Re: [edk2-devel] [PATCH] IntelFsp2Pkg: Optional Plugin for FSP SecCore/PeiCore Rebasing
This optional plugin is designed to execute before the FSP SecCore to rebase SecCore and PeiCore during runtime. If the FSP binary requires rebasing at runtime, this module should be included within the FSP binary. Additionally, specific patches must be applied to ensure proper functionality. In the absence of this module, manual patching of API offsets within the FSP header is necessary. To illustrate, let's consider a scenario within FSP-S where 'FspSiliconInitEntry' is the initial API to be executed post-rebase. Rather than directly inputting the 'FspSiliconInit' offset into the 'FspSiliconInitEntryOffset' field of the FSP header, the entry point of this module should be used. Furthermore, the 'FspSiliconInit' offset should be placed into 'AsmGetFspSecEntry', which signifies the address to which this module will jump. It is also essential to patch the image bases of SecCore and PeiCore to enable the rebasing functionality of this module. The following is an example of how to apply the necessary patches: Patch Address Patch Value PreFspSecS:_ModuleEntryPoint - [0x] PreFspSecS:SecCoreRelativeOff PreFspSecS:AsmGetFspSecCore - Fsp24SecCoreS:BASE PreFspSecS:PeiCoreRelativeOff PreFspSecS:AsmGetFspPeiCore - PeiCore:BASE PreFspSecS:SecEntryRelativeOff PreFspSecS:AsmGetFspSecEntry - Fsp24SecCoreS:FspSiliconInitApi [Ray.1] Can you emphasize this optional plug-in only applies to 64bit FSP? +/** + Relocate Pe/Te Image + + @param[in] ImageBaseAddress Image base address + + @retval EFI_SUCCESS Image is relocated successfully + @retval OthersImage is not relocated successfully +**/ +EFI_STATUS +RelocatePeTeImage ( + UINT64 ImageBaseAddress + ) +{ + RETURN_STATUS Status; + PE_COFF_LOADER_IMAGE_CONTEXT ImageContext; + + ZeroMem (, sizeof (ImageContext)); + + ImageContext.Handle= (VOID *)ImageBaseAddress; + ImageContext.ImageRead = PeCoffLoaderImageReadFromMemory; + + Status = PeCoffLoaderGetImageInfo (); + if (EFI_ERROR (Status)) { +ASSERT_EFI_ERROR (Status); +return Status; + } + + ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)ImageBaseAddress; + + // + // rebase the image + // + Status = PeCoffLoaderRelocateImage (); + + ASSERT_EFI_ERROR (Status); + return Status; +} + +/** + This function will patch the Sec Core and Pei Core in current FSP. +**/ +VOID +EFIAPI +FspPatchSecAndPeiCore ( [Ray.2] Can you rename it as "Fsp*Relocate*SecAndPeiCore"? It's to align with "RelocatePeTeImage". +; +; +global ASM_PFX(_ModuleEntryPoint) +ASM_PFX(_ModuleEntryPoint): + PUSHA_64 + call ASM_PFX(FspPatchSecAndPeiCore) + POPA_64 + call ASM_PFX(AsmGetFspSecEntry) + jmprax + +global ASM_PFX(AsmGetFspSecCore) [Ray.3] rename as AsmGetFspSecCoreImageBase and add function header. +ASM_PFX(AsmGetFspSecCore): + lea rax, [ASM_PFX(AsmGetFspSecCore)] + mov rcx, rax + xor rdx, rdx + DB0x48, 0x2d ; sub rax, 0x +global ASM_PFX(SecCoreRelativeOff) +ASM_PFX(SecCoreRelativeOff): + DD0; This value can be patched by the build script if need to rebase SecCore [Ray.4] ; RAX = SecCore image base at runtime, RCX = AsmGetFspSecCore runtime address + xchgrax, rcx ; After exchange, rcx is the value be subtract by the patched value + ; rax == rcx means patched value is zero [Ray.5] ; RCX = SecCore image base at runtime, RAX = AsmGetFspSecCore runtime address. ; If SecCoreRelativeOff is not patched, RCX = RAX = AsmGetFspSecCore runtime address. This happens when there is no SecCore in the binary. + CMPXCHG rcx, rdx ; if (rcx == rax) {rcx = rdx (0) } else {rax = rcx (SecCore image base at runtime)} + mov rax, rcx + ret + +global ASM_PFX(AsmGetFspPeiCore) +ASM_PFX(AsmGetFspPeiCore): + lea rax, [ASM_PFX(AsmGetFspPeiCore)] + mov rcx, rax + xor rdx, rdx + DB0x48, 0x2d ; sub rax, 0x +global ASM_PFX(PeiCoreRelativeOff) +ASM_PFX(PeiCoreRelativeOff): + DD0; This value can be patched by the build script if need to rebase PeiCore + xchgrax, rcx ; After exchange, rcx is the value be subtract by the patched value + ; rax == rcx means patched value is zero + CMPXCHG rcx, rdx ; if (rcx == rax) {rcx = rdx} else {rax = rcx} + mov rax, rcx + ret + [Ray.6] rename it as AsmGetFspOriginalEntry. +global ASM_PFX(AsmGetFspSecEntry) +ASM_PFX(AsmGetFspSecEntry): + lea rax, [ASM_PFX(AsmGetFspSecEntry)] + DB0x48, 0x2d ; sub rax, 0x +global ASM_PFX(SecEntryRelativeOff) +ASM_PFX(SecEntryRelativeOff): + DD0x12345678 ;
[edk2-devel] [PATCH] IntelFsp2Pkg: Optional Plugin for FSP SecCore/PeiCore Rebasing
This optional plugin is designed to execute before the FSP SecCore to rebase SecCore and PeiCore during runtime. If the FSP binary requires rebasing at runtime, this module should be included within the FSP binary. Additionally, specific patches must be applied to ensure proper functionality. In the absence of this module, manual patching of API offsets within the FSP header is necessary. To illustrate, let's consider a scenario within FSP-S where 'FspSiliconInitEntry' is the initial API to be executed post-rebase. Rather than directly inputting the 'FspSiliconInit' offset into the 'FspSiliconInitEntryOffset' field of the FSP header, the entry point of this module should be used. Furthermore, the 'FspSiliconInit' offset should be placed into 'AsmGetFspSecEntry', which signifies the address to which this module will jump. It is also essential to patch the image bases of SecCore and PeiCore to enable the rebasing functionality of this module. The following is an example of how to apply the necessary patches: Patch Address Patch Value PreFspSecS:_ModuleEntryPoint - [0x] PreFspSecS:SecCoreRelativeOff PreFspSecS:AsmGetFspSecCore - Fsp24SecCoreS:BASE PreFspSecS:PeiCoreRelativeOff PreFspSecS:AsmGetFspPeiCore - PeiCore:BASE PreFspSecS:SecEntryRelativeOff PreFspSecS:AsmGetFspSecEntry - Fsp24SecCoreS:FspSiliconInitApi Cc: Chasel Chiu Cc: Nate DeSimone Cc: Duggapu Chinni B Cc: Star Zeng Cc: Ted Kuo Cc: Ashraf Ali S Cc: Susovan Mohapatra Cc: Ray Ni Signed-off-by: Zhiguang Liu --- IntelFsp2Pkg/IntelFsp2Pkg.dsc | 5 + IntelFsp2Pkg/PreFspSec/PreFspSec.c| 115 ++ IntelFsp2Pkg/PreFspSec/PreFspSec.inf | 61 ++ .../PreFspSec/X64/PreFspSecCommon.nasm| 69 +++ 4 files changed, 250 insertions(+) create mode 100644 IntelFsp2Pkg/PreFspSec/PreFspSec.c create mode 100644 IntelFsp2Pkg/PreFspSec/PreFspSec.inf create mode 100644 IntelFsp2Pkg/PreFspSec/X64/PreFspSecCommon.nasm diff --git a/IntelFsp2Pkg/IntelFsp2Pkg.dsc b/IntelFsp2Pkg/IntelFsp2Pkg.dsc index f236a7010b..a2cc29c940 100644 --- a/IntelFsp2Pkg/IntelFsp2Pkg.dsc +++ b/IntelFsp2Pkg/IntelFsp2Pkg.dsc @@ -33,6 +33,8 @@ SerialPortLib|MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull.inf ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.inf DebugDeviceLib|IntelFsp2Pkg/Library/BaseDebugDeviceLibNull/BaseDebugDeviceLibNull.inf + PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf + PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf # FSP override DebugLib|IntelFsp2Pkg/Library/BaseFspDebugLibSerialPort/BaseFspDebugLibSerialPort.inf @@ -75,6 +77,9 @@ IntelFsp2Pkg/FspSecCore/Fsp24SecCoreS.inf IntelFsp2Pkg/FspNotifyPhase/FspNotifyPhasePeim.inf +[Components.X64] + IntelFsp2Pkg/PreFspSec/PreFspSec.inf + [PcdsFixedAtBuild.common] gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x1f gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80080046 diff --git a/IntelFsp2Pkg/PreFspSec/PreFspSec.c b/IntelFsp2Pkg/PreFspSec/PreFspSec.c new file mode 100644 index 00..d5fd028afc --- /dev/null +++ b/IntelFsp2Pkg/PreFspSec/PreFspSec.c @@ -0,0 +1,115 @@ +/** @file + + Copyright (c) 2024, Intel Corporation. All rights reserved. + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include "Guid/FspHeaderFile.h" +#include +#include +#include +#include + +/** + This interface gets SecCore image base + + @return SecCore image base, or zero if no patch in nasm code + +**/ +UINTN +EFIAPI +AsmGetFspSecCore ( + VOID + ); + +/** + This interface gets PeiCore image base + + @return PeiCore image base, or zero if no patch in nasm code + +**/ +UINTN +EFIAPI +AsmGetFspPeiCore ( + VOID + ); + +/** + Relocate Pe/Te Image + + @param[in] ImageBaseAddress Image base address + + @retval EFI_SUCCESS Image is relocated successfully + @retval OthersImage is not relocated successfully +**/ +EFI_STATUS +RelocatePeTeImage ( + UINT64 ImageBaseAddress + ) +{ + RETURN_STATUS Status; + PE_COFF_LOADER_IMAGE_CONTEXT ImageContext; + + ZeroMem (, sizeof (ImageContext)); + + ImageContext.Handle= (VOID *)ImageBaseAddress; + ImageContext.ImageRead = PeCoffLoaderImageReadFromMemory; + + Status = PeCoffLoaderGetImageInfo (); + if (EFI_ERROR (Status)) { +ASSERT_EFI_ERROR (Status); +return Status; + } + + ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)ImageBaseAddress; + + // + // rebase the image + // + Status = PeCoffLoaderRelocateImage (); + + ASSERT_EFI_ERROR (Status); + return Status; +} + +/** + This function will patch the Sec Core and Pei Core in current FSP. +**/ +VOID +EFIAPI +FspPatchSecAndPeiCore ( + VOID + ) +{ + UINT64