REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1834
1)Add arguments "--embedded-driver" to support embedded driver
in command line.
2)Add arguments "--update-image-index" to identify ImageIndex
within the device in command line.
3)Add arguments "-j JSONFILE" to support multiple payloads and
embedded drivers with JSON file.
The update is in a backwards compatible manner, so all command
line options to support single payload are still supported. But
all the options associated with multiple payloads should be
provided in a JSON file.
Cc: Bob Feng <bob.c.feng@intel.com>
Signed-off-by: Eric Jin <eric.jin@intel.com>
Reviewed-by: Bob Feng <bob.c.feng@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1934
0x0 MicrocodeBegin MicrocodeEntry MicrocodeEnd 0xffffffff
|--------------|---------------|---------------|---------------|
valid TotalSize
TotalSize is only valid between 0 and (MicrocodeEnd - MicrocodeEntry).
So add '(UINTN)MicrocodeEntryPoint > (MAX_ADDRESS - TotalSize)' before
'((UINTN)MicrocodeEntryPoint + TotalSize) > MicrocodeEnd' to make sure
((UINTN)MicrocodeEntryPoint + TotalSize) wouldn't overflow.
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
In current implementation we are checking for device presence every
time we execute UIC command. To make UfsExecUicCommands more generic
checking device presence has been moved to UfsDeviceDetection.
Signed-off-by: Mateusz Albecki <mateusz.albecki@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1844
The commit will remove the below modules from PcAtChipsetPkg:
* PcAtChipsetPkg/8259InterruptControllerDxe/8259.inf
* PcAtChipsetPkg/8254TimerDxe/8254Timer.inf
* PcAtChipsetPkg/IsaAcpiDxe/IsaAcpi.inf
They are considered legacy framework components and will no longer be used
after the removal of IntelFramework[Module]Pkg.
Also, the unused (after the modules being removed) PCDs will be deleted in
package level DEC/UNI files.
Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Hao A Wu <hao.a.wu@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=1617
This driver implements a common checker, verifier and reporter which is
independent of hardware based root-of-trust.
Usually the hardware based root-of-trust will not verify all BIOS but
part of it. For example, Boot Guard will only verify IBB segment. The IBB
needs to verify other part of BIOS, i.e. other FVs to transfer control to
from IBB. This driver plays the role in IBB to verify FVs not covered by
hardware root-of-trust to make sure integrity of the chain of trust.
To be hardware/platform independent, PPI
gEdkiiPeiFirmwareVolumeInfoStoredHashFvPpiGuid
is introduced for platform to pass digest information to this driver.
This PPI should include all information needed to verify required FVs in
required boot mode.
struct _EDKII_PEI_FIRMWARE_VOLUME_INFO_STORED_HASH_FV_PPI {
FV_HASH_INFO HashInfo;
UINTN FvNumber;
HASHED_FV_INFO FvInfo[1];
};
To avoid TOCTOU issue, all FVs to be verified will be copied to memory
before hash calculation. That also means this driver has to be run after
permanent memory has been discovered.
For a measured boot, this driver will install
gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid
to report digest of each FV to TCG driver.
For a verified boot, this driver will verify the final hash value
(calculated from the concatenation of each FV's hash) for indicated
FVs against the hash got from platform/hardware.
If pass, it will build EFI_HOB_TYPE_FV (consumed by DXE core) and/or
install gEfiPeiFirmwareVolumeInfoPpiGuid (consumed by PEI core), and
then report status code PcdStatusCodeFvVerificationPass.
If fail, it just report status code PcdStatusCodeFvVerificationFail
and go to dead loop if status report returns.
The platform can register customized handler to process pass and fail
cases differently.
Currently, this driver only supports hash (sha256/384/512) verification
for the performance consideration.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: "Hernandez Beltran, Jorge" <jorge.hernandez.beltran@intel.com>
Cc: Harry Han <harry.han@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=1617
gEdkiiPeiFirmwareVolumeInfoStoredHashFvPpiGuid should be installed by
platform to pass FV hash information to the common FV verify/report
driver, in which the hash value will be calculated again based on the
information fed in and then verified.
The information passed in this PPI include:
- FVs location in flash and length
- Hash values for different boot mode
The hash value must be calculated in following way (if 3 FVs to calc):
FV1 -> Hash1
FV2 -> Hash2
FV3 -> Hash3
Hash1 + Hash2 + Hash3 -> HashAll
Only HashAll is stored in this PPI. The purposes for this algorithm
are two:
1. To report each FV's hash to TCG driver and verify HashAll at the
same time without the burden to calculate the hash twice;
2. To save hash value storage due to potential hardware limitation
Different boot mode may have its own hash value so that each mode can
decide which FV will be verified. For example, for the sake of performance,
S3 may choose to skip some FVs verification and normal boot will verify
all FVs it concerns.
So in this PPI, each FV information has flag to indicate which boot mode
it will be taken into hash calculation.
And if multiple hash values passed in this PPI, each has a flag to indicate
which boot mode it's used for. Note one hash value supports more than one
boot modes if they're just the same.
PcdStatusCodeFvVerificationPass and PcdStatusCodeFvVerificationFail are
introduced to report status back to platform, and platform can choose how
to act upon verification success and failure.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: "Hernandez Beltran, Jorge" <jorge.hernandez.beltran@intel.com>
Cc: Harry Han <harry.han@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Mostly, this is only necessary for devices that the CSM might have
native support for, such as VirtIO and NVMe; PciBusDxe will already
degrade devices to 32-bit if they have an OpROM.
However, there doesn't seem to be a generic way of requesting PciBusDxe
to downgrade specific devices.
There's IncompatiblePciDeviceSupportProtocol but that doesn't provide
the PCI class information or a handle to the device itself, so there's
no simple way to just match on all NVMe devices, for example.
Just leave gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio64Size set to zero for
CSM builds, until/unless that can be fixed.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20190626113742.819933-5-dwmw2@infradead.org>
QemuVideoDxe installs its own legacy INT 10h handler for the benefit of
systems like Windows 2008r2 which attempt to use INT 10h even when booted
via EFI.
This interacts extremely badly with a CSM actually attempting to install
a real video BIOS.
The last thing done before invoking a legacy OpROM is to call INT 10h to
set a plain text mode. In the case where it's the video BIOS OpROM being
loaded, INT 10h will normally point to an iret stub in the CSM itself.
Unless QemuVideoDxe has changed INT10h to point to a location in the
0xC0000 segment that it didn't allocate properly, so the real OpROM has
been shadowed over them top of it, and the INT 10h vector now points to
some random place in the middle of the newly-shadowed OpROM.
Don't Do That Then. QemuVideoDxe doesn't do any acceleration and just
sets up a linear framebuffer, so we don't lose much by just
unconditionally using BiosVideoDxe instead when CSM is present.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20190626113742.819933-4-dwmw2@infradead.org>
Iterate over the available block devices in much the same way as
BdsLibEnumerateAllBootOption() does, but limiting to those devices
which are PCI-backed, which can be represented in the BbsTable.
One day we might need to extend the BbsTable to allow us to distinguish
between different NVMe namespaces on a device.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20190626113742.819933-3-dwmw2@infradead.org>
REF: https://github.com/tianocore/tianocore.github.io/wiki/
UEFI-Capsule-on-Disk-Introducation
CoDCheckCapsuleOnDiskFlag() is to check if CapsuleOnDisk flag in
"OsIndications" Variable is enabled. It is used to indicate whether
capsule on disk is provisioned in normal boot path.
CoDClearCapsuleOnDiskFlag() is to to clear CapsuleOnDisk flags,
including "OsIndications" and "BootNext" variable.
CoDRelocateCapsule() is to relocate the capsules from EFI system
partition. Depends on PcdCapsuleInRamSupport, there are two solutions
to relocate the capsule on disk images:
When Capsule In Ram is supported, the Capsule On Disk images are
relocated into memory, and call UpdateCapsule() service to deliver
the capsules.
When Capsule In Ram is not supported, the Capsule On Disk images are
relocated into a temp file which will be stored in root directory on
a platform specific storage device. CapsuleOnDiskLoadPei PEIM will
retrieve the capsules from the relocation temp file and report
capsule hobs for them.
CoDRemoveTempFile() is to remove the relocation temp file in the next
boot after capsules are processed.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Reviewed-by: Chao B Zhang <chao.b.zhang@intel.com>
Acked-by: Hao A Wu <hao.a.wu@intel.com>
REF: https://github.com/tianocore/tianocore.github.io/wiki/
UEFI-Capsule-on-Disk-Introducation
This patch will add Capsule On Disk related definition, including
GUID, PPI and PCDs:
The Capsule On Disk Name GUID indicates the capsule is to store
Capsule On Disk file names.
The Pei Capsule On Disk PPI provides service to retrieve capsules
from Capsule On Disk temp relocation file on mass storage devices
and create capsule hob for these capsules.
Pei Boot In CapsuleOnDisk Mode Ppi indicates current boot mode is
capsule on disk mode.
PcdCapsuleOnDiskSupport is used to enable/disable Capsule On Disk.
PcdCapsuleInRamSupport is used to enable/disable Capsule In Ram.
PcdCoDRelocationFileName specifies the Capsule On Disk temp
relocation file name.
PcdCodRelocationDevPath specifies platform specific device to store
Capsule On Disk temp relocation file.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Reviewed-by: Chao B Zhang <chao.b.zhang@intel.com>
Acked-by: Hao A Wu <hao.a.wu@intel.com>
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1840
1. Introduce an internal header file to put definitions in it.
2. Add missing '\n' in usage.
3. Fix the dead loop of CapsuleApp -L.
4. Fix the bug that CapsuleApp -OD cannot perform capsules in sub-
folder.
5. Optimize the handling for option -NR and -OD to support both
'CapsuleApp <Capsule> -OD -NR' and 'CapsuleApp <Capsule> -NR -OD'.
6. Check if Capsule-On-Disk is supported by "OsIndicationsSupported"
variable firstly before processing capsules. If not supported, prompt
an error message and quit the process.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Reviewed-by: Chao B Zhang <chao.b.zhang@intel.com>
Acked-by: Hao A Wu <hao.a.wu@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=1879
This commit will add the definitions of Nvm Express PassThru PPI.
This PPI will provide services that allow NVM commands to be sent
to NVM Express devices during PEI phase.
More specifically, the PPI will provide services to:
* Sends an NVM Express Command Packet to an NVM Express controller
or namespace (by service 'PassThru');
* Get the list of the attached namespaces on a controller
(by services 'GetNextNameSpace');
* Get the identification information (DevicePath) of the underlying
NVM Express host controller (by service 'GetDevicePath').
Signed-off-by: Maggie Chu <maggie.chu@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Re-run process_files.py to generate OpensslLib[Crypto].inf.
CryptoPkg/Library/Include/openssl/opensslconf.h is coped from OpenSSL,
So keep the CR/LF style like OpenSSL source file.
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Xiaoyu Lu <xiaoyux.lu@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
https://github.com/tianocore/tianocore.github.io/wiki/UEFI-Capsule-
on-Disk-Introducation
CoDCheckCapsuleOnDiskFlag() is to check if CapsuleOnDisk flag in
"OsIndications" Variable is enabled. It is used to indicate whether
capsule on disk is provisioned in normal boot path.
CoDClearCapsuleOnDiskFlag() is to to clear CapsuleOnDisk flags,
including "OsIndications" and "BootNext" variable.
CoDRelocateCapsule() is to relocate the capsules from EFI system
partition. Depends on PcdCapsuleInRamSupport, there are two solutions
to relocate the capsule on disk images:
When Capsule In Ram is supported, the Capsule On Disk images are
relocated into memory, and call UpdateCapsule() service to deliver
the capsules.
When Capsule In Ram is not supported, the Capsule On Disk images are
relocated into a temp file which will be stored in root directory on
a platform specific storage device. CapsuleOnDiskLoadPei PEIM will
retrieve the capsules from the relocation temp file and report
capsule hobs for them.
CoDRemoveTempFile() is to remove the relocation temp file in the next
boot after capsules are processed.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Reviewed-by: Chao B Zhang <chao.b.zhang@intel.com>
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1840
1. Add missing '\n' in usage.
2. Fix the dead loop of CapsuleApp -L.
3. Fix the bug that CapsuleApp -OD cannot perform capsules in sub-
folder.
4. Optimize the handling for option -NR and -OD to support both
'CapsuleApp <Capsule> -OD -NR' and 'CapsuleApp <Capsule> -NR -OD'.
5. Check if Capsule-On-Disk is supported by "OsIndicationsSupported"
variable firstly before processing capsules. If not supported, prompt
an error message and quit the process.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Reviewed-by: Chao B Zhang <chao.b.zhang@intel.com>
Acked-by: Hao A Wu <hao.a.wu@intel.com>
https://github.com/tianocore/tianocore.github.io/wiki/UEFI-Capsule-
on-Disk-Introducation
This patch will add Capsule On Disk related definition, including
GUID, PPI and PCDs:
The Capsule On Disk Name GUID indicates the capsule is to store
Capsule On Disk file names.
The Pei Capsule On Disk PPI provides service to retrieve capsules
from Capsule On Disk temp relocation file on mass storage devices
and create capsule hob for these capsules.
Pei Boot In CapsuleOnDisk Mode Ppi indicates current boot mode is
capsule on disk mode.
PcdCapsuleOnDiskSupport is used to enable/disable Capsule On Disk.
PcdCapsuleInRamSupport is used to enable/disable Capsule In Ram.
PcdCoDRelocationFileName specifies the Capsule On Disk temp
relocation file name.
PcdCodRelocationDevPath specifies platform specific device to store
Capsule On Disk temp relocation file.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Reviewed-by: Chao B Zhang <chao.b.zhang@intel.com>
