mergify[bot]
commented
1 month ago PR can not be merged due to conflict. Please rebase and resubmit
Closed jiaxinwu closed 1 week ago
mergify[bot]
commented
1 month ago PR can not be merged due to conflict. Please rebase and resubmit
Description
Standalone MM is the new software architecture used in X86 SMM environment. Below describes the new MM infrastructure from different perspectives.
MM Driver Dispatch
StandaloneMmIpl is a PEIM responsible for locating and loading StandaloneMmCore.
All the MM drivers are dispatched by StandaloneMmCore in the 2-round dispatches in X86. 1st round: StandaloneMmCore dispatches MM drivers in its IPL entry point running in non-SMM mode. It exits to StandaloneMmIpl after StandaloneMmCpu installs SMI handler in its entry point. 2nd round: StandaloneMmIpl triggers SMI (gEventMmDispatchGuid) to inform StandaloneMmCore dispatches the remaining MM drivers in SMM mode in its SMI entry point.
MM Communication
StandaloneMmIpl is responsible for allocating a fixed size of runtime memory (non-SMRAM) for communication buffer (MdeModulePkg/Include/Guid/MmCommBuffer.h) between non-MM and MM. The MmCommunication PPI is produced by StandaloneMmIpl.
StandaloneMmCore allocates a shadowed communication buffer in SMRAM accordingly. Every communication flow is as follows where #b, #c and #d run inside MM: a. Non-MM code modifies the communication buffer and triggers MMI. b. StandaloneMmCore copies the content to the shadowed one in SMRAM and calls the according MMI handler. c. MMI handler accesses the shadowed one in SMRAM. d. Upon returning of MMI handler, StandaloneMmCore copies the updated content in shadowed one to the communication buffer in non-SMRAM. e. Upon returning to non-MM mode, non-MM code reads the communication buffer.
Memory Protection
Non-SMM code requests SMM accessible memory region through MmUnblockMemoryLib (MdePkg/Include/Library/MmUnblockMemoryLib.h) which records the region in PEI HOB list (UefiCpuPkg/Include/Guid/MmUnblockRegion.h).
StandaloneMmIpl builds EFI_HOB_RESOURCE_DESCRIPTOR in MM HOB list for every record in PEI HOB list. Any non-SMRAM memory region that’s not described by EFI_HOB_RESOURCE_DESCRIPTOR in MM HOB list is not accessible from SMM mode.
StandaloneMmCpu driver creates page table used in SMM mode according to the EFI_HOB_RESOURCE_DESCRIPTOR in MM HOB list.
How Standalone MM Infra Was Tested
Standalone MM Infrastructure Functionality Test
The Standalone MM Infrastructure provided by this pull request has been tested and verified on the Intel QSP platform, in conjunction with the changes from the following pull request: https://github.com/tianocore/edk2-platforms/pull/169. Please refer to the official documentation provided for the QSP environment readiness (https://github.com/tianocore/edk2-platforms/blob/master/Platform/Intel/Readme.md).
Traditional SMM Functionality Test
Although Standalone MM Infrastructure is currently enabled only on the Intel QSP platform, some parts of the codebase are shared between Traditional SMM and Standalone MM. Therefore, this test aims to ensure the functionality of Traditional SMM and prevent the feature regression. Traditional SMM continues to be supported and has been verified on both OVMF and QSP platforms.
Unblock Mem Test
It's verified during the QSP boot flow. Only unblock mem can be accessed. Otherwise, #PF exception will happen.
PageTable
The SMM page tables are verified by dumping their contents, ensuring alignment with the ResourceDescriptor HOBs created by the MM IPL. All access rights for various resources within the MM environment are as expected (See above table for Access rights of different resources in MM env).
Variable Service Test
The Variable Service has been thoroughly tested within the new Standalone MM Infrastructure. This includes basic functionality tests and the SCT variable test suite.
SMM Profile Test
To enable the SMM Profile feature, set gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmProfileEnable to TRUE and gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmRestrictedMemoryAccess to FALSE. Once the system boots to the UEFI shell, use a UEFI shell tool to dump the SmmProfile information and verify the functionality of the SMM Profile feature. The tool can be found here: https://github.com/jyao1/EdkiiShellTool/tree/master/EdkiiShellToolPkg/SmmProfileDump.