Commit Graph

24 Commits

Author SHA1 Message Date
Laszlo Ersek efb0f16e98 OvmfPkg: decompress FVs on S3 resume if SMM_REQUIRE is set
If OVMF was built with -D SMM_REQUIRE, that implies that the runtime OS is
not trusted and we should defend against it tampering with the firmware's
data.

One such datum is the PEI firmware volume (PEIFV). Normally PEIFV is
decompressed on the first boot by SEC, then the OS preserves it across S3
suspend-resume cycles; at S3 resume SEC just reuses the originally
decompressed PEIFV.

However, if we don't trust the OS, then SEC must decompress PEIFV from the
pristine flash every time, lest we execute OS-injected code or work with
OS-injected data.

Due to how FVMAIN_COMPACT is organized, we can't decompress just PEIFV;
the decompression brings DXEFV with itself, plus it uses a temporary
output buffer and a scratch buffer too, which even reach above the end of
the finally installed DXEFV. For this reason we must keep away a
non-malicious OS from DXEFV too, plus the memory up to
PcdOvmfDecomprScratchEnd.

The delay introduced by the LZMA decompression on S3 resume is negligible.

If -D SMM_REQUIRE is not specified, then PcdSmmSmramRequire remains FALSE
(from the DEC file), and then this patch has no effect (not counting some
changed debug messages).

If QEMU doesn't support S3 (or the user disabled it on the QEMU command
line), then this patch has no effect also.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19037 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:41:24 +00:00
Laszlo Ersek 9beac0d847 OvmfPkg: Sec: assert the build-time calculated end of the scratch buffer
The DecompressMemFvs() function in "OvmfPkg/Sec/SecMain.c" uses more
memory, temporarily, than what PEIFV and DXEFV will ultimately need.
First, it uses an output buffer for decompression, second, the
decompression itself needs a scratch buffer (and this scratch buffer is
the highest area that SEC uses).

DecompressMemFvs() used to be called on normal boots only (ie. not on S3
resume), which is why the decompression output buffer and the scratch
buffer were allowed to scribble over RAM. However, we'll soon start to
worry during S3 resume that the runtime OS might tamper with the
pre-decompressed PEIFV, and we'll decompress the firmware volumes on S3
resume too, from pristine flash. For this we'll need to know the end of
the scratch buffer in advance, so we can prepare a non-malicious OS for
it.

Calculate the end of the scratch buffer statically in the FDF files, and
assert in DecompressMemFvs() that the runtime decompression will match it.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19036 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:41:20 +00:00
Laszlo Ersek 320b4f084a OvmfPkg: Sec: force reinit of BaseExtractGuidedSectionLib handler table
BaseExtractGuidedSectionLib uses a table at the static physical address
PcdGuidedExtractHandlerTableAddress, and modules that are linked against
BaseExtractGuidedSectionLib are expected to work together on that table.
Namely, some modules can register handlers for GUIDed sections, some other
modules can decode such sections with the pre-registered handlers. The
table carries persistent information between these modules.

BaseExtractGuidedSectionLib checks a table signature whenever it is used
(by whichever module that is linked against it), and at the first use
(identified by a signature mismatch) it initializes the table.

One of the module types that BaseExtractGuidedSectionLib can be used with
is SEC, if the SEC module in question runs with the platform's RAM already
available.

In such cases the question emerges whether the initial contents of the RAM
(ie. contents that predate the very first signature check) can be trusted.
Normally RAM starts out with all zeroes (leading to a signature mismatch
on the first check); however a malicious runtime OS can populate the area
with some payload, then force a warm platform reset or an S3
suspend-and-resume. In such cases the signature check in the SEC module
might not fire, and ExtractGuidedSectionDecode() might run code injected
by the runtime OS, as part of SEC (ie. with high privileges).

Therefore we clear the handler table in SEC.

See also git commit ad43bc6b2e (SVN rev 15433) -- this patch secures the
(d) and (e) code paths examined in that commit. Furthermore, a
non-malicious runtime OS will observe no change in behavior; see case (c)
in said commit.

Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
[michael.d.kinney@intel.com: prevent VS20xx loop intrinsic with volatile]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19035 6f19259b-4bc3-4df7-8a09-765794883524
2015-11-30 18:41:14 +00:00
Michael Kinney f3e34b9d8c OvmfPkg: Sec: Fix SOURCE_DEBUG_ENABLE ASSERT()
The update to the LocalApicLib instances to make sure the Local APIC is
initialized before use (SVN r18595 / git commit 6d72ff7d9d) generates an
ASSERT() when SOURCE_DEBUG_ENABLE is enabled for OVMF.

The fix is to initialize the Local APIC Timer and mask it before
initializing the DebugAgent.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
[lersek@redhat.com: rewrap code comment, rewrap commit msg, add precise
 commit ref]

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18622 6f19259b-4bc3-4df7-8a09-765794883524
2015-10-16 16:48:24 +00:00
Laszlo Ersek 6394c35a7d OvmfPkg: fix conversion specifiers in DEBUG format strings
Cc: Scott Duplichan <scott@notabs.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Reported-by: Scott Duplichan <scott@notabs.org>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Build-tested-by: Scott Duplichan <scott@notabs.org>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18095 6f19259b-4bc3-4df7-8a09-765794883524
2015-07-28 18:33:23 +00:00
Jordan Justen a781f7099b OvmfPkg/Sec: Don't decompress the FV on S3 resume
Since we marked the FV at PcdOvmfPeiMemFvBase as ACPI NVS memory,
we can use it on S3 resume.

The FV at PcdOvmfDxeMemFvBase may have been overwritten by the OS,
but we do not use it's contents on S3 resume.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15296 6f19259b-4bc3-4df7-8a09-765794883524
2014-03-04 08:02:37 +00:00
Jordan Justen b36f701d4f OvmfPkg: Split MAINFV into a separate PEI and DXE FVs
By splitting the PEI and DXE phases into separate FVs,
we can only reserve the PEI FV for ACPI S3 support.
This should save about 7MB.

Unfortunately, this all has to happen in a single commit.

DEC:
* Remove PcdOvmfMemFv(Base|Size)
* Add PcdOvmfPeiMemFv(Base|Size)
* Add PcdOvmfDxeMemFv(Base|Size)

FDF:
* Add new PEIFV. Move PEI modules here.
* Remove MAINFV
* Add PEIFV and DXEFV into FVMAIN_COMPACT
   - They are added as 2 sections of a file, and compressed
     together so they should retain good compression
* PcdOvmf(Pei|Dxe)MemFv(Base|Size) are set

SEC:
* Find both the PEI and DXE FVs after decompression.
   - Copy them separately to their memory locations.

Platform PEI driver:
* Fv.c: Publish both FVs as appropriate
* MemDetect.c: PcdOvmfMemFv(Base|Size) =>
                PcdOvmfDxeMemFv(Base|Size)

OVMF.fd before:

  Non-volatile data storage
  FVMAIN_COMPACT                    uncompressed
    FV FFS file                     LZMA compressed
      MAINFV                        uncompressed
        individual PEI modules      uncompressed
        FV FFS file                 compressed with PI_NONE
          DXEFV                     uncompressed
            individual DXE modules  uncompressed
  SECFV                             uncompressed

OVMF.fd after:

  Non-volatile data storage
  FVMAIN_COMPACT                    uncompressed
    FV FFS file                     LZMA compressed
      PEIFV                         uncompressed
        individual PEI modules      uncompressed
      DXEFV                         uncompressed
        individual DXE modules      uncompressed
  SECFV                             uncompressed

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15151 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-21 19:39:13 +00:00
Jordan Justen 4b4b783dbe OvmfPkg/Sec: Add FindFfsSectionInstance
This allow you to search for an 'instance' of a section
within a series of FFS sections.

For example, we will split the MAINFV into a PEI and DXE
FV, and then compress those two FV's together within a
FFS FV file. The DXE FV will appear as the second section
of the file, and therefore we will search for it using
an Instance=1 value.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15150 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-21 19:39:04 +00:00
Jordan Justen b6f564a763 OvmfPkg/Sec: Remove EFIAPI from functions that don't require it
These are all internal functions that don't interface with
assembly code or other drivers. Therefore EFIAPI is not
required.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15149 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-21 19:38:57 +00:00
Jordan Justen c67178b772 OvmfPkg/Sec: Cleanup debug messages
Remove some not-so-useful messages (during FV scanning).

Convert ERROR to INFO and vise versa where appropriate.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15148 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-21 19:38:50 +00:00
Jordan Justen 7cb6b0e068 OvmfPkg: Move SEC/PEI Temporary RAM from 0x70000 to 0x810000
Note: The Temporary RAM memory size is being reduced from
      64KB to 32KB. This still appears to be more than
      adequate for OVMF's early PEI phase. We will be adding
      another 32KB range of RAM just above this range for
      use on S3 resume.

The range is declared as part of MEMFD, so it is easier
to identify the memory range.

We also now assign PCDs to the memory range.

The PCDs are used to set the initial SEC/PEI stack in
SEC's assembly code.

The PCDs are also used in the SEC C code to setup
the Temporary RAM PPI.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15147 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-21 19:38:43 +00:00
Jordan Justen b382ede386 OvmfPkg X64 ResetVector: Move page tables from 512KB to 8MB
To help consolidate OVMF fixed memory uses, we declare this
range in MEMFD and thereby move it to 8MB.

We also now declare the table range in the FDF to set
PCDs. This allows us to ASSERT that CR3 is set as expected
in OVMF SEC.

OvmfPkgIa32.fdf and OvmfPkgIa32X64.fdf are updated simply
for consistency.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15146 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-21 19:38:34 +00:00
Jordan Justen bb4aa855f3 OvmfPkg/Sec/SecMain.c: Convert to CRLF (dos) text
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15145 6f19259b-4bc3-4df7-8a09-765794883524
2014-01-21 19:38:25 +00:00
Jordan Justen 29d3b19998 OvmfPkg/Sec: Stop building identity mapped pages in SEC
Now for X64 we use a VTF0 ResetVector which puts the page
tables in RAM. Therefore SEC no longer needs to do this.

This reverts commit r14494.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14719 6f19259b-4bc3-4df7-8a09-765794883524
2013-09-24 18:23:53 +00:00
Jordan Justen 6cf5778961 OvmfPkg/Sec: Build identity mapped pages in RAM for X64
This is based on MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c.

Previously we would run using page tables built into the
firmware device.

If a flash memory is available, it is unsafe for the page
tables to be stored in memory since the processor may try
to write to the page table data structures.

Additionally, when KVM ROM support is enabled for the
firmware device, then PEI fails to boot when the page
tables are in the firmware device.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14494 6f19259b-4bc3-4df7-8a09-765794883524
2013-07-18 22:51:27 +00:00
jljusten a473e4163b OvmfPkg: Remove variables that are set, but not used
GCC 4.6 generates a warning when a variable is set,
but never used.

Signed-off-by: jljusten

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12615 6f19259b-4bc3-4df7-8a09-765794883524
2011-10-31 15:57:12 +00:00
vanjeff d0a3ead235 Changed TEMPORARY_RAM_SUPPORT_PPI to EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11385 6f19259b-4bc3-4df7-8a09-765794883524
2011-03-14 02:03:35 +00:00
mdkinney 42a83e80f3 Clean up SEC implementation for Ovmf.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10770 6f19259b-4bc3-4df7-8a09-765794883524
2010-08-03 07:41:54 +00:00
hhtian 56d7640a53 Update the copyright notice format
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10439 6f19259b-4bc3-4df7-8a09-765794883524
2010-04-28 12:43:04 +00:00
jljusten cb0a42901a OVMF SEC: Fix VS2005 compiler warnings
* FindPeiCore.c => FindFfsFileAndSection: remove unreachable code
* SecMain.c => SecCoreStartupWithStack: confirm 64-bit to 32-bit
  conversion with IA32 builds.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@9679 6f19259b-4bc3-4df7-8a09-765794883524
2010-01-06 06:31:12 +00:00
jljusten c1c2669c6b OVMF: Update OVMF FD/FV build to minimize ROM size
* Only SEC is uncompressed now
* The MAIN FV with PEI & DXE can easily shrink and grow as needed
* The final output will now be OVMF.Fv rather than OVMF.fd
* The final output size will be a multiple of 64kb

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@9672 6f19259b-4bc3-4df7-8a09-765794883524
2010-01-04 16:17:59 +00:00
jljusten 0913fadc1a OVMF SEC: Modify to match new interface of reset vector module
Previously the interface to the SEC module was:
  ESI/RSI - SEC Core entry point
  EDI/RDI - PEI Core entry point
  EBP/RBP - Start of BFV

Now it is:
  RAX/EAX  Initial value of the EAX register
           (BIST: Built-in Self Test)
  DI       'BP': boot-strap processor, or
           'AP': application processor
  RBP/EBP  Address of Boot Firmware Volume (BFV)

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@9572 6f19259b-4bc3-4df7-8a09-765794883524
2009-12-16 23:29:17 +00:00
qhuang8 284af948b6 Use InitializeFloatingPointUnits() from UefiCpuLib to initialize floating point units in SEC phase.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@9481 6f19259b-4bc3-4df7-8a09-765794883524
2009-11-25 04:26:09 +00:00
jljusten 49ba9447c9 Add initial version of Open Virtual Machine Firmware (OVMF) platform.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@8398 6f19259b-4bc3-4df7-8a09-765794883524
2009-05-27 21:10:18 +00:00