On Sun, 13 Jan 2019 at 13:42, Cohen, Eugene <eug...@hp.com> wrote:
>
> I saw this thread earlier this week and wanted to chime in.
>
> > > Also, there are some other pieces missing (which I mentioned in one of
> > > the other threads but I suppose you may not have caught up yet):
> > > EndOfDxe (as well as some other PI defined events) needs to be
> > > signalled to the standalone MM context by some non-MM agent, and I
> > > think there are other parts of the traditional SMM IPL that have not
> > > been ported to standalone MM yet.
>
> I haven't been following closely the state of StandaloneMmPkg on edk2 - as
> we were ready to sync up some of our earlier MM stuff to edk2 I learned that
> the support in place is only partial as patches have been coming in slowly so
> we chose to implement a version based on the early joint prototype work we
> did ("uefiproto" repo). In this there is a DXE component that produces the
> SMM Communication protocol and also ensures that when key GUIDed events occur
> in DXE that they are forwarded to MM including EndOfDxe.
>
> I don't see a strong argument for not forwarding the event signaling
> information to MM - MM can either use the information or ignore it as it sees
> fit. I can see scenarios around variable services where knowing what phase
> of boot the normal world is in is necessary.
>
I agree. If the normal world firmware is guaranteed to signal EndOfDxe
before loading any third party modules, it is not unreasonable to use
this on the secure side as a trust indicator as well.
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
