StandaloneMmCpu driver is only used for Arm architecture and
StandaloneMmCoreEntryPointLib for Arm has specific implementation with
StandaloneMmCpu driver.
Move StandaloneMmCpu Driver and StandaloneMmCoreEntryPointLib for Arm
to ArmPkg.
Continuous-integration-options: PatchCheck.ignore-multi-package
Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
Arm has three types of communication buffer
- Non secure communication buffer: shared buffer with NS partition
- Secure communication buffer: shared buffer with Secure partition
- Internal Misc service buffer: For misc service
i.e. for services that do not use MmCommunication protocol,
a buffer is created and populated internally.
Since, internal Misc service buffer is allocated dynamically in
StandaloneMm there is no additional check required for the Misc
service buffer.
This patch move sanity check of communication buffer from
StandaloneMmCpu Driver to StandaloneMmEntryPoint.
Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
There are 2 communication interfaces between the SPMC and StandaloneMM
1. SpmMM
2. FF-A
When SpmMM is enabled, TF-A acts as the SPMC at EL3 and the stack is setup
by TF-A for use by StandaloneMm. However, when FF-A is enabled, the SPMC
does not setup the stack for StandaloneMm and it is expected that the
StandaloneMm code will setup its own stack.
Therefore, reserve an area in the data region for use as the stack for
StandaloneMM. This stack will be used in both the scenarios described
above, i.e. when either SpmMM or FF-A is enabled.
Although the stack is reserved from the data section which is expected
to be Read-Write enabled, when TF-A maps the StandaloneMM binary into
the DRAM it configures the entire StandaloneMM memory as Read-Only.
Therefore, before the stack can be utilised, the PE Coff sections
need to be scanned to change the the stack region from Read-Only to
Read-Write.
Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
To support the service other than Mmcommunication service,
StandaloneMm should use FF-A v1.2 or later [0].
For this, StandaloneMm needs to change:
1. apply FF-A boot protocol
- FF-A uses its own boot protocol and it can deliver phit hob.
So, StandaloneMm should understand FF-A boot protocol and
get phit hob from it to initialize.
2. Use DIRECT_REQ2 / DIRECT_RESP2
- To support the other service via FF-A protocol
than MmCommunication,
StandaloneMm should use DIRECT_REQ2 / DIRECT_RESP2.
In case of service provided with MmCommunication protocol,
register x2/x3 value is set as gEfiMmCommunication2ProtocolGuid and
register x4 value is set with MmCommunication Buffer
(ServiceTypeMmCommunication).
In case of service with each speicifiation via FF-A,
register x2/x3 value is set as each service guid
and StandaloneMmCoreEntryPoint genreates Mm communication header
with passed arguments to dispatch this service
provided by StandaloneMm.
i.e) Tpm service, Firmware update service and etc.
(ServiceTypeMisc)
Link: https://developer.arm.com/documentation/den0077/latest/ [0]
Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
To remove hob creation in StandaloneMm entrypoint,
TF-A should pass PHIT hob information to StandaloneMm.
When it passes PHIT hob, it passes according to
firmware handoff specification[0].
This patch applies boot protocol using transfer list with firmware
handoff specification and remove hob creation in StandaloneMm
entrypoint.
Link: https://github.com/FirmwareHandoff/firmware_handoff [0]
Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
This patch introduces a PI_MM_CPU_DRIVER_EP protocol to handle
Mmcommunication request based on the CPU driver.
Previously the CPU driver entry point was retrieved using the
gEfiArmTfCpuDriverEntryPoint HOB.
However, this practice is incorrect as StandaloneMM must be a HOB
consumer and not a HOB producer.
Therefore, remove the CPU entry HOB gEfiArmTfCpuDriverEntryPoint,
and replace it with the CPU driver entry protocol
EDKII_PI_MM_CPU_DRIVER_EP_PROTOCOL.
The EDKII_PI_MM_CPU_DRIVER_EP_PROTOCOL installed in
StandaloneMmCpuInitialize() will be used by the code in
Arm/StandaloneMmCoreEntryPoint.
This protocol is used like below:
+=====+
|StandaloneMmCore|
+=====+
|
CEntryPoint()
===================
|
ProcessModuleEntryPointList()
|
+--> StandaloneMmMain()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| // Load StandaloneMmCpu driver which implements
| // CpuDriverEntryPoint used by DelegatedEventLoop().
| // and install the gEdkiiPiMmCpuDriverEpProtocolGuid.
--------------
|
... // Get CpuDriverEntryPoint implemented by
// StandaloneMmCpu driver with gEdkiiPiMmCpuDriverEpProtocolGuid
|
DelegatedEventLoop() // Handle request by delegating it to
// CpuDriverEntryPoint.
Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
CreateMmPlatformHob() is defined in the MmPlatformHobProducerLib
library class. The function is for StandaloneMm IPL to create all
Platform specific HOBs that required by the Standalone MM env.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Co-authored-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Co-authored-by: Ray Ni <ray.ni@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
This change fixes an issue where the returned section data length
is always 4 bytes larger than the actual section length. This could
cause an issue where the caller accesses the final 4 bytes which
would be invalid.
Co-authored-by: Kun Qin <kuqin@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Update entry point library for Arm to use the new architecture independent
StandaloneMmCpu driver.
Signed-off-by: Tuan Phan <tphan@ventanamicro.com>
Reviewed-by: levi.yun <yeoreum.yun@arm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
TF-A: TrustedFirmware-A
SPM: Secure Partition Manager(MM)
In TF-A, the name of this field is sp_shared_buf_size. This field is
the size of range for transmit data from TF-A to standaloneMM when
SPM enable.
SpPcpuSharedBufSize is pass from TF-A while StandaloneMM initialize.
So, SpPcpuSharedBufSize should be rename to SpSharedBufSize and this field
should no multiply by PayloadBootInfo->NumCpus;
Signed-off-by: Ming Huang <huangming@linux.alibaba.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737
Apply uncrustify changes to .c/.h files in the StandaloneMmPkg package
Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
This change allows to build StandaloneMmPkg components for 32bit Arm
StandaloneMm firmware.
This change mainly moves AArch64/ source files to Arm/ side directory
for several components: StandaloneMmCpu, StandaloneMmCoreEntryPoint
and StandaloneMmMemLib. The source file is built for both 32b and 64b
Arm targets.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3235
The library for this header initially resided in StandaloneMmPkg
but moved to MdePkg and now this file is a duplicate of the header
file in MdePkg.
This change removes the header file from StandaloneMmPkg. More
details regarding the history of the library transitioning from
StandaloneMmPkg to MdePkg are below.
The following commit removed the library from StandaloneMmPkg:
d6253d2f9a ("StandaloneMmPkg: remove redundant
StandaloneMmDriverEntryPoint driver", 2019-03-11)
The following commits added the library class & instance to MdePkg:
7df4764e6a ("MdePkg: introduce standalone MM entry point
library class", 2019-01-14)
5866d49923 ("MdePkg: introduce standalone MM entry point
library implementation", 2019-01-14)
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Laszlo Ersek <lersek@redhat.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3203
The EFIAPI modifier is present in the function definition in
FvLib.c but missing in FvLib.h. Causes a GCC build error.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Bugzilla: 3150 (https://bugzilla.tianocore.org/show_bug.cgi?id=3150)
Fix the ECC reported error "[9002] The function headers should follow
Doxygen special documentation blocks in section 2.3.5 in Comment".
Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Bugzilla: 3150 (https://bugzilla.tianocore.org/show_bug.cgi?id=3150)
Fix the spelling mistakes reported by the spell check utility
that is run as part of the Core CI.
Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Apply PE/COFF fixups when starting up the standalone MM core, so that
it can execute at any address regardless of the link time address.
Note that this requires the PE/COFF image to be emitted with its
relocation section preserved. Special care is taken to ensure that
TE images are dealt with correctly as well.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
The Standalone MM environment runs in S-EL0 in AArch64 on ARM Standard
Platforms and is initialised during the SEC phase. ARM Trusted firmware
in EL3 is responsible for initialising the architectural context for
S-EL0 and loading the Standalone MM image. The memory allocated to this
image is marked as RO+X. Heap memory is marked as RW+XN.
Certain actions have to be completed prior to executing the generic code
in the Standalone MM Core module. These are:
1. Memory permission attributes for each section of the Standalone MM
Core module need to be changed prior to accessing any RW data.
2. A Hob list has to be created with information that allows the MM
environment to initialise and dispatch drivers.
Furthermore, this module is responsible for handing over runtime MM
events to the Standalone MM CPU driver and returning control to ARM
Trusted Firmware upon event completion. Hence it needs to know the CPU
driver entry point.
This patch implements an entry point module that ARM Trusted Firmware
jumps to in S-EL0. It then performs the above actions before calling the
Standalone MM Foundation entry point and handling subsequent MM events.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Sughosh Ganu <sughosh.ganu@arm.com>
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Reviewed-by: Achin Gupta <achin.gupta@arm.com>
Management Mode (MM) is a generic term used to describe a secure
execution environment provided by the CPU and related silicon that is
entered when the CPU detects a MMI. For x86 systems, this can be
implemented with System Management Mode (SMM). For ARM systems, this can
be implemented with TrustZone (TZ).
A MMI can be a CPU instruction or interrupt. Upon detection of a MMI, a
CPU will jump to the MM Entry Point and save some portion of its state
(the "save state") such that execution can be resumed.
The MMI can be generated synchronously by software or asynchronously by
a hardware event. Each MMI source can be detected, cleared and disabled.
Some systems provide for special memory (Management Mode RAM or MMRAM)
which is set aside for software running in MM. Usually the MMRAM is
hidden during normal CPU execution, but this is not required. Usually,
after MMRAM is hidden it cannot be exposed until the next system reset.
The MM Core Interface Specification describes three pieces of the PI
Management Mode architecture:
1. MM Dispatch
During DXE, the DXE Foundation works with the MM Foundation to
schedule MM drivers for execution in the discovered firmware volumes.
2. MM Initialization
MM related code opens MMRAM, creates the MMRAM memory map, and
launches the MM Foundation, which provides the necessary services to
launch MM-related drivers. Then, sometime before boot, MMRAM is
closed and locked. This piece may be completed during the
SEC, PEI or DXE phases.
3. MMI Management
When an MMI generated, the MM environment is created and then the MMI
sources are detected and MMI handlers called.
This patch implements the MM Core.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Sughosh Ganu <sughosh.ganu@arm.com>
Signed-off-by: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
MM memory check library library implementation. This library consumes
MM_ACCESS_PROTOCOL to get MMRAM information. In order to use this
library instance, the platform should produce all MMRAM range via
MM_ACCESS_PROTOCOL, including the range for firmware (like MM Core
and MM driver) and/or specific dedicated hardware.
This patch provides services for MM Memory Operation.
The management mode Mem Library provides function for checking if buffer
is outside MMRAM and valid. It also provides functions for copy data
from MMRAM to non-MMRAM, from non-MMRAM to MMRAM,
from non-MMRAM to non-MMRAM, or set data in non-MMRAM.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Reviewed-by: Achin Gupta <achin.gupta@arm.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Signed-off-by: Sughosh Ganu <sughosh.ganu@arm.com>
This patch implements a firmware volume library that can be used by the
Standalone management mode core module to parse the firmware volume.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Reviewed-by: Achin Gupta <achin.gupta@arm.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Signed-off-by: Sughosh Ganu <sughosh.ganu@arm.com>
Levi Yun
Dun Tan
Michael Kubacki
Tuan Phan
Ming Huang
Etienne Carriere
Sami Mujawar
Ard Biesheuvel
Michael D Kinney
Supreeth Venkatesh