* [PATCH] efi_loader: Bump the number of shared pages with StandAloneMM
@ 2021-12-15 7:50 Ilias Apalodimas
2021-12-18 11:03 ` Heinrich Schuchardt
0 siblings, 1 reply; 3+ messages in thread
From: Ilias Apalodimas @ 2021-12-15 7:50 UTC (permalink / raw)
To: xypron.glpk; +Cc: paul.liu, Ilias Apalodimas, Alexander Graf, u-boot
Currently we allow (and explicitly check) a single shared page with
StandAloneMM. This is dictated by OP-TEE which runs the application.
However there's no way for us dynamically discover the number of pages we
are allowed to use. Since writing big EFI signature list variables
requires more than a page, OP-TEE has bumped the number of shared pages to
four. Bump our page checks to four as well.
Note here that checking some kind of version and reason with the
compatibility doesn't make too much sense. We sanitize the number of pages
internally in our U-Boot code but eventually OP-TEE will fail if we try to
write more than it's allowing. The error will just happen later on when we
access StandAloneMM. So in order to avoid compatibility checks change the
number to four unconditionally.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Tested-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
---
lib/efi_loader/efi_variable_tee.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/efi_loader/efi_variable_tee.c b/lib/efi_loader/efi_variable_tee.c
index 281f886124af..95eaeaa5fd9d 100644
--- a/lib/efi_loader/efi_variable_tee.c
+++ b/lib/efi_loader/efi_variable_tee.c
@@ -261,8 +261,8 @@ efi_status_t EFIAPI get_max_payload(efi_uintn_t *size)
* with StMM. Since OP-TEE will reject to map anything bigger than that,
* make sure we are in bounds.
*/
- if (*size > OPTEE_PAGE_SIZE)
- *size = OPTEE_PAGE_SIZE - MM_COMMUNICATE_HEADER_SIZE -
+ if (*size > 4 * OPTEE_PAGE_SIZE)
+ *size = 4 * OPTEE_PAGE_SIZE - MM_COMMUNICATE_HEADER_SIZE -
MM_VARIABLE_COMMUNICATE_SIZE;
/*
* There seems to be a bug in EDK2 miscalculating the boundaries and
--
2.30.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] efi_loader: Bump the number of shared pages with StandAloneMM
2021-12-15 7:50 [PATCH] efi_loader: Bump the number of shared pages with StandAloneMM Ilias Apalodimas
@ 2021-12-18 11:03 ` Heinrich Schuchardt
2021-12-18 21:51 ` Ilias Apalodimas
0 siblings, 1 reply; 3+ messages in thread
From: Heinrich Schuchardt @ 2021-12-18 11:03 UTC (permalink / raw)
To: Ilias Apalodimas; +Cc: paul.liu, Alexander Graf, u-boot
On 12/15/21 08:50, Ilias Apalodimas wrote:
> Currently we allow (and explicitly check) a single shared page with
> StandAloneMM. This is dictated by OP-TEE which runs the application.
> However there's no way for us dynamically discover the number of pages we
> are allowed to use. Since writing big EFI signature list variables
> requires more than a page, OP-TEE has bumped the number of shared pages to
> four. Bump our page checks to four as well.
>
> Note here that checking some kind of version and reason with the
> compatibility doesn't make too much sense. We sanitize the number of pages
> internally in our U-Boot code but eventually OP-TEE will fail if we try to
> write more than it's allowing. The error will just happen later on when we
> access StandAloneMM. So in order to avoid compatibility checks change the
> number to four unconditionally.
>
> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> Tested-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
> ---
> lib/efi_loader/efi_variable_tee.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lib/efi_loader/efi_variable_tee.c b/lib/efi_loader/efi_variable_tee.c
> index 281f886124af..95eaeaa5fd9d 100644
> --- a/lib/efi_loader/efi_variable_tee.c
> +++ b/lib/efi_loader/efi_variable_tee.c
> @@ -261,8 +261,8 @@ efi_status_t EFIAPI get_max_payload(efi_uintn_t *size)
> * with StMM. Since OP-TEE will reject to map anything bigger than that,
> * make sure we are in bounds.
> */
> - if (*size > OPTEE_PAGE_SIZE)
> - *size = OPTEE_PAGE_SIZE - MM_COMMUNICATE_HEADER_SIZE -
> + if (*size > 4 * OPTEE_PAGE_SIZE)
> + *size = 4 * OPTEE_PAGE_SIZE - MM_COMMUNICATE_HEADER_SIZE -
> MM_VARIABLE_COMMUNICATE_SIZE;
Why do we need this check at all if OPTEE checks again?
Best regards
Heinrich
> /*
> * There seems to be a bug in EDK2 miscalculating the boundaries and
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] efi_loader: Bump the number of shared pages with StandAloneMM
2021-12-18 11:03 ` Heinrich Schuchardt
@ 2021-12-18 21:51 ` Ilias Apalodimas
0 siblings, 0 replies; 3+ messages in thread
From: Ilias Apalodimas @ 2021-12-18 21:51 UTC (permalink / raw)
To: Heinrich Schuchardt; +Cc: paul.liu, Alexander Graf, u-boot
Hi Heinrich,
On Sat, Dec 18, 2021 at 12:03:34PM +0100, Heinrich Schuchardt wrote:
>
>
> On 12/15/21 08:50, Ilias Apalodimas wrote:
> > Currently we allow (and explicitly check) a single shared page with
> > StandAloneMM. This is dictated by OP-TEE which runs the application.
> > However there's no way for us dynamically discover the number of pages we
> > are allowed to use. Since writing big EFI signature list variables
> > requires more than a page, OP-TEE has bumped the number of shared pages to
> > four. Bump our page checks to four as well.
> >
> > Note here that checking some kind of version and reason with the
> > compatibility doesn't make too much sense. We sanitize the number of pages
> > internally in our U-Boot code but eventually OP-TEE will fail if we try to
> > write more than it's allowing. The error will just happen later on when we
> > access StandAloneMM. So in order to avoid compatibility checks change the
> > number to four unconditionally.
> >
> > Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> > Tested-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
> > ---
> > lib/efi_loader/efi_variable_tee.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/lib/efi_loader/efi_variable_tee.c b/lib/efi_loader/efi_variable_tee.c
> > index 281f886124af..95eaeaa5fd9d 100644
> > --- a/lib/efi_loader/efi_variable_tee.c
> > +++ b/lib/efi_loader/efi_variable_tee.c
> > @@ -261,8 +261,8 @@ efi_status_t EFIAPI get_max_payload(efi_uintn_t *size)
> > * with StMM. Since OP-TEE will reject to map anything bigger than that,
> > * make sure we are in bounds.
> > */
> > - if (*size > OPTEE_PAGE_SIZE)
> > - *size = OPTEE_PAGE_SIZE - MM_COMMUNICATE_HEADER_SIZE -
> > + if (*size > 4 * OPTEE_PAGE_SIZE)
> > + *size = 4 * OPTEE_PAGE_SIZE - MM_COMMUNICATE_HEADER_SIZE -
> > MM_VARIABLE_COMMUNICATE_SIZE;
>
> Why do we need this check at all if OPTEE checks again?
>
OP-TEE will have to try and register the memory in tee_shm_register() to
fail. So since we know if only allows 4 pages we have an internal sanity checking
to bail out earlier.
Regards
/Ilias
> Best regards
>
> Heinrich
>
> > /*
> > * There seems to be a bug in EDK2 miscalculating the boundaries and
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-12-18 21:52 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-15 7:50 [PATCH] efi_loader: Bump the number of shared pages with StandAloneMM Ilias Apalodimas
2021-12-18 11:03 ` Heinrich Schuchardt
2021-12-18 21:51 ` Ilias Apalodimas
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).