diff options
| author | Ard Biesheuvel <ard.biesheuvel@linaro.org> | 2019-01-01 16:57:44 +0100 |
|---|---|---|
| committer | Ard Biesheuvel <ard.biesheuvel@linaro.org> | 2019-03-11 12:51:12 +0100 |
| commit | d65e0e4881b76916be3002b1ca0ff8148d189d77 (patch) | |
| tree | 2ff86f87a6eb79c8feec209d4f7a56853ad4f3b6 /StandaloneMmPkg/Core | |
| parent | 4b771927c801a873c8b8169b07e77e64d7726198 (diff) | |
| download | edk2-d65e0e4881b76916be3002b1ca0ff8148d189d77.tar.gz edk2-d65e0e4881b76916be3002b1ca0ff8148d189d77.tar.bz2 edk2-d65e0e4881b76916be3002b1ca0ff8148d189d77.zip | |
StandaloneMmPkg/Core: permit encapsulated firmware volumes
Standalone MM requires 4 KB section alignment for all images, so that
strict permissions can be applied. Unfortunately, this results in a
lot of wasted space, which is usually costly in the secure world
environment that standalone MM is expected to operate in.
So let's permit the standalone MM drivers (but not the core) to be
delivered in a compressed firmware volume.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: Achin Gupta <achin.gupta@arm.com>
Diffstat (limited to 'StandaloneMmPkg/Core')
| -rw-r--r-- | StandaloneMmPkg/Core/FwVol.c | 99 | ||||
| -rw-r--r-- | StandaloneMmPkg/Core/StandaloneMmCore.inf | 1 |
2 files changed, 91 insertions, 9 deletions
diff --git a/StandaloneMmPkg/Core/FwVol.c b/StandaloneMmPkg/Core/FwVol.c index 5abf98c247..d95491f252 100644 --- a/StandaloneMmPkg/Core/FwVol.c +++ b/StandaloneMmPkg/Core/FwVol.c @@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include "StandaloneMmCore.h"
#include <Library/FvLib.h>
+#include <Library/ExtractGuidedSectionLib.h>
//
// List of file types supported by dispatcher
@@ -65,15 +66,25 @@ Returns: --*/
{
- EFI_STATUS Status;
- EFI_STATUS DepexStatus;
- EFI_FFS_FILE_HEADER *FileHeader;
- EFI_FV_FILETYPE FileType;
- VOID *Pe32Data;
- UINTN Pe32DataSize;
- VOID *Depex;
- UINTN DepexSize;
- UINTN Index;
+ EFI_STATUS Status;
+ EFI_STATUS DepexStatus;
+ EFI_FFS_FILE_HEADER *FileHeader;
+ EFI_FV_FILETYPE FileType;
+ VOID *Pe32Data;
+ UINTN Pe32DataSize;
+ VOID *Depex;
+ UINTN DepexSize;
+ UINTN Index;
+ EFI_COMMON_SECTION_HEADER *Section;
+ VOID *SectionData;
+ UINTN SectionDataSize;
+ UINT32 DstBufferSize;
+ VOID *ScratchBuffer;
+ UINT32 ScratchBufferSize;
+ VOID *DstBuffer;
+ UINT16 SectionAttribute;
+ UINT32 AuthenticationStatus;
+ EFI_FIRMWARE_VOLUME_HEADER *InnerFvHeader;
DEBUG ((DEBUG_INFO, "MmCoreFfsFindMmDriver - 0x%x\n", FwVolHeader));
@@ -83,6 +94,71 @@ Returns: FvIsBeingProcesssed (FwVolHeader);
+ //
+ // First check for encapsulated compressed firmware volumes
+ //
+ FileHeader = NULL;
+ do {
+ Status = FfsFindNextFile (EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE,
+ FwVolHeader, &FileHeader);
+ if (EFI_ERROR (Status)) {
+ break;
+ }
+ Status = FfsFindSectionData (EFI_SECTION_GUID_DEFINED, FileHeader,
+ &SectionData, &SectionDataSize);
+ if (EFI_ERROR (Status)) {
+ break;
+ }
+ Section = (EFI_COMMON_SECTION_HEADER *)(FileHeader + 1);
+ Status = ExtractGuidedSectionGetInfo (Section, &DstBufferSize,
+ &ScratchBufferSize, &SectionAttribute);
+ if (EFI_ERROR (Status)) {
+ break;
+ }
+
+ //
+ // Allocate scratch buffer
+ //
+ ScratchBuffer = (VOID *)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES (ScratchBufferSize));
+ if (ScratchBuffer == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ //
+ // Allocate destination buffer, extra one page for adjustment
+ //
+ DstBuffer = (VOID *)(UINTN)AllocatePages (EFI_SIZE_TO_PAGES (DstBufferSize));
+ if (DstBuffer == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ //
+ // Call decompress function
+ //
+ Status = ExtractGuidedSectionDecode (Section, &DstBuffer, ScratchBuffer,
+ &AuthenticationStatus);
+ FreePages (ScratchBuffer, EFI_SIZE_TO_PAGES (ScratchBufferSize));
+ if (EFI_ERROR (Status)) {
+ goto FreeDstBuffer;
+ }
+
+ DEBUG ((DEBUG_INFO,
+ "Processing compressed firmware volume (AuthenticationStatus == %x)\n",
+ AuthenticationStatus));
+
+ Status = FindFfsSectionInSections (DstBuffer, DstBufferSize,
+ EFI_SECTION_FIRMWARE_VOLUME_IMAGE, &Section);
+ if (EFI_ERROR (Status)) {
+ goto FreeDstBuffer;
+ }
+
+ InnerFvHeader = (VOID *)(Section + 1);
+ Status = MmCoreFfsFindMmDriver (InnerFvHeader);
+ if (EFI_ERROR (Status)) {
+ goto FreeDstBuffer;
+ }
+ } while (TRUE);
+
for (Index = 0; Index < sizeof (mMmFileTypes) / sizeof (mMmFileTypes[0]); Index++) {
DEBUG ((DEBUG_INFO, "Check MmFileTypes - 0x%x\n", mMmFileTypes[Index]));
FileType = mMmFileTypes[Index];
@@ -100,5 +176,10 @@ Returns: } while (!EFI_ERROR (Status));
}
+ return EFI_SUCCESS;
+
+FreeDstBuffer:
+ FreePages (DstBuffer, EFI_SIZE_TO_PAGES (DstBufferSize));
+
return Status;
}
diff --git a/StandaloneMmPkg/Core/StandaloneMmCore.inf b/StandaloneMmPkg/Core/StandaloneMmCore.inf index ff2b8b9cef..83d31e2d92 100644 --- a/StandaloneMmPkg/Core/StandaloneMmCore.inf +++ b/StandaloneMmPkg/Core/StandaloneMmCore.inf @@ -49,6 +49,7 @@ BaseMemoryLib
CacheMaintenanceLib
DebugLib
+ ExtractGuidedSectionLib
FvLib
HobLib
MemoryAllocationLib
|