--- /dev/null
+/** @file\r
+ Locate, get and update PE/COFF permissions during Standalone MM\r
+ Foundation Entry point on ARM platforms.\r
+\r
+Copyright (c) 2017 - 2018, ARM Ltd. All rights reserved.<BR>\r
+This program and the accompanying materials\r
+are licensed and made available under the terms and conditions of the BSD License\r
+which accompanies this distribution. The full text of the license may be found at\r
+http://opensource.org/licenses/bsd-license.php.\r
+\r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+\r
+**/\r
+\r
+\r
+#include <PiMm.h>\r
+\r
+#include <PiPei.h>\r
+#include <Guid/MmramMemoryReserve.h>\r
+#include <Guid/MpInformation.h>\r
+\r
+#include <Library/AArch64/StandaloneMmCoreEntryPoint.h>\r
+#include <Library/ArmMmuLib.h>\r
+#include <Library/ArmSvcLib.h>\r
+#include <Library/DebugLib.h>\r
+#include <Library/HobLib.h>\r
+#include <Library/BaseLib.h>\r
+#include <Library/BaseMemoryLib.h>\r
+#include <Library/SerialPortLib.h>\r
+\r
+#include <IndustryStandard/ArmStdSmc.h>\r
+\r
+EFI_STATUS\r
+EFIAPI\r
+UpdateMmFoundationPeCoffPermissions (\r
+ IN CONST PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext,\r
+ IN UINT32 SectionHeaderOffset,\r
+ IN CONST UINT16 NumberOfSections,\r
+ IN REGION_PERMISSION_UPDATE_FUNC TextUpdater,\r
+ IN REGION_PERMISSION_UPDATE_FUNC ReadOnlyUpdater,\r
+ IN REGION_PERMISSION_UPDATE_FUNC ReadWriteUpdater\r
+ )\r
+{\r
+ EFI_IMAGE_SECTION_HEADER SectionHeader;\r
+ RETURN_STATUS Status;\r
+ EFI_PHYSICAL_ADDRESS Base;\r
+ UINTN Size;\r
+ UINTN ReadSize;\r
+ UINTN Index;\r
+\r
+ ASSERT (ImageContext != NULL);\r
+\r
+ //\r
+ // Iterate over the sections\r
+ //\r
+ for (Index = 0; Index < NumberOfSections; Index++) {\r
+ //\r
+ // Read section header from file\r
+ //\r
+ Size = sizeof (EFI_IMAGE_SECTION_HEADER);\r
+ ReadSize = Size;\r
+ Status = ImageContext->ImageRead (\r
+ ImageContext->Handle,\r
+ SectionHeaderOffset,\r
+ &Size,\r
+ &SectionHeader\r
+ );\r
+\r
+ if (RETURN_ERROR (Status) || (Size != ReadSize)) {\r
+ DEBUG ((DEBUG_ERROR,\r
+ "%a: ImageContext->ImageRead () failed (Status = %r)\n",\r
+ __FUNCTION__, Status));\r
+ return Status;\r
+ }\r
+\r
+ DEBUG ((DEBUG_INFO,\r
+ "%a: Section %d of image at 0x%lx has 0x%x permissions\n",\r
+ __FUNCTION__, Index, ImageContext->ImageAddress, SectionHeader.Characteristics));\r
+ DEBUG ((DEBUG_INFO,\r
+ "%a: Section %d of image at 0x%lx has %s name\n",\r
+ __FUNCTION__, Index, ImageContext->ImageAddress, SectionHeader.Name));\r
+ DEBUG ((DEBUG_INFO,\r
+ "%a: Section %d of image at 0x%lx has 0x%x address\n",\r
+ __FUNCTION__, Index, ImageContext->ImageAddress,\r
+ ImageContext->ImageAddress + SectionHeader.VirtualAddress));\r
+ DEBUG ((DEBUG_INFO,\r
+ "%a: Section %d of image at 0x%lx has 0x%x data\n",\r
+ __FUNCTION__, Index, ImageContext->ImageAddress, SectionHeader.PointerToRawData));\r
+\r
+ //\r
+ // If the section is marked as XN then remove the X attribute. Furthermore,\r
+ // if it is a writeable section then mark it appropriately as well.\r
+ //\r
+ if ((SectionHeader.Characteristics & EFI_IMAGE_SCN_MEM_EXECUTE) == 0) {\r
+ Base = ImageContext->ImageAddress + SectionHeader.VirtualAddress;\r
+\r
+ TextUpdater (Base, SectionHeader.Misc.VirtualSize);\r
+\r
+ if ((SectionHeader.Characteristics & EFI_IMAGE_SCN_MEM_WRITE) != 0) {\r
+ ReadWriteUpdater (Base, SectionHeader.Misc.VirtualSize);\r
+ DEBUG ((DEBUG_INFO,\r
+ "%a: Mapping section %d of image at 0x%lx with RW-XN permissions\n",\r
+ __FUNCTION__, Index, ImageContext->ImageAddress));\r
+ } else {\r
+ DEBUG ((DEBUG_INFO,\r
+ "%a: Mapping section %d of image at 0x%lx with RO-XN permissions\n",\r
+ __FUNCTION__, Index, ImageContext->ImageAddress));\r
+ }\r
+ } else {\r
+ DEBUG ((DEBUG_INFO,\r
+ "%a: Ignoring section %d of image at 0x%lx with 0x%x permissions\n",\r
+ __FUNCTION__, Index, ImageContext->ImageAddress, SectionHeader.Characteristics));\r
+ }\r
+ SectionHeaderOffset += sizeof (EFI_IMAGE_SECTION_HEADER);\r
+ }\r
+\r
+ return RETURN_SUCCESS;\r
+}\r
+\r
+EFI_STATUS\r
+EFIAPI\r
+LocateStandaloneMmCorePeCoffData (\r
+ IN EFI_FIRMWARE_VOLUME_HEADER *BfvAddress,\r
+ IN OUT VOID **TeData,\r
+ IN OUT UINTN *TeDataSize\r
+ )\r
+{\r
+ EFI_FFS_FILE_HEADER *FileHeader = NULL;\r
+ EFI_STATUS Status;\r
+\r
+ Status = FfsFindNextFile (\r
+ EFI_FV_FILETYPE_SECURITY_CORE,\r
+ BfvAddress,\r
+ &FileHeader\r
+ );\r
+\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM FFS file - 0x%x\n",\r
+ Status));\r
+ return Status;\r
+ }\r
+\r
+ Status = FfsFindSectionData (EFI_SECTION_PE32, FileHeader, TeData, TeDataSize);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM Section data - 0x%x\n",\r
+ Status));\r
+ return Status;\r
+ }\r
+\r
+ DEBUG ((DEBUG_INFO, "Found Standalone MM PE data - 0x%x\n", *TeData));\r
+ return Status;\r
+}\r
+\r
+STATIC\r
+EFI_STATUS\r
+GetPeCoffSectionInformation (\r
+ IN CONST PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext,\r
+ IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *TmpContext,\r
+ IN OUT UINT32 *SectionHeaderOffset,\r
+ IN OUT UINT16 *NumberOfSections\r
+ )\r
+{\r
+ RETURN_STATUS Status;\r
+ EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION Hdr;\r
+ EFI_IMAGE_OPTIONAL_HEADER_UNION HdrData;\r
+ UINTN Size;\r
+ UINTN ReadSize;\r
+\r
+ ASSERT (ImageContext != NULL);\r
+ ASSERT (TmpContext != NULL);\r
+ ASSERT (SectionHeaderOffset != NULL);\r
+ ASSERT (NumberOfSections != NULL);\r
+\r
+ //\r
+ // We need to copy ImageContext since PeCoffLoaderGetImageInfo ()\r
+ // will mangle the ImageAddress field\r
+ //\r
+ CopyMem (TmpContext, ImageContext, sizeof (*TmpContext));\r
+\r
+ if (TmpContext->PeCoffHeaderOffset == 0) {\r
+ Status = PeCoffLoaderGetImageInfo (TmpContext);\r
+ if (RETURN_ERROR (Status)) {\r
+ DEBUG ((DEBUG_ERROR,\r
+ "%a: PeCoffLoaderGetImageInfo () failed (Status = %r)\n",\r
+ __FUNCTION__, Status));\r
+ return Status;\r
+ }\r
+ }\r
+\r
+ if (TmpContext->IsTeImage &&\r
+ TmpContext->ImageAddress == ImageContext->ImageAddress) {\r
+ DEBUG ((DEBUG_INFO, "%a: ignoring XIP TE image at 0x%lx\n", __FUNCTION__,\r
+ ImageContext->ImageAddress));\r
+ return RETURN_UNSUPPORTED;\r
+ }\r
+\r
+ if (TmpContext->SectionAlignment < EFI_PAGE_SIZE) {\r
+ //\r
+ // The sections need to be at least 4 KB aligned, since that is the\r
+ // granularity at which we can tighten permissions.\r
+ //\r
+ if (!TmpContext->IsTeImage) {\r
+ DEBUG ((DEBUG_WARN,\r
+ "%a: non-TE Image at 0x%lx has SectionAlignment < 4 KB (%lu)\n",\r
+ __FUNCTION__, ImageContext->ImageAddress, TmpContext->SectionAlignment));\r
+ }\r
+ return RETURN_UNSUPPORTED;\r
+ }\r
+\r
+ //\r
+ // Read the PE/COFF Header. For PE32 (32-bit) this will read in too much\r
+ // data, but that should not hurt anything. Hdr.Pe32->OptionalHeader.Magic\r
+ // determines if this is a PE32 or PE32+ image. The magic is in the same\r
+ // location in both images.\r
+ //\r
+ Hdr.Union = &HdrData;\r
+ Size = sizeof (EFI_IMAGE_OPTIONAL_HEADER_UNION);\r
+ ReadSize = Size;\r
+ Status = TmpContext->ImageRead (\r
+ TmpContext->Handle,\r
+ TmpContext->PeCoffHeaderOffset,\r
+ &Size,\r
+ Hdr.Pe32\r
+ );\r
+\r
+ if (RETURN_ERROR (Status) || (Size != ReadSize)) {\r
+ DEBUG ((DEBUG_ERROR,\r
+ "%a: TmpContext->ImageRead () failed (Status = %r)\n",\r
+ __FUNCTION__, Status));\r
+ return Status;\r
+ }\r
+\r
+ ASSERT (Hdr.Pe32->Signature == EFI_IMAGE_NT_SIGNATURE);\r
+\r
+ *SectionHeaderOffset = TmpContext->PeCoffHeaderOffset + sizeof (UINT32) +\r
+ sizeof (EFI_IMAGE_FILE_HEADER);\r
+ *NumberOfSections = Hdr.Pe32->FileHeader.NumberOfSections;\r
+\r
+ switch (Hdr.Pe32->OptionalHeader.Magic) {\r
+ case EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC:\r
+ *SectionHeaderOffset += Hdr.Pe32->FileHeader.SizeOfOptionalHeader;\r
+ break;\r
+ case EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC:\r
+ *SectionHeaderOffset += Hdr.Pe32Plus->FileHeader.SizeOfOptionalHeader;\r
+ break;\r
+ default:\r
+ ASSERT (FALSE);\r
+ }\r
+\r
+ return RETURN_SUCCESS;\r
+}\r
+\r
+EFI_STATUS\r
+EFIAPI\r
+GetStandaloneMmCorePeCoffSections (\r
+ IN VOID *TeData,\r
+ IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext,\r
+ IN OUT UINT32 *SectionHeaderOffset,\r
+ IN OUT UINT16 *NumberOfSections\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ PE_COFF_LOADER_IMAGE_CONTEXT TmpContext;\r
+\r
+ // Initialize the Image Context\r
+ ZeroMem (ImageContext, sizeof (PE_COFF_LOADER_IMAGE_CONTEXT));\r
+ ImageContext->Handle = TeData;\r
+ ImageContext->ImageRead = PeCoffLoaderImageReadFromMemory;\r
+\r
+ DEBUG ((DEBUG_INFO, "Found Standalone MM PE data - 0x%x\n", TeData));\r
+\r
+ Status = PeCoffLoaderGetImageInfo (ImageContext);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM Core PE-COFF Image information - 0x%x\n", Status));\r
+ return Status;\r
+ }\r
+\r
+ Status = GetPeCoffSectionInformation (ImageContext, &TmpContext, SectionHeaderOffset, NumberOfSections);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_ERROR, "Unable to locate Standalone MM Core PE-COFF Section information - 0x%x\n", Status));\r
+ return Status;\r
+ }\r
+\r
+ DEBUG ((DEBUG_INFO, "Standalone MM Core PE-COFF SectionHeaderOffset - 0x%x, NumberOfSections - %d\n",\r
+ *SectionHeaderOffset, *NumberOfSections));\r
+\r
+ return Status;\r
+}\r