Re: [edk2] [PATCH v4 14/41] OvmfPkg: LockBox: use SMM stack with -D SMM_REQUIRE

2015-11-20 Thread Laszlo Ersek 
On 11/20/15 07:02, Jordan Justen wrote:
> Reviewed-by: Jordan Justen 

Thank you! But, I think you reviewed this one earlier:

http://thread.gmane.org/gmane.comp.bios.edk2.devel/3788/focus=4205

In that message, you wrote:

With those move into a new patch, or into patch 14

13-14 Reviewed-by: Jordan Justen  intel.com>

and patch 14 is exactly this one. (I complied with your suggestion for v5.)

(This is why I prefer to give my R-b explicitly for each patch in
separation. It means more emails but is clearer down the road.)

Thanks again!
Laszlo


> 
> On 2015-11-03 13:00:50, Laszlo Ersek wrote:
>> During DXE, drivers save data in the LockBox. A save operation is layered
>> as follows:
>>
>> - The unprivileged driver wishing to store data in the LockBox links
>>   against the "MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf"
>>   library instance.
>>
>>   The library allows the unprivileged driver to format requests for the
>>   privileged SMM LockBox driver (see below), and to parse responses.
>>
>>   We apply this resolution for DXE_DRIVER modules.
>>
>> - The privileged SMM LockBox driver is built from
>>   "MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf". This driver
>>   has module type DXE_SMM_DRIVER and can access SMRAM.
>>
>>   The driver delegates command parsing and response formatting to
>>   "MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf".
>>
>>   Therefore we include this DXE_SMM_DRIVER in the build, and apply said
>>   resolution specifically to it.
>>
>>   (Including the driver requires us to resolve a few of other library
>>   classes for DXE_SMM_DRIVER modules.)
>>
>> - In PEI, the S3 Resume PEIM (UefiCpuPkg/Universal/Acpi/S3Resume2Pei)
>>   retrieves data from the LockBox. It is capable of searching SMRAM
>>   itself.
>>
>>   We resolve LockBoxLib to
>>   "MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxPeiLib.inf" specifically
>>   for this one PEIM.
>>
>> Contributed-under: TianoCore Contribution Agreement 1.0
>> Signed-off-by: Laszlo Ersek 
>> ---
>>  OvmfPkg/OvmfPkgIa32.dsc| 16 
>>  OvmfPkg/OvmfPkgIa32X64.dsc | 16 
>>  OvmfPkg/OvmfPkgX64.dsc | 16 
>>  OvmfPkg/OvmfPkgIa32.fdf|  1 +
>>  OvmfPkg/OvmfPkgIa32X64.fdf |  1 +
>>  OvmfPkg/OvmfPkgX64.fdf |  1 +
>>  6 files changed, 51 insertions(+)
>>
>> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
>> index 6cfd58e..a19d4e2 100644
>> --- a/OvmfPkg/OvmfPkgIa32.dsc
>> +++ b/OvmfPkg/OvmfPkgIa32.dsc
>> @@ -106,7 +106,9 @@ [LibraryClasses]
>>QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
>>VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
>>LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
>> +!if $(SMM_REQUIRE) == FALSE
>>LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
>> +!endif
>>
>> CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
>>  
>>  !ifdef $(SOURCE_DEBUG_ENABLE)
>> @@ -272,7 +274,11 @@ [LibraryClasses.common.DXE_DRIVER]
>>DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
>>PlatformBdsLib|OvmfPkg/Library/PlatformBdsLib/PlatformBdsLib.inf
>>
>> CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
>> +!if $(SMM_REQUIRE) == TRUE
>> +  LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
>> +!else
>>LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxDxeLib.inf
>> +!endif
>>  !ifdef $(SOURCE_DEBUG_ENABLE)
>>DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
>>  !endif
>> @@ -292,6 +298,9 @@ [LibraryClasses.common.UEFI_APPLICATION]
>>  [LibraryClasses.common.DXE_SMM_DRIVER]
>>PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
>>TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
>> +  
>> MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf
>> +  HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
>> +  SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
>>
>> SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
>>  !ifdef $(DEBUG_ON_SERIAL_PORT)
>>DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
>> @@ -461,6 +470,9 @@ [Components]
>>UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf {
>>  
>>PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
>> +!if $(SMM_REQUIRE) == TRUE
>> +  LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxPeiLib.inf
>> +!endif
>>}
>>  !if $(SMM_REQUIRE) == TRUE
>>OvmfPkg/SmmAccess/SmmAccessPei.inf {
>> @@ -708,4 +720,8 @@ [Components]
>># Privileged drivers (DXE_SMM_DRIVER modules)
>>#
>>UefiCpuPkg/CpuIo2Smm/CpuIo2Smm.inf
>> +  MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf {
>> +
>> +  LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf
>> +  }
>>  !endif
>> diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc

Re: [edk2] [PATCH v4 14/41] OvmfPkg: LockBox: use SMM stack with -D SMM_REQUIRE

2015-11-19 Thread Jordan Justen 
Reviewed-by: Jordan Justen 

On 2015-11-03 13:00:50, Laszlo Ersek wrote:
> During DXE, drivers save data in the LockBox. A save operation is layered
> as follows:
> 
> - The unprivileged driver wishing to store data in the LockBox links
>   against the "MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf"
>   library instance.
> 
>   The library allows the unprivileged driver to format requests for the
>   privileged SMM LockBox driver (see below), and to parse responses.
> 
>   We apply this resolution for DXE_DRIVER modules.
> 
> - The privileged SMM LockBox driver is built from
>   "MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf". This driver
>   has module type DXE_SMM_DRIVER and can access SMRAM.
> 
>   The driver delegates command parsing and response formatting to
>   "MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf".
> 
>   Therefore we include this DXE_SMM_DRIVER in the build, and apply said
>   resolution specifically to it.
> 
>   (Including the driver requires us to resolve a few of other library
>   classes for DXE_SMM_DRIVER modules.)
> 
> - In PEI, the S3 Resume PEIM (UefiCpuPkg/Universal/Acpi/S3Resume2Pei)
>   retrieves data from the LockBox. It is capable of searching SMRAM
>   itself.
> 
>   We resolve LockBoxLib to
>   "MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxPeiLib.inf" specifically
>   for this one PEIM.
> 
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Laszlo Ersek 
> ---
>  OvmfPkg/OvmfPkgIa32.dsc| 16 
>  OvmfPkg/OvmfPkgIa32X64.dsc | 16 
>  OvmfPkg/OvmfPkgX64.dsc | 16 
>  OvmfPkg/OvmfPkgIa32.fdf|  1 +
>  OvmfPkg/OvmfPkgIa32X64.fdf |  1 +
>  OvmfPkg/OvmfPkgX64.fdf |  1 +
>  6 files changed, 51 insertions(+)
> 
> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
> index 6cfd58e..a19d4e2 100644
> --- a/OvmfPkg/OvmfPkgIa32.dsc
> +++ b/OvmfPkg/OvmfPkgIa32.dsc
> @@ -106,7 +106,9 @@ [LibraryClasses]
>QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
>VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
>LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
> +!if $(SMM_REQUIRE) == FALSE
>LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
> +!endif
>
> CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
>  
>  !ifdef $(SOURCE_DEBUG_ENABLE)
> @@ -272,7 +274,11 @@ [LibraryClasses.common.DXE_DRIVER]
>DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
>PlatformBdsLib|OvmfPkg/Library/PlatformBdsLib/PlatformBdsLib.inf
>
> CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
> +!if $(SMM_REQUIRE) == TRUE
> +  LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
> +!else
>LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxDxeLib.inf
> +!endif
>  !ifdef $(SOURCE_DEBUG_ENABLE)
>DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
>  !endif
> @@ -292,6 +298,9 @@ [LibraryClasses.common.UEFI_APPLICATION]
>  [LibraryClasses.common.DXE_SMM_DRIVER]
>PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
>TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
> +  
> MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf
> +  HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> +  SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
>
> SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
>  !ifdef $(DEBUG_ON_SERIAL_PORT)
>DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> @@ -461,6 +470,9 @@ [Components]
>UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf {
>  
>PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
> +!if $(SMM_REQUIRE) == TRUE
> +  LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxPeiLib.inf
> +!endif
>}
>  !if $(SMM_REQUIRE) == TRUE
>OvmfPkg/SmmAccess/SmmAccessPei.inf {
> @@ -708,4 +720,8 @@ [Components]
># Privileged drivers (DXE_SMM_DRIVER modules)
>#
>UefiCpuPkg/CpuIo2Smm/CpuIo2Smm.inf
> +  MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf {
> +
> +  LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf
> +  }
>  !endif
> diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
> index 6679e8a..d177154 100644
> --- a/OvmfPkg/OvmfPkgIa32X64.dsc
> +++ b/OvmfPkg/OvmfPkgIa32X64.dsc
> @@ -111,7 +111,9 @@ [LibraryClasses]
>QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
>VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
>LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
> +!if $(SMM_REQUIRE) == FALSE
>LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
> +!endif
>
> CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
>  
>  !ifdef $(SOURCE_DEBUG_ENABLE)
> @@ -277,7 +279,11 @@ [LibraryClasses.common.DXE_DRIVER]
>

[edk2] [PATCH v4 14/41] OvmfPkg: LockBox: use SMM stack with -D SMM_REQUIRE

2015-11-03 Thread Laszlo Ersek 
During DXE, drivers save data in the LockBox. A save operation is layered
as follows:

- The unprivileged driver wishing to store data in the LockBox links
  against the "MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf"
  library instance.

  The library allows the unprivileged driver to format requests for the
  privileged SMM LockBox driver (see below), and to parse responses.

  We apply this resolution for DXE_DRIVER modules.

- The privileged SMM LockBox driver is built from
  "MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf". This driver
  has module type DXE_SMM_DRIVER and can access SMRAM.

  The driver delegates command parsing and response formatting to
  "MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf".

  Therefore we include this DXE_SMM_DRIVER in the build, and apply said
  resolution specifically to it.

  (Including the driver requires us to resolve a few of other library
  classes for DXE_SMM_DRIVER modules.)

- In PEI, the S3 Resume PEIM (UefiCpuPkg/Universal/Acpi/S3Resume2Pei)
  retrieves data from the LockBox. It is capable of searching SMRAM
  itself.

  We resolve LockBoxLib to
  "MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxPeiLib.inf" specifically
  for this one PEIM.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek 
---
 OvmfPkg/OvmfPkgIa32.dsc| 16 
 OvmfPkg/OvmfPkgIa32X64.dsc | 16 
 OvmfPkg/OvmfPkgX64.dsc | 16 
 OvmfPkg/OvmfPkgIa32.fdf|  1 +
 OvmfPkg/OvmfPkgIa32X64.fdf |  1 +
 OvmfPkg/OvmfPkgX64.fdf |  1 +
 6 files changed, 51 insertions(+)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 6cfd58e..a19d4e2 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -106,7 +106,9 @@ [LibraryClasses]
   QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
+!if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
+!endif
   
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
 
 !ifdef $(SOURCE_DEBUG_ENABLE)
@@ -272,7 +274,11 @@ [LibraryClasses.common.DXE_DRIVER]
   DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
   PlatformBdsLib|OvmfPkg/Library/PlatformBdsLib/PlatformBdsLib.inf
   
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
+!if $(SMM_REQUIRE) == TRUE
+  LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
+!else
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxDxeLib.inf
+!endif
 !ifdef $(SOURCE_DEBUG_ENABLE)
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
 !endif
@@ -292,6 +298,9 @@ [LibraryClasses.common.UEFI_APPLICATION]
 [LibraryClasses.common.DXE_SMM_DRIVER]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
   TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
+  
MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf
+  HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
+  SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
   
SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
 !ifdef $(DEBUG_ON_SERIAL_PORT)
   DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
@@ -461,6 +470,9 @@ [Components]
   UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf {
 
   PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
+!if $(SMM_REQUIRE) == TRUE
+  LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxPeiLib.inf
+!endif
   }
 !if $(SMM_REQUIRE) == TRUE
   OvmfPkg/SmmAccess/SmmAccessPei.inf {
@@ -708,4 +720,8 @@ [Components]
   # Privileged drivers (DXE_SMM_DRIVER modules)
   #
   UefiCpuPkg/CpuIo2Smm/CpuIo2Smm.inf
+  MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf {
+
+  LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf
+  }
 !endif
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 6679e8a..d177154 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -111,7 +111,9 @@ [LibraryClasses]
   QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
   VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
   LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
+!if $(SMM_REQUIRE) == FALSE
   LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
+!endif
   
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
 
 !ifdef $(SOURCE_DEBUG_ENABLE)
@@ -277,7 +279,11 @@ [LibraryClasses.common.DXE_DRIVER]
   DpcLib|MdeModulePkg/Library/DxeDpcLib/DxeDpcLib.inf
   PlatformBdsLib|OvmfPkg/Library/PlatformBdsLib/PlatformBdsLib.inf
   
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
+!if $(SMM_REQUIRE) == TRUE
+  LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
+!else