Re: [edk2] [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement standalone MM version

[Zeng, Star]

Hi Ard,

Some minor feedback added below.
With them handled, Reviewed-by: Sta Zeng .

On 2019/1/4 2:28, Ard Biesheuvel wrote:

Reuse most of the existing code to implement a variable runtime
driver that will be able to execute in the context of standalone
MM.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel 
---
  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c   |  69 
++
  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 135 

  2 files changed, 204 insertions(+)


Please add it into MdeModulePkg.dsc for package build verification.



diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
new file mode 100644
index ..fbc99467c057
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
@@ -0,0 +1,69 @@
+/** @file
+
+  Parts of the SMM/MM implementation that are specific to standalone MM
+
+Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. 
+Copyright (c) 2018, Linaro, Ltd. All rights reserved. 
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD 
License
+which accompanies this distribution.  The full text of the license may be 
found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "Variable.h"
+
+BOOLEAN
+VariableSmmIsBufferOutsideSmmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64Length
+  )
+{
+  return TRUE;
+}


Please add function comment header for it.


+
+/**
+  Notify the system that the SMM variable driver is ready
+**/
+VOID
+VariableNotifySmmReady (
+  VOID
+  )
+{
+}
+
+/**
+  Notify the system that the SMM variable write driver is ready
+**/
+VOID
+VariableNotifySmmWriteReady (
+  VOID
+  )
+{
+}
+
+EFI_STATUS
+EFIAPI
+VariableServiceInitialize (
+  IN EFI_HANDLE   ImageHandle,
+  IN EFI_MM_SYSTEM_TABLE  *MmSystemTable
+  )
+{
+  return MmVariableServiceInitialize ();
+}


Please add function comment header for it.


+
+/**
+  Whether the TCG or TCG2 protocols are installed in the UEFI protocol 
database.
+  This information is used by the MorLock code to infer whether an existing
+  MOR variable is legitimate or not.


Add a line for return description?

Thanks,
Star


+**/
+BOOLEAN
+VariableHaveTcgProtocols (
+  VOID
+  )
+{
+  return FALSE;
+}
diff --git 
a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
new file mode 100644
index ..54d647af914c
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
@@ -0,0 +1,135 @@
+## @file
+#  Provides SMM variable service.
+#
+#  This module installs SMM variable protocol into SMM protocol database,
+#  which can be used by SMM driver, and installs SMM variable protocol
+#  into BS protocol database, which can be used to notify the SMM Runtime
+#  Dxe driver that the SMM variable service is ready.
+#  This module should be used with SMM Runtime DXE module together. The
+#  SMM Runtime DXE module would install variable arch protocol and variable
+#  write arch protocol based on SMM variable module.
+#
+#  Caution: This module requires additional review when modified.
+#  This driver will have external input - variable data and communicate buffer 
in SMM mode.
+#  This external input must be validated carefully to avoid security issues 
such as
+#  buffer overflow or integer overflow.
+#The whole SMM authentication variable design relies on the integrity of 
flash part and SMM.
+#  which is assumed to be protected by platform.  All variable code and 
metadata in flash/SMM Memory
+#  may not be modified without authorization. If platform fails to protect 
these resources,
+#  the authentication service provided in this driver will be broken, and the 
behavior is undefined.
+#
+# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD 
License
+# which accompanies this distribution. The full text of the license may be 
found at
+# http://opensource.org/licenses/bsd-license.php
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+  INF_VERSION= 0x0001001A
+  BASE_NAME  = VariableStandaloneMm
+  FILE_GUID  = 7ee2c0c1-c21a-4113-a53a-66824a95696f
+  MODULE_TYPE= MM_STANDALONE
+  VERSION_STRING = 1.0
+  

Re: [edk2] [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement standalone MM version

[Wang, Jian J]

Reviewed-by: Jian J Wang 


> -Original Message-
> From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
> Sent: Friday, January 04, 2019 2:28 AM
> To: edk2-devel@lists.01.org
> Cc: Ard Biesheuvel ; Laszlo Ersek
> ; Leif Lindholm ; Kinney,
> Michael D ; Gao, Liming ;
> Wang, Jian J ; Wu, Hao A ;
> Jagadeesh Ujja ; Achin Gupta
> ; Thomas Panakamattam Abraham
> ; Sami Mujawar 
> Subject: [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement
> standalone MM version
> 
> Reuse most of the existing code to implement a variable runtime
> driver that will be able to execute in the context of standalone
> MM.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel 
> ---
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c   |
> 69 ++
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf |
> 135 
>  2 files changed, 204 insertions(+)
> 
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> new file mode 100644
> index ..fbc99467c057
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> @@ -0,0 +1,69 @@
> +/** @file
> +
> +  Parts of the SMM/MM implementation that are specific to standalone MM
> +
> +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. 
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved. 
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD
> License
> +which accompanies this distribution.  The full text of the license may be 
> found
> at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS
> OR IMPLIED.
> +
> +**/
> +
> +#include "Variable.h"
> +
> +BOOLEAN
> +VariableSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64Length
> +  )
> +{
> +  return TRUE;
> +}
> +
> +/**
> +  Notify the system that the SMM variable driver is ready
> +**/
> +VOID
> +VariableNotifySmmReady (
> +  VOID
> +  )
> +{
> +}
> +
> +/**
> +  Notify the system that the SMM variable write driver is ready
> +**/
> +VOID
> +VariableNotifySmmWriteReady (
> +  VOID
> +  )
> +{
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +VariableServiceInitialize (
> +  IN EFI_HANDLE   ImageHandle,
> +  IN EFI_MM_SYSTEM_TABLE  *MmSystemTable
> +  )
> +{
> +  return MmVariableServiceInitialize ();
> +}
> +
> +/**
> +  Whether the TCG or TCG2 protocols are installed in the UEFI protocol
> database.
> +  This information is used by the MorLock code to infer whether an existing
> +  MOR variable is legitimate or not.
> +**/
> +BOOLEAN
> +VariableHaveTcgProtocols (
> +  VOID
> +  )
> +{
> +  return FALSE;
> +}
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> new file mode 100644
> index ..54d647af914c
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> @@ -0,0 +1,135 @@
> +## @file
> +#  Provides SMM variable service.
> +#
> +#  This module installs SMM variable protocol into SMM protocol database,
> +#  which can be used by SMM driver, and installs SMM variable protocol
> +#  into BS protocol database, which can be used to notify the SMM Runtime
> +#  Dxe driver that the SMM variable service is ready.
> +#  This module should be used with SMM Runtime DXE module together. The
> +#  SMM Runtime DXE module would install variable arch protocol and variable
> +#  write arch protocol based on SMM variable module.
> +#
> +#  Caution: This module requires additional review when modified.
> +#  This driver will have external input - variable data and communicate 
> buffer in
> SMM mode.
> +#  This external input must be validated carefully to avoid security issues 
> such
> as
> +#  buffer overflow or integer overflow.
> +#The whole SMM authentication variable design relies on the integrity of
> flash part and SMM.
> +#  which is assumed to be protected by platform.  All variable code and
> metadata in flash/SMM Memory
> +#  may not be modified without authorization. If platform fails to protect 
> these
> resources,
> +#  the authentication service provided in this driver will be broken, and the
> behavior is undefined.
> +#
> +# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
> +# This program and the accompanying materials
> +# are licensed and made available under the terms and conditions of the BSD
> License
> +# which accompanies this distribution. The full text of the license may be 
> found
> at
> +# http://opensource.org/licenses/bsd-license.php
> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON 

Re: [edk2] [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement standalone MM version

[Wang, Jian J]

Reviewed-by: Jian J Wang 


> -Original Message-
> From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
> Sent: Friday, January 04, 2019 2:28 AM
> To: edk2-devel@lists.01.org
> Cc: Ard Biesheuvel ; Laszlo Ersek
> ; Leif Lindholm ; Kinney,
> Michael D ; Gao, Liming ;
> Wang, Jian J ; Wu, Hao A ;
> Jagadeesh Ujja ; Achin Gupta
> ; Thomas Panakamattam Abraham
> ; Sami Mujawar 
> Subject: [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement
> standalone MM version
> 
> Reuse most of the existing code to implement a variable runtime
> driver that will be able to execute in the context of standalone
> MM.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel 
> ---
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c   |
> 69 ++
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf |
> 135 
>  2 files changed, 204 insertions(+)
> 
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> new file mode 100644
> index ..fbc99467c057
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
> @@ -0,0 +1,69 @@
> +/** @file
> +
> +  Parts of the SMM/MM implementation that are specific to standalone MM
> +
> +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. 
> +Copyright (c) 2018, Linaro, Ltd. All rights reserved. 
> +This program and the accompanying materials
> +are licensed and made available under the terms and conditions of the BSD
> License
> +which accompanies this distribution.  The full text of the license may be 
> found
> at
> +http://opensource.org/licenses/bsd-license.php
> +
> +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS
> OR IMPLIED.
> +
> +**/
> +
> +#include "Variable.h"
> +
> +BOOLEAN
> +VariableSmmIsBufferOutsideSmmValid (
> +  IN EFI_PHYSICAL_ADDRESS  Buffer,
> +  IN UINT64Length
> +  )
> +{
> +  return TRUE;
> +}
> +
> +/**
> +  Notify the system that the SMM variable driver is ready
> +**/
> +VOID
> +VariableNotifySmmReady (
> +  VOID
> +  )
> +{
> +}
> +
> +/**
> +  Notify the system that the SMM variable write driver is ready
> +**/
> +VOID
> +VariableNotifySmmWriteReady (
> +  VOID
> +  )
> +{
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +VariableServiceInitialize (
> +  IN EFI_HANDLE   ImageHandle,
> +  IN EFI_MM_SYSTEM_TABLE  *MmSystemTable
> +  )
> +{
> +  return MmVariableServiceInitialize ();
> +}
> +
> +/**
> +  Whether the TCG or TCG2 protocols are installed in the UEFI protocol
> database.
> +  This information is used by the MorLock code to infer whether an existing
> +  MOR variable is legitimate or not.
> +**/
> +BOOLEAN
> +VariableHaveTcgProtocols (
> +  VOID
> +  )
> +{
> +  return FALSE;
> +}
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> new file mode 100644
> index ..54d647af914c
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> @@ -0,0 +1,135 @@
> +## @file
> +#  Provides SMM variable service.
> +#
> +#  This module installs SMM variable protocol into SMM protocol database,
> +#  which can be used by SMM driver, and installs SMM variable protocol
> +#  into BS protocol database, which can be used to notify the SMM Runtime
> +#  Dxe driver that the SMM variable service is ready.
> +#  This module should be used with SMM Runtime DXE module together. The
> +#  SMM Runtime DXE module would install variable arch protocol and variable
> +#  write arch protocol based on SMM variable module.
> +#
> +#  Caution: This module requires additional review when modified.
> +#  This driver will have external input - variable data and communicate 
> buffer in
> SMM mode.
> +#  This external input must be validated carefully to avoid security issues 
> such
> as
> +#  buffer overflow or integer overflow.
> +#The whole SMM authentication variable design relies on the integrity of
> flash part and SMM.
> +#  which is assumed to be protected by platform.  All variable code and
> metadata in flash/SMM Memory
> +#  may not be modified without authorization. If platform fails to protect 
> these
> resources,
> +#  the authentication service provided in this driver will be broken, and the
> behavior is undefined.
> +#
> +# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
> +# This program and the accompanying materials
> +# are licensed and made available under the terms and conditions of the BSD
> License
> +# which accompanies this distribution. The full text of the license may be 
> found
> at
> +# http://opensource.org/licenses/bsd-license.php
> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON 

[edk2] [PATCH 6/6] MdeModulePkg/VariableRuntimeDxe: implement standalone MM version

[Ard Biesheuvel]

Reuse most of the existing code to implement a variable runtime
driver that will be able to execute in the context of standalone
MM.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel 
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c   |  69 
++
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 135 

 2 files changed, 204 insertions(+)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
new file mode 100644
index ..fbc99467c057
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
@@ -0,0 +1,69 @@
+/** @file
+
+  Parts of the SMM/MM implementation that are specific to standalone MM
+
+Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved. 
+Copyright (c) 2018, Linaro, Ltd. All rights reserved. 
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD 
License
+which accompanies this distribution.  The full text of the license may be 
found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "Variable.h"
+
+BOOLEAN
+VariableSmmIsBufferOutsideSmmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64Length
+  )
+{
+  return TRUE;
+}
+
+/**
+  Notify the system that the SMM variable driver is ready
+**/
+VOID
+VariableNotifySmmReady (
+  VOID
+  )
+{
+}
+
+/**
+  Notify the system that the SMM variable write driver is ready
+**/
+VOID
+VariableNotifySmmWriteReady (
+  VOID
+  )
+{
+}
+
+EFI_STATUS
+EFIAPI
+VariableServiceInitialize (
+  IN EFI_HANDLE   ImageHandle,
+  IN EFI_MM_SYSTEM_TABLE  *MmSystemTable
+  )
+{
+  return MmVariableServiceInitialize ();
+}
+
+/**
+  Whether the TCG or TCG2 protocols are installed in the UEFI protocol 
database.
+  This information is used by the MorLock code to infer whether an existing
+  MOR variable is legitimate or not.
+**/
+BOOLEAN
+VariableHaveTcgProtocols (
+  VOID
+  )
+{
+  return FALSE;
+}
diff --git 
a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
new file mode 100644
index ..54d647af914c
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
@@ -0,0 +1,135 @@
+## @file
+#  Provides SMM variable service.
+#
+#  This module installs SMM variable protocol into SMM protocol database,
+#  which can be used by SMM driver, and installs SMM variable protocol
+#  into BS protocol database, which can be used to notify the SMM Runtime
+#  Dxe driver that the SMM variable service is ready.
+#  This module should be used with SMM Runtime DXE module together. The
+#  SMM Runtime DXE module would install variable arch protocol and variable
+#  write arch protocol based on SMM variable module.
+#
+#  Caution: This module requires additional review when modified.
+#  This driver will have external input - variable data and communicate buffer 
in SMM mode.
+#  This external input must be validated carefully to avoid security issues 
such as
+#  buffer overflow or integer overflow.
+#The whole SMM authentication variable design relies on the integrity of 
flash part and SMM.
+#  which is assumed to be protected by platform.  All variable code and 
metadata in flash/SMM Memory
+#  may not be modified without authorization. If platform fails to protect 
these resources,
+#  the authentication service provided in this driver will be broken, and the 
behavior is undefined.
+#
+# Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD 
License
+# which accompanies this distribution. The full text of the license may be 
found at
+# http://opensource.org/licenses/bsd-license.php
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+  INF_VERSION= 0x0001001A
+  BASE_NAME  = VariableStandaloneMm
+  FILE_GUID  = 7ee2c0c1-c21a-4113-a53a-66824a95696f
+  MODULE_TYPE= MM_STANDALONE
+  VERSION_STRING = 1.0
+  PI_SPECIFICATION_VERSION   = 0x00010032
+  ENTRY_POINT= VariableServiceInitialize
+
+#
+# The following information is for reference only and not required by the 
build tools.
+#
+#  VALID_ARCHITECTURES   = AARCH64
+#
+
+
+[Sources]
+  Reclaim.c
+  Variable.c
+  VariableSmm.c
+  VariableStandaloneMm.c
+  VarCheck.c
+  Variable.h
+