diff options
| author | Levi Yun <yeoreum.yun@arm.com> | 2024-08-21 01:59:00 +0100 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2025-01-17 14:55:42 +0000 |
| commit | 7340a4b63a993151817faa0adabebfeb007d16c1 (patch) | |
| tree | 072cee7320da46dc8ffe20c92ef3059b4fd06c4d /StandaloneMmPkg/Library | |
| parent | 697549465512b4a50d9e2d6f8d28d78b6c7c92e1 (diff) | |
| download | edk2-7340a4b63a993151817faa0adabebfeb007d16c1.tar.gz | |
StandaloneMmPkg: Apply embedded stack in StandaloneMmEntryPoint
There are 2 communication interfaces between the SPMC and StandaloneMM
1. SpmMM
2. FF-A
When SpmMM is enabled, TF-A acts as the SPMC at EL3 and the stack is setup
by TF-A for use by StandaloneMm. However, when FF-A is enabled, the SPMC
does not setup the stack for StandaloneMm and it is expected that the
StandaloneMm code will setup its own stack.
Therefore, reserve an area in the data region for use as the stack for
StandaloneMM. This stack will be used in both the scenarios described
above, i.e. when either SpmMM or FF-A is enabled.
Although the stack is reserved from the data section which is expected
to be Read-Write enabled, when TF-A maps the StandaloneMM binary into
the DRAM it configures the entire StandaloneMM memory as Read-Only.
Therefore, before the stack can be utilised, the PE Coff sections
need to be scanned to change the the stack region from Read-Only to
Read-Write.
Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
Diffstat (limited to 'StandaloneMmPkg/Library')
4 files changed, 461 insertions, 1 deletions
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/Arm/ModuleEntryPoint32.S b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/Arm/ModuleEntryPoint32.S new file mode 100644 index 0000000000..28a9e72e13 --- /dev/null +++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/Arm/ModuleEntryPoint32.S @@ -0,0 +1,220 @@ +#------------------------------------------------------------------------------
+#
+# Entrypoint of StandaloneMm.
+#
+# Copyright (c) 2024, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+# @par Reference(s):
+# - [1] SPM based on the MM interface.
+# (https://trustedfirmware-a.readthedocs.io/en/latest/components/
+# secure-partition-manager-mm.html)
+# - [2] Arm Firmware Framework for Armv8-A, DEN0077, version 1.2
+# (https://developer.arm.com/documentation/den0077/latest/)
+# - [3] FF-A Memory Management Protocol for Armv8-A, DEN0140, version 1.2
+# (https://developer.arm.com/documentation/den0140/latest/)
+#
+#------------------------------------------------------------------------------
+
+#include <Arm/AsmMacroLib.h>
+#include <IndustryStandard/ArmMmSvc.h>
+#include <IndustryStandard/ArmFfaSvc.h>
+#include <Uefi/UefiBaseType.h>
+
+.data
+.section .data.stmm_stack, "aw"
+.align 12
+// Define a data section to be used for setting up the
+// stack for StandaloneMm
+stmm_stack:
+.zero FixedPcdGet32 (PcdStMmStackSize)
+
+.text
+//
+// Check whether it is possible to use FF-A.
+// If FF-A can use, return TRUE. otherwise return FALSE.
+//
+// BOOLEAN
+// EFIAPI
+// CheckFfaSupport (
+// VOID
+// )
+//
+ASM_FUNC(CheckFfaSupport)
+ //
+ // Try to check FF-A support via FFA_VERSION
+ // See [2], Section 13.2 FFA_VERSION
+ //
+ MOV32 (r0, ARM_FID_FFA_VERSION)
+
+ // Set r1 as request version.
+ MOV32 (r1, ARM_FFA_CREATE_VERSION (
+ ARM_FFA_MAJOR_VERSION,
+ ARM_FFA_MINOR_VERSION))
+
+ svc #0
+
+ // Set r4 as ARM_FFA_RET_NOT_SUPPORTED (-1)
+ mvn r4, #0x00
+
+ cmp r0, r4
+ movne r0, #0x01
+ moveq r0, #0x00
+ mov r4, #0x00
+ bx lr
+
+//
+// Set write memory permission on StandaloneMm stack area via FF-A request.
+// If success, return StMmStackBaseAddr. otherwise return 0.
+//
+// UINTN
+// EFIAPI
+// SetStackPermissionFfa (
+// IN UINTN StMmStackTopAddr
+// )
+//
+ASM_FUNC(SetStackPermissionFfa)
+ //
+ // Try to set write permission on stmm_stack with FF-A request
+ // See [3], Section 2.9 FFA_MEM_PERM_SET
+ //
+ MOV32 (r2, FixedPcdGet32 (PcdStMmStackSize))
+
+ // r1 = stmm_stack top
+ mov r1, r0
+
+ // r12 = Compute and save the stack base
+ add r12, r1, r2
+
+ // r2 = Count of pages of stmm_stack
+ lsr r2, r2, #EFI_PAGE_SHIFT
+
+ // r3 = Memory permission
+ MOV32 (r3,
+ ARM_FFA_SET_MEM_ATTR_MAKE_PERM_REQUEST (
+ ARM_FFA_SET_MEM_ATTR_DATA_PERM_RW,
+ ARM_FFA_SET_MEM_ATTR_CODE_PERM_XN))
+
+ MOV32 (r0, ARM_FID_FFA_MEM_PERM_SET)
+
+ // Call FFA_MEM_PERM_SET to set stmm_stack with write permission
+ // See [3], Section 2.9 FFA_MEM_PERM_SET
+ svc #0
+
+ // Check FFA_MEM_PERM_SET operation is success.
+ MOV32 (r5, ARM_FID_FFA_SUCCESS_AARCH32)
+ cmp r0, r5
+
+ // Set return value as base address of stack.
+ mov r0, r12
+ bne .Lout_set_stack_perm_ffa
+ // If failed, set return value as zero.
+ mov r0, #0x00
+
+.Lout_set_stack_perm_ffa:
+ // Initialise SP with temp stack
+ mov r5, #0x00
+ mov r12, #0x00
+ bx lr
+
+//
+// Set write memory permission on StandaloneMm stack area via SpmMm.
+// If success, return StMmStackTopAddr. otherwise return 0.
+//
+// UINTN
+// EFIAPI
+// SetStackPermissionSpmMm (
+// IN UINTN StMmStackTopAddr
+// )
+//
+ASM_FUNC(SetStackPermissionSpmMm)
+ //
+ // Try to set write permission on stmm_stack with SPM_MM request
+ // See [1], Section 4.16.5.5.1 MM_SP_MEMORY_ATTRIBUTES_SET_AARCH64.
+ //
+ MOV32 (r2, FixedPcdGet32 (PcdStMmStackSize))
+
+ // r1 = stmm_stack top
+ mov r1, r0
+
+ // r12 = Compute and save the stack base
+ add r12, r1, r2
+
+ // r2 = Count of pages of stmm_stack
+ lsr r2, r2, #EFI_PAGE_SHIFT
+
+ // r3 = Memory permission
+ MOV32 (r3,
+ ARM_SPM_MM_SET_MEM_ATTR_MAKE_PERM_REQUEST (
+ ARM_SPM_MM_SET_MEM_ATTR_DATA_PERM_RW,
+ ARM_SPM_MM_SET_MEM_ATTR_CODE_PERM_XN))
+
+ MOV32 (r0, ARM_FID_SPM_MM_SP_SET_MEM_ATTRIBUTES)
+
+ // Call SPM_MM_SP_SET_MEM_ATTRIBUTES to set stmm_stack with write permission
+ // See [1], Section 4.16.5.5.1 MM_SP_MEMORY_ATTRIBUTES_SET_AARCH64.
+ svc #0
+
+ MOV32 (r5, ARM_SPM_MM_RET_SUCCESS)
+ cmp r0, r5
+
+ // Set return value as base address of stack.
+ mov r0, r12
+ beq .Lout_set_stack_perm
+ // If failed, set return value as zero.
+ mov r0, #0x00
+
+.Lout_set_stack_perm:
+ mov r5, #0x00
+ mov r12, #0x00
+ bx lr
+
+//
+// Entry point of StandaloneMm
+//
+ASM_FUNC(_ModuleEntryPoint)
+ // Stash boot information registers from the SPMC
+ mov r8, r0
+ mov r9, r1
+ mov r10, r2
+ mov r11, r3
+
+ bl CheckFfaSupport
+ mov r1, r0
+
+ // Get StandaloneMm Stack top address and save in x0
+ LDRL(r0, stmm_stack)
+
+ // Set stack permission
+ cmp r1, #0x01
+ beq .Lset_stack_perm_ffa
+ bne .Lset_stack_perm_spm
+
+ // If SetStackPermission* failed, x0 is #0x00.
+ // Otherwise, x0 is base address of stack.
+.Lset_stmm_sp:
+ cmp r0, #0x00
+ bne .Lerror
+
+ mov sp, r0
+
+ // Restore boot information registers from the SPMC
+ mov r3, r11
+ mov r2, r10
+ mov r1, r9
+ mov r0, r8
+
+ // Invoke the C entrypoint
+ b CEntryPoint
+
+.Lerror:
+ b .
+
+.Lset_stack_perm_ffa:
+ bl SetStackPermissionFfa
+ b .Lset_stmm_sp
+
+.Lset_stack_perm_spm:
+ bl SetStackPermissionSpmMm
+ b .Lset_stmm_sp
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/Arm/ModuleEntryPoint64.S b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/Arm/ModuleEntryPoint64.S new file mode 100644 index 0000000000..f8f8877927 --- /dev/null +++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/Arm/ModuleEntryPoint64.S @@ -0,0 +1,231 @@ +#------------------------------------------------------------------------------
+#
+# Entrypoint of StandaloneMm.
+#
+# Copyright (c) 2024, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+# @par Reference(s):
+# - [1] SPM based on the MM interface.
+# (https://trustedfirmware-a.readthedocs.io/en/latest/components/
+# secure-partition-manager-mm.html)
+# - [2] Arm Firmware Framework for Armv8-A, DEN0077, version 1.2
+# (https://developer.arm.com/documentation/den0077/latest/)
+# - [3] FF-A Memory Management Protocol for Armv8-A, DEN0140, version 1.2
+# (https://developer.arm.com/documentation/den0140/latest/)
+#
+#------------------------------------------------------------------------------
+
+#include <AArch64/AsmMacroLib.h>
+#include <IndustryStandard/ArmMmSvc.h>
+#include <IndustryStandard/ArmFfaSvc.h>
+#include <Uefi/UefiBaseType.h>
+
+.data
+.section .data.stmm_stack, "aw"
+.align 12
+// Define a data section to be used for setting up the
+// stack for StandaloneMm
+stmm_stack:
+.zero FixedPcdGet32 (PcdStMmStackSize)
+
+.text
+//
+// Check whether it is possible to use FF-A.
+// If FF-A is supported return TRUE, otherwise return FALSE.
+//
+// BOOLEAN
+// EFIAPI
+// CheckFfaSupport (
+// VOID
+// )
+//
+ASM_FUNC(CheckFfaSupport)
+ //
+ // Try to check FF-A support via FFA_VERSION
+ // See [2], Section 13.2 FFA_VERSION
+ //
+ MOV32 (x0, ARM_FID_FFA_VERSION)
+
+ // Set x1 as request version.
+ MOV32 (x1, ARM_FFA_CREATE_VERSION (
+ ARM_FFA_MAJOR_VERSION,
+ ARM_FFA_MINOR_VERSION))
+
+ svc #0
+
+ MOV64 (x9, ARM_FFA_RET_NOT_SUPPORTED)
+ cmp x0, x9
+ cset x0, ne
+ mov x9, xzr
+ ret
+
+//
+// Set write memory permission on StandaloneMm stack area via FF-A request.
+// If success, return StMmStackBaseAddr. otherwise return 0.
+//
+// UINTN
+// EFIAPI
+// SetStackPermissionFfa (
+// IN UINTN StMmStackTopAddr
+// )
+//
+ASM_FUNC(SetStackPermissionFfa)
+ //
+ // Try to set write permission on stmm_stack with FF-A request
+ // See [3], Section 2.9 FFA_MEM_PERM_SET
+ //
+ MOV32 (x2, FixedPcdGet32 (PcdStMmStackSize))
+
+ // x1 = stmm_stack top
+ mov x1, x0
+
+ // x12 = Compute and save the stack base
+ add x12, x1, x2
+
+ // x2 = Count of pages of stmm_stack
+ lsr x2, x2, #EFI_PAGE_SHIFT
+
+ // x3 = Memory permission
+ MOV32 (x3,
+ ARM_FFA_SET_MEM_ATTR_MAKE_PERM_REQUEST (
+ ARM_FFA_SET_MEM_ATTR_DATA_PERM_RW,
+ ARM_FFA_SET_MEM_ATTR_CODE_PERM_XN))
+
+ MOV32 (x0, ARM_FID_FFA_MEM_PERM_SET)
+
+ // Call FFA_MEM_PERM_SET to set stmm_stack with write permission
+ // See [3], Section 2.9 FFA_MEM_PERM_SET
+ svc #0
+
+ // Check FFA_MEM_PERM_SET operation is success.
+ mov x10, #0x00
+ MOV32 (x11, ARM_FID_FFA_SUCCESS_AARCH64)
+ cmp x0, x11
+ cinc x10, x10, eq
+ MOV32 (x11, ARM_FID_FFA_SUCCESS_AARCH32)
+ cmp x0, x11
+ cinc x10, x10, eq
+ cmp x10, #0x00
+
+ // Set return value as base address of stack.
+ mov x0, x12
+ b.ne .Lout_set_stack_perm_ffa
+ // If failed, set return value as zero.
+ mov x0, #0x00
+
+.Lout_set_stack_perm_ffa:
+ mov x9, xzr
+ mov x10, xzr
+ mov x11, xzr
+ mov x12, xzr
+ ret
+
+//
+// Set write memory permission on StandaloneMm stack area via SpmMm.
+// If success, return StMmStackTopAddr. otherwise return 0.
+//
+// UINTN
+// EFIAPI
+// SetStackPermissionSpmMm (
+// IN UINTN StMmStackTopAddr
+// )
+//
+ASM_FUNC(SetStackPermissionSpmMm)
+ //
+ // Try to set write permission on stmm_stack with SPM_MM request
+ // See [1], Section 4.16.5.5.1 MM_SP_MEMORY_ATTRIBUTES_SET_AARCH64.
+ //
+ MOV32 (x2, FixedPcdGet32 (PcdStMmStackSize))
+
+ // x1 = stmm_stack top
+ mov x1, x0
+
+ // x12 = Compute and save the stack base
+ add x12, x1, x2
+
+ // x2 = Count of pages of stmm_stack
+ lsr x2, x2, #EFI_PAGE_SHIFT
+
+ // x3 = Memory permission
+ MOV32 (x3,
+ ARM_SPM_MM_SET_MEM_ATTR_MAKE_PERM_REQUEST (
+ ARM_SPM_MM_SET_MEM_ATTR_DATA_PERM_RW,
+ ARM_SPM_MM_SET_MEM_ATTR_CODE_PERM_XN))
+
+ MOV32 (x0, ARM_FID_SPM_MM_SP_SET_MEM_ATTRIBUTES)
+
+ // Call SPM_MM_SP_SET_MEM_ATTRIBUTES to set stmm_stack with write permission
+ // See [1], Section 4.16.5.5.1 MM_SP_MEMORY_ATTRIBUTES_SET_AARCH64.
+ svc #0
+
+ cmp x0, #ARM_SPM_MM_RET_SUCCESS
+
+ // Set return value as base address of stack.
+ mov x0, x12
+ b.eq .Lout_set_stack_perm
+ // If failed, set return value as zero.
+ mov x0, #0x00
+
+.Lout_set_stack_perm:
+ mov x9, xzr
+ mov x12, xzr
+ ret
+
+//
+// Entry point of StandaloneMm
+//
+ASM_FUNC(_ModuleEntryPoint)
+ // Stash boot information registers from the SPMC
+ mov x19, x0
+ mov x20, x1
+ mov x21, x2
+ mov x22, x3
+ mov x23, x4
+
+ bl CheckFfaSupport
+ mov x1, x0
+
+ // Get StandaloneMm Stack top address and save in x0
+ adrp x4, stmm_stack
+ mov x0, x4
+
+ // Set stack permission
+ cmp x1, #0x01
+ b.eq .Lset_stack_perm_ffa
+ b.ne .Lset_stack_perm_spm
+
+ // If SetStackPermission* failed, x0 is #0x00.
+ // Otherwise, x0 is base address of stack.
+.Lset_stmm_sp:
+ cmp x0, #0x00
+ b.eq .Lerror
+
+ mov sp, x0
+
+ // Restore boot information registers from the SPMC
+ mov x0, x19
+ mov x1, x20
+ mov x2, x21
+ mov x3, x22
+ mov x4, x23
+ mov x19, xzr
+ mov x20, xzr
+ mov x21, xzr
+ mov x22, xzr
+ mov x23, xzr
+
+ // Invoke the C entrypoint
+ b CEntryPoint
+
+.Lerror:
+ b .
+
+.Lset_stack_perm_ffa:
+ bl SetStackPermissionFfa
+ b .Lset_stmm_sp
+
+.Lset_stack_perm_spm:
+ bl SetStackPermissionSpmMm
+ b .Lset_stmm_sp
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/Arm/StandaloneMmCoreEntryPoint.c b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/Arm/StandaloneMmCoreEntryPoint.c index 77d102279b..353a5b2d23 100644 --- a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/Arm/StandaloneMmCoreEntryPoint.c +++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/Arm/StandaloneMmCoreEntryPoint.c @@ -1031,7 +1031,7 @@ ExitHandler: **/
VOID
EFIAPI
-_ModuleEntryPoint (
+CEntryPoint (
IN UINTN Arg0,
IN UINTN Arg1,
IN UINTN Arg2,
diff --git a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf index 80740245e9..14d42258e7 100644 --- a/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf +++ b/StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf @@ -25,6 +25,12 @@ Arm/StandaloneMmCoreEntryPoint.c
Arm/SetPermissions.c
+[Sources.AARCH64]
+ Arm/ModuleEntryPoint64.S
+
+[Sources.ARM]
+ Arm/ModuleEntryPoint32.S
+
[Sources.X64]
X64/StandaloneMmCoreEntryPoint.c
@@ -58,6 +64,9 @@ gEdkiiPiMmCpuDriverEpProtocolGuid
gEfiMmCommunication2ProtocolGuid
+[FixedPcd.ARM, FixedPcd.AARCH64]
+ gArmTokenSpaceGuid.PcdStMmStackSize
+
#
# This configuration fails for CLANGPDB, which does not support PIE in the GCC
# sense. Such however is required for ARM family StandaloneMmCore
|