval EFI_SUCCESS  An instance of REPUBLISH_SEC_PPI_PPI was installed 
successfully.
+  @retval Others       An error occurred installing and instance of 
REPUBLISH_SEC_PPI_PPI.
+
+**/
+EFI_STATUS
+EFIAPI
+SecMigrationPeiInitialize (
+  IN EFI_PEI_FILE_HANDLE     FileHandle,
+  IN CONST EFI_PEI_SERVICES  **PeiServices
+  )
+{
+  EFI_STATUS  Status;
+
+  Status = PeiServicesInstallPpi (&mEdkiiRepublishSecPpiDescriptor);
+  ASSERT_EFI_ERROR (Status);
+
+  return Status;
+}
diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.h 
b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.h
new file mode 100644
index 000000000000..372f8044bdb2
--- /dev/null
+++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.h
@@ -0,0 +1,170 @@
+/** @file
+  Migrates SEC structures after permanent memory is installed.
+
+  Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __SEC_MIGRATION_H__
+#define __SEC_MIGRATION_H__
+
+#include <Base.h>
+
+#include <Pi/PiPeiCis.h>
+#include <Ppi/RepublishSecPpi.h>
+#include <Ppi/SecPerformance.h>
+#include <Ppi/SecPlatformInformation.h>
+#include <Ppi/SecPlatformInformation2.h>
+#include <Ppi/TemporaryRamDone.h>
+#include <Ppi/TemporaryRamSupport.h>
+
+/**
+  This interface conveys state information out of the Security (SEC) phase 
into PEI.
+
+  @param[in]     PeiServices               Pointer to the PEI Services Table.
+  @param[in,out] StructureSize             Pointer to the variable describing 
size of the input buffer.
+  @param[out]    PlatformInformationRecord Pointer to the 
EFI_SEC_PLATFORM_INFORMATION_RECORD.
+
+  @retval EFI_SUCCESS           The data was successfully returned.
+  @retval EFI_BUFFER_TOO_SMALL  The buffer was too small.
+
+**/
+EFI_STATUS
+EFIAPI
+SecPlatformInformationPostMemory (
+  IN CONST EFI_PEI_SERVICES                     **PeiServices,
+  IN OUT   UINT64                               *StructureSize,
+     OUT   EFI_SEC_PLATFORM_INFORMATION_RECORD  *PlatformInformationRecord
+  );
+
+/**
+  Re-installs the SEC Platform Information PPIs to implementation in this 
module to support post-memory.
+
+  @param[in] PeiServices       An indirect pointer to the EFI_PEI_SERVICES 
table published by the PEI Foundation.
+  @param[in] NotifyDescriptor  Address of the notification descriptor data 
structure.
+  @param[in] Ppi               Address of the PPI that was installed.
+
+  @retval EFI_SUCCESS          The SEC Platform Information PPI could not be 
re-installed.
+  @return Others               An error occurred during PPI re-install.
+
+**/
+EFI_STATUS
+EFIAPI
+SecPlatformInformationPpiNotifyCallback (
+  IN EFI_PEI_SERVICES              **PeiServices,
+  IN EFI_PEI_NOTIFY_DESCRIPTOR     *NotifyDescriptor,
+  IN VOID                          *Ppi
+  );
+
+/**
+  This interface re-installs PPIs installed in SecCore from a post-memory PEIM.
+
+  This is to allow a platform that may not support relocation of SecCore to 
update the PPI instance to a post-memory
+  copy from a PEIM that has been shadowed to permanent memory.
+
+  @retval EFI_SUCCESS    The SecCore PPIs were re-installed successfully.
+  @retval Others         An error occurred re-installing the SecCore PPIs.
+
+**/
+EFI_STATUS
+EFIAPI
+RepublishSecPpis (
+  VOID
+  );
+
+/**
+  Disables the use of Temporary RAM.
+
+  If present, this service is invoked by the PEI Foundation after
+  the EFI_PEI_PERMANANT_MEMORY_INSTALLED_PPI is installed.
+
+  @retval EFI_SUCCESS           Use of Temporary RAM was disabled.
+  @retval EFI_INVALID_PARAMETER Temporary RAM could not be disabled.
+
+**/
+EFI_STATUS
+EFIAPI
+SecTemporaryRamDonePostMemory (
+  VOID
+  );
+
+/**
+  This service of the EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI that migrates 
temporary RAM into
+  permanent memory.
+
+  @param PeiServices            Pointer to the PEI Services Table.
+  @param TemporaryMemoryBase    Source Address in temporary memory from which 
the SEC or PEIM will copy the
+                                Temporary RAM contents.
+  @param PermanentMemoryBase    Destination Address in permanent memory into 
which the SEC or PEIM will copy the
+                                Temporary RAM contents.
+  @param CopySize               Amount of memory to migrate from temporary to 
permanent memory.
+
+  @retval EFI_SUCCESS           The data was successfully returned.
+  @retval EFI_INVALID_PARAMETER PermanentMemoryBase + CopySize > 
TemporaryMemoryBase when
+                                TemporaryMemoryBase > PermanentMemoryBase.
+
+**/
+EFI_STATUS
+EFIAPI
+SecTemporaryRamSupportPostMemory (
+  IN CONST EFI_PEI_SERVICES   **PeiServices,
+  IN EFI_PHYSICAL_ADDRESS     TemporaryMemoryBase,
+  IN EFI_PHYSICAL_ADDRESS     PermanentMemoryBase,
+  IN UINTN                    CopySize
+  );
+
+/**
+  This interface conveys performance information out of the Security (SEC) 
phase into PEI.
+
+  This service is published by the SEC phase. The SEC phase handoff has an 
optional
+  EFI_PEI_PPI_DESCRIPTOR list as its final argument when control is passed 
from SEC into the
+  PEI Foundation. As such, if the platform supports collecting performance 
data in SEC,
+  this information is encapsulated into the data structure abstracted by this 
service.
+  This information is collected for the boot-strap processor (BSP) on IA-32.
+
+  @param[in]  PeiServices  The pointer to the PEI Services Table.
+  @param[in]  This         The pointer to this instance of the 
PEI_SEC_PERFORMANCE_PPI.
+  @param[out] Performance  The pointer to performance data collected in SEC 
phase.
+
+  @retval EFI_SUCCESS      The performance data was successfully returned.
+
+**/
+EFI_STATUS
+EFIAPI
+GetPerformancePostMemory (
+  IN CONST EFI_PEI_SERVICES          **PeiServices,
+  IN       PEI_SEC_PERFORMANCE_PPI   *This,
+  OUT      FIRMWARE_SEC_PERFORMANCE  *Performance
+  );
+
+// /**
+//   Disables the use of Temporary RAM.
+
+//   If present, this service is invoked by the PEI Foundation after
+//   the EFI_PEI_PERMANANT_MEMORY_INSTALLED_PPI is installed.
+
+//   @retval EFI_SUCCESS           Use of Temporary RAM was disabled.
+//   @retval EFI_INVALID_PARAMETER Temporary RAM could not be disabled.
+
+// **/
+// EFI_STATUS
+// EFIAPI
+// SecTemporaryRamDonePostMemory (
+//   VOID
+//   );
+
+typedef struct {
+  UINT64                                StructureSize;
+  EFI_SEC_PLATFORM_INFORMATION_RECORD   *PlatformInformationRecord;
+} SEC_PLATFORM_INFORMATION_CONTEXT;
+
+typedef struct {
+  EFI_HOB_GUID_TYPE                     Header;
+  UINT8                                 Revision;
+  UINT8                                 Reserved[3];
+  FIRMWARE_SEC_PERFORMANCE              FirmwareSecPerformance;
+  SEC_PLATFORM_INFORMATION_CONTEXT      Context;
+} SEC_PLATFORM_INFORMATION_CONTEXT_HOB;
+
+#endif
diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf 
b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf
new file mode 100644
index 000000000000..e29c04710941
--- /dev/null
+++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf
@@ -0,0 +1,64 @@
+## @file
+#  Migrates SEC structures after permanent memory is installed.
+#
+# Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = SecMigrationPei
+  MODULE_UNI_FILE                = SecMigrationPei.uni
+  FILE_GUID                      = 58B35361-8922-41BC-B313-EF7ED9ADFDF7
+  MODULE_TYPE                    = PEIM
+  VERSION_STRING                 = 1.0
+  ENTRY_POINT                    = SecMigrationPeiInitialize
+
+#
+# The following information is for reference only and not required by the 
build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64 EBC
+#
+
+[Sources]
+  SecMigrationPei.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  UefiCpuPkg/UefiCpuPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+  HobLib
+  MemoryAllocationLib
+  PeimEntryPoint
+  PeiServicesLib
+  PeiServicesTablePointerLib
+
+[Ppis]
+  ## PRODUCES
+  gRepublishSecPpiPpiGuid
+
+  ## SOMETIMES_PRODUCES
+  gEfiTemporaryRamDonePpiGuid
+
+  ## SOMETIME_PRODUCES
+  gEfiTemporaryRamSupportPpiGuid
+
+  ## SOMETIMES_PRODUCES
+  gPeiSecPerformancePpiGuid
+
+  ## SOMETIMES_CONSUMES
+  ## PRODUCES
+  gEfiSecPlatformInformationPpiGuid
+
+  ## SOMETIMES_CONSUMES
+  ## SOMETIMES_PRODUCES
+  gEfiSecPlatformInformation2PpiGuid
+
+[Depex]
+  TRUE
diff --git a/UefiCpuPkg/SecMigrationPei/SecMigrationPei.uni 
b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.uni
new file mode 100644
index 000000000000..62c2064ba217
--- /dev/null
+++ b/UefiCpuPkg/SecMigrationPei/SecMigrationPei.uni
@@ -0,0 +1,13 @@
+// /** @file
+// Migrates SEC structures after permanent memory is installed.
+//
+// Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT     #language en-US "Migrates SEC structures after 
permanent memory is installed"
+
+#string STR_MODULE_DESCRIPTION  #language en-US "Migrates SEC structures after 
permanent memory is installed."
+
diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index 762badf5d239..0a005bd20311 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -66,6 +66,10 @@ [Guids]
   ## Include/Guid/MicrocodePatchHob.h
   gEdkiiMicrocodePatchHobGuid    = { 0xd178f11d, 0x8716, 0x418e, { 0xa1, 0x31, 
0x96, 0x7d, 0x2a, 0xc4, 0x28, 0x43 }}
 
+[Ppis]
+  ## Include/Ppi/RepublishSecPpi.h
+  gRepublishSecPpiPpiGuid   = { 0x27a71b1e, 0x73ee, 0x43d6, { 0xac, 0xe3, 
0x52, 0x1a, 0x2d, 0xc5, 0xd0, 0x92 }}
+
 [Protocols]
   ## Include/Protocol/SmmCpuService.h
   gEfiSmmCpuServiceProtocolGuid  = { 0x1d202cab, 0xc8ab, 0x4d5c, { 0x94, 0xf7, 
0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }}
diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
index afa304128221..964720048dd7 100644
--- a/UefiCpuPkg/UefiCpuPkg.dsc
+++ b/UefiCpuPkg/UefiCpuPkg.dsc
@@ -146,6 +146,7 @@ [Components.IA32, Components.X64]
   UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationPei.inf
   UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationSmm.inf
   UefiCpuPkg/SecCore/SecCore.inf
+  UefiCpuPkg/SecMigrationPei/SecMigrationPei.inf
   UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf
   UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf {
     <Defines>
-- 
2.25.1.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#61825): https://edk2.groups.io/g/devel/message/61825
Mute This Topic: https://groups.io/mt/75209407/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to