subject:"Re\: \[edk2\] \[PATCH v2 11\/11\] StandaloneMmPkg\/Core\: permit encapsulated firmware volumes"

Re: [edk2] [PATCH v2 11/11] StandaloneMmPkg/Core: permit encapsulated firmware volumes

2019-01-18 Thread Yao, Jiewen

Add Mike Kinney.

Hi Mike
Do you have any suggestion on how to implement this in a self-contained 
environment for gEfiMdePkgTokenSpaceGuid.PcdGuidedExtractHandlerTableAddress?

 STATIC UINT64 mExtractGuidedSectionHandlerInfo[64];
 PcdSet64 (PcdGuidedExtractHandlerTableAddress, 
(UINT64)mExtractGuidedSectionHandlerInfo);

Maybe, we can consider below from secure coding perspective.
1) Define a MACRO for 64.
2) Add a check (somewhere) to see if there is overflow on 64, then stop and 
report error.



Thank you
Yao Jiewen

> -Original Message-
> From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
> Sent: Friday, January 18, 2019 7:42 AM
> To: Yao, Jiewen 
> Cc: edk2-devel@lists.01.org; Achin Gupta ;
> Supreeth Venkatesh ; Leif Lindholm
> ; Jagadeesh Ujja ;
> Thomas Panakamattam Abraham ; Sami
> Mujawar 
> Subject: Re: [PATCH v2 11/11] StandaloneMmPkg/Core: permit encapsulated
> firmware volumes
> 
> On Fri, 18 Jan 2019 at 16:40, Yao, Jiewen  wrote:
> >
> > The idea seems good.
> >
> > May I know if there is any restriction on 64 handlers?
> >
> > +STATIC UINT64 mExtractGuidedSectionHandlerInfo[64];
> >
> > If a system is configured with more handlers, what is expected behavior?
> >
> 
> Good question. I wasn't really sure how to implement this. For any
> given platform configuration, I don't think you will ever need more
> than one handler, unless you are encapsulating a compressed FV inside
> a signed FV perhaps?
> 
> Do you have any suggestions how to improve this code?
> 
> >
> > > -Original Message-
> > > From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
> > > Sent: Wednesday, January 16, 2019 12:23 PM
> > > To: edk2-devel@lists.01.org
> > > Cc: Ard Biesheuvel ; Achin Gupta
> > > ; Yao, Jiewen ;
> Supreeth
> > > Venkatesh ; Leif Lindholm
> > > ; Jagadeesh Ujja ;
> > > Thomas Panakamattam Abraham ; Sami
> > > Mujawar 
> > > Subject: [PATCH v2 11/11] StandaloneMmPkg/Core: permit encapsulated
> > > firmware volumes
> > >
> > > Standalone MM requires 4 KB section alignment for all images, so that
> > > strict permissions can be applied. Unfortunately, this results in a
> > > lot of wasted space, which is usually costly in the secure world
> > > environment that standalone MM is expected to operate in.
> > >
> > > So let's permit the standalone MM drivers (but not the core) to be
> > > delivered in a compressed firmware volume.
> > >
> > > Contributed-under: TianoCore Contribution Agreement 1.1
> > > Signed-off-by: Ard Biesheuvel 
> > > ---
> > >  StandaloneMmPkg/Core/FwVol.c
> > > | 99 ++--
> > >  StandaloneMmPkg/Core/StandaloneMmCore.inf
> > > |  1 +
> > >
> > >
> StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standal
> > > oneMmCoreEntryPoint.c |  5 +
> > >
> > >
> StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCo
> > > reEntryPoint.inf   |  3 +
> > >  4 files changed, 99 insertions(+), 9 deletions(-)
> > >
> > > diff --git a/StandaloneMmPkg/Core/FwVol.c
> > > b/StandaloneMmPkg/Core/FwVol.c
> > > index 5abf98c24797..8eb827dda5c4 100644
> > > --- a/StandaloneMmPkg/Core/FwVol.c
> > > +++ b/StandaloneMmPkg/Core/FwVol.c
> > > @@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF
> > > ANY KIND, EITHER EXPRESS OR IMPLIED.
> > >
> > >  #include "StandaloneMmCore.h"
> > >  #include 
> > > +#include 
> > >
> > >  //
> > >  // List of file types supported by dispatcher
> > > @@ -65,15 +66,25 @@ Returns:
> > >
> > >  --*/
> > >  {
> > > -  EFI_STATUS  Status;
> > > -  EFI_STATUS  DepexStatus;
> > > -  EFI_FFS_FILE_HEADER *FileHeader;
> > > -  EFI_FV_FILETYPE FileType;
> > > -  VOID*Pe32Data;
> > > -  UINTN   Pe32DataSize;
> > > -  VOID*Depex;
> > > -  UINTN   DepexSize;
> > > -  UINTN   Index;
> > > +  EFI_STATUS  Status;
> > > +  EFI_STATUS  DepexStatus;
> > > +  EFI_FFS_FILE_HEADER *FileHeader;
> > > +  EFI_FV_FILETYPE FileType;
> > > +  VOID*Pe32Data;
> > > +  UINTN   Pe32DataSize;
> > > +  VOID*Depex;
> > > +  UINTN   DepexSize;
> > > +  UINTN   Index;
> > > +  EFI_COMMON_SECTION_HEADER   *Section;
> > > +  VOID*SectionData;
> > > +  UINTN   SectionDataSize;
> > > +  UINT32  DstBufferSize;
> > > +  VOID*ScratchBuffer;
> > > +  UINT32  ScratchBufferSize;
> > > +  VOID*DstBuffer;
> > > +  UINT16  SectionAttribute;
> > > +  UINT32
> AuthenticationStatus;
> > > +  EFI_FIRMWARE_VOLUME_HEADER  *InnerFvHeader;
> > >
> > >DEBUG

Re: [edk2] [PATCH v2 11/11] StandaloneMmPkg/Core: permit encapsulated firmware volumes

2019-01-18 Thread Ard Biesheuvel

On Fri, 18 Jan 2019 at 16:40, Yao, Jiewen  wrote:
>
> The idea seems good.
>
> May I know if there is any restriction on 64 handlers?
>
> +STATIC UINT64 mExtractGuidedSectionHandlerInfo[64];
>
> If a system is configured with more handlers, what is expected behavior?
>

Good question. I wasn't really sure how to implement this. For any
given platform configuration, I don't think you will ever need more
than one handler, unless you are encapsulating a compressed FV inside
a signed FV perhaps?

Do you have any suggestions how to improve this code?

>
> > -Original Message-
> > From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
> > Sent: Wednesday, January 16, 2019 12:23 PM
> > To: edk2-devel@lists.01.org
> > Cc: Ard Biesheuvel ; Achin Gupta
> > ; Yao, Jiewen ; Supreeth
> > Venkatesh ; Leif Lindholm
> > ; Jagadeesh Ujja ;
> > Thomas Panakamattam Abraham ; Sami
> > Mujawar 
> > Subject: [PATCH v2 11/11] StandaloneMmPkg/Core: permit encapsulated
> > firmware volumes
> >
> > Standalone MM requires 4 KB section alignment for all images, so that
> > strict permissions can be applied. Unfortunately, this results in a
> > lot of wasted space, which is usually costly in the secure world
> > environment that standalone MM is expected to operate in.
> >
> > So let's permit the standalone MM drivers (but not the core) to be
> > delivered in a compressed firmware volume.
> >
> > Contributed-under: TianoCore Contribution Agreement 1.1
> > Signed-off-by: Ard Biesheuvel 
> > ---
> >  StandaloneMmPkg/Core/FwVol.c
> > | 99 ++--
> >  StandaloneMmPkg/Core/StandaloneMmCore.inf
> > |  1 +
> >
> > StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standal
> > oneMmCoreEntryPoint.c |  5 +
> >
> > StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCo
> > reEntryPoint.inf   |  3 +
> >  4 files changed, 99 insertions(+), 9 deletions(-)
> >
> > diff --git a/StandaloneMmPkg/Core/FwVol.c
> > b/StandaloneMmPkg/Core/FwVol.c
> > index 5abf98c24797..8eb827dda5c4 100644
> > --- a/StandaloneMmPkg/Core/FwVol.c
> > +++ b/StandaloneMmPkg/Core/FwVol.c
> > @@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF
> > ANY KIND, EITHER EXPRESS OR IMPLIED.
> >
> >  #include "StandaloneMmCore.h"
> >  #include 
> > +#include 
> >
> >  //
> >  // List of file types supported by dispatcher
> > @@ -65,15 +66,25 @@ Returns:
> >
> >  --*/
> >  {
> > -  EFI_STATUS  Status;
> > -  EFI_STATUS  DepexStatus;
> > -  EFI_FFS_FILE_HEADER *FileHeader;
> > -  EFI_FV_FILETYPE FileType;
> > -  VOID*Pe32Data;
> > -  UINTN   Pe32DataSize;
> > -  VOID*Depex;
> > -  UINTN   DepexSize;
> > -  UINTN   Index;
> > +  EFI_STATUS  Status;
> > +  EFI_STATUS  DepexStatus;
> > +  EFI_FFS_FILE_HEADER *FileHeader;
> > +  EFI_FV_FILETYPE FileType;
> > +  VOID*Pe32Data;
> > +  UINTN   Pe32DataSize;
> > +  VOID*Depex;
> > +  UINTN   DepexSize;
> > +  UINTN   Index;
> > +  EFI_COMMON_SECTION_HEADER   *Section;
> > +  VOID*SectionData;
> > +  UINTN   SectionDataSize;
> > +  UINT32  DstBufferSize;
> > +  VOID*ScratchBuffer;
> > +  UINT32  ScratchBufferSize;
> > +  VOID*DstBuffer;
> > +  UINT16  SectionAttribute;
> > +  UINT32  AuthenticationStatus;
> > +  EFI_FIRMWARE_VOLUME_HEADER  *InnerFvHeader;
> >
> >DEBUG ((DEBUG_INFO, "MmCoreFfsFindMmDriver - 0x%x\n",
> > FwVolHeader));
> >
> > @@ -83,6 +94,71 @@ Returns:
> >
> >FvIsBeingProcesssed (FwVolHeader);
> >
> > +  //
> > +  // First check for encapsulated compressed firmware volumes
> > +  //
> > +  FileHeader = NULL;
> > +  do {
> > +Status = FfsFindNextFile
> > (EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE,
> > +   FwVolHeader, );
> > +if (EFI_ERROR (Status)) {
> > +  break;
> > +}
> > +Status = FfsFindSectionData (EFI_SECTION_GUID_DEFINED,
> > FileHeader,
> > +   , );
> > +if (EFI_ERROR (Status)) {
> > +  break;
> > +}
> > +Section = (EFI_COMMON_SECTION_HEADER *)(FileHeader + 1);
> > +Status = ExtractGuidedSectionGetInfo (Section, ,
> > +   , );
> > +if (EFI_ERROR (Status)) {
> > +  break;
> > +}
> > +
> > +//
> > +// Allocate scratch buffer
> > +//
> > +ScratchBuffer = (VOID *)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES
> > (ScratchBufferSize));
> > +if (ScratchBuffer == NULL) {
> > +  return EFI_OUT_OF_RESOURCES;
> > +}
> > +
> > +

Re: [edk2] [PATCH v2 11/11] StandaloneMmPkg/Core: permit encapsulated firmware volumes

2019-01-18 Thread Yao, Jiewen

The idea seems good.

May I know if there is any restriction on 64 handlers?

+STATIC UINT64 mExtractGuidedSectionHandlerInfo[64];

If a system is configured with more handlers, what is expected behavior?


Thank you
Yao Jiewen


> -Original Message-
> From: Ard Biesheuvel [mailto:ard.biesheu...@linaro.org]
> Sent: Wednesday, January 16, 2019 12:23 PM
> To: edk2-devel@lists.01.org
> Cc: Ard Biesheuvel ; Achin Gupta
> ; Yao, Jiewen ; Supreeth
> Venkatesh ; Leif Lindholm
> ; Jagadeesh Ujja ;
> Thomas Panakamattam Abraham ; Sami
> Mujawar 
> Subject: [PATCH v2 11/11] StandaloneMmPkg/Core: permit encapsulated
> firmware volumes
> 
> Standalone MM requires 4 KB section alignment for all images, so that
> strict permissions can be applied. Unfortunately, this results in a
> lot of wasted space, which is usually costly in the secure world
> environment that standalone MM is expected to operate in.
> 
> So let's permit the standalone MM drivers (but not the core) to be
> delivered in a compressed firmware volume.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel 
> ---
>  StandaloneMmPkg/Core/FwVol.c
> | 99 ++--
>  StandaloneMmPkg/Core/StandaloneMmCore.inf
> |  1 +
> 
> StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/Standal
> oneMmCoreEntryPoint.c |  5 +
> 
> StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCo
> reEntryPoint.inf   |  3 +
>  4 files changed, 99 insertions(+), 9 deletions(-)
> 
> diff --git a/StandaloneMmPkg/Core/FwVol.c
> b/StandaloneMmPkg/Core/FwVol.c
> index 5abf98c24797..8eb827dda5c4 100644
> --- a/StandaloneMmPkg/Core/FwVol.c
> +++ b/StandaloneMmPkg/Core/FwVol.c
> @@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF
> ANY KIND, EITHER EXPRESS OR IMPLIED.
> 
>  #include "StandaloneMmCore.h"
>  #include 
> +#include 
> 
>  //
>  // List of file types supported by dispatcher
> @@ -65,15 +66,25 @@ Returns:
> 
>  --*/
>  {
> -  EFI_STATUS  Status;
> -  EFI_STATUS  DepexStatus;
> -  EFI_FFS_FILE_HEADER *FileHeader;
> -  EFI_FV_FILETYPE FileType;
> -  VOID*Pe32Data;
> -  UINTN   Pe32DataSize;
> -  VOID*Depex;
> -  UINTN   DepexSize;
> -  UINTN   Index;
> +  EFI_STATUS  Status;
> +  EFI_STATUS  DepexStatus;
> +  EFI_FFS_FILE_HEADER *FileHeader;
> +  EFI_FV_FILETYPE FileType;
> +  VOID*Pe32Data;
> +  UINTN   Pe32DataSize;
> +  VOID*Depex;
> +  UINTN   DepexSize;
> +  UINTN   Index;
> +  EFI_COMMON_SECTION_HEADER   *Section;
> +  VOID*SectionData;
> +  UINTN   SectionDataSize;
> +  UINT32  DstBufferSize;
> +  VOID*ScratchBuffer;
> +  UINT32  ScratchBufferSize;
> +  VOID*DstBuffer;
> +  UINT16  SectionAttribute;
> +  UINT32  AuthenticationStatus;
> +  EFI_FIRMWARE_VOLUME_HEADER  *InnerFvHeader;
> 
>DEBUG ((DEBUG_INFO, "MmCoreFfsFindMmDriver - 0x%x\n",
> FwVolHeader));
> 
> @@ -83,6 +94,71 @@ Returns:
> 
>FvIsBeingProcesssed (FwVolHeader);
> 
> +  //
> +  // First check for encapsulated compressed firmware volumes
> +  //
> +  FileHeader = NULL;
> +  do {
> +Status = FfsFindNextFile
> (EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE,
> +   FwVolHeader, );
> +if (EFI_ERROR (Status)) {
> +  break;
> +}
> +Status = FfsFindSectionData (EFI_SECTION_GUID_DEFINED,
> FileHeader,
> +   , );
> +if (EFI_ERROR (Status)) {
> +  break;
> +}
> +Section = (EFI_COMMON_SECTION_HEADER *)(FileHeader + 1);
> +Status = ExtractGuidedSectionGetInfo (Section, ,
> +   , );
> +if (EFI_ERROR (Status)) {
> +  break;
> +}
> +
> +//
> +// Allocate scratch buffer
> +//
> +ScratchBuffer = (VOID *)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES
> (ScratchBufferSize));
> +if (ScratchBuffer == NULL) {
> +  return EFI_OUT_OF_RESOURCES;
> +}
> +
> +//
> +// Allocate destination buffer
> +//
> +DstBuffer = (VOID *)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES
> (DstBufferSize));
> +if (DstBuffer == NULL) {
> +  return EFI_OUT_OF_RESOURCES;
> +}
> +
> +//
> +// Call decompress function
> +//
> +Status = ExtractGuidedSectionDecode (Section, ,
> ScratchBuffer,
> +   );
> +FreePages (ScratchBuffer, EFI_SIZE_TO_PAGES (ScratchBufferSize));
> +if (EFI_ERROR (Status)) {
> +  goto FreeDstBuffer;
> +}
> +
> +DEBUG ((DEBUG_INFO,
> +

Re: [edk2] [PATCH v2 11/11] StandaloneMmPkg/Core: permit encapsulated firmware volumes

Re: [edk2] [PATCH v2 11/11] StandaloneMmPkg/Core: permit encapsulated firmware volumes

Re: [edk2] [PATCH v2 11/11] StandaloneMmPkg/Core: permit encapsulated firmware volumes

3 matches

Site Navigation

Mail list logo

Footer information