Hi Supreeth, On Fri, Apr 06, 2018 at 03:42:13PM +0100, Supreeth Venkatesh wrote: > MM memory check library library implementation. This library consumes > MM_ACCESS_PROTOCOL to get MMRAM information. In order to use this > library instance, the platform should produce all MMRAM range via > MM_ACCESS_PROTOCOL, including the range for firmware (like MM Core > and MM driver) and/or specific dedicated hardware. > > This patch provides services for MM Memory Operation. > The management mode Mem Library provides function for checking if buffer > is outside MMRAM and valid. It also provides functions for copy data > from MMRAM to non-MMRAM, from non-MMRAM to MMRAM, > from non-MMRAM to non-MMRAM, or set data in non-MMRAM. > > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Achin Gupta <achin.gu...@arm.com> > Signed-off-by: Supreeth Venkatesh <supreeth.venkat...@arm.com> > --- > StandaloneMmPkg/Include/Library/MemLib.h | 140 ++++++++++++++ > StandaloneMmPkg/Library/MemLib/Arm/MemLib.c | 276 > ++++++++++++++++++++++++++++
Advertising
Why is this Library Arm specific. Apart from cosmetics tweaks, it has not changed since it was originally contributed? cheers, Achin > StandaloneMmPkg/Library/MemLib/MemLib.inf | 47 +++++ > 3 files changed, 463 insertions(+) > create mode 100644 StandaloneMmPkg/Include/Library/MemLib.h > create mode 100644 StandaloneMmPkg/Library/MemLib/Arm/MemLib.c > create mode 100644 StandaloneMmPkg/Library/MemLib/MemLib.inf > > diff --git a/StandaloneMmPkg/Include/Library/MemLib.h > b/StandaloneMmPkg/Include/Library/MemLib.h > new file mode 100644 > index 0000000000..3264f10010 > --- /dev/null > +++ b/StandaloneMmPkg/Include/Library/MemLib.h > @@ -0,0 +1,140 @@ > +/** @file > + Provides services for MM Memory Operation. > + > + The MM Mem Library provides function for checking if buffer is outside > MMRAM and valid. > + It also provides functions for copy data from MMRAM to non-MMRAM, from > non-MMRAM to MMRAM, > + from non-MMRAM to non-MMRAM, or set data in non-MMRAM. > + > + Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> > + Copyright (c) 2016 - 2017, ARM Limited. All rights reserved.<BR> > + > + This program and the accompanying materials > + are licensed and made available under the terms and conditions of the BSD > License > + which accompanies this distribution. The full text of the license may be > found at > + http://opensource.org/licenses/bsd-license.php > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR > IMPLIED. > + > +**/ > + > +#ifndef _MM_MEM_LIB_H_ > +#define _MM_MEM_LIB_H_ > + > +/** > + This function check if the buffer is valid per processor architecture and > not overlap with MMRAM. > + > + @param Buffer The buffer start address to be checked. > + @param Length The buffer length to be checked. > + > + @retval TRUE This buffer is valid per processor architecture and not > overlap with MMRAM. > + @retval FALSE This buffer is not valid per processor architecture or > overlap with MMRAM. > +**/ > +BOOLEAN > +EFIAPI > +MmIsBufferOutsideMmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64 Length > + ); > + > +/** > + Copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer > (MMRAM). > + It checks if source buffer is valid per processor architecture and not > overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it return EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of the > memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory > copy. > + @param Length The number of bytes to copy from SourceBuffer > to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor > architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemToSmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ); > + > +/** > + Copies a source buffer (MMRAM) to a destination buffer (NON-MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer > (MMRAM). > + It checks if destination buffer is valid per processor architecture and > not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of the > memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory > copy. > + @param Length The number of bytes to copy from SourceBuffer > to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per > processor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemFromSmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ); > + > +/** > + Copies a source buffer (NON-MMRAM) to a destination buffer (NON-MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer > (MMRAM). > + It checks if source buffer and destination buffer are valid per processor > architecture and not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant, and it must handle the case where > source buffer overlaps destination buffer. > + > + @param DestinationBuffer The pointer to the destination buffer of the > memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory > copy. > + @param Length The number of bytes to copy from SourceBuffer > to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per > processor architecture or overlap with MMRAM. > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor > architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMem ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ); > + > +/** > + Fills a target buffer (NON-MMRAM) with a byte value. > + > + This function fills a target buffer (non-MMRAM) with a byte value. > + It checks if target buffer is valid per processor architecture and not > overlap with MMRAM. > + If the check passes, it fills memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + > + @param Buffer The memory to set. > + @param Length The number of bytes to set. > + @param Value The value with which to fill Length bytes of Buffer. > + > + @retval EFI_SECURITY_VIOLATION The Buffer is invalid per processor > architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is set. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmSetMem ( > + OUT VOID *Buffer, > + IN UINTN Length, > + IN UINT8 Value > + ); > + > +#endif > diff --git a/StandaloneMmPkg/Library/MemLib/Arm/MemLib.c > b/StandaloneMmPkg/Library/MemLib/Arm/MemLib.c > new file mode 100644 > index 0000000000..432a45698b > --- /dev/null > +++ b/StandaloneMmPkg/Library/MemLib/Arm/MemLib.c > @@ -0,0 +1,276 @@ > +/** @file > + Instance of MM memory check library. > + > + MM memory check library library implementation. This library consumes > MM_ACCESS_PROTOCOL > + to get MMRAM information. In order to use this library instance, the > platform should produce > + all MMRAM range via MM_ACCESS_PROTOCOL, including the range for firmware > (like MM Core > + and MM driver) and/or specific dedicated hardware. > + > + Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> > + Copyright (c) 2016 - 2017, ARM Limited. All rights reserved.<BR> > + > + This program and the accompanying materials > + are licensed and made available under the terms and conditions of the BSD > License > + which accompanies this distribution. The full text of the license may be > found at > + http://opensource.org/licenses/bsd-license.php > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR > IMPLIED. > + > +**/ > + > + > +#include <PiMm.h> > + > +#include <Library/BaseLib.h> > +#include <Library/BaseMemoryLib.h> > +#include <Library/DebugLib.h> > + > +EFI_MMRAM_DESCRIPTOR *mMmMemLibInternalMmramRanges; > +UINTN mMmMemLibInternalMmramCount; > + > +// > +// Maximum support address used to check input buffer > +// > +EFI_PHYSICAL_ADDRESS mMmMemLibInternalMaximumSupportAddress = 0; > + > +/** > + Calculate and save the maximum support address. > + > +**/ > +VOID > +MmMemLibInternalCalculateMaximumSupportAddress ( > + VOID > + ) > +{ > + UINT8 PhysicalAddressBits; > + > + PhysicalAddressBits = 36; > + > + // > + // Save the maximum support address in one global variable > + // > + mMmMemLibInternalMaximumSupportAddress = > (EFI_PHYSICAL_ADDRESS)(UINTN)(LShiftU64 (1, PhysicalAddressBits) - 1); > + DEBUG ((DEBUG_INFO, "mMmMemLibInternalMaximumSupportAddress = 0x%lx\n", > mMmMemLibInternalMaximumSupportAddress)); > +} > + > +/** > + This function check if the buffer is valid per processor architecture and > not overlap with MMRAM. > + > + @param Buffer The buffer start address to be checked. > + @param Length The buffer length to be checked. > + > + @retval TRUE This buffer is valid per processor architecture and not > overlap with MMRAM. > + @retval FALSE This buffer is not valid per processor architecture or > overlap with MMRAM. > +**/ > +BOOLEAN > +EFIAPI > +MmIsBufferOutsideMmValid ( > + IN EFI_PHYSICAL_ADDRESS Buffer, > + IN UINT64 Length > + ) > +{ > + UINTN Index; > + > + // > + // Check override. > + // NOTE: (B:0->L:4G) is invalid for IA32, but (B:1->L:4G-1)/(B:4G-1->L:1) > is valid. > + // > + if ((Length > mMmMemLibInternalMaximumSupportAddress) || > + (Buffer > mMmMemLibInternalMaximumSupportAddress) || > + ((Length != 0) && (Buffer > (mMmMemLibInternalMaximumSupportAddress - > (Length - 1)))) ) { > + // > + // Overflow happen > + // > + DEBUG (( > + DEBUG_ERROR, > + "MmIsBufferOutsideMmValid: Overflow: Buffer (0x%lx) - Length (0x%lx), > MaximumSupportAddress (0x%lx)\n", > + Buffer, > + Length, > + mMmMemLibInternalMaximumSupportAddress > + )); > + return FALSE; > + } > + > + for (Index = 0; Index < mMmMemLibInternalMmramCount; Index ++) { > + if (((Buffer >= mMmMemLibInternalMmramRanges[Index].CpuStart) && (Buffer > < mMmMemLibInternalMmramRanges[Index].CpuStart + > mMmMemLibInternalMmramRanges[Index].PhysicalSize)) || > + ((mMmMemLibInternalMmramRanges[Index].CpuStart >= Buffer) && > (mMmMemLibInternalMmramRanges[Index].CpuStart < Buffer + Length))) { > + DEBUG (( > + DEBUG_ERROR, > + "MmIsBufferOutsideMmValid: Overlap: Buffer (0x%lx) - Length (0x%lx), > ", > + Buffer, > + Length > + )); > + DEBUG (( > + DEBUG_ERROR, > + "CpuStart (0x%lx) - PhysicalSize (0x%lx)\n", > + mMmMemLibInternalMmramRanges[Index].CpuStart, > + mMmMemLibInternalMmramRanges[Index].PhysicalSize > + )); > + return FALSE; > + } > + } > + > + return TRUE; > +} > + > +/** > + Copies a source buffer (non-MMRAM) to a destination buffer (MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer > (MMRAM). > + It checks if source buffer is valid per processor architecture and not > overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it return EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of the > memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory > copy. > + @param Length The number of bytes to copy from SourceBuffer > to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor > architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemToMmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ) > +{ > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)SourceBuffer, > Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMemToMmram: Security Violation: Source > (0x%x), Length (0x%x)\n", SourceBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + CopyMem (DestinationBuffer, SourceBuffer, Length); > + return EFI_SUCCESS; > +} > + > +/** > + Copies a source buffer (MMRAM) to a destination buffer (NON-MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer > (MMRAM). > + It checks if destination buffer is valid per processor architecture and > not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant. > + > + @param DestinationBuffer The pointer to the destination buffer of the > memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory > copy. > + @param Length The number of bytes to copy from SourceBuffer > to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per > processor architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMemFromMmram ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ) > +{ > + if (!MmIsBufferOutsideMmValid > ((EFI_PHYSICAL_ADDRESS)(UINTN)DestinationBuffer, Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMemFromMmram: Security Violation: > Destination (0x%x), Length (0x%x)\n", DestinationBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + CopyMem (DestinationBuffer, SourceBuffer, Length); > + return EFI_SUCCESS; > +} > + > +/** > + Copies a source buffer (NON-MMRAM) to a destination buffer (NON-MMRAM). > + > + This function copies a source buffer (non-MMRAM) to a destination buffer > (MMRAM). > + It checks if source buffer and destination buffer are valid per processor > architecture and not overlap with MMRAM. > + If the check passes, it copies memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + The implementation must be reentrant, and it must handle the case where > source buffer overlaps destination buffer. > + > + @param DestinationBuffer The pointer to the destination buffer of the > memory copy. > + @param SourceBuffer The pointer to the source buffer of the memory > copy. > + @param Length The number of bytes to copy from SourceBuffer > to DestinationBuffer. > + > + @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per > processor architecture or overlap with MMRAM. > + @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor > architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is copied. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmCopyMem ( > + OUT VOID *DestinationBuffer, > + IN CONST VOID *SourceBuffer, > + IN UINTN Length > + ) > +{ > + if (!MmIsBufferOutsideMmValid > ((EFI_PHYSICAL_ADDRESS)(UINTN)DestinationBuffer, Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMem: Security Violation: Destination (0x%x), > Length (0x%x)\n", DestinationBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)SourceBuffer, > Length)) { > + DEBUG ((DEBUG_ERROR, "MmCopyMem: Security Violation: Source (0x%x), > Length (0x%x)\n", SourceBuffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + CopyMem (DestinationBuffer, SourceBuffer, Length); > + return EFI_SUCCESS; > +} > + > +/** > + Fills a target buffer (NON-MMRAM) with a byte value. > + > + This function fills a target buffer (non-MMRAM) with a byte value. > + It checks if target buffer is valid per processor architecture and not > overlap with MMRAM. > + If the check passes, it fills memory and returns EFI_SUCCESS. > + If the check fails, it returns EFI_SECURITY_VIOLATION. > + > + @param Buffer The memory to set. > + @param Length The number of bytes to set. > + @param Value The value with which to fill Length bytes of Buffer. > + > + @retval EFI_SECURITY_VIOLATION The Buffer is invalid per processor > architecture or overlap with MMRAM. > + @retval EFI_SUCCESS Memory is set. > + > +**/ > +EFI_STATUS > +EFIAPI > +MmSetMem ( > + OUT VOID *Buffer, > + IN UINTN Length, > + IN UINT8 Value > + ) > +{ > + if (!MmIsBufferOutsideMmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)Buffer, > Length)) { > + DEBUG ((DEBUG_ERROR, "MmSetMem: Security Violation: Source (0x%x), > Length (0x%x)\n", Buffer, Length)); > + return EFI_SECURITY_VIOLATION; > + } > + SetMem (Buffer, Length, Value); > + return EFI_SUCCESS; > +} > + > +/** > + The constructor function initializes the Mm Mem library > + > + @param ImageHandle The firmware allocated handle for the EFI image. > + @param SystemTable A pointer to the EFI System Table. > + > + @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. > + > +**/ > +EFI_STATUS > +EFIAPI > +MemLibConstructor ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_MM_SYSTEM_TABLE *MmSystemTable > + ) > +{ > + > + // > + // Calculate and save maximum support address > + // > + MmMemLibInternalCalculateMaximumSupportAddress (); > + > + return EFI_SUCCESS; > +} > diff --git a/StandaloneMmPkg/Library/MemLib/MemLib.inf > b/StandaloneMmPkg/Library/MemLib/MemLib.inf > new file mode 100644 > index 0000000000..52b7c06397 > --- /dev/null > +++ b/StandaloneMmPkg/Library/MemLib/MemLib.inf > @@ -0,0 +1,47 @@ > +## @file > +# Instance of MM memory check library. > +# > +# MM memory check library library implementation. This library consumes > MM_ACCESS_PROTOCOL > +# to get MMRAM information. In order to use this library instance, the > platform should produce > +# all MMRAM range via MM_ACCESS_PROTOCOL, including the range for firmware > (like MM Core > +# and MM driver) and/or specific dedicated hardware. > +# > +# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> > +# Copyright (c) 2016 - 2017, ARM Limited. All rights reserved.<BR> > +# > +# This program and the accompanying materials > +# are licensed and made available under the terms and conditions of the BSD > License > +# which accompanies this distribution. The full text of the license may be > found at > +# http://opensource.org/licenses/bsd-license.php > +# > +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR > IMPLIED. > +# > +## > + > +[Defines] > + INF_VERSION = 0x0001001A > + BASE_NAME = MemLib > + FILE_GUID = EA355F14-6409-4716-829F-37B3BC7C7F26 > + MODULE_TYPE = MM_STANDALONE > + VERSION_STRING = 1.0 > + PI_SPECIFICATION_VERSION = 0x00010032 > + LIBRARY_CLASS = MemLib|MM_STANDALONE MM_CORE_STANDALONE > + CONSTRUCTOR = MemLibConstructor > + > +# > +# The following information is for reference only and not required by the > build tools. > +# > +# VALID_ARCHITECTURES = AARCH64 > +# > + > +[Sources.AARCH64] > + Arm/MemLib.c > + > +[Packages] > + MdePkg/MdePkg.dec > + StandaloneMmPkg/StandaloneMmPkg.dec > + > +[LibraryClasses] > + BaseMemoryLib > + DebugLib > -- > 2.16.2 > _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
