Merge pull request #82 from amrathesh/psci-mem-protect

R310_BBSR: Platform Reset Attack Mitigation thru PSCI

bbsr/patches/0001-SIE-Patch-for-UEFI-SCT-Build.patch

@@ -1,5 +1,5 @@
 diff --git a/uefi-sct/SctPkg/CommonGenFramework.sh b/uefi-sct/SctPkg/CommonGenFramework.sh
-index e319d4cd..de71584f 100755
+index e319d4cd..ff3b327f 100755
 --- a/uefi-sct/SctPkg/CommonGenFramework.sh
 +++ b/uefi-sct/SctPkg/CommonGenFramework.sh
 @@ -92,6 +92,9 @@ CopyDependency()
@@ -12,7 +12,7 @@ index e319d4cd..de71584f 100755
      ls -h $ProcessorType/$1_*.cmp   >> temp.txt 2>NUL
      ls -h $ProcessorType/$1_*.ucmp  >> temp.txt 2>NUL
 
-@@ -379,6 +382,12 @@ then
+@@ -379,6 +382,13 @@ then
      cp $ProcessorType/ImageServicesBBTest.efi                  $Framework/Test/ > NUL
      cp $ProcessorType/MiscBootServicesBBTest.efi               $Framework/Test/ > NUL
 
@@ -21,19 +21,21 @@ index e319d4cd..de71584f 100755
 +    cp $ProcessorType/TCGMemoryOverwriteRequestBBTest.efi      $Framework/Test/ > NUL
 +    cp $ProcessorType/TCG2ProtocolBBTest.efi                   $Framework/Test/ > NUL
 +    cp $ProcessorType/SecureBootBBTest.efi                     $Framework/Test/ > NUL
++    cp $ProcessorType/PlatformResetAttackMitigationPsciTest.efi $Framework/Test/ > NUL
 +
      cp $ProcessorType/VariableServicesBBTest.efi               $Framework/Test/ > NUL
      cp $ProcessorType/TimeServicesBBTest.efi                   $Framework/Test/ > NUL
      cp $ProcessorType/MiscRuntimeServicesBBTest.efi            $Framework/Test/ > NUL
-@@ -534,4 +543,5 @@ then
+@@ -534,4 +544,5 @@ then
      CopyDependency PciRootBridgeIo
      CopyDependency PxeBaseCode
      CopyDependency ConfigKeywordHandler
-+    CopyDependency SecureBoot
- fi
+-fi
 \ No newline at end of file
++    CopyDependency SecureBoot
++fi
 diff --git a/uefi-sct/SctPkg/Config/Data/Category.ini b/uefi-sct/SctPkg/Config/Data/Category.ini
-index 1e88a593..9d2e2301 100644
+index 1e88a593..62645552 100644
 --- a/uefi-sct/SctPkg/Config/Data/Category.ini
 +++ b/uefi-sct/SctPkg/Config/Data/Category.ini
 @@ -172,6 +172,20 @@ InterfaceGuid = AFF115FB-387B-4C18-8C41-6AFC7F03BB90
@@ -78,7 +80,7 @@ index 1e88a593..9d2e2301 100644
  [Category Data]
  Revision      = 0x00010000
  CategoryGuid  = 52A69BBF-E19F-4e82-93D6-AAC46E2E1E06
-@@ -1074,10 +1088,10 @@ CategoryGuid  = CCD15FEC-6F73-4EEC-8395-3E69E4B940BF
+@@ -1074,10 +1088,17 @@ CategoryGuid  = CCD15FEC-6F73-4EEC-8395-3E69E4B940BF
  InterfaceGuid = CCD15FEC-6F73-4EEC-8395-3E69E4B940BF
  Name          = RiscvBootProtocolTest
  Description   = RISC-V Boot Protocol Test
@@ -96,3 +98,10 @@ index 1e88a593..9d2e2301 100644
 +InterfaceGuid = 607f766c-7455-42be-930b-e4d76db2720f
 +Name          = TCG2ProtocolTest
 +Description   = TCG2 Protocol Test
++
++[Category Data]
++Revision      = 0x00010000
++CategoryGuid  = C4567D24-BB60-484E-80EC-A36ACEEA5C43
++InterfaceGuid = 71652D04-BF38-434A-BCB8-6547D7FD8384
++Name          = GenericTest\PlatformResetAttackMitigationPsciTest
++Description   = Check Platform Reset Attack Mitigation Via PSCI

bbsr/sct-tests/PlatformResetAttackMitigationPsciTest/BlackBoxTest/Guid.c

@@ -0,0 +1,31 @@
+/** @file
+
+  Copyright (c) 2024, Arm Ltd, All rights reserved.<BR>
+
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+/*++
+
+Module Name:
+
+  guid.c
+
+Abstract:
+
+  GUIDs auto-generated for EFI test assertion.
+
+--*/
+
+#include "Efi.h"
+#include "Guid.h"
+
+
+const EFI_GUID gPlatformResetAttackMitigationPsciBbTestAssertionGuid001 =
+                                   EFI_TEST_PLATRESETATTACKMITIGATIONPSCIBBTEST_ASSERTION_001_GUID;

bbsr/sct-tests/PlatformResetAttackMitigationPsciTest/BlackBoxTest/Guid.h

@@ -0,0 +1,34 @@
+/** @file
+
+  Copyright (c) 2024, Arm Ltd, All rights reserved.<BR>
+
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+/*++
+
+Module Name:
+
+  guid.h
+
+Abstract:
+
+  GUIDs auto-generated for EFI test assertion.
+
+--*/
+
+extern EFI_GUID gEfiGlobalVariableGuid;
+
+#define PLAT_RESET_ATTACK_MITIGATION_TEST_GUID \
+{0xf4fc5de8, 0x7ba2, 0x422c, {0xa5, 0x5b, 0x4f, 0x76, 0x0e, 0xd6, 0xa8, 0x5d}}
+
+#define EFI_TEST_PLATRESETATTACKMITIGATIONPSCIBBTEST_ASSERTION_001_GUID \
+{0x24d2d671, 0xea3d, 0x4c67, {0xba, 0xa2, 0x73, 0x6b, 0xeb, 0x09, 0x66, 0xf9}}
+extern const EFI_GUID gPlatformResetAttackMitigationPsciBbTestAssertionGuid001;

bbsr/sct-tests/PlatformResetAttackMitigationPsciTest/BlackBoxTest/PlatformResetAttackMitigationPsciBBTest.inf

@@ -0,0 +1,55 @@
+## @file
+#
+#  Copyright (c) 2024, Arm Ltd,. All rights reserved.<BR>
+#
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution.  The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php
+#
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+#/*++
+#
+# Module Name:
+#
+#   PlatformResetAttackMitigationPsciBBTest.inf
+#
+# Abstract:
+#
+#   Component description file for Platform Reset Attack Mitigation Via PSCI Black-Box Test.
+#
+#--*/
+
+[Defines]
+  INF_VERSION          = 0x00010005
+  BASE_NAME            = PlatformResetAttackMitigationPsciTest
+  FILE_GUID            = 5c2c18d0-62be-40fe-8ba6-692bf06c97ad
+  MODULE_TYPE          = UEFI_DRIVER
+  VERSION_STRING       = 1.0
+  ENTRY_POINT          = InitializePlatformResetAttackMitigationPsciBBTest
+
+[Sources.common]
+  PlatformResetAttackMitigationPsciBBTestMain.h
+  PlatformResetAttackMitigationPsciBBTestMain.c
+  PlatformResetAttackMitigationPsciBBTestFunction.c
+  Guid.h
+  Guid.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  SctPkg/SctPkg.dec
+  SctPkg/UEFI/UEFI.dec
+  ArmPkg/ArmPkg.dec
+
+[LibraryClasses]
+  UefiDriverEntryPoint
+  SctLib
+  EfiTestLib
+  ArmSmcLib
+
+[Protocols]
+  gEfiTestRecoveryLibraryGuid
+  gEfiTestLoggingLibraryGuid

bbsr/sct-tests/PlatformResetAttackMitigationPsciTest/BlackBoxTest/PlatformResetAttackMitigationPsciBBTestFunction.c

@@ -0,0 +1,175 @@
+/** @file
+
+  Copyright (c) 2024, Arm Ltd, All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+/*++
+
+Module Name:
+ PlatformResetAttackMitigationPsciBBTestFunction.c
+
+Abstract:
+  Source file for Platform Reset Attack Mitigation PSCI Black-Box Test.
+--*/
+
+#include "SctLib.h"
+#include "PlatformResetAttackMitigationPsciBBTestMain.h"
+#include <Library/ArmSmcLib.h>
+
+ARM_SMC_ARGS  SmcArgs;
+
+//
+// Prototypes
+//
+
+EFI_STATUS
+PlatformResetAttackMitigationPsciTest (
+  IN EFI_BB_TEST_PROTOCOL       *This,
+  IN VOID                       *ClientInterface,
+  IN EFI_TEST_LEVEL             TestLevel,
+  IN EFI_HANDLE                 SupportHandle
+  );
+
+//
+// Prototypes (internal)
+//
+
+EFI_STATUS
+PlatformResetAttackMitigationPsciTestSub1 (
+  IN EFI_RUNTIME_SERVICES                 *RT,
+  IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL   *StandardLib,
+  IN EFI_TEST_LOGGING_LIBRARY_PROTOCOL    *LoggingLib
+  );
+
+ /* BBSR R310_BBSR - Entry point for Platform Reset Attack Mitigation via PSCI Function Test.
+ *  @param This             A pointer to the EFI_BB_TEST_PROTOCOL instance.
+ *  @param ClientInterface  A pointer to the interface to be tested.
+ *  @param TestLevel        Test "thoroughness" control.
+ *  @param SupportHandle    A handle containing support protocols.
+ *  @return EFI_SUCCESS     Successfully.
+ *  @return Other value     Something failed.
+ */
+EFI_STATUS
+PlatformResetAttackMitigationPsciTest (
+  IN EFI_BB_TEST_PROTOCOL       *This,
+  IN VOID                       *ClientInterface,
+  IN EFI_TEST_LEVEL             TestLevel,
+  IN EFI_HANDLE                 SupportHandle
+  )
+{
+  EFI_STATUS                          Status;
+  EFI_RUNTIME_SERVICES                *RT;
+  EFI_STANDARD_TEST_LIBRARY_PROTOCOL  *StandardLib;
+  EFI_TEST_RECOVERY_LIBRARY_PROTOCOL  *RecoveryLib;
+  EFI_TEST_LOGGING_LIBRARY_PROTOCOL   *LoggingLib;
+
+  //
+  // Get test support library interfaces
+  //
+  Status = GetTestSupportLibrary (
+             SupportHandle,
+             &StandardLib,
+             &RecoveryLib,
+             &LoggingLib
+             );
+  if (EFI_ERROR(Status)) {
+    return Status;
+  }
+
+  if (FALSE == CheckBBTestCanRunAndRecordAssertion(
+                  StandardLib,
+                  L"Platform Reset Attack Mitigation via PSCI test not supported in EFI",
+                  __FILE__,
+                  (UINTN)__LINE__
+                  )) {
+    return EFI_SUCCESS;
+  }
+
+  RT = (EFI_RUNTIME_SERVICES *)ClientInterface;
+
+  Status = PlatformResetAttackMitigationPsciTestSub1 (RT, StandardLib, LoggingLib);
+
+  return EFI_SUCCESS;
+}
+
+//
+// Platform Reset Attack Mitigation Psci Test
+//
+EFI_STATUS
+PlatformResetAttackMitigationPsciTestSub1 (
+  IN EFI_RUNTIME_SERVICES                 *RT,
+  IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL   *StandardLib,
+  IN EFI_TEST_LOGGING_LIBRARY_PROTOCOL    *LoggingLib
+  )
+{
+  EFI_STATUS            Status;
+  UINT32                Index;
+  UINT32                Attribute;
+  UINTN                 DataSize;
+  VOID                  *Data;
+  EFI_TEST_ASSERTION    Result = EFI_TEST_ASSERTION_PASSED;
+
+  //
+  // Trace ...
+  //
+  if (LoggingLib != NULL) {
+    LoggingLib->EnterFunction (
+                  LoggingLib,
+                  L"PlatformResetAttackMitigationPsciTestSub1",
+                  L"BBSR R310"
+                  );
+  }
+
+  // PSCI MEM_PROTECT check
+  SmcArgs.Arg0 = ARM_SMC_ID_PSCI_PSCI_FEATURES;
+  SmcArgs.Arg1 = ARM_SMC_ID_PSCI_MEM_PROTECT;
+
+  ArmCallSmc(&SmcArgs);
+
+  StandardLib->RecordMessage (
+                     StandardLib,
+                     EFI_VERBOSE_LEVEL_DEFAULT,
+                     L"\r\nPSCI feature return value = %x",
+                     SmcArgs.Arg0
+                     );
+
+  // If MEM_PROTECT function is implemented, PSCI_FEATURES returns a value of 0.
+  if (SmcArgs.Arg0 == 0)
+      Result = EFI_TEST_ASSERTION_PASSED;
+  else
+      Result = EFI_TEST_ASSERTION_FAILED;
+
+  StandardLib->RecordAssertion (
+                   StandardLib,
+                   Result,
+                   gPlatformResetAttackMitigationPsciBbTestAssertionGuid001,
+                   L"Platfrom Reset Attack prevention support via PSCI",
+                   L"%a:%d:",
+                   __FILE__,
+                   (UINTN)__LINE__
+                   );
+
+  //
+  // Trace ...
+  //
+  if (LoggingLib != NULL) {
+    LoggingLib->ExitFunction (
+                  LoggingLib,
+                  L"PlatformResetAttackMitigationPsciTestSub1",
+                  L"BBSR R310"
+                  );
+  }
+
+  //
+  // Done
+  //
+  return EFI_SUCCESS;
+}
+