Changes since v1:
- Addressed all the comments from Liming Gao
- Removed the use of #ifdef/#else/#endif and used a Pcd instead to
select between MM and non-MM paths.
- Removed all dependencies on edk2-platforms.
- Dropped the use of mMmst and used gSmst instead.
- Added a dummy implementation UefiRuntimeServiceTableLib for
MM_STANDALONE usage
- Replaced all uses of AsmLfence with MemoryFence from variable
service code.
- Add a new StandaloneMmRuntimeDxe library to for use by non-MM code.
This RFC patch series extends the existing secure variable service support
for use with Standalone MM. This is applicable to paltforms that use
Standalone Management Mode to protect access to non-volatile memory (NOR
flash in case of these patches) used to store the secure EFI variables.
The first patch pulls in additional libraries from the staging branch of
StandaloneMmPkg into the edk2's StandaloneMmPkg. The existing secure
variable service implementation supports only the traditional MM mode
and so the rest of the patches extends the existing secure variable
service support to be useable with Standalone MM mode as well.
This patch series is being posted as an RFC to get feedback on the
approach taken in these patches.
Jagadeesh Ujja (11):
MdeModulePkg/Variable: replace all uses of AsmLfence with MemoryFence
StandaloneMmPkg: Pull in additonal libraries from staging branch
MdeModulePkg/Library: Add StandaloneMmRuntimeDxe library
ArmPlatformPkg/NorFlashDxe: allow reusability as a MM driver
MdeModulePkg/FaultTolerantWriteDxe: allow reusability as a MM driver
MdeModulePkg/Variable/RuntimeDxe: adapt for usability with MM
Standalone
MdeModulePkg/Variable/RuntimeDxe: adapt as a MM Standalone driver
SecurityPkg/AuthVariableLib: allow MM_STANDALONE drivers to use this
library
MdeModulePkg/VarCheckLib: allow MM_STANDALONE drivers to use this
library
CryptoPkg/BaseCryptLib: allow MM_STANDALONE drivers to use this
library
CryptoPkg/BaseCryptLib: Hack to get time in MM Standalone mode
.../Drivers/NorFlashDxe/NorFlashDxe.inf | 3 +
.../NorFlashDxe/NorFlashStandaloneMm.inf | 76 ++
.../Library/BaseCryptLib/BaseCryptLib.inf | 8 +-
.../Library/BaseCryptLib/RuntimeCryptLib.inf | 5 +
.../StandaloneMmRuntimeDxe.inf | 43 +
.../Library/VarCheckLib/VarCheckLib.inf | 5 +-
.../FaultTolerantWriteDxe.inf | 2 +
.../FaultTolerantWriteStandaloneMm.inf | 102 +++
.../RuntimeDxe/VariableRuntimeDxe.inf | 2 +
.../RuntimeDxe/VariableSmmRuntimeDxe.inf | 4 +
.../RuntimeDxe/VariableStandaloneMm.inf | 132 +++
.../AuthVariableLib/AuthVariableLib.inf | 5 +-
.../StandaloneMmCoreHobLib.inf | 2 +-
.../StandaloneMmHobLib/StandaloneMmHobLib.inf | 48 +
.../StandaloneMmMemoryAllocationLib.inf | 45 +
.../StandaloneMmServicesTableLib.inf | 36 +
.../Drivers/NorFlashDxe/NorFlashDxe.h | 5 +-
.../Include/Library/StandaloneMmRuntimeDxe.h | 39 +
.../Library/StandaloneMmServicesTableLib.h | 47 +
.../Drivers/NorFlashDxe/NorFlashBlockIoDxe.c | 2 +-
.../Drivers/NorFlashDxe/NorFlashDxe.c | 211 ++++-
.../Drivers/NorFlashDxe/NorFlashFvbDxe.c | 96 +-
.../BaseCryptLib/SysCall/TimerWrapper.c | 27 +-
.../StandaloneMmRuntimeDxe.c | 36 +
.../FaultTolerantWriteSmm.c | 207 +++--
.../UpdateWorkingBlock.c | 27 +-
.../Variable/RuntimeDxe/LoadFenceSmm.c | 2 +-
.../Universal/Variable/RuntimeDxe/Variable.c | 37 +-
.../Variable/RuntimeDxe/VariableSmm.c | 201 ++++-
.../RuntimeDxe/VariableSmmRuntimeDxe.c | 31 +-
MdePkg/Library/BaseLib/X86MemoryFence.c | 2 +-
.../AArch64/StandaloneMmCoreHobLibInternal.c | 64 ++
.../StandaloneMmHobLib/StandaloneMmHobLib.c | 655 ++++++++++++++
.../StandaloneMmMemoryAllocationLib.c | 824 ++++++++++++++++++
.../StandaloneMmServicesTableLib.c | 64 ++
35 files changed, 2860 insertions(+), 235 deletions(-)
create mode 100644 ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashStandaloneMm.inf
create mode 100644
MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.inf
create mode 100644
MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
create mode 100644
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
create mode 100644
StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf
create mode 100644
StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
create mode 100644
StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
create mode 100644 MdeModulePkg/Include/Library/StandaloneMmRuntimeDxe.h
create mode 100644
StandaloneMmPkg/Include/Library/StandaloneMmServicesTableLib.h
create mode 100644
MdeModulePkg/Library/StandaloneMmRuntimeDxe/StandaloneMmRuntimeDxe.c
create mode 100644
StandaloneMmPkg/Library/StandaloneMmHobLib/AArch64/StandaloneMmCoreHobLibInternal.c
create mode 100644
StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.c
create mode 100644
StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.c
create mode 100644
StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.c
--
2.19.1
_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.01.org/mailman/listinfo/edk2-devel
