From b8fed22430a9c9ada72b889f9e7cc23c6f789d07 Mon Sep 17 00:00:00 2001 From: Doug Flick Date: Tue, 14 Jul 2026 16:11:31 -0700 Subject: [PATCH 1/4] OneCryptoPkg: Add MM image provider Add the MM-side image provider protocol, message format, provider implementation, and package declarations needed to locate and serve OneCrypto image bytes from StandaloneMM. Signed-off-by: Doug Flick --- OneCryptoPkg/Include/Guid/OneCryptoFileGuid.h | 13 + .../Include/Guid/OneCryptoImageProviderGuid.h | 20 + .../Private/OneCryptoImageProviderMessage.h | 41 ++ .../OneCryptoImageProviderMm.c | 405 ++++++++++++++++++ .../OneCryptoImageProviderStandaloneMm.inf | 42 ++ OneCryptoPkg/OneCryptoPkg.dec | 3 + 6 files changed, 524 insertions(+) create mode 100644 OneCryptoPkg/Include/Guid/OneCryptoImageProviderGuid.h create mode 100644 OneCryptoPkg/Include/Private/OneCryptoImageProviderMessage.h create mode 100644 OneCryptoPkg/OneCryptoLoaders/OneCryptoImageProviderMm.c create mode 100644 OneCryptoPkg/OneCryptoLoaders/OneCryptoImageProviderStandaloneMm.inf diff --git a/OneCryptoPkg/Include/Guid/OneCryptoFileGuid.h b/OneCryptoPkg/Include/Guid/OneCryptoFileGuid.h index 53604a618..8787a23a2 100644 --- a/OneCryptoPkg/Include/Guid/OneCryptoFileGuid.h +++ b/OneCryptoPkg/Include/Guid/OneCryptoFileGuid.h @@ -19,4 +19,17 @@ 0x76ABA88D, 0x9D16, 0x49A2, { 0xAA, 0x3A, 0xDB, 0x61, 0x12, 0xFA, 0xC5, 0xCC } \ } +// +// FILE_GUID of the dedicated, LZMA-compressed OneCrypto container FV that a +// platform may place in the boot firmware volume alongside the StandaloneMM +// payload FV. The image provider matches this to locate the compressed +// OneCrypto payload deterministically and serve it to DXE. +// +// No fallback to an arbitrary compressed FV is supported. +// +#define ONE_CRYPTO_CONTAINER_FV_GUID \ + { \ + 0x1DC82EA3, 0xD1E9, 0x4C10, { 0xA7, 0x88, 0x33, 0x5D, 0x16, 0x6E, 0x23, 0xA1 } \ + } + #endif // ONE_CRYPTO_FILE_GUID_H_ diff --git a/OneCryptoPkg/Include/Guid/OneCryptoImageProviderGuid.h b/OneCryptoPkg/Include/Guid/OneCryptoImageProviderGuid.h new file mode 100644 index 000000000..c663e4d29 --- /dev/null +++ b/OneCryptoPkg/Include/Guid/OneCryptoImageProviderGuid.h @@ -0,0 +1,20 @@ +/** @file + + GUID definition for the OneCrypto MM image provider communication handler. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef ONE_CRYPTO_IMAGE_PROVIDER_GUID_H_ +#define ONE_CRYPTO_IMAGE_PROVIDER_GUID_H_ + +#define ONE_CRYPTO_IMAGE_PROVIDER_GUID \ + { \ + 0x5B9B9A72, 0xA4DF, 0x4D57, { 0xA1, 0xD3, 0x3A, 0x88, 0xEF, 0xB2, 0x5B, 0x9E } \ + } + +extern EFI_GUID gOneCryptoImageProviderGuid; + +#endif // ONE_CRYPTO_IMAGE_PROVIDER_GUID_H_ diff --git a/OneCryptoPkg/Include/Private/OneCryptoImageProviderMessage.h b/OneCryptoPkg/Include/Private/OneCryptoImageProviderMessage.h new file mode 100644 index 000000000..317872dfe --- /dev/null +++ b/OneCryptoPkg/Include/Private/OneCryptoImageProviderMessage.h @@ -0,0 +1,41 @@ +/** @file + + Shared message format for OneCrypto image-provider MM communication. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef ONE_CRYPTO_IMAGE_PROVIDER_MESSAGE_H_ +#define ONE_CRYPTO_IMAGE_PROVIDER_MESSAGE_H_ + +#define ONE_CRYPTO_IMAGE_PROVIDER_VERSION 1U +#define ONE_CRYPTO_IMAGE_PROVIDER_SIGNATURE SIGNATURE_32 ('O', 'C', 'I', 'P') + +// +// Payload format served by the provider (ONE_CRYPTO_IMAGE_PROVIDER_MSG.Format). +// +// PE32 - Data is the raw OneCrypto PE32 image; DXE LoadImage()s it directly. +// LZMA_FV - Data is the LZMA-compressed payload of the GUIDed section that wraps +// the nested FV containing the OneCrypto PE32. Secure world (MM) may lack +// the memory budget to decompress the FV, so it hands the small +// compressed stream to the resource-rich normal world (DXE), which +// decompresses it and extracts the OneCrypto PE32. +// +#define ONE_CRYPTO_IMAGE_FORMAT_PE32 0U +#define ONE_CRYPTO_IMAGE_FORMAT_LZMA_FV 1U + +typedef struct { + UINT32 Signature; + UINT32 Version; + UINT64 Offset; + UINT32 RequestedSize; + UINT32 ReturnedSize; + UINT32 TotalImageSize; + UINT32 Format; + EFI_GUID ImageGuid; + UINT8 Data[1]; +} ONE_CRYPTO_IMAGE_PROVIDER_MSG; + +#endif // ONE_CRYPTO_IMAGE_PROVIDER_MESSAGE_H_ diff --git a/OneCryptoPkg/OneCryptoLoaders/OneCryptoImageProviderMm.c b/OneCryptoPkg/OneCryptoLoaders/OneCryptoImageProviderMm.c new file mode 100644 index 000000000..d9f643d2a --- /dev/null +++ b/OneCryptoPkg/OneCryptoLoaders/OneCryptoImageProviderMm.c @@ -0,0 +1,405 @@ +/** @file + OneCryptoImageProviderMm.c + + Locates OneCrypto in the StandaloneMM firmware volumes and serves its bytes to + the DXE loader over MM communication. + + OneCrypto may be present either as a raw PE32 image + (ONE_CRYPTO_IMAGE_FORMAT_PE32) or inside an + LZMA-compressed nested firmware volume (ONE_CRYPTO_IMAGE_FORMAT_LZMA_FV). + Secure world may not have the heap budget to LZMA-decode that FV, so in + the compressed case it simply hands the (small) compressed stream to the + resource-rich normal world (DXE), which decompresses it and extracts the PE32. + This often times results in a fewer number of bytes being copied over MM + communication, which may be beneficial on platforms where MM communication is + slow. + + The provider therefore never decompresses anything: it only *finds* OneCrypto + and tells DXE, via the message Format field, how to consume what it is given. + + Supported discovery paths are intentionally strict: + 1) direct PE32 from ONE_CRYPTO_BINARY_GUID, or + 2) compressed payload from ONE_CRYPTO_CONTAINER_FV_GUID. + If neither exists, this provider returns an EFI error; platform policy may + assert/fail-fast rather than continue without crypto. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include +#include +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include + +STATIC EFI_GUID mOneCryptoBinaryGuid = ONE_CRYPTO_BINARY_GUID; +STATIC EFI_GUID mOneCryptoContainerFvGuid = ONE_CRYPTO_CONTAINER_FV_GUID; +EFI_GUID gOneCryptoImageProviderGuid = ONE_CRYPTO_IMAGE_PROVIDER_GUID; + +// +// Located OneCrypto payload: a pointer into resident MM firmware (either the raw +// PE32 image, or the compressed LZMA stream of the nested FV) plus the format +// that tells DXE how to consume it. Cached after the first successful lookup. +// +STATIC VOID *mOneCryptoImageData = NULL; +STATIC UINTN mOneCryptoImageSize = 0; +STATIC UINT32 mOneCryptoImageFormat = ONE_CRYPTO_IMAGE_FORMAT_PE32; + +/** + Whether a GUID_DEFINED section uses the LZMA custom-decompress GUID. + + @param[in] Section Candidate section header. + + @retval TRUE Section is an LZMA-compressed GUID_DEFINED section. + @retval FALSE Otherwise. +**/ +STATIC +BOOLEAN +IsLzmaGuidedSection ( + IN CONST EFI_COMMON_SECTION_HEADER *Section + ) +{ + if (Section == NULL) { + return FALSE; + } + + if (IS_SECTION2 (Section)) { + return CompareGuid ( + &((CONST EFI_GUID_DEFINED_SECTION2 *)Section)->SectionDefinitionGuid, + &gLzmaCustomDecompressGuid + ); + } + + return CompareGuid ( + &((CONST EFI_GUID_DEFINED_SECTION *)Section)->SectionDefinitionGuid, + &gLzmaCustomDecompressGuid + ); +} + +/** + Scan one firmware volume for OneCrypto. + + Two shapes are recognised: + - the OneCrypto file carrying a direct PE32 section (uncompressed platforms), + served as ONE_CRYPTO_IMAGE_FORMAT_PE32; and + - an LZMA-compressed GUID_DEFINED section wrapping the nested FV that holds + OneCrypto, whose raw compressed stream is served as + ONE_CRYPTO_IMAGE_FORMAT_LZMA_FV for DXE to decode. + + A direct PE32 is preferred when both are present. + + @param[in] FvHeader Firmware volume to scan. + + @retval EFI_SUCCESS OneCrypto located; module globals populated. + @retval EFI_NOT_FOUND Not found in this FV. +**/ +STATIC +EFI_STATUS +ScanFvForOneCrypto ( + IN EFI_FIRMWARE_VOLUME_HEADER *FvHeader + ) +{ + EFI_STATUS Status; + EFI_FFS_FILE_HEADER *FileHeader; + EFI_COMMON_SECTION_HEADER *Section; + EFI_COMMON_SECTION_HEADER *ContainerSection; + VOID *SectionData; + UINTN SectionDataSize; + UINTN DataOffset; + UINTN SectionSize; + + ContainerSection = NULL; + FileHeader = NULL; + + if (FvHeader == NULL) { + return EFI_INVALID_PARAMETER; + } + + while (TRUE) { + Status = FfsFindNextFile (EFI_FV_FILETYPE_ALL, FvHeader, &FileHeader); + if (EFI_ERROR (Status)) { + break; + } + + // + // Preferred: the OneCrypto file carrying a direct PE32 image. + // + if (CompareGuid (&FileHeader->Name, &mOneCryptoBinaryGuid)) { + Status = FfsFindSectionData (EFI_SECTION_PE32, FileHeader, &SectionData, &SectionDataSize); + if (!EFI_ERROR (Status) && (SectionData != NULL) && (SectionDataSize != 0)) { + mOneCryptoImageData = SectionData; + mOneCryptoImageSize = SectionDataSize; + mOneCryptoImageFormat = ONE_CRYPTO_IMAGE_FORMAT_PE32; + DEBUG (( + DEBUG_INFO, + "OneCryptoImageProviderMm: Found direct OneCrypto PE32 size=0x%Lx\n", + (UINT64)SectionDataSize + )); + return EFI_SUCCESS; + } + } + + // + // Preferred compressed source: the dedicated OneCrypto container FV, a file + // tagged with the well-known ONE_CRYPTO_CONTAINER_FV_GUID whose LZMA + // GUID_DEFINED section wraps the nested FV holding OneCrypto. Matching by + // this identity keeps discovery deterministic when the boot FV also carries + // other compressed nested FVs (e.g. the StandaloneMM payload FV). + // + if ((ContainerSection == NULL) && + CompareGuid (&FileHeader->Name, &mOneCryptoContainerFvGuid)) + { + Status = FfsFindSection (EFI_SECTION_GUID_DEFINED, FileHeader, &Section); + if (!EFI_ERROR (Status) && IsLzmaGuidedSection (Section)) { + ContainerSection = Section; + } + } + } + + if (ContainerSection != NULL) { + if (IS_SECTION2 (ContainerSection)) { + DataOffset = ((CONST EFI_GUID_DEFINED_SECTION2 *)ContainerSection)->DataOffset; + SectionSize = SECTION2_SIZE (ContainerSection); + } else { + DataOffset = ((CONST EFI_GUID_DEFINED_SECTION *)ContainerSection)->DataOffset; + SectionSize = SECTION_SIZE (ContainerSection); + } + + if ((DataOffset < SectionSize) && (SectionSize > sizeof (EFI_COMMON_SECTION_HEADER))) { + // + // Hand DXE the raw LZMA stream (the section payload after its header). + // + mOneCryptoImageData = (UINT8 *)ContainerSection + DataOffset; + mOneCryptoImageSize = SectionSize - DataOffset; + mOneCryptoImageFormat = ONE_CRYPTO_IMAGE_FORMAT_LZMA_FV; + DEBUG (( + DEBUG_INFO, + "OneCryptoImageProviderMm: Serving compressed LZMA payload to DXE size=0x%Lx\n", + (UINT64)mOneCryptoImageSize + )); + return EFI_SUCCESS; + } + } + + return EFI_NOT_FOUND; +} + +/** + Locate OneCrypto across the StandaloneMM FV and FV2 HOBs. The result is cached + in module globals for subsequent chunked requests. + + @retval EFI_SUCCESS OneCrypto located. + @retval EFI_NOT_FOUND OneCrypto not present in any MM firmware volume. +**/ +STATIC +EFI_STATUS +LocateOneCryptoImage ( + VOID + ) +{ + EFI_PEI_HOB_POINTERS Hob; + + if ((mOneCryptoImageData != NULL) && (mOneCryptoImageSize != 0)) { + return EFI_SUCCESS; + } + + for (Hob.Raw = GetNextHob (EFI_HOB_TYPE_FV, GetHobList ()); + Hob.Raw != NULL; + Hob.Raw = GetNextHob (EFI_HOB_TYPE_FV, GET_NEXT_HOB (Hob))) + { + if ((Hob.FirmwareVolume == NULL) || (Hob.FirmwareVolume->Length == 0)) { + continue; + } + + if (!EFI_ERROR (ScanFvForOneCrypto ((EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)Hob.FirmwareVolume->BaseAddress))) { + return EFI_SUCCESS; + } + } + + for (Hob.Raw = GetNextHob (EFI_HOB_TYPE_FV2, GetHobList ()); + Hob.Raw != NULL; + Hob.Raw = GetNextHob (EFI_HOB_TYPE_FV2, GET_NEXT_HOB (Hob))) + { + if ((Hob.FirmwareVolume2 == NULL) || (Hob.FirmwareVolume2->Length == 0)) { + continue; + } + + if (!EFI_ERROR (ScanFvForOneCrypto ((EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)Hob.FirmwareVolume2->BaseAddress))) { + return EFI_SUCCESS; + } + } + + DEBUG ((DEBUG_ERROR, "OneCryptoImageProviderMm: OneCrypto not found in any MM FV HOB\n")); + return EFI_NOT_FOUND; +} + +/** + MM communication handler that provides OneCrypto image bytes to DXE. + + Request protocol (ONE_CRYPTO_IMAGE_PROVIDER_MSG): + - RequestedSize == 0 : size query. Returns TotalImageSize + Format. + - RequestedSize > 0 : returns up to RequestedSize bytes at Offset. + + @param[in] DispatchHandle Dispatch handle for this handler. + @param[in] Context Handler context (unused). + @param[in, out] CommBuffer Message payload buffer. + @param[in, out] CommBufferSize Input/output payload buffer size. + + @retval EFI_SUCCESS Request serviced. + @retval EFI_NOT_FOUND OneCrypto not found via supported discovery paths. + @retval EFI_VOLUME_CORRUPTED Located OneCrypto container is malformed. +**/ +STATIC +EFI_STATUS +EFIAPI +OneCryptoImageProviderHandler ( + IN EFI_HANDLE DispatchHandle, + IN CONST VOID *Context OPTIONAL, + IN OUT VOID *CommBuffer OPTIONAL, + IN OUT UINTN *CommBufferSize OPTIONAL + ) +{ + ONE_CRYPTO_IMAGE_PROVIDER_MSG *Msg; + UINTN HeaderSize; + UINTN InputBufferSize; + UINTN MaxPayload; + UINTN Remaining; + UINTN CopySize; + UINT64 LocalOffset; + UINT32 LocalRequestedSize; + EFI_STATUS Status; + + if ((CommBuffer == NULL) || (CommBufferSize == NULL)) { + return EFI_INVALID_PARAMETER; + } + + HeaderSize = OFFSET_OF (ONE_CRYPTO_IMAGE_PROVIDER_MSG, Data); + + // + // Snapshot *CommBufferSize once before use: on AARCH64 CommBuffer lives in + // Non-Secure DRAM and could be changed concurrently by Normal World. + // + InputBufferSize = *CommBufferSize; + if (InputBufferSize < HeaderSize) { + return EFI_BAD_BUFFER_SIZE; + } + + if ((InputBufferSize - HeaderSize) > MAX_UINT32) { + return EFI_BAD_BUFFER_SIZE; + } + + Msg = (ONE_CRYPTO_IMAGE_PROVIDER_MSG *)CommBuffer; + ZeroMem (&Msg->ImageGuid, sizeof (Msg->ImageGuid)); + Msg->TotalImageSize = 0; + Msg->ReturnedSize = 0; + + if ((Msg->Signature != ONE_CRYPTO_IMAGE_PROVIDER_SIGNATURE) || + (Msg->Version != ONE_CRYPTO_IMAGE_PROVIDER_VERSION)) + { + DEBUG ((DEBUG_ERROR, "OneCryptoImageProviderMm: Invalid request header\n")); + return EFI_INVALID_PARAMETER; + } + + // + // Snapshot caller-supplied fields before validation/use. + // + LocalOffset = Msg->Offset; + LocalRequestedSize = Msg->RequestedSize; + + Status = LocateOneCryptoImage (); + if (EFI_ERROR (Status)) { + return Status; + } + + // + // TotalImageSize is UINT32; guard against >4 GiB payloads. + // + if (mOneCryptoImageSize > MAX_UINT32) { + DEBUG ((DEBUG_ERROR, "OneCryptoImageProviderMm: Image size 0x%Lx exceeds UINT32 max\n", (UINT64)mOneCryptoImageSize)); + return EFI_UNSUPPORTED; + } + + Msg->ImageGuid = mOneCryptoBinaryGuid; + Msg->TotalImageSize = (UINT32)mOneCryptoImageSize; + Msg->Format = mOneCryptoImageFormat; + Msg->ReturnedSize = 0; + + // + // Size query: return total size + format, no payload. + // + if (LocalRequestedSize == 0) { + *CommBufferSize = HeaderSize; + return EFI_SUCCESS; + } + + if (LocalOffset > mOneCryptoImageSize) { + DEBUG ((DEBUG_ERROR, "OneCryptoImageProviderMm: Invalid offset 0x%Lx for size 0x%Lx\n", LocalOffset, (UINT64)mOneCryptoImageSize)); + return EFI_INVALID_PARAMETER; + } + + MaxPayload = InputBufferSize - HeaderSize; + Remaining = mOneCryptoImageSize - (UINTN)LocalOffset; + CopySize = LocalRequestedSize; + + if (CopySize > MaxPayload) { + CopySize = MaxPayload; + } + + if (CopySize > Remaining) { + CopySize = Remaining; + } + + if (CopySize > 0) { + CopyMem (Msg->Data, (CONST UINT8 *)mOneCryptoImageData + (UINTN)LocalOffset, CopySize); + } + + Msg->ReturnedSize = (UINT32)CopySize; + *CommBufferSize = HeaderSize + CopySize; + + return EFI_SUCCESS; +} + +/** + Module entry point. Registers the OneCrypto image-provider MM handler. + + @param[in] ImageHandle Image handle. + @param[in] MmSystemTable MM system table. + + @retval EFI_SUCCESS Handler registered. +**/ +EFI_STATUS +EFIAPI +MmEntry ( + IN EFI_HANDLE ImageHandle, + IN EFI_MM_SYSTEM_TABLE *MmSystemTable + ) +{ + EFI_STATUS Status; + EFI_HANDLE DispatchHandle; + + DispatchHandle = NULL; + Status = gMmst->MmiHandlerRegister ( + OneCryptoImageProviderHandler, + &gOneCryptoImageProviderGuid, + &DispatchHandle + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "OneCryptoImageProviderMm: Failed to register handler: %r\n", Status)); + return Status; + } + + DEBUG ((DEBUG_INFO, "OneCryptoImageProviderMm: Handler registered for %g\n", &gOneCryptoImageProviderGuid)); + return EFI_SUCCESS; +} diff --git a/OneCryptoPkg/OneCryptoLoaders/OneCryptoImageProviderStandaloneMm.inf b/OneCryptoPkg/OneCryptoLoaders/OneCryptoImageProviderStandaloneMm.inf new file mode 100644 index 000000000..52513e2b9 --- /dev/null +++ b/OneCryptoPkg/OneCryptoLoaders/OneCryptoImageProviderStandaloneMm.inf @@ -0,0 +1,42 @@ +## @file +# Provides OneCrypto PE32 image bytes from StandaloneMM over MM communication. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = OneCryptoImageProviderStandaloneMm + FILE_GUID = 60A67696-D50D-488E-B436-82D0D3A11E8F + MODULE_TYPE = MM_STANDALONE + VERSION_STRING = 1.0 + PI_SPECIFICATION_VERSION = 0x00010032 + ENTRY_POINT = MmEntry + +[Sources] + OneCryptoImageProviderMm.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + StandaloneMmPkg/StandaloneMmPkg.dec + OneCryptoPkg/OneCryptoPkg.dec + +[LibraryClasses] + StandaloneMmDriverEntryPoint + BaseLib + BaseMemoryLib + DebugLib + MmServicesTableLib + HobLib + FvLib + +[Guids] + gLzmaCustomDecompressGuid ## CONSUMES + +[Depex] + TRUE + +[BuildOptions] + GCC:*_CLANGPDB_*_DLINK_FLAGS = /ALIGN:4096 diff --git a/OneCryptoPkg/OneCryptoPkg.dec b/OneCryptoPkg/OneCryptoPkg.dec index 89fd9f8f3..871a997e7 100644 --- a/OneCryptoPkg/OneCryptoPkg.dec +++ b/OneCryptoPkg/OneCryptoPkg.dec @@ -26,6 +26,9 @@ [Guids] gOneCryptoPkgTokenSpaceGuid = { 0x36470E80, 0x36F2, 0x4BA0, { 0x8C, 0xC8, 0x93, 0x7C, 0x7D, 0x9F, 0xF8, 0x88 } } + ## OneCrypto image provider MM communication handler GUID + gOneCryptoImageProviderGuid = { 0x5B9B9A72, 0xA4DF, 0x4D57, { 0xA1, 0xD3, 0x3A, 0x88, 0xEF, 0xB2, 0x5B, 0x9E } } + [Protocols] ## OneCrypto Private Protocol ## From e83615595fc55ac3010d8d18924464826128d8fa Mon Sep 17 00:00:00 2001 From: Doug Flick Date: Tue, 14 Jul 2026 16:11:38 -0700 Subject: [PATCH 2/4] OneCryptoPkg: Add DXE loader for MM handoff Add the AARCH64 DXE loader that fetches OneCrypto image bytes from StandaloneMM over MM communication and update package wiring to build and package the new handoff path. Signed-off-by: Doug Flick --- .../OneCryptoLoaderDxeFromMm.c | 712 +++++++++++++++ .../OneCryptoLoaderDxeFromMm.inf | 54 ++ OneCryptoPkg/OneCryptoPkg.dsc | 818 ++++++++++-------- 3 files changed, 1200 insertions(+), 384 deletions(-) create mode 100644 OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxeFromMm.c create mode 100644 OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxeFromMm.inf diff --git a/OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxeFromMm.c b/OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxeFromMm.c new file mode 100644 index 000000000..fa113b7cb --- /dev/null +++ b/OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxeFromMm.c @@ -0,0 +1,712 @@ +/** @file + OneCryptoLoaderDxeFromMm.c + + DXE loader that fetches OneCrypto image bytes from StandaloneMM via + EFI_MM_COMMUNICATION2_PROTOCOL, then LoadImage()s the fetched PE32 image. + + Copyright (c) Microsoft Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +#include +#include + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include +#include +#include +#include +#include + +STATIC EFI_GUID mOneCryptoBinaryGuid = ONE_CRYPTO_BINARY_GUID; + +// The dependencies of the shared library, must live as long as the shared code is used. +STATIC ONE_CRYPTO_DEPENDENCIES *mOneCryptoDepends = NULL; + +// Crypto protocol for the shared library. Using VOID* to be agnostic about protocol structure size/layout. +STATIC VOID *mOneCryptoProtocol = NULL; + +// Lazy RNG state tracking. +STATIC EFI_RNG_PROTOCOL *mCachedRngProtocol = NULL; + +/** + Lazy RNG implementation that locates EFI_RNG_PROTOCOL on first use. +**/ +BOOLEAN +EFIAPI +LazyPlatformGetRandomNumber64 ( + OUT UINT64 *Rand + ) +{ + EFI_STATUS Status; + + if (Rand == NULL) { + DEBUG ((DEBUG_ERROR, "LazyPlatformGetRandomNumber64: Null Rand pointer\n")); + return FALSE; + } + + if (mCachedRngProtocol == NULL) { + Status = gBS->LocateProtocol (&gEfiRngProtocolGuid, NULL, (VOID **)&mCachedRngProtocol); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, "LazyPlatformGetRandomNumber64: EFI_RNG_PROTOCOL not available: %r\n", Status)); + return FALSE; + } + } + + Status = mCachedRngProtocol->GetRNG (mCachedRngProtocol, NULL, sizeof (UINT64), (UINT8 *)Rand); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "LazyPlatformGetRandomNumber64: GetRNG failed: %r\n", Status)); + return FALSE; + } + + return TRUE; +} + +/** + Installs shared dependencies required for the crypto entrypoint. +**/ +STATIC +VOID +InstallSharedDependencies ( + OUT ONE_CRYPTO_DEPENDENCIES *OneCryptoDepends + ) +{ + OneCryptoDepends->Major = ONE_CRYPTO_DEPENDENCIES_VERSION_MAJOR; + OneCryptoDepends->Minor = ONE_CRYPTO_DEPENDENCIES_VERSION_MINOR; + OneCryptoDepends->Reserved = 0; + OneCryptoDepends->AllocatePool = AllocatePool; + OneCryptoDepends->FreePool = FreePool; + OneCryptoDepends->DebugPrint = DebugPrint; + OneCryptoDepends->GetTime = gRT->GetTime; + OneCryptoDepends->GetRandomNumber64 = LazyPlatformGetRandomNumber64; + OneCryptoDepends->MicroSecondDelay = gBS->Stall; +} + +/** + Gets exported CryptoEntry from a loaded image. +**/ +STATIC +EFI_STATUS +EFIAPI +GetEntryFromLoadedImage ( + IN EFI_LOADED_IMAGE_PROTOCOL *LoadedImage, + OUT CRYPTO_ENTRY *Entry + ) +{ + EFI_STATUS Status; + UINT32 Rva; + INTERNAL_IMAGE_CONTEXT Image; + EFI_IMAGE_EXPORT_DIRECTORY *Exports; + + if ((LoadedImage == NULL) || (Entry == NULL) || (LoadedImage->ImageBase == NULL)) { + return EFI_INVALID_PARAMETER; + } + + ZeroMem (&Image, sizeof (Image)); + Image.Context.ImageAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)LoadedImage->ImageBase; + Image.Context.ImageSize = (UINT64)LoadedImage->ImageSize; + Image.Context.Handle = LoadedImage->ImageBase; + Image.Context.ImageRead = PeCoffLoaderImageReadFromMemory; + + Status = PeCoffLoaderGetImageInfo (&Image.Context); + if (EFI_ERROR (Status)) { + return Status; + } + + if (Image.Context.ImageType != EFI_IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER) { + DEBUG ((DEBUG_ERROR, "Invalid image type: %d\n", Image.Context.ImageType)); + return EFI_UNSUPPORTED; + } + + Status = GetExportDirectoryInPeCoffImage (&Image, &Exports); + if (EFI_ERROR (Status)) { + return Status; + } + + Status = FindExportedFunction (&Image, Exports, EXPORTED_ENTRY_NAME, &Rva); + if (EFI_ERROR (Status)) { + return Status; + } + + *Entry = (CRYPTO_ENTRY)((EFI_PHYSICAL_ADDRESS)LoadedImage->ImageBase + Rva); + return EFI_SUCCESS; +} + +/** + Sends one image-provider request to MM and handles optional comm-buffer resize. +**/ +STATIC +EFI_STATUS +SendImageProviderRequest ( + IN EFI_MM_COMMUNICATION2_PROTOCOL *MmComm, + IN OUT VOID **CommBuffer, + IN OUT UINTN *CommBufferAllocSize, + IN UINT64 Offset, + IN UINT32 RequestedSize, + OUT ONE_CRYPTO_IMAGE_PROVIDER_MSG **Msg, + OUT UINTN *MsgSize + ) +{ + EFI_MM_COMMUNICATE_HEADER *CommHeader; + ONE_CRYPTO_IMAGE_PROVIDER_MSG *LocalMsg; + UINTN HeaderSize; + UINTN CommSize; + EFI_STATUS Status; + + HeaderSize = OFFSET_OF (ONE_CRYPTO_IMAGE_PROVIDER_MSG, Data); + +Retry: + CommHeader = (EFI_MM_COMMUNICATE_HEADER *)(*CommBuffer); + ZeroMem (CommHeader, *CommBufferAllocSize); + + CopyGuid (&CommHeader->HeaderGuid, &gOneCryptoImageProviderGuid); + CommHeader->MessageLength = *CommBufferAllocSize - OFFSET_OF (EFI_MM_COMMUNICATE_HEADER, Data); + + LocalMsg = (ONE_CRYPTO_IMAGE_PROVIDER_MSG *)CommHeader->Data; + LocalMsg->Signature = ONE_CRYPTO_IMAGE_PROVIDER_SIGNATURE; + LocalMsg->Version = ONE_CRYPTO_IMAGE_PROVIDER_VERSION; + LocalMsg->Offset = Offset; + LocalMsg->RequestedSize = RequestedSize; + + CommSize = *CommBufferAllocSize; + Status = MmComm->Communicate (MmComm, *CommBuffer, *CommBuffer, &CommSize); + DEBUG (( + DEBUG_INFO, + "OneCryptoLoaderDxeFromMm: MmComm->Communicate offset=0x%Lx req=0x%x status=%r commSize=0x%Lx\n", + Offset, + RequestedSize, + Status, + (UINT64)CommSize + )); + if (Status == EFI_BAD_BUFFER_SIZE) { + if (CommSize <= *CommBufferAllocSize) { + return Status; + } + + FreePool (*CommBuffer); + *CommBuffer = AllocateZeroPool (CommSize); + if (*CommBuffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } + + *CommBufferAllocSize = CommSize; + goto Retry; + } + + if (EFI_ERROR (Status)) { + return Status; + } + + if (CommSize < (OFFSET_OF (EFI_MM_COMMUNICATE_HEADER, Data) + HeaderSize)) { + DEBUG (( + DEBUG_ERROR, + "OneCryptoLoaderDxeFromMm: Response too small commSize=0x%Lx required>=0x%Lx\n", + (UINT64)CommSize, + (UINT64)(OFFSET_OF (EFI_MM_COMMUNICATE_HEADER, Data) + HeaderSize) + )); + return EFI_PROTOCOL_ERROR; + } + + *Msg = (ONE_CRYPTO_IMAGE_PROVIDER_MSG *)((EFI_MM_COMMUNICATE_HEADER *)(*CommBuffer))->Data; + *MsgSize = CommSize - OFFSET_OF (EFI_MM_COMMUNICATE_HEADER, Data); + return EFI_SUCCESS; +} + +/** + Decompresses the LZMA-compressed nested FV payload handed over by the MM + provider, locates the OneCrypto file within it, and returns a standalone copy + of its PE32 image bytes. + + Secure world cannot afford the ~2 MB LZMA dictionary + decode buffer, so the + provider ships the small compressed stream (ONE_CRYPTO_IMAGE_FORMAT_LZMA_FV) + and DXE -- with ample memory -- expands it here. + + @param[in] Compressed LZMA-compressed FV payload bytes. + @param[in] CompressedSize Size of the compressed payload. + @param[out] Pe32Data Newly allocated buffer holding the OneCrypto PE32. + @param[out] Pe32Size Size of the returned PE32 image. + + @retval EFI_SUCCESS PE32 image extracted and returned in Pe32Data. +**/ +STATIC +EFI_STATUS +ExtractOneCryptoPe32FromLzmaFv ( + IN VOID *Compressed, + IN UINTN CompressedSize, + OUT VOID **Pe32Data, + OUT UINTN *Pe32Size + ) +{ + EFI_STATUS Status; + UINT32 DecodedSize; + UINT32 ScratchSize; + VOID *Decoded; + VOID *Scratch; + EFI_FIRMWARE_VOLUME_HEADER *FvHeader; + EFI_COMMON_SECTION_HEADER *FvSection; + EFI_FFS_FILE_HEADER *FileHeader; + VOID *SectionData; + UINTN SectionDataSize; + VOID *Pe32Copy; + + *Pe32Data = NULL; + *Pe32Size = 0; + Decoded = NULL; + Scratch = NULL; + + // + // Minimum LZMA stream: 5-byte props + 8-byte uncompressed size = 13 bytes. + // + if ((Compressed == NULL) || (CompressedSize < 13)) { + return EFI_INVALID_PARAMETER; + } + + Status = LzmaUefiDecompressGetInfo (Compressed, (UINT32)CompressedSize, &DecodedSize, &ScratchSize); + if (EFI_ERROR (Status) || (DecodedSize == 0)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: LzmaUefiDecompressGetInfo failed: %r size=0x%x\n", Status, DecodedSize)); + return EFI_COMPROMISED_DATA; + } + + Decoded = AllocatePool (DecodedSize); + if (Decoded == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Cleanup; + } + + if (ScratchSize != 0) { + Scratch = AllocatePool (ScratchSize); + if (Scratch == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Cleanup; + } + } + + Status = LzmaUefiDecompress (Compressed, CompressedSize, Decoded, Scratch); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: LzmaUefiDecompress failed: %r\n", Status)); + Status = EFI_COMPROMISED_DATA; + goto Cleanup; + } + + // + // The decoded payload is the nested FV -- either the raw FV image, or a + // FIRMWARE_VOLUME_IMAGE section wrapping it. Resolve to the FV header. + // + if (((EFI_FIRMWARE_VOLUME_HEADER *)Decoded)->Signature == EFI_FVH_SIGNATURE) { + FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)Decoded; + } else { + FvSection = NULL; + Status = FindFfsSectionInSections ( + Decoded, + DecodedSize, + EFI_SECTION_FIRMWARE_VOLUME_IMAGE, + &FvSection + ); + if (EFI_ERROR (Status) || (FvSection == NULL)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: Decoded payload is not an FV: %r\n", Status)); + Status = EFI_VOLUME_CORRUPTED; + goto Cleanup; + } + + if (IS_SECTION2 (FvSection)) { + FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)((EFI_COMMON_SECTION_HEADER2 *)FvSection + 1); + } else { + FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)(FvSection + 1); + } + } + + // + // Find the OneCrypto file and its PE32 section within the decoded FV. + // + FileHeader = NULL; + Status = EFI_NOT_FOUND; + while (TRUE) { + if (EFI_ERROR (FfsFindNextFile (EFI_FV_FILETYPE_ALL, FvHeader, &FileHeader))) { + break; + } + + if (!CompareGuid (&FileHeader->Name, &mOneCryptoBinaryGuid)) { + continue; + } + + if (!EFI_ERROR (FfsFindSectionData (EFI_SECTION_PE32, FileHeader, &SectionData, &SectionDataSize)) && + (SectionData != NULL) && (SectionDataSize != 0)) + { + Pe32Copy = AllocateCopyPool (SectionDataSize, SectionData); + if (Pe32Copy == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Cleanup; + } + + *Pe32Data = Pe32Copy; + *Pe32Size = SectionDataSize; + Status = EFI_SUCCESS; + DEBUG (( + DEBUG_INFO, + "OneCryptoLoaderDxeFromMm: Extracted OneCrypto PE32 from decoded FV size=0x%Lx\n", + (UINT64)SectionDataSize + )); + goto Cleanup; + } + } + + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: OneCrypto PE32 not found in decoded FV\n")); + +Cleanup: + if (Decoded != NULL) { + FreePool (Decoded); + } + + if (Scratch != NULL) { + FreePool (Scratch); + } + + return Status; +} + +/** + Fetches complete OneCrypto PE32 image from MM provider using chunked requests. +**/ +STATIC +EFI_STATUS +FetchImageFromMm ( + OUT VOID **ImageData, + OUT UINTN *ImageSize, + OUT UINT32 *Format + ) +{ + EFI_MM_COMMUNICATION2_PROTOCOL *MmComm; + EFI_STATUS Status; + VOID *CommBuffer; + UINTN CommBufferAllocSize; + ONE_CRYPTO_IMAGE_PROVIDER_MSG *Msg; + UINTN MsgSize; + VOID *LocalImage; + UINTN HeaderSize; + UINTN ChunkCapacity; + UINTN Offset; + UINTN Remaining; + UINTN ThisChunk; + UINT32 ExpectedTotal; + + *ImageData = NULL; + *ImageSize = 0; + *Format = ONE_CRYPTO_IMAGE_FORMAT_PE32; + + Status = gBS->LocateProtocol (&gEfiMmCommunication2ProtocolGuid, NULL, (VOID **)&MmComm); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: gEfiMmCommunication2ProtocolGuid not found: %r\n", Status)); + return Status; + } + + CommBufferAllocSize = 0x30000; // QAV default MM communication buffer size. + CommBuffer = AllocateZeroPool (CommBufferAllocSize); + if (CommBuffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } + + HeaderSize = OFFSET_OF (ONE_CRYPTO_IMAGE_PROVIDER_MSG, Data); + + // Size query. + Status = SendImageProviderRequest ( + MmComm, + &CommBuffer, + &CommBufferAllocSize, + 0, + 0, + &Msg, + &MsgSize + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: Size query request failed: %r\n", Status)); + goto Exit; + } + + if ((Msg->TotalImageSize == 0) || (Msg->ReturnedSize != 0)) { + DEBUG (( + DEBUG_ERROR, + "OneCryptoLoaderDxeFromMm: Invalid size-query response total=0x%x returned=0x%x msgSize=0x%Lx\n", + Msg->TotalImageSize, + Msg->ReturnedSize, + (UINT64)MsgSize + )); + Status = EFI_PROTOCOL_ERROR; + goto Exit; + } + + // Validate ImageGuid in size-query response for consistency with chunk validation. + if (!CompareGuid (&Msg->ImageGuid, &mOneCryptoBinaryGuid)) { + DEBUG (( + DEBUG_ERROR, + "OneCryptoLoaderDxeFromMm: ImageGuid mismatch in size-query response\n" + )); + Status = EFI_COMPROMISED_DATA; + goto Exit; + } + + // Snapshot TotalImageSize from the size-query response into a local variable. + // All subsequent loop logic and the final *ImageSize use this value exclusively + // to detect mid-transfer tampering and prevent heap-overflow via inflated totals. + ExpectedTotal = Msg->TotalImageSize; + *Format = Msg->Format; + + LocalImage = AllocatePool (ExpectedTotal); + if (LocalImage == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } + + ChunkCapacity = CommBufferAllocSize - OFFSET_OF (EFI_MM_COMMUNICATE_HEADER, Data) - HeaderSize; + if (ChunkCapacity == 0) { + Status = EFI_BAD_BUFFER_SIZE; + FreePool (LocalImage); + goto Exit; + } + + Offset = 0; + while (Offset < ExpectedTotal) { + Remaining = ExpectedTotal - Offset; + ThisChunk = (Remaining < ChunkCapacity) ? Remaining : ChunkCapacity; + + Status = SendImageProviderRequest ( + MmComm, + &CommBuffer, + &CommBufferAllocSize, + Offset, + (UINT32)ThisChunk, + &Msg, + &MsgSize + ); + if (EFI_ERROR (Status)) { + DEBUG (( + DEBUG_ERROR, + "OneCryptoLoaderDxeFromMm: Chunk request failed offset=0x%Lx req=0x%Lx status=%r\n", + (UINT64)Offset, + (UINT64)ThisChunk, + Status + )); + FreePool (LocalImage); + goto Exit; + } + + ChunkCapacity = CommBufferAllocSize - OFFSET_OF (EFI_MM_COMMUNICATE_HEADER, Data) - HeaderSize; + if (ChunkCapacity == 0) { + Status = EFI_BAD_BUFFER_SIZE; + FreePool (LocalImage); + goto Exit; + } + + if ((Msg->ReturnedSize == 0) || (Msg->ReturnedSize > ThisChunk)) { + DEBUG (( + DEBUG_ERROR, + "OneCryptoLoaderDxeFromMm: Invalid chunk response offset=0x%Lx requested=0x%Lx returned=0x%x total=0x%x msgSize=0x%Lx\n", + (UINT64)Offset, + (UINT64)ThisChunk, + Msg->ReturnedSize, + Msg->TotalImageSize, + (UINT64)MsgSize + )); + Status = EFI_PROTOCOL_ERROR; + FreePool (LocalImage); + goto Exit; + } + + // Reject any chunk response where TotalImageSize differs from the + // size-query value — indicates a tampered or inconsistent MM provider. + if (Msg->TotalImageSize != ExpectedTotal) { + DEBUG (( + DEBUG_ERROR, + "OneCryptoLoaderDxeFromMm: TotalImageSize changed mid-transfer expected=0x%x got=0x%x\n", + ExpectedTotal, + Msg->TotalImageSize + )); + Status = EFI_COMPROMISED_DATA; + FreePool (LocalImage); + goto Exit; + } + + if (!CompareGuid (&Msg->ImageGuid, &mOneCryptoBinaryGuid)) { + DEBUG (( + DEBUG_ERROR, + "OneCryptoLoaderDxeFromMm: ImageGuid mismatch in chunk response offset=0x%Lx\n", + (UINT64)Offset + )); + Status = EFI_COMPROMISED_DATA; + FreePool (LocalImage); + goto Exit; + } + + CopyMem ((UINT8 *)LocalImage + Offset, Msg->Data, Msg->ReturnedSize); + Offset += Msg->ReturnedSize; + } + + *ImageData = LocalImage; + *ImageSize = ExpectedTotal; + Status = EFI_SUCCESS; + +Exit: + if (CommBuffer != NULL) { + FreePool (CommBuffer); + } + + return Status; +} + +/** + DXE entry point. +**/ +EFI_STATUS +EFIAPI +DxeEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + VOID *SectionData; + UINTN SectionSize; + CRYPTO_ENTRY Entry; + EFI_LOADED_IMAGE_PROTOCOL *LoadedImage; + EFI_HANDLE LoadedImageHandle; + UINT32 CryptoSize; + UINT32 ImageFormat; + + LoadedImageHandle = NULL; + LoadedImage = NULL; + SectionData = NULL; + SectionSize = 0; + CryptoSize = 0; + ImageFormat = ONE_CRYPTO_IMAGE_FORMAT_PE32; + + if (mOneCryptoDepends == NULL) { + mOneCryptoDepends = AllocatePool (sizeof (*mOneCryptoDepends)); + if (mOneCryptoDepends == NULL) { + return EFI_OUT_OF_RESOURCES; + } + + InstallSharedDependencies (mOneCryptoDepends); + } + + Status = FetchImageFromMm (&SectionData, &SectionSize, &ImageFormat); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: FetchImageFromMm failed: %r\n", Status)); + return Status; + } + + // + // When the secure-world provider cannot afford to LZMA-decode the nested FV, + // it hands over the compressed stream instead. Decompress it here (normal + // world has ample memory) and extract the OneCrypto PE32 to load. + // + if (ImageFormat == ONE_CRYPTO_IMAGE_FORMAT_LZMA_FV) { + VOID *Pe32Data; + UINTN Pe32Size; + + Status = ExtractOneCryptoPe32FromLzmaFv (SectionData, SectionSize, &Pe32Data, &Pe32Size); + FreePool (SectionData); + SectionData = NULL; + SectionSize = 0; + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: ExtractOneCryptoPe32FromLzmaFv failed: %r\n", Status)); + return Status; + } + + SectionData = Pe32Data; + SectionSize = Pe32Size; + } + + Status = SystemTable->BootServices->LoadImage ( + FALSE, + ImageHandle, + NULL, + SectionData, + SectionSize, + &LoadedImageHandle + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: LoadImage failed: %r\n", Status)); + goto Exit; + } + + Status = SystemTable->BootServices->HandleProtocol ( + LoadedImageHandle, + &gEfiLoadedImageProtocolGuid, + (VOID **)&LoadedImage + ); + if (EFI_ERROR (Status) || (LoadedImage == NULL)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: HandleProtocol(LoadedImage) failed: %r\n", Status)); + goto Exit; + } + + Status = GetEntryFromLoadedImage (LoadedImage, &Entry); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: GetEntryFromLoadedImage failed: %r\n", Status)); + goto Exit; + } + + Status = Entry (mOneCryptoDepends, NULL, &CryptoSize); + if ((Status != EFI_BUFFER_TOO_SMALL) || (CryptoSize == 0)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: Failed to query crypto protocol size: %r\n", Status)); + goto Exit; + } + + mOneCryptoProtocol = AllocatePool (CryptoSize); + if (mOneCryptoProtocol == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } + + Status = Entry (mOneCryptoDepends, &mOneCryptoProtocol, &CryptoSize); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: Crypto entry failed: %r\n", Status)); + FreePool (mOneCryptoProtocol); + mOneCryptoProtocol = NULL; + goto Exit; + } + + Status = SystemTable->BootServices->InstallMultipleProtocolInterfaces ( + &ImageHandle, + &gOneCryptoProtocolGuid, + mOneCryptoProtocol, + NULL + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "OneCryptoLoaderDxeFromMm: InstallProtocol failed: %r\n", Status)); + goto Exit; + } + + Status = EFI_SUCCESS; + +Exit: + if (SectionData != NULL) { + FreePool (SectionData); + } + + if ((Status != EFI_SUCCESS) && (mOneCryptoDepends != NULL)) { + FreePool (mOneCryptoDepends); + mOneCryptoDepends = NULL; + } + + return Status; +} diff --git a/OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxeFromMm.inf b/OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxeFromMm.inf new file mode 100644 index 000000000..b753c8d00 --- /dev/null +++ b/OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxeFromMm.inf @@ -0,0 +1,54 @@ +## @file +# Loads OneCrypto from StandaloneMM image provider and installs OneCrypto protocol. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = OneCryptoLoaderDxeFromMm + FILE_GUID = 9CAAC6D7-7A89-4A1D-AB95-08CD20B8E44A + MODULE_TYPE = DXE_DRIVER + VERSION_STRING = 1.0 + ENTRY_POINT = DxeEntryPoint + +[Sources] + OneCryptoLoaderDxeFromMm.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + CryptoPkg/CryptoPkg.dec + OneCryptoPkg/OneCryptoPkg.dec + +[LibraryClasses] + UefiDriverEntryPoint + DebugLib + BaseMemoryLib + MemoryAllocationLib + DxeServicesLib + FvLib + LzmaDecompressLib + PeCoffGetEntryPointLib + PeCoffLib + PeCoffExtraActionLib + PeCoffExtendedLib + UefiBootServicesTableLib + UefiRuntimeServicesTableLib + SafeIntLib + RngLib + +[Protocols] + gOneCryptoProtocolGuid ## PRODUCES + gEfiRngProtocolGuid ## CONSUMES + gEfiMmCommunication2ProtocolGuid ## CONSUMES + +[Guids] + gOneCryptoImageProviderGuid ## CONSUMES + +[Depex] + gEfiMmCommunication2ProtocolGuid + +[BuildOptions] + GCC:*_CLANGPDB_*_DLINK_FLAGS = /ALIGN:4096 diff --git a/OneCryptoPkg/OneCryptoPkg.dsc b/OneCryptoPkg/OneCryptoPkg.dsc index c17d3c20a..eee0953cb 100644 --- a/OneCryptoPkg/OneCryptoPkg.dsc +++ b/OneCryptoPkg/OneCryptoPkg.dsc @@ -1,384 +1,434 @@ -## @file -# OneCryptoPkg DSC file -# -# Copyright (c) Microsoft Corporation. -# SPDX-License-Identifier: BSD-2-Clause-Patent -# - -[Defines] - PLATFORM_NAME = OneCryptoPkg - PLATFORM_GUID = 36470E85-36F2-4BA0-8CC8-937C7D9FF888 - PLATFORM_VERSION = 1.0 - DSC_SPECIFICATION = 0x00010005 - OUTPUT_DIRECTORY = Build/OneCryptoPkg - SUPPORTED_ARCHITECTURES = X64|AARCH64 - BUILD_TARGETS = DEBUG|RELEASE|NOOPT - SKUID_IDENTIFIER = DEFAULT - -!ifndef NON_ACCEL - DEFINE NON_ACCEL = FALSE -!endif - - -[PcdsPatchableInModule.X64] - gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 - -[PcdsFeatureFlag.X64] - # Enable NASM assembly source style for accelerated OpenSSL crypto - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslLibAssemblySourceStyleNasm|TRUE - -[PcdsPatchableInModule.AARCH64] - gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 - -[PcdsFeatureFlag.AARCH64] - # - # Use the PE target assembly source files when building with the CLANGPDB - # toolchain. - # GCC and CLANGDWARF use the default PCD value of ELF target assembly source files. - # - !if "$(TOOL_CHAIN_TAG)" == "CLANGPDB" - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslLibAssemblySourceStylePe|TRUE - !endif - -[PcdsFixedAtBuild.X64] - # Ensure DEBUG prints are enabled (excluding VERBOSE: 0x8040004F & ~0x00400000 = 0x8000004F) - gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F - gEfiMdePkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0x8000004F - - # OneCryptoPkg Debug Configuration - # DEBUG builds: Enable Debug Print (BIT1) and Debug Code (BIT2) = 0x06 - # RELEASE builds: Disable all debug features = 0x00 - # Note: Debug Clear Memory (BIT3) is intentionally disabled for all builds -!if $(TARGET) == DEBUG - gOneCryptoPkgTokenSpaceGuid.PcdDebugPropertyMask|0x06 - gOneCryptoPkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0xFFFFFFFF -!else - gOneCryptoPkgTokenSpaceGuid.PcdDebugPropertyMask|0x00 - gOneCryptoPkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0x80000000 -!endif - -[PcdsFixedAtBuild.AARCH64] - # Ensure DEBUG prints are enabled (excluding VERBOSE: 0x8040004F & ~0x00400000 = 0x8000004F) - gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F - gEfiMdePkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0x8000004F - - # OneCryptoPkg Debug Configuration - # DEBUG builds: Enable Debug Print (BIT1) and Debug Code (BIT2) = 0x06 - # RELEASE builds: Disable all debug features = 0x00 - # Note: Debug Clear Memory (BIT3) is intentionally disabled for all builds -!if $(TARGET) == DEBUG - gOneCryptoPkgTokenSpaceGuid.PcdDebugPropertyMask|0x06 - gOneCryptoPkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0xFFFFFFFF -!else - gOneCryptoPkgTokenSpaceGuid.PcdDebugPropertyMask|0x00 - gOneCryptoPkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0x80000000 -!endif - -[LibraryClasses.AARCH64] - CompilerIntrinsicsLib|MdePkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf - -[Components.X64] - - ## OneCryptBin meant for StandaloneMm - # - # This binary provides the crypto for a StandaloneMm based platform. - ## - OneCryptoPkg/OneCryptoBin/OneCryptoBinStandaloneMm.inf { - - BaseLib | MdePkg/Library/BaseLib/BaseLib.inf - BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf - PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf - PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf - RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf - SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf - StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf - StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf - BaseCryptLib | OpensslPkg/Library/BaseCryptLib/BaseCryptLib.inf - TlsLib | OpensslPkg/Library/TlsLib/TlsLib.inf - IntrinsicLib | CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OneCryptoCrtLib | OneCryptoPkg/Library/OneCryptoCrtLib/OneCryptoCrtLib.inf - StandaloneMmDriverEntryPoint | OneCryptoPkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf - ############################################################################# - ## Crypto Provider - ############################################################################# - FltUsedLib | MsCorePkg/Library/FltUsedLib/FltUsedLib.inf - RealTimeClockLib | OneCryptoPkg/Library/RealTimeClockLibOnOneCrypto/RealTimeClockLibOnOneCrypto.inf - DebugLib | OneCryptoPkg/Library/DebugLibOnOneCrypto/DebugLibOnOneCrypto.inf - MemoryAllocationLib | OneCryptoPkg/Library/MemoryAllocationLibOnOneCrypto/MemoryAllocationLibOnOneCrypto.inf - RngLib | OneCryptoPkg/Library/RngLibOnOneCrypto/RngLibOnOneCrypto.inf - TimerLib | OneCryptoPkg/Library/TimerLibOnOneCrypto/TimerLibOnOneCrypto.inf - !if $(NON_ACCEL) == TRUE - OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFull.inf - !else - OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFullAccel.inf - !endif - } - - OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderStandaloneMm.inf { - - BaseLib | MdePkg/Library/BaseLib/BaseLib.inf - BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf - DebugLib | MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf - PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf - RngLib | MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf # Drivers should use the protocol, GetRandomNumber64 will not work. - RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf - PeCoffExtraActionLib | MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf - HobLib | MdePkg/Library/DxeHobLib/DxeHobLib.inf - StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf - StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf - SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf - PeCoffLib | MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf - PeCoffExtendedLib | OneCryptoPkg/Library/PeCoffExtendedLib/PeCoffExtendedLib.inf - PeCoffGetEntryPointLib | MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf - CacheMaintenanceLib | MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf - StandaloneMmDriverEntryPoint | MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf - MmServicesTableLib | MdePkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf - MemoryAllocationLib | StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf - HobLib | StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf - FvLib | StandaloneMmPkg/Library/FvLib/FvLib.inf - } - - ## OneCryptBin meant for SupvMm - # - # This binary provides the crypto for a SupvMm based platform. - ## - OneCryptoPkg/OneCryptoBin/OneCryptoBinSupvMm.inf { - - BaseLib | MdePkg/Library/BaseLib/BaseLib.inf - BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf - PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf - PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf - RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf - SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf - StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf - StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf - BaseCryptLib | OpensslPkg/Library/BaseCryptLib/BaseCryptLib.inf - TlsLib | OpensslPkg/Library/TlsLib/TlsLib.inf - IntrinsicLib | CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OneCryptoCrtLib | OneCryptoPkg/Library/OneCryptoCrtLib/OneCryptoCrtLib.inf - StandaloneMmDriverEntryPoint | OneCryptoPkg/Library/SupvStandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf - ############################################################################# - ## Crypto Provider - ############################################################################# - FltUsedLib | MsCorePkg/Library/FltUsedLib/FltUsedLib.inf - RealTimeClockLib | OneCryptoPkg/Library/RealTimeClockLibOnOneCrypto/RealTimeClockLibOnOneCrypto.inf - DebugLib | OneCryptoPkg/Library/DebugLibOnOneCrypto/DebugLibOnOneCrypto.inf - MemoryAllocationLib | OneCryptoPkg/Library/MemoryAllocationLibOnOneCrypto/MemoryAllocationLibOnOneCrypto.inf - RngLib | OneCryptoPkg/Library/RngLibOnOneCrypto/RngLibOnOneCrypto.inf - TimerLib | OneCryptoPkg/Library/TimerLibOnOneCrypto/TimerLibOnOneCrypto.inf - !if $(NON_ACCEL) == TRUE - OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFull.inf - !else - OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFullAccel.inf - !endif - } - - OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxe.inf { - - BaseLib | MdePkg/Library/BaseLib/BaseLib.inf - BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf - PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf - PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf - UefiLib | MdePkg/Library/UefiLib/UefiLib.inf - UefiRuntimeServicesTableLib | MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf - DevicePathLib | MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLibDevicePathProtocol.inf - RngLib | MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf # Drivers should use the protocol, GetRandomNumber64 will not work. - PeCoffLib | MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf - PeCoffExtendedLib | OneCryptoPkg/Library/PeCoffExtendedLib/PeCoffExtendedLib.inf - PeCoffGetEntryPointLib | MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf - CacheMaintenanceLib | MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf - NULL | MdePkg/Library/StackCheckLib/StackCheckLib.inf - RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf - PeCoffExtraActionLib | MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf - HobLib | MdePkg/Library/DxeHobLib/DxeHobLib.inf - StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf - StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf - SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf - UefiDriverEntryPoint | MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf - UefiBootServicesTableLib | MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf - MemoryAllocationLib | MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf - DxeServicesLib | MdePkg/Library/DxeServicesLib/DxeServicesLib.inf - DxeServicesTableLib | MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf ## NOT NEEDED - DebugLib | AdvLoggerPkg/Library/BaseDebugLibAdvancedLogger/BaseDebugLibAdvancedLogger.inf - DebugPrintErrorLevelLib | MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf - AdvancedLoggerLib | AdvLoggerPkg/Library/AdvancedLoggerLib/Dxe/AdvancedLoggerLib.inf - AssertLib | AdvLoggerPkg/Library/AssertLib/AssertLib.inf - } - - OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderSupvMm.inf { - - BaseLib | MmSupervisorPkg/Library/BaseLibSysCall/BaseLib.inf - BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf - DebugLib | MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf - PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf - RngLib | MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf # Drivers should use the protocol, GetRandomNumber64 will not work. - RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf - PeCoffExtraActionLib | MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf - HobLib | MdePkg/Library/DxeHobLib/DxeHobLib.inf - StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf - StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf - SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf - PeCoffLib | MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf - PeCoffExtendedLib | OneCryptoPkg/Library/PeCoffExtendedLib/PeCoffExtendedLib.inf - PeCoffGetEntryPointLib | MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf - CacheMaintenanceLib | MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf - SysCallLib | MmSupervisorPkg/Library/SysCallLib/SysCallLib.inf - StandaloneMmDriverEntryPoint | MmSupervisorPkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf - MmServicesTableLib | MmSupervisorPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf - MemoryAllocationLib | StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf - HobLib | StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf - FvLib | StandaloneMmPkg/Library/FvLib/FvLib.inf - } - -[Components.AARCH64] - - ## OneCryptBin meant for StandaloneMm - # - # This binary provides the crypto for a StandaloneMm based platform. - ## - OneCryptoPkg/OneCryptoBin/OneCryptoBinStandaloneMm.inf { - - BaseLib | MdePkg/Library/BaseLib/BaseLib.inf - BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf - PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf - PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf - RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf - SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf - StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf - StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf - BaseCryptLib | OpensslPkg/Library/BaseCryptLib/BaseCryptLib.inf - TlsLib | OpensslPkg/Library/TlsLib/TlsLib.inf - IntrinsicLib | CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OneCryptoCrtLib | OneCryptoPkg/Library/OneCryptoCrtLib/OneCryptoCrtLib.inf - StandaloneMmDriverEntryPoint | OneCryptoPkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf - ############################################################################# - ## Crypto Provider - ############################################################################# - FltUsedLib | MsCorePkg/Library/FltUsedLib/FltUsedLib.inf - RealTimeClockLib | OneCryptoPkg/Library/RealTimeClockLibOnOneCrypto/RealTimeClockLibOnOneCrypto.inf - DebugLib | OneCryptoPkg/Library/DebugLibOnOneCrypto/DebugLibOnOneCrypto.inf - MemoryAllocationLib | OneCryptoPkg/Library/MemoryAllocationLibOnOneCrypto/MemoryAllocationLibOnOneCrypto.inf - RngLib | OneCryptoPkg/Library/RngLibOnOneCrypto/RngLibOnOneCrypto.inf - TimerLib | OneCryptoPkg/Library/TimerLibOnOneCrypto/TimerLibOnOneCrypto.inf - !if $(NON_ACCEL) == TRUE - OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFull.inf - !else - OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFullAccel.inf - !endif - NULL | MdePkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf - } - - OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderStandaloneMm.inf { - - BaseLib | MdePkg/Library/BaseLib/BaseLib.inf - BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf - DebugLib | MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf - PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf - RngLib | MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf # Drivers should use the protocol, GetRandomNumber64 will not work. - RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf - PeCoffExtraActionLib | MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf - HobLib | MdePkg/Library/DxeHobLib/DxeHobLib.inf - StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf - StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf - SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf - PeCoffLib | MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf - PeCoffExtendedLib | OneCryptoPkg/Library/PeCoffExtendedLib/PeCoffExtendedLib.inf - PeCoffGetEntryPointLib | MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf - CacheMaintenanceLib | MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf - StandaloneMmDriverEntryPoint | MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf - MmServicesTableLib | MdePkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf - MemoryAllocationLib | StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf - HobLib | StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf - FvLib | StandaloneMmPkg/Library/FvLib/FvLib.inf - } - - ############################################################################# - ## AARCH64 OneCryptoBin START - ## - ## AARCH64 requires 4 binaries instead of the normal 3 for X64: - ## 1. OneCryptoBinDxe - DXE binary that installs private protocol - ## 2. OneCryptoLoaderDxeProtocol - DXE loader (consumes private protocol) - ## 3. OneCryptoBinStandaloneMm - MM binary for secure world - ## 4. OneCryptoLoaderStandaloneMm - MM loader - ## - ## This is because the DXE loader cannot locate the StMM binary due to - ## secure world layout differences on AARCH64. - ############################################################################# - - ## OneCryptoBinDxe for AARCH64 - # - # This binary provides the crypto for DXE phase on AARCH64 platforms. - # It installs gOneCryptoPrivateProtocolGuid for the protocol-based loader. - ## - OneCryptoPkg/OneCryptoBin/OneCryptoBinDxe.inf { - - BaseLib | MdePkg/Library/BaseLib/BaseLib.inf - BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf - PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf - PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf - RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf - SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf - StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf - StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf - BaseCryptLib | OpensslPkg/Library/BaseCryptLib/BaseCryptLib.inf - TlsLib | OpensslPkg/Library/TlsLib/TlsLib.inf - IntrinsicLib | CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - OneCryptoCrtLib | OneCryptoPkg/Library/OneCryptoCrtLib/OneCryptoCrtLib.inf - UefiDriverEntryPoint | MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf - UefiBootServicesTableLib | MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf - ############################################################################# - ## Crypto Provider - ############################################################################# - FltUsedLib | MsCorePkg/Library/FltUsedLib/FltUsedLib.inf - RealTimeClockLib | OneCryptoPkg/Library/RealTimeClockLibOnOneCrypto/RealTimeClockLibOnOneCrypto.inf - DebugLib | OneCryptoPkg/Library/DebugLibOnOneCrypto/DebugLibOnOneCrypto.inf - MemoryAllocationLib | OneCryptoPkg/Library/MemoryAllocationLibOnOneCrypto/MemoryAllocationLibOnOneCrypto.inf - RngLib | OneCryptoPkg/Library/RngLibOnOneCrypto/RngLibOnOneCrypto.inf - TimerLib | OneCryptoPkg/Library/TimerLibOnOneCrypto/TimerLibOnOneCrypto.inf - !if $(NON_ACCEL) == TRUE - OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFull.inf - !else - OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFullAccel.inf - !endif - NULL | MdePkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf - } - - ## OneCryptoLoaderDxeByProtocol for AARCH64 - # - # This loader consumes gOneCryptoPrivateProtocolGuid installed by OneCryptoBinDxe - # and produces gOneCryptoProtocolGuid for consumers. - ## - OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxeByProtocol.inf { - - BaseLib | MdePkg/Library/BaseLib/BaseLib.inf - BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf - PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf - PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf - UefiLib | MdePkg/Library/UefiLib/UefiLib.inf - UefiRuntimeServicesTableLib | MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf - DevicePathLib | MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLibDevicePathProtocol.inf - RngLib | MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf # Drivers should use the protocol, GetRandomNumber64 will not work. - RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf - HobLib | MdePkg/Library/DxeHobLib/DxeHobLib.inf - StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf - StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf - UefiDriverEntryPoint | MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf - UefiBootServicesTableLib | MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf - MemoryAllocationLib | MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf - DebugLib | AdvLoggerPkg/Library/BaseDebugLibAdvancedLogger/BaseDebugLibAdvancedLogger.inf - DebugPrintErrorLevelLib | MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf - AdvancedLoggerLib | AdvLoggerPkg/Library/AdvancedLoggerLib/Dxe/AdvancedLoggerLib.inf - AssertLib | AdvLoggerPkg/Library/AssertLib/AssertLib.inf - } - - ############################################################################# - ## AARCH64 OneCryptoBin END - ############################################################################# - -[BuildOptions] - *_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES -D ENABLE_MD5_DEPRECATED_INTERFACES - MSFT:*_*_*_DLINK_FLAGS = /IGNORE:4217 - RELEASE_*_*_CC_FLAGS = -D MDEPKG_NDEBUG - -[BuildOptions.AARCH64] - GCC:*_*_*_CC_FLAGS = -mbranch-protection=standard +## @file +# OneCryptoPkg DSC file +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# + +[Defines] + PLATFORM_NAME = OneCryptoPkg + PLATFORM_GUID = 36470E85-36F2-4BA0-8CC8-937C7D9FF888 + PLATFORM_VERSION = 1.0 + DSC_SPECIFICATION = 0x00010005 + OUTPUT_DIRECTORY = Build/OneCryptoPkg + SUPPORTED_ARCHITECTURES = X64|AARCH64 + BUILD_TARGETS = DEBUG|RELEASE|NOOPT + SKUID_IDENTIFIER = DEFAULT + +!ifndef NON_ACCEL + DEFINE NON_ACCEL = FALSE +!endif + + +[PcdsPatchableInModule.X64] + gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 + +[PcdsFeatureFlag.X64] + # Enable NASM assembly source style for accelerated OpenSSL crypto + gEfiCryptoPkgTokenSpaceGuid.PcdOpensslLibAssemblySourceStyleNasm|TRUE + +[PcdsPatchableInModule.AARCH64] + gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17 + +[PcdsFeatureFlag.AARCH64] + # + # Use the PE target assembly source files when building with the CLANGPDB + # toolchain. + # GCC and CLANGDWARF use the default PCD value of ELF target assembly source files. + # + !if "$(TOOL_CHAIN_TAG)" == "CLANGPDB" + gEfiCryptoPkgTokenSpaceGuid.PcdOpensslLibAssemblySourceStylePe|TRUE + !endif + +[PcdsFixedAtBuild.X64] + # Ensure DEBUG prints are enabled (excluding VERBOSE: 0x8040004F & ~0x00400000 = 0x8000004F) + gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F + gEfiMdePkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0x8000004F + + # OneCryptoPkg Debug Configuration + # DEBUG builds: Enable Debug Print (BIT1) and Debug Code (BIT2) = 0x06 + # RELEASE builds: Disable all debug features = 0x00 + # Note: Debug Clear Memory (BIT3) is intentionally disabled for all builds +!if $(TARGET) == DEBUG + gOneCryptoPkgTokenSpaceGuid.PcdDebugPropertyMask|0x06 + gOneCryptoPkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0xFFFFFFFF +!else + gOneCryptoPkgTokenSpaceGuid.PcdDebugPropertyMask|0x00 + gOneCryptoPkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0x80000000 +!endif + +[PcdsFixedAtBuild.AARCH64] + # Platform override for AARCH64 StandaloneMM serial debug output + gEfiMdeModulePkgTokenSpaceGuid.PcdSerialRegisterBase|0xFEDCA000 + gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate|3000000 + + # Ensure DEBUG prints are enabled (excluding VERBOSE: 0x8040004F & ~0x00400000 = 0x8000004F) + gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F + gEfiMdePkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0x8000004F + # StandaloneMM under Hafnium uses SVC conduit for FF-A calls. + gEfiMdeModulePkgTokenSpaceGuid.PcdFfaLibConduitSmc|FALSE + + # OneCryptoPkg Debug Configuration + # DEBUG builds: Enable Debug Print (BIT1) and Debug Code (BIT2) = 0x06 + # RELEASE builds: Disable all debug features = 0x00 + # Note: Debug Clear Memory (BIT3) is intentionally disabled for all builds +!if $(TARGET) == DEBUG + gOneCryptoPkgTokenSpaceGuid.PcdDebugPropertyMask|0x06 + gOneCryptoPkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0xFFFFFFFF +!else + gOneCryptoPkgTokenSpaceGuid.PcdDebugPropertyMask|0x00 + gOneCryptoPkgTokenSpaceGuid.PcdFixedDebugPrintErrorLevel|0x80000000 +!endif + +[LibraryClasses.AARCH64] + CompilerIntrinsicsLib|MdePkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf + +[Components.X64] + + ## OneCryptBin meant for StandaloneMm + # + # This binary provides the crypto for a StandaloneMm based platform. + ## + OneCryptoPkg/OneCryptoBin/OneCryptoBinStandaloneMm.inf { + + BaseLib | MdePkg/Library/BaseLib/BaseLib.inf + BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf + PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf + SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf + BaseCryptLib | OpensslPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib | OpensslPkg/Library/TlsLib/TlsLib.inf + IntrinsicLib | CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + OneCryptoCrtLib | OneCryptoPkg/Library/OneCryptoCrtLib/OneCryptoCrtLib.inf + StandaloneMmDriverEntryPoint | OneCryptoPkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf + ############################################################################# + ## Crypto Provider + ############################################################################# + FltUsedLib | MsCorePkg/Library/FltUsedLib/FltUsedLib.inf + RealTimeClockLib | OneCryptoPkg/Library/RealTimeClockLibOnOneCrypto/RealTimeClockLibOnOneCrypto.inf + DebugLib | OneCryptoPkg/Library/DebugLibOnOneCrypto/DebugLibOnOneCrypto.inf + MemoryAllocationLib | OneCryptoPkg/Library/MemoryAllocationLibOnOneCrypto/MemoryAllocationLibOnOneCrypto.inf + RngLib | OneCryptoPkg/Library/RngLibOnOneCrypto/RngLibOnOneCrypto.inf + TimerLib | OneCryptoPkg/Library/TimerLibOnOneCrypto/TimerLibOnOneCrypto.inf + !if $(NON_ACCEL) == TRUE + OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFull.inf + !else + OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFullAccel.inf + !endif + } + + OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderStandaloneMm.inf { + + BaseLib | MdePkg/Library/BaseLib/BaseLib.inf + BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf + DebugLib | MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf + DebugPrintErrorLevelLib | MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf + SerialPortLib | MdeModulePkg/Library/BaseSerialPortLib16550/BaseSerialPortLib16550.inf + IoLib | MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf + PlatformHookLib | MdeModulePkg/Library/BasePlatformHookLibNull/BasePlatformHookLibNull.inf + PciLib | MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf + PciCf8Lib | MdePkg/Library/BasePciCf8Lib/BasePciCf8Lib.inf + PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + RngLib | MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf # Drivers should use the protocol, GetRandomNumber64 will not work. + RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf + PeCoffExtraActionLib | MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf + HobLib | MdePkg/Library/DxeHobLib/DxeHobLib.inf + StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf + StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf + SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + PeCoffLib | MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf + PeCoffExtendedLib | OneCryptoPkg/Library/PeCoffExtendedLib/PeCoffExtendedLib.inf + PeCoffGetEntryPointLib | MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf + CacheMaintenanceLib | MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf + StandaloneMmDriverEntryPoint | MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf + MmServicesTableLib | MdePkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf + MemoryAllocationLib | StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf + HobLib | StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf + FvLib | StandaloneMmPkg/Library/FvLib/FvLib.inf + } + + ## OneCryptBin meant for SupvMm + # + # This binary provides the crypto for a SupvMm based platform. + ## + OneCryptoPkg/OneCryptoBin/OneCryptoBinSupvMm.inf { + + BaseLib | MdePkg/Library/BaseLib/BaseLib.inf + BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf + PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf + SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf + BaseCryptLib | OpensslPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib | OpensslPkg/Library/TlsLib/TlsLib.inf + IntrinsicLib | CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + OneCryptoCrtLib | OneCryptoPkg/Library/OneCryptoCrtLib/OneCryptoCrtLib.inf + StandaloneMmDriverEntryPoint | OneCryptoPkg/Library/SupvStandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf + ############################################################################# + ## Crypto Provider + ############################################################################# + FltUsedLib | MsCorePkg/Library/FltUsedLib/FltUsedLib.inf + RealTimeClockLib | OneCryptoPkg/Library/RealTimeClockLibOnOneCrypto/RealTimeClockLibOnOneCrypto.inf + DebugLib | OneCryptoPkg/Library/DebugLibOnOneCrypto/DebugLibOnOneCrypto.inf + MemoryAllocationLib | OneCryptoPkg/Library/MemoryAllocationLibOnOneCrypto/MemoryAllocationLibOnOneCrypto.inf + RngLib | OneCryptoPkg/Library/RngLibOnOneCrypto/RngLibOnOneCrypto.inf + TimerLib | OneCryptoPkg/Library/TimerLibOnOneCrypto/TimerLibOnOneCrypto.inf + !if $(NON_ACCEL) == TRUE + OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFull.inf + !else + OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFullAccel.inf + !endif + } + + OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxe.inf { + + BaseLib | MdePkg/Library/BaseLib/BaseLib.inf + BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf + UefiLib | MdePkg/Library/UefiLib/UefiLib.inf + UefiRuntimeServicesTableLib | MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf + DevicePathLib | MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLibDevicePathProtocol.inf + RngLib | MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf # Drivers should use the protocol, GetRandomNumber64 will not work. + PeCoffLib | MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf + PeCoffExtendedLib | OneCryptoPkg/Library/PeCoffExtendedLib/PeCoffExtendedLib.inf + PeCoffGetEntryPointLib | MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf + CacheMaintenanceLib | MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf + NULL | MdePkg/Library/StackCheckLib/StackCheckLib.inf + RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf + PeCoffExtraActionLib | MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf + HobLib | MdePkg/Library/DxeHobLib/DxeHobLib.inf + StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf + StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf + SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + UefiDriverEntryPoint | MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf + UefiBootServicesTableLib | MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf + MemoryAllocationLib | MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf + DxeServicesLib | MdePkg/Library/DxeServicesLib/DxeServicesLib.inf + DxeServicesTableLib | MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf ## NOT NEEDED + DebugLib | AdvLoggerPkg/Library/BaseDebugLibAdvancedLogger/BaseDebugLibAdvancedLogger.inf + DebugPrintErrorLevelLib | MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf + AdvancedLoggerLib | AdvLoggerPkg/Library/AdvancedLoggerLib/Dxe/AdvancedLoggerLib.inf + AssertLib | AdvLoggerPkg/Library/AssertLib/AssertLib.inf + } + + OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderSupvMm.inf { + + BaseLib | MmSupervisorPkg/Library/BaseLibSysCall/BaseLib.inf + BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + DebugLib | MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf + PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + RngLib | MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf # Drivers should use the protocol, GetRandomNumber64 will not work. + RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf + PeCoffExtraActionLib | MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf + HobLib | MdePkg/Library/DxeHobLib/DxeHobLib.inf + StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf + StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf + SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + PeCoffLib | MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf + PeCoffExtendedLib | OneCryptoPkg/Library/PeCoffExtendedLib/PeCoffExtendedLib.inf + PeCoffGetEntryPointLib | MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf + CacheMaintenanceLib | MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf + SysCallLib | MmSupervisorPkg/Library/SysCallLib/SysCallLib.inf + StandaloneMmDriverEntryPoint | MmSupervisorPkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf + MmServicesTableLib | MmSupervisorPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf + MemoryAllocationLib | StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf + HobLib | StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf + FvLib | StandaloneMmPkg/Library/FvLib/FvLib.inf + } + +[Components.AARCH64] + + ## OneCryptBin meant for StandaloneMm + # + # This binary provides the crypto for a StandaloneMm based platform. + ## + OneCryptoPkg/OneCryptoBin/OneCryptoBinStandaloneMm.inf { + + BaseLib | MdePkg/Library/BaseLib/BaseLib.inf + BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf + PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf + SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf + BaseCryptLib | OpensslPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib | OpensslPkg/Library/TlsLib/TlsLib.inf + IntrinsicLib | CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + OneCryptoCrtLib | OneCryptoPkg/Library/OneCryptoCrtLib/OneCryptoCrtLib.inf + StandaloneMmDriverEntryPoint | OneCryptoPkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf + ############################################################################# + ## Crypto Provider + ############################################################################# + FltUsedLib | MsCorePkg/Library/FltUsedLib/FltUsedLib.inf + RealTimeClockLib | OneCryptoPkg/Library/RealTimeClockLibOnOneCrypto/RealTimeClockLibOnOneCrypto.inf + DebugLib | OneCryptoPkg/Library/DebugLibOnOneCrypto/DebugLibOnOneCrypto.inf + MemoryAllocationLib | OneCryptoPkg/Library/MemoryAllocationLibOnOneCrypto/MemoryAllocationLibOnOneCrypto.inf + RngLib | OneCryptoPkg/Library/RngLibOnOneCrypto/RngLibOnOneCrypto.inf + TimerLib | OneCryptoPkg/Library/TimerLibOnOneCrypto/TimerLibOnOneCrypto.inf + !if $(NON_ACCEL) == TRUE + OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFull.inf + !else + OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFullAccel.inf + !endif + NULL | MdePkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf + } + + OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderStandaloneMm.inf { + + BaseLib | MdePkg/Library/BaseLib/BaseLib.inf + BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf + DebugLib | MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf + DebugPrintErrorLevelLib | MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf + SerialPortLib | ArmPlatformPkg/Library/PL011SerialPortLib/PL011SerialPortLib.inf + PL011UartClockLib | ArmPlatformPkg/Library/PL011UartClockLib/PL011UartClockLib.inf + PL011UartLib | ArmPlatformPkg/Library/PL011UartLib/PL011UartLib.inf + IoLib | MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf + PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + RngLib | MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf # Drivers should use the protocol, GetRandomNumber64 will not work. + RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf + PeCoffExtraActionLib | MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf + HobLib | MdePkg/Library/DxeHobLib/DxeHobLib.inf + StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf + StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf + SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + PeCoffLib | MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf + PeCoffExtendedLib | OneCryptoPkg/Library/PeCoffExtendedLib/PeCoffExtendedLib.inf + PeCoffGetEntryPointLib | MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf + CacheMaintenanceLib | MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf + StandaloneMmDriverEntryPoint | MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf + MmServicesTableLib | MdePkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf + MemoryAllocationLib | StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf + HobLib | StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf + FvLib | StandaloneMmPkg/Library/FvLib/FvLib.inf + } + + OneCryptoPkg/OneCryptoLoaders/OneCryptoImageProviderStandaloneMm.inf { + + BaseLib | MdePkg/Library/BaseLib/BaseLib.inf + BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf + DebugLib | MdeModulePkg/Library/ArmFfaConsoleDebugLib/ArmFfaConsoleDebugStandaloneMmLib.inf + DebugPrintErrorLevelLib | MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf + ArmSmcLib | MdePkg/Library/ArmSmcLib/ArmSmcLib.inf + ArmSvcLib | MdePkg/Library/ArmSvcLib/ArmSvcLib.inf + PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf + StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf + StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf + SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + MemoryAllocationLib | StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf + StandaloneMmDriverEntryPoint | MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf + MmServicesTableLib | MdePkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf + HobLib | StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf + FvLib | StandaloneMmPkg/Library/FvLib/FvLib.inf + ExtractGuidedSectionLib | StandaloneMmPkg/Library/StandaloneMmExtractGuidedSectionLib/StandaloneMmExtractGuidedSectionLib.inf + } + + ############################################################################# + ## AARCH64 OneCryptoBin START + ## + ## AARCH64 requires 4 binaries instead of the normal 3 for X64: + ## 1. OneCryptoBinDxe - DXE binary that installs private protocol + ## 2. OneCryptoLoaderDxeProtocol - DXE loader (consumes private protocol) + ## 3. OneCryptoBinStandaloneMm - MM binary for secure world + ## 4. OneCryptoLoaderStandaloneMm - MM loader + ## + ## This is because the DXE loader cannot locate the StMM binary due to + ## secure world layout differences on AARCH64. + ############################################################################# + + ## OneCryptoBinDxe for AARCH64 + # + # This binary provides the crypto for DXE phase on AARCH64 platforms. + # It installs gOneCryptoPrivateProtocolGuid for the protocol-based loader. + ## + OneCryptoPkg/OneCryptoBin/OneCryptoBinDxe.inf { + + BaseLib | MdePkg/Library/BaseLib/BaseLib.inf + BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf + PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf + SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf + StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf + BaseCryptLib | OpensslPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib | OpensslPkg/Library/TlsLib/TlsLib.inf + IntrinsicLib | CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + OneCryptoCrtLib | OneCryptoPkg/Library/OneCryptoCrtLib/OneCryptoCrtLib.inf + UefiDriverEntryPoint | MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf + UefiBootServicesTableLib | MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf + ############################################################################# + ## Crypto Provider + ############################################################################# + FltUsedLib | MsCorePkg/Library/FltUsedLib/FltUsedLib.inf + RealTimeClockLib | OneCryptoPkg/Library/RealTimeClockLibOnOneCrypto/RealTimeClockLibOnOneCrypto.inf + DebugLib | OneCryptoPkg/Library/DebugLibOnOneCrypto/DebugLibOnOneCrypto.inf + MemoryAllocationLib | OneCryptoPkg/Library/MemoryAllocationLibOnOneCrypto/MemoryAllocationLibOnOneCrypto.inf + RngLib | OneCryptoPkg/Library/RngLibOnOneCrypto/RngLibOnOneCrypto.inf + TimerLib | OneCryptoPkg/Library/TimerLibOnOneCrypto/TimerLibOnOneCrypto.inf + !if $(NON_ACCEL) == TRUE + OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFull.inf + !else + OpensslLib | OpensslPkg/Library/OpensslLib/OpensslLibFullAccel.inf + !endif + NULL | MdePkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf + } + + ## OneCryptoLoaderDxeFromMm for AARCH64 + # + # This loader fetches OneCrypto PE bytes from StandaloneMM over + # gEfiMmCommunication2ProtocolGuid, then LoadImage()s and publishes + # gOneCryptoProtocolGuid for DXE consumers. + ## + OneCryptoPkg/OneCryptoLoaders/OneCryptoLoaderDxeFromMm.inf { + + BaseLib | MdePkg/Library/BaseLib/BaseLib.inf + BaseMemoryLib | MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + PcdLib | MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + PrintLib | MdePkg/Library/BasePrintLib/BasePrintLib.inf + UefiLib | MdePkg/Library/UefiLib/UefiLib.inf + UefiRuntimeServicesTableLib | MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf + DevicePathLib | MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLibDevicePathProtocol.inf + RngLib | MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf # Drivers should use the protocol, GetRandomNumber64 will not work. + PeCoffLib | MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf + PeCoffExtraActionLib | MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf + PeCoffExtendedLib | OneCryptoPkg/Library/PeCoffExtendedLib/PeCoffExtendedLib.inf + PeCoffGetEntryPointLib | MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf + DxeServicesLib | MdePkg/Library/DxeServicesLib/DxeServicesLib.inf + FvLib | MdePkg/Library/FvLib/FvLib.inf + LzmaDecompressLib | MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompressLib.inf + RegisterFilterLib | MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf + HobLib | MdePkg/Library/DxeHobLib/DxeHobLib.inf + StackCheckFailureHookLib | MdePkg/Library/StackCheckFailureHookLibNull/StackCheckFailureHookLibNull.inf + StackCheckLib | MdePkg/Library/StackCheckLib/StackCheckLib.inf + SafeIntLib | MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf + UefiDriverEntryPoint | MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf + UefiBootServicesTableLib | MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf + MemoryAllocationLib | MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf + DebugLib | AdvLoggerPkg/Library/BaseDebugLibAdvancedLogger/BaseDebugLibAdvancedLogger.inf + DebugPrintErrorLevelLib | MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf + AdvancedLoggerLib | AdvLoggerPkg/Library/AdvancedLoggerLib/Dxe/AdvancedLoggerLib.inf + AssertLib | AdvLoggerPkg/Library/AssertLib/AssertLib.inf + } + + ############################################################################# + ## AARCH64 OneCryptoBin END + ############################################################################# + +[BuildOptions] + *_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES -D ENABLE_MD5_DEPRECATED_INTERFACES + MSFT:*_*_*_DLINK_FLAGS = /IGNORE:4217 + RELEASE_*_*_CC_FLAGS = -D MDEPKG_NDEBUG + +[BuildOptions.AARCH64] + GCC:*_*_*_CC_FLAGS = -mbranch-protection=standard From cb5a3230515fdba3243e569d59439745aa030c5d Mon Sep 17 00:00:00 2001 From: Doug Flick Date: Tue, 14 Jul 2026 16:11:47 -0700 Subject: [PATCH 3/4] OneCryptoPkg: Package AARCH64 MM handoff artifacts Update the OneCrypto bundler to include the AARCH64 MM handoff artifacts and add the integration INF used to package the MM image provider in the binary drop. Signed-off-by: Doug Flick --- .../OneCryptoImageProviderStandaloneMm.inf | 24 +++++++++++++++++++ .../OneCryptoBundler/OneCryptoBundler.py | 7 ++++-- 2 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 OneCryptoPkg/OneCryptoLoaders/Integration/OneCryptoImageProviderStandaloneMm.inf diff --git a/OneCryptoPkg/OneCryptoLoaders/Integration/OneCryptoImageProviderStandaloneMm.inf b/OneCryptoPkg/OneCryptoLoaders/Integration/OneCryptoImageProviderStandaloneMm.inf new file mode 100644 index 000000000..a8319f0cc --- /dev/null +++ b/OneCryptoPkg/OneCryptoLoaders/Integration/OneCryptoImageProviderStandaloneMm.inf @@ -0,0 +1,24 @@ +## @file +# OneCrypto image provider in StandaloneMM for QAV fetch path. +# +# Copyright (C) Microsoft Corporation. All rights reserved. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = OneCryptoImageProviderStandaloneMm + FILE_GUID = 60A67696-D50D-488E-B436-82D0D3A11E8F + MODULE_TYPE = MM_STANDALONE + VERSION_STRING = 1.0 + PI_SPECIFICATION_VERSION = 0x00010032 + ENTRY_POINT = MmEntry + +[Packages] + MdePkg/MdePkg.dec + CryptoPkg/CryptoPkg.dec + +[Binaries] + PE32|OneCryptoImageProviderStandaloneMm.efi + SMM_DEPEX|OneCryptoImageProviderStandaloneMm.depex diff --git a/OneCryptoPkg/Plugin/OneCryptoBundler/OneCryptoBundler.py b/OneCryptoPkg/Plugin/OneCryptoBundler/OneCryptoBundler.py index 2a69a85d2..588e1b214 100644 --- a/OneCryptoPkg/Plugin/OneCryptoBundler/OneCryptoBundler.py +++ b/OneCryptoPkg/Plugin/OneCryptoBundler/OneCryptoBundler.py @@ -193,12 +193,15 @@ def driver_files(driver_dir, driver_name, new_name): (f"{workspace}/OneCryptoPkg/OneCryptoBin/Integration/OneCryptoBinStandaloneMm.inf", "OneCryptoBinStandaloneMm.inf"), ], "OneCryptoLoaders": [ - # OneCryptoBinDxeLoader (OneCryptoLoaderDxe) - *driver_files(f"{package_build_dir}/OneCryptoLoaders/OneCryptoLoaderDxeByProtocol", "OneCryptoLoaderDxe", "OneCryptoLoaderDxe"), + # OneCryptoBinDxeLoader (QAV path: OneCryptoLoaderDxeFromMm, packaged as OneCryptoLoaderDxe) + *driver_files(f"{package_build_dir}/OneCryptoLoaders/OneCryptoLoaderDxeFromMm", "OneCryptoLoaderDxeFromMm", "OneCryptoLoaderDxe"), (f"{workspace}/OneCryptoPkg/OneCryptoLoaders/Integration/OneCryptoLoaderDxe.inf", "OneCryptoLoaderDxe.inf"), # OneCryptoBinStandaloneMmLoader (OneCryptoLoaderStandaloneMm) *driver_files(f"{package_build_dir}/OneCryptoLoaders/OneCryptoLoaderStandaloneMm", "OneCryptoLoaderStandaloneMm", "OneCryptoLoaderStandaloneMm"), (f"{workspace}/OneCryptoPkg/OneCryptoLoaders/Integration/OneCryptoLoaderStandaloneMm.inf", "OneCryptoLoaderStandaloneMm.inf"), + # StandaloneMM image provider for QAV fetch path + *driver_files(f"{package_build_dir}/OneCryptoLoaders/OneCryptoImageProviderStandaloneMm", "OneCryptoImageProviderStandaloneMm", "OneCryptoImageProviderStandaloneMm"), + (f"{workspace}/OneCryptoPkg/OneCryptoLoaders/Integration/OneCryptoImageProviderStandaloneMm.inf", "OneCryptoImageProviderStandaloneMm.inf"), ], "BuildInfo": [ (f"{build_output}/BUILD_REPORT.TXT", "BUILD_REPORT.TXT"), From 30dfc1e8e3fae8857ed88cf3b96409631cade847 Mon Sep 17 00:00:00 2001 From: Doug Flick Date: Tue, 14 Jul 2026 16:11:53 -0700 Subject: [PATCH 4/4] OneCryptoPkg: Document AARCH64 single-copy flow Document the AARCH64 MM-to-DXE handoff flow, loader roles, and packaging expectations for the single-copy OneCrypto path. Signed-off-by: Doug Flick --- OneCryptoPkg/Docs/Architecture.md | 95 ++++++++++++++++++++++--------- OneCryptoPkg/Docs/FAQs.md | 27 ++++++--- OneCryptoPkg/Docs/README.md | 2 + 3 files changed, 90 insertions(+), 34 deletions(-) diff --git a/OneCryptoPkg/Docs/Architecture.md b/OneCryptoPkg/Docs/Architecture.md index 1b9109cfe..f63c33b2b 100644 --- a/OneCryptoPkg/Docs/Architecture.md +++ b/OneCryptoPkg/Docs/Architecture.md @@ -5,9 +5,10 @@ OneCryptoPkg uses a **Bin + Loader** pattern to provide crypto services. A OpenSSL) and a **Loader** module discovers the Bin, injects runtime dependencies, and installs the public `gOneCryptoProtocolGuid` for consumers. -Today only X64 supports the phase agnostic crypto implementation. -See [Why the Difference?](#why-the-difference) for details on AARCH64. -However this is something we want to support in the long term for AARCH64. +X64 supports a single stored MM binary consumed by DXE. +AARCH64 historically used a separate DXE Bin, and now also has an +MM-provider based single-copy prototype path. See +[Why the Difference?](#why-the-difference) for details. ## X64 @@ -52,45 +53,78 @@ Both StandaloneMm and SupvMm follow the same two-driver pattern: ## AARCH64 -AARCH64 produces **4 drivers**: 2 from `OneCryptoBin` and 2 from -`OneCryptoLoaders`. +AARCH64 currently has two integration modes: -| Environment | Bin | Loader | -|-----------------|----------------------------|-----------------------------------| -| DXE | `OneCryptoBinDxe` | `OneCryptoLoaderDxeByProtocol` | -| StandaloneMm | `OneCryptoBinStandaloneMm` | `OneCryptoLoaderStandaloneMm` | +1. Legacy dual-bin mode (default): dedicated DXE Bin + protocol-based DXE loader. +2. Single-copy AARCH64 mode: secure-world MM Bin is the only stored + OneCrypto image; DXE fetches image bytes from MM and LoadImage()s them. + +### Driver Set by AARCH64 Mode + +Legacy dual-bin mode: + +- DXE: `OneCryptoBinDxe` + `OneCryptoLoaderDxeByProtocol` +- StandaloneMm: `OneCryptoBinStandaloneMm` + `OneCryptoLoaderStandaloneMm` + +Single-copy AARCH64 mode: + +- DXE: `OneCryptoLoaderDxeFromMm` +- StandaloneMm: `OneCryptoImageProviderStandaloneMm` + + `OneCryptoBinStandaloneMm` + `OneCryptoLoaderStandaloneMm` ### DXE Flow (AARCH64) -On AARCH64 the DXE Loader **cannot** reach into the secure-world firmware -volume to load the StandaloneMm binary. Instead, a dedicated `OneCryptoBinDxe` -(`DXE_DRIVER`) is included in the normal-world FV: +#### Legacy dual-bin mode + +On AARCH64 the DXE Loader cannot directly read the secure-world FV, so this +mode uses a dedicated `OneCryptoBinDxe` (`DXE_DRIVER`) in the normal-world FV: -1. `OneCryptoBinDxe` is dispatched normally by the UEFI DXE dispatcher. Its - entry point installs `gOneCryptoPrivateProtocolGuid` with the crypto - constructor. +1. `OneCryptoBinDxe` is dispatched by DXE and installs + `gOneCryptoPrivateProtocolGuid`. 2. `OneCryptoLoaderDxeByProtocol` has a `[Depex]` on - `gOneCryptoPrivateProtocolGuid`. It calls `LocateProtocol()` to find the - private protocol, invokes the constructor, and installs the public - `gOneCryptoProtocolGuid`. + `gOneCryptoPrivateProtocolGuid`, calls `LocateProtocol()`, invokes the + constructor, and installs `gOneCryptoProtocolGuid`. + +This protocol-based approach avoids PE/COFF export parsing. + +#### Single-copy AARCH64 mode -This protocol-based approach avoids PE/COFF export parsing entirely. +This mode removes `OneCryptoBinDxe` from the normal-world FV and uses +`OneCryptoLoaderDxeFromMm`: + +1. Loader uses `EFI_MM_COMMUNICATION2_PROTOCOL` and + `gOneCryptoImageProviderGuid` to query total image size. +2. Loader fetches OneCrypto PE32 bytes in chunks from MM. +3. Loader calls `LoadImage()` on the fetched bytes, resolves `CryptoEntry`, + injects dependencies, and installs `gOneCryptoProtocolGuid`. ### MM Flow (AARCH64) -The MM two-driver pattern (Bin + Loader) is the same as X64 — -`OneCryptoBinStandaloneMm` and `OneCryptoLoaderStandaloneMm` are the same -source modules on both architectures. See -[Why the Difference?](#why-the-difference) for why AARCH64 needs a separate -`OneCryptoBinDxe` instead of reusing the MM binary during DXE. +`OneCryptoBinStandaloneMm` + `OneCryptoLoaderStandaloneMm` follow the same MM +Bin+Loader pattern as X64. + +In single-copy AARCH64 mode, `OneCryptoImageProviderStandaloneMm` is an additional +MM module that registers an MM communication handler and serves OneCrypto PE32 +bytes to DXE. It is intentionally separate from `OneCryptoLoaderStandaloneMm`: + +1. Separation of concerns: transport/provider path vs protocol construction path. +2. Earlier/independent availability: provider can be dispatched without coupling + to MM loader behavior. +3. Better failure isolation and debugging for MM-communicate contract issues. ## Why the Difference? On AARCH64, StandaloneMm runs inside TrustZone and the secure-world firmware volume is not accessible from normal-world DXE. On X64, `GetSectionFromAnyFv()` can reach the MM firmware volume, so the DXE Loader reuses the MM binary -directly. On AARCH64, a separate `OneCryptoBinDxe` must be included in the -normal-world FV. +directly. + +On AARCH64 there are two valid designs: + +1. Legacy dual-bin mode: include separate `OneCryptoBinDxe` in normal-world FV. +2. Single-copy AARCH64 mode: keep the single stored MM Bin and bridge + secure/non-secure separation using MM communication + (`OneCryptoImageProvider` and `OneCryptoLoaderDxeFromMm`). ## Module Summary @@ -104,6 +138,15 @@ normal-world FV. | `OneCryptoLoaderDxe` | `DXE_DRIVER` | ✓ | | | `OneCryptoLoaderDxeByProtocol` | `DXE_DRIVER` | | ✓ | +Single-copy mode modules on AARCH64: + +- `OneCryptoLoaderDxeFromMm` (`DXE_DRIVER`) +- `OneCryptoImageProviderStandaloneMm` (`MM_STANDALONE`) + +This mode originated as the QAV-A prototype on QemuArmVirtPkg, but the design +is intended for real AARCH64 platforms and mainline integration. The current +feature branch implementation is the bring-up/prototype vehicle. + ## Dependency Injection The crypto Bin binary statically links BaseCryptLib, TlsLib, and OpenSSL, but diff --git a/OneCryptoPkg/Docs/FAQs.md b/OneCryptoPkg/Docs/FAQs.md index 8fb74be1d..7247b979c 100644 --- a/OneCryptoPkg/Docs/FAQs.md +++ b/OneCryptoPkg/Docs/FAQs.md @@ -8,10 +8,10 @@ updating the DSC. ## Where can I see OneCryptoPkg integrated into a platform? -QemuQ35Pkg and QemuSbsaPkg on [mu_tiano_platforms](https://github.com/microsoft/mu_tiano_platforms) -uses the OneCrypto binary drivers. See pull request -[Platforms: Wire up OneCrypto binary drivers -](https://github.com/microsoft/mu_tiano_platforms/pull/1278). +QemuQ35Pkg and QemuSbsaPkg on +[mu_tiano_platforms](https://github.com/microsoft/mu_tiano_platforms) use the +OneCrypto binary drivers. See pull request +[Platforms: Wire up OneCrypto binary drivers](https://github.com/microsoft/mu_tiano_platforms/pull/1278). ## OneCryptoBinSupvMm is MODULE_TYPE MM_STANDALONE — how does it run in DXE? @@ -20,9 +20,14 @@ On X64, the DXE Loader (`OneCryptoLoaderDxe`) calls `LoadImage()` on the applied, then parses the PE/COFF exports to find and invoke the `CryptoEntry` function. -On AARCH64 the approach is different — a dedicated `OneCryptoBinDxe` -(`DXE_DRIVER`) is used instead because the secure-world FV is not accessible -from DXE. +On AARCH64 there are now two approaches: + +1. Legacy dual-bin mode: a dedicated `OneCryptoBinDxe` (`DXE_DRIVER`) is used + because the secure-world FV is not directly accessible from DXE. +2. Single-copy AARCH64 mode: DXE uses + `OneCryptoLoaderDxeFromMm` to fetch OneCrypto + PE32 bytes from `OneCryptoImageProviderStandaloneMm` over + `EFI_MM_COMMUNICATION2_PROTOCOL`, then calls `LoadImage()`. See [Architecture.md](Architecture.md) for the full Bin + Loader pattern and the differences between X64 and AARCH64. @@ -42,7 +47,7 @@ not match the executing environment. The Loader must call `SetupEntry` instead, which manually initializes the library constructors before providing the crypto protocol. -## Why are there two DXE Loaders (OneCryptoLoaderDxe vs OneCryptoLoaderDxeByProtocol)? +## Why are there multiple DXE Loaders (OneCryptoLoaderDxe, OneCryptoLoaderDxeByProtocol, OneCryptoLoaderDxeFromMm)? They serve different architectures with fundamentally different loading strategies: @@ -59,4 +64,10 @@ strategies: to find it. No `LoadImage()` or PE/COFF parsing is needed, and it uses `NoSetupEntry` since constructors already ran during normal dispatch. +- **`OneCryptoLoaderDxeFromMm`** (AARCH64 single-copy mode) — DXE cannot read the + secure-world FV directly, so this loader requests OneCrypto image bytes from + StandaloneMM (`OneCryptoImageProviderStandaloneMm`) via + `EFI_MM_COMMUNICATION2_PROTOCOL`, then `LoadImage()`s the fetched PE32 and + resolves `CryptoEntry`. + See [Architecture.md](Architecture.md) for the full X64 vs AARCH64 breakdown. diff --git a/OneCryptoPkg/Docs/README.md b/OneCryptoPkg/Docs/README.md index fa0ae5bf8..21e807b55 100644 --- a/OneCryptoPkg/Docs/README.md +++ b/OneCryptoPkg/Docs/README.md @@ -53,3 +53,5 @@ To consume OneCryptoPkg in a platform: - [Architecture.md](Architecture.md) — Bin + Loader pattern, X64 vs AARCH64, dependency injection - [FAQs.md](FAQs.md) — Common questions about OneCryptoPkg +- [QAV-A-Task-Notes.md](QAV-A-Task-Notes.md) — branch bring-up notes for + the single-copy AARCH64 mode