From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from walk.intel-email.com (walk.intel-email.com [101.227.64.242]) by mx.groups.io with SMTP id smtpd.web09.1322.1666919447838878811 for ; Thu, 27 Oct 2022 18:10:48 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@byosoft.com.cn header.s=cloud-union header.b=k7tkHr4s; spf=pass (domain: byosoft.com.cn, ip: 101.227.64.242, mailfrom: gaoliming@byosoft.com.cn) Received: from walk.intel-email.com (localhost [127.0.0.1]) by walk.intel-email.com (Postfix) with ESMTP id B1435CD1F736 for ; Fri, 28 Oct 2022 09:10:44 +0800 (CST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=byosoft.com.cn; s=cloud-union; t=1666919444; bh=UpPcWnsprH8FmYDCDoqVqjjdf01RhJVp1aCDYH8N74s=; h=From:To:References:In-Reply-To:Subject:Date; b=k7tkHr4sf8v6o6DLKWJAPCyK3adqEIZK8qbuatfcyy4B26wm/eKx32KnNlvaiBkkW 3g3zkKew5+bDNRKr06OeHyt0I6Qus9LHDr15LeXg7eUYYbDmnUQUZxQfM5zT12o6xW QRwEnzCktWjEyGT2kPYCEN1JS6kpJAzm/2A7JwKU= Received: from localhost (localhost [127.0.0.1]) by walk.intel-email.com (Postfix) with ESMTP id AA486CD1F72F for ; Fri, 28 Oct 2022 09:10:44 +0800 (CST) Received: from walk.intel-email.com (localhost [127.0.0.1]) by walk.intel-email.com (Postfix) with ESMTP id 6E0C4CD1F765 for ; Fri, 28 Oct 2022 09:10:44 +0800 (CST) Authentication-Results: walk.intel-email.com; none Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by walk.intel-email.com (Postfix) with SMTP id F2DF5CD1F736 for ; Fri, 28 Oct 2022 09:10:41 +0800 (CST) Received: from DESKTOPS6D0PVI ([58.246.60.130]) (envelope-sender ) by 192.168.6.13 with ESMTP for ; Fri, 28 Oct 2022 09:10:38 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-Originating-IP: 58.246.60.130 X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming" To: "'Holland, Michael'" , "'Hv, Pavamana'" , , "'Chaganty, Rangasai V'" , "'Lohr, Paul A'" , "'Feng, Bob C'" References: <3bbfe7d39637575ca8942493c7d70df111400f1c.1666228699.git.pavamana.hv@intel.com> <000801d8e8e1$362a0a00$a27e1e00$@byosoft.com.cn> <014301d8e99f$57cf39a0$076dace0$@byosoft.com.cn> In-Reply-To: Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIHYyXSBlZGsyUGxhdGZvcm1zLVNpbGljb246QWRkIFZBQiBGSVQgcmVjb3JkIHR5cGVzIHN1cHBvcnQgaW4gRml0R2VuLmM=?= Date: Fri, 28 Oct 2022 09:10:40 +0800 Message-ID: <023701d8ea6a$18a55130$49eff390$@byosoft.com.cn> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQLIs8HHg62XSSE2pwpWE7b08vVFqQIcg1TgAl4x3aYB8vHGAANhMP3cAftTGY4A8H00pgHKcWqRq89DqHA= Sender: "gaoliming" Content-Type: multipart/alternative; boundary="----=_NextPart_000_0238_01D8EAAD.26CB7760" Content-Language: zh-cn ------=_NextPart_000_0238_01D8EAAD.26CB7760 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Michael: Thanks for your sharing.=20 =20 Pavamana: FIT spec 1.4 has been published. So, this change can be merged now.=20 =20 Thanks Liming =E5=8F=91=E4=BB=B6=E4=BA=BA: Holland, Michael = =20 =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2022=E5=B9=B410=E6=9C=8828=E6=97=A5 1= :41 =E6=94=B6=E4=BB=B6=E4=BA=BA: Gao, Liming ; Hv, Pa= vamana ; devel@edk2.groups.io; Chaganty, Rangasai V = ; Lohr, Paul A ; Feng= , Bob C =E4=B8=BB=E9=A2=98: RE: [edk2-devel] [PATCH v2] edk2Platforms-Silicon:Add V= AB FIT record types support in FitGen.c =20 Hi Liming, =20 Please see published FIT spec 1.4: https://edc.intel.com/content/www/us/en= /design/products-and-solutions/software-and-services/firmware-and-bios/firm= ware-interface-table/ =20 Thanks, Michael =20 From: gaoliming = >=20 Sent: Wednesday, October 26, 2022 07:59 PM To: Hv, Pavamana >; H= olland, Michael >; devel@edk2.groups.io ; Chaganty, Rangas= ai V = >; Lohr, Paul A >; Fe= ng, Bob C > Subject: =E5=9B=9E=E5=A4=8D: [edk2-devel] [PATCH v2] edk2Platforms-Silicon:= Add VAB FIT record types support in FitGen.c =20 Pavamana: The change should be merged after new FIT spec is published, because FitGe= n tool follows the public FIT spec.=20 =20 Thanks Liming =E5=8F=91=E4=BB=B6=E4=BA=BA: Hv, Pavamana >=20 =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2022=E5=B9=B410=E6=9C=8826=E6=97=A5 2= 3:13 =E6=94=B6=E4=BB=B6=E4=BA=BA: Holland, Michael >; Gao, Liming >; devel@edk2.groups.io ; Chaganty, Rangasai V >; Lohr, Paul A >; Feng, Bob C > =E4=B8=BB=E9=A2=98: RE: [edk2-devel] [PATCH v2] edk2Platforms-Silicon:Add V= AB FIT record types support in FitGen.c =20 Thanks for the review, Liming. @Feng, Bob C, What is the next step to merge the change? Let me know if anything is needed from me. Thanks for your help again. Regards, Pavamana =20 =20 From: Holland, Michael >=20 Sent: Tuesday, October 25, 2022 8:36 PM To: Gao, Liming = >; devel@edk2.groups.io ; Hv, Pavamana >; Chaganty, Rangasai V >; Lohr= , Paul A > Cc: Feng, Bob C > Subject: RE: [edk2-devel] [PATCH v2] edk2Platforms-Silicon:Add VAB FIT reco= rd types support in FitGen.c =20 Hi Liming, =20 The spec is in process of being published. =20 @Chaganty, Rangasai V @Lohr, Paul A =20 Any update on FIT spec being published? =20 Thanks, Michael =20 From: gaoliming = >=20 Sent: Tuesday, October 25, 2022 09:18 PM To: devel@edk2.groups.io ; Hv, Pavamana > Cc: Feng, Bob C >; Holl= and, Michael = > Subject: =E5=9B=9E=E5=A4=8D: [edk2-devel] [PATCH v2] edk2Platforms-Silicon:= Add VAB FIT record types support in FitGen.c =20 Pavamana: The code change looks good. Now, is FIT spec 1.4 public to be downloaded? =20 Thanks Liming =E5=8F=91=E4=BB=B6=E4=BA=BA: devel@edk2.groups.io > =E4=BB=A3=E8=A1= =A8 Hv, Pavamana =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2022=E5=B9=B410=E6=9C=8826=E6=97=A5 5= :50 =E6=94=B6=E4=BB=B6=E4=BA=BA: devel@edk2.groups.io ; Gao, Liming > =E6=8A=84=E9=80=81: Feng, Bob C >; Holland, Michael > =E4=B8=BB=E9=A2=98: Re: [edk2-devel] [PATCH v2] edk2Platforms-Silicon:Add V= AB FIT record types support in FitGen.c =E9=87=8D=E8=A6=81=E6=80=A7: =E9=AB=98 =20 Hi Liming, Any update on this? Please treat this with urgency as we have a release com= ing up and needs this change. =20 -Pavamana =20 From: Hv, Pavamana=20 Sent: Monday, October 24, 2022 10:05 AM To: devel@edk2.groups.io ; Gao, Liming > Subject: RE: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types supp= ort in FitGen.c =20 @Gao, Liming, Can you please review the patch and let me know if this can be merged? Thanks in advance for your help. Regards, Pavamana =20 -----Original Message----- From: Hv, Pavamana >= =20 Sent: Wednesday, October 19, 2022 8:57 PM To: devel@edk2.groups.io =20 Cc: Hv, Pavamana > Subject: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support = in FitGen.c =20 REF: https://bugzi= lla.tianocore.org/show_bug.cgi?id=3D4086 =20 This commit adds support for new FIT record type for Vendor Authorized Boot= (VAB) security technology(FIT spec revision 1.4). VAB defines 3 new following types Vendor Authorized Boot Provisioning Table (Type 0x1A) Vendor Authorized Boo= t Image Manifest (Type 0x1B) Vendor Authorized Boot Key Manifest (Type 0x1C= ) The code has been updated to align these binaries on 64 byte boundary and= not to overlap with other regions, similar to Key manifest, Boot Policy ma= nifest and other optional types. =20 Also added macros to define FIT spec Major and Minor version numbers and pr= int the same instead of hardcoded string. =20 Signed-off-by: Pavamana Holavanahalli < pava= mana.hv@intel.com> --- Silicon/Intel/Tools/FitGen/FitGen.c | 61 +++++++++++++++++++---------- Sil= icon/Intel/Tools/FitGen/FitGen.h | 5 ++- 2 files changed, 44 insertions(+), 22 deletions(-) =20 diff --git a/Silicon/Intel/Tools/FitGen/FitGen.c b/Silicon/Intel/Tools/FitG= en/FitGen.c index 21dfcf1ebb..87123f9922 100644 --- a/Silicon/Intel/Tools/FitGen/FitGen.c +++ b/Silicon/Intel/Tools/FitGen/FitGen.c @@ -234,20 +234,24 @@ typedef struct { #define FLASH_TO_MEMORY(Address, FvBuffer, FvSize) \ (VOI= D *)(UINTN)((UINTN)(FvBuffer) + (UINTN)(FvSize) - (TOP_FLASH_ADDRESS - (UIN= TN)(Address))) -#define FIT_TABLE_TYPE_HEADER 0-#define FIT= _TABLE_TYPE_MICROCODE 1-#define FIT_TABLE_TYPE_STARTUP_ACM = 2-#define FIT_TABLE_TYPE_DIAGNST_ACM 3-#define FIT_TABLE= _TYPE_BIOS_MODULE 7-#define FIT_TABLE_TYPE_TPM_POLICY = 8-#define FIT_TABLE_TYPE_BIOS_POLICY 9-#define FIT_TABLE_TYPE_= TXT_POLICY 10-#define FIT_TABLE_TYPE_KEY_MANIFEST 11-= #define FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST 12-#define FIT_TABLE_TYPE_BIO= S_DATA_AREA 13-#define FIT_TABLE_TYPE_CSE_SECURE_BOOT 16-#de= fine FIT_TABLE_SUBTYPE_FIT_PATCH_MANIFEST 12-#define FIT_TABLE_SUBTYPE_ACM= _MANIFEST 13+#define FIT_TABLE_TYPE_HEADER 0+#d= efine FIT_TABLE_TYPE_MICROCODE 1+#define FIT_TABLE_TYPE_S= TARTUP_ACM 2+#define FIT_TABLE_TYPE_DIAGNST_ACM = 3+#define FIT_TABLE_TYPE_BIOS_MODULE 7+#define FIT_TAB= LE_TYPE_TPM_POLICY 8+#define FIT_TABLE_TYPE_BIOS_POLICY = 9+#define FIT_TABLE_TYPE_TXT_POLICY 10+#defi= ne FIT_TABLE_TYPE_KEY_MANIFEST 11+#define FIT_TABLE_TYPE_BOO= T_POLICY_MANIFEST 12+#define FIT_TABLE_TYPE_BIOS_DATA_AREA = 13+#define FIT_TABLE_TYPE_CSE_SECURE_BOOT 16+#define FIT_TA= BLE_SUBTYPE_FIT_PATCH_MANIFEST 12+#define FIT_TABLE_SUBTYPE_ACM_MANIF= EST 13+#define FIT_TABLE_TYPE_VAB_PROVISION_TABLE 26+#d= efine FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST 27+#define FIT_TABLE_TYPE_= VAB_BOOT_KEY_MANIFEST 28+ // // With OptionalModule Address isn't kn= own until free space has been@@ -322,8 +326,10 @@ Returns: --*/ { printf (- "%s - Tiano IA32/X64 FIT table generation Utility for= FIT spec revision 1.2."" Version %i.%i\n\n",+ "%s - Tiano IA32/X64 FIT = table generation Utility for FIT spec revision %i.%i."" Version %i.%i\n\n",= UTILITY_NAME,+ FIT_SPEC_VERSION_MAJOR,+ FIT_SPEC_VERSION_MINOR, = UTILITY_MAJOR_VERSION, UTILITY_MINOR_VERSION );@@ -1956,7 +1962= ,10 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE= _KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type =3D= =3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.Optio= nalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- (gFi= tTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_B= OOT)) {+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TAB= LE_TYPE_CSE_SECURE_BOOT) ||+ (gFitTableContext.OptionalModule[Index]= .Type =3D=3D FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST= ) ||+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_= TYPE_VAB_BOOT_KEY_MANIFEST)) { // NOTE: It might be virtual address n= ow. Just put a place holder. FitEntryNumber ++; }@@ -2154,8 +2163= ,11 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TY= PE_KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_S= ECURE_BOOT)) {- // Let it 64 byte align+ (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+ = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_= PROVISION_TABLE) ||+ (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST))= {+ // Let it 64 byte align AlignedSize +=3D BIOS_MODULE_A= LIGNMENT; AlignedSize &=3D ~BIOS_MODULE_ALIGNMENT; }@@ -2166,= 8 +2178,11 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TY= PE_KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_S= ECURE_BOOT)) {- // Let it 64 byte align+ (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+ = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_= PROVISION_TABLE) ||+ (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST))= {+ // Let it 64 byte align OptionalModuleAddress =3D (UIN= T8 *)((UINTN)OptionalModuleAddress & ~BIOS_MODULE_ALIGNMENT); } @@ -2= 201,7 +2216,11 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE= _KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type =3D= =3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.Optio= nalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- (gFi= tTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_B= OOT)) {+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TAB= LE_TYPE_CSE_SECURE_BOOT) ||+ (gFitTableContext.OptionalModule[Index]= .Type =3D=3D FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST= ) ||+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_= TYPE_VAB_BOOT_KEY_MANIFEST)) {+ CheckOverlap (gFitTableContext.Option= alModule[Index].Address, AlignedSize); } }diff --git a/Silicon/Intel/= Tools/FitGen/FitGen.h b/Silicon/Intel/Tools/FitGen/FitGen.h index 80a1423ceb..511ab652ab 100644 --- a/Silicon/Intel/Tools/FitGen/FitGen.h +++ b/Silicon/Intel/Tools/FitGen/FitGen.h @@ -31,9 +31,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent // Utility version information // #define UTILITY_MAJOR_VERSION 0-#define U= TILITY_MINOR_VERSION 66+#define UTILITY_MINOR_VERSION 67 #define UTILITY_DA= TE __DATE__ +#define FIT_SPEC_VERSION_MAJOR 1+#define FIT_SPEC_VER= SION_MINOR 4+ // // The minimum number of arguments accepted from the comma= nd line. //--=20 2.26.2.windows.1 =20 ------=_NextPart_000_0238_01D8EAAD.26CB7760 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

Michael:

=C2=A0Thanks for your sharing.

 

Pavamana:

=C2=A0FIT spec 1.4 = has been published. So, this change can be merged now.

 

<= span lang=3DEN-US style=3D'font-size:10.5pt;font-family:=E7=AD=89=E7=BA=BF'= >Thanks

Liming

=E5=8F=91=E4=BB=B6=E4=BA=BA: H= olland, Michael <michael.holland@intel.com>
=E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2022=E5=B9=B410=E6=9C=8828=E6=97=A5 1:41
=E6=94=B6=E4=BB=B6=E4=BA= =BA: Gao, Liming <gaoli= ming@byosoft.com.cn>; Hv, Pavamana <pavamana.hv@intel.com>; devel@= edk2.groups.io; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com>;= Lohr, Paul A <paul.a.lohr@intel.com>; Feng, Bob C <bob.c.feng@int= el.com>
=E4=B8=BB=E9=A2=98: RE: [edk2-devel] [PATCH v2] edk2Platforms-Silicon:Add VAB= FIT record types support in FitGen.c

 

Hi Liming,

 

Please see published FIT spec 1.4:  https://e= dc.intel.com/content/www/us/en/design/products-and-solutions/software-and-s= ervices/firmware-and-bios/firmware-interface-table/

 

Thanks,

Michael

 

From: gaol= iming <gaoliming@byosoft.com= .cn>
Sent: Wednesday, October 26, 2022 07:59 PM
To:= Hv, Pavamana <pavamana.hv@= intel.com>; Holland, Michael <michael.holland@intel.com>; devel@edk2.groups.io; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com>; L= ohr, Paul A <paul.a.lohr@intel.= com>; Feng, Bob C <bob.c.= feng@intel.com>
Subject:
=E5=9B=9E=E5=A4=8D: [edk2-devel] [P= ATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support in FitGen.c=

<= o:p> 

Pavamana= :

 The ch= ange should be merged after new FIT spec is published, because FitGen tool = follows the public FIT spec.

 

Thanks

Liming

=E5=8F=91=E4=BB=B6= =E4=BA=BA: Hv, Pavamana <pavamana.hv@intel.com>
=E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2022=E5=B9=B410=E6=9C=8826= =E6=97=A5 23:13
=E6=94=B6=E4=BB=B6=E4=BA=BA= : Holland, Michael <michael.holland@intel.com>= ; Gao, Liming <gaoliming@byo= soft.com.cn>; devel@edk2.gro= ups.io; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com>; Lohr, Paul A <paul.a.lohr@intel.com>; Feng, Bob = C <bob.c.feng@intel.com><= br>=E4=B8=BB=E9=A2=98: RE: [edk2-devel] [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record= types support in FitGen.c

 

Thanks for the review, Liming.

@Feng, Bob C,<= /o:p>

What is the next st= ep to merge the change?

Let me know if anything is needed from me.

<= p class=3DMsoNormal>Thanks for your help again.

Regards,

Pavamana<= /p>

 

 

From: Holland, Michael <mi= chael.holland@intel.com>
Sent: Tuesday, October 25, 2022 = 8:36 PM
To: Gao, Liming <gaoliming@byosoft.com.cn>; devel@edk2.groups.io; Hv, Pavamana <pavamana.hv@intel.com>; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com<= /a>>; Lohr, Paul A <paul.a.l= ohr@intel.com>
Cc: Feng, Bob C <bob.c.feng@intel.com>
Subject: RE: [edk2-= devel] [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support in= FitGen.c

 

Hi Liming,

<= o:p> 

The spec= is in process of being published.

 

@Chaganty, Rangasai V @Lohr, Paul = A

<= o:p> 

Any upda= te on FIT spec being published?

<= span lang=3DEN-US> 

Thanks,

Michael

<= o:p> 

From: gaoliming <gaoliming@byosoft.com.cn>
Sent: Tuesday, October 25, 2022 09:18 PM
To: devel@edk2.groups.io; Hv, Pavamana <pavamana.hv@intel.com>
Cc: Feng,= Bob C <bob.c.feng@intel.com= >; Holland, Michael <mic= hael.holland@intel.com>
Subject:
=E5=9B=9E=E5=A4=8D: = [edk2-devel] [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types supp= ort in FitGen.c

 

Pavamana:

 The code change looks good. Now,  is FIT spec 1.4 publi= c to be downloaded?

 =

Thanks

Liming

=E5=8F=91=E4=BB=B6= =E4=BA=BA: de= vel@edk2.groups.io <devel@ed= k2.groups.io> =E4=BB=A3=E8=A1=A8 Hv, Pavamana
=E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4= : 2022=E5=B9=B410=E6=9C=8826=E6=97=A5 5:50
=E6=94=B6=E4=BB=B6=E4=BA=BA: devel@edk2.groups.io; Gao, Liming <gaoliming@byosoft.com.cn>
=E6=8A=84=E9=80= =81: Feng, Bob C <bob.c.feng@intel.com>; Holland, M= ichael <michael.holland@int= el.com>
=E4=B8=BB=E9=A2=98: Re: [edk2-devel] [PATCH v2] edk2Platforms-Silicon:Add= VAB FIT record types support in FitGen.c
=E9=87=8D=E8=A6=81= =E6=80=A7: =E9=AB= =98

 

Hi Liming,

<= span lang=3DEN-US>Any update on this? Please treat this with urgency as we = have a release coming up and needs this change.

 

-Pavamana

 

From: Hv, = Pavamana
Sent: Monday, October 24, 2022 10:05 AM
To: <= a href=3D"mailto:devel@edk2.groups.io">devel@edk2.groups.io; Gao, Limin= g <gaoliming@byosoft.com.cn<= /a>>
Subject: RE: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT= record types support in FitGen.c

 

@Gao, Liming,

Can you please review the = patch and let me know if this can be merged?

Thanks in advance for your help.

Regards,

Pavamana<= /span>

 

-----Original Message-----=
From: Hv, Pavamana <pavaman= a.hv@intel.com>
Sent: Wednesday, October 19, 2022 8:57 PM
To:= devel@edk2.groups.io
Cc: Hv= , Pavamana <pavamana.hv@intel.c= om>
Subject: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record = types support in FitGen.c

 

REF: https://bugz= illa.tianocore.org/show_bug.cgi?id=3D4086

<= p class=3DMsoPlainText> 

This commit adds support for new FIT = record type for Vendor Authorized Boot (VAB) security technology(FIT spec r= evision 1.4).

VAB defines 3 new following types

Vendor Authorized Boot Provisioning Table (Type 0= x1A) Vendor Authorized Boot Image Manifest (Type 0x1B) Vendor Authorized Bo= ot Key Manifest (Type 0x1C) The code has been updated to align these binari= es on 64 byte boundary and not to overlap with other regions, similar to Ke= y manifest, Boot Policy manifest and other optional types.

 

Also added macros to define FIT= spec Major and Minor version numbers and print the same instead of hardcod= ed string.

=  

Sign= ed-off-by: Pavamana Holavanahalli <pavamana.hv@intel= .com>

---

Silicon/Intel/Tools/FitGen/FitGen.c | 61 +++++++++++++++++++----------&nb= sp; Silicon/Intel/Tools/FitGen/FitGen.h |  5 ++-

=

2 files changed, 44 insertions(+= ), 22 deletions(-)

 

diff --git a/Silicon/Intel/Tools/FitGen/FitGen.c b/Silicon/Intel/Tools= /FitGen/FitGen.c

index 21dfcf1ebb..87123f9922 100644

--- a/Silicon/Intel/Tools/FitGen/FitGen.c

+++ b/Silicon= /Intel/Tools/FitGen/FitGen.c

<= span lang=3DEN-US>@@ -234,20 +234,24 @@ typedef struct {<= /p>

#define FLASH_TO_MEMORY(Addre= ss, FvBuffer, FvSize)  \       &nbs= p;          (VOID *)(UINTN)((U= INTN)(FvBuffer) + (UINTN)(FvSize) - (TOP_FLASH_ADDRESS - (UINTN)(Address)))= -#define FIT_TABLE_TYPE_HEADER       &n= bsp;         0-#define FIT_TABLE_TY= PE_MICROCODE          &nb= sp;   1-#define FIT_TABLE_TYPE_STARTUP_ACM    = ;        2-#define FIT_TABLE_TYPE_DIAGNS= T_ACM            3-#= define FIT_TABLE_TYPE_BIOS_MODULE       =      7-#define FIT_TABLE_TYPE_TPM_POLICY   &n= bsp;         8-#define FIT_TAB= LE_TYPE_BIOS_POLICY         &n= bsp;  9-#define FIT_TABLE_TYPE_TXT_POLICY     = ;        10-#define FIT_TABLE_TYPE_KEY_M= ANIFEST           11-#def= ine FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST   12-#define FIT_TABLE_TY= PE_BIOS_DATA_AREA         13-#defin= e FIT_TABLE_TYPE_CSE_SECURE_BOOT        = 16-#define FIT_TABLE_SUBTYPE_FIT_PATCH_MANIFEST  12-#define FIT_TABLE_= SUBTYPE_ACM_MANIFEST        13+#define F= IT_TABLE_TYPE_HEADER         &= nbsp;            0+#= define FIT_TABLE_TYPE_MICROCODE       &n= bsp;           1+#define = FIT_TABLE_TYPE_STARTUP_ACM        &= nbsp;        2+#define FIT_TABLE_TYPE_DI= AGNST_ACM           =       3+#define FIT_TABLE_TYPE_BIOS_MODULE &n= bsp;            = ;   7+#define FIT_TABLE_TYPE_TPM_POLICY    &n= bsp;            = ; 8+#define FIT_TABLE_TYPE_BIOS_POLICY      &= nbsp;          9+#define FIT_T= ABLE_TYPE_TXT_POLICY         &= nbsp;        10+#define FIT_TABLE_TYPE_K= EY_MANIFEST          &nbs= p;     11+#define FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST&n= bsp;       12+#define FIT_TABLE_TYPE_BIOS_DAT= A_AREA           &nb= sp;  13+#define FIT_TABLE_TYPE_CSE_SECURE_BOOT    =          16+#define FIT_TABLE_SUBTY= PE_FIT_PATCH_MANIFEST       12+#define FIT_TA= BLE_SUBTYPE_ACM_MANIFEST        &nb= sp;    13+#define FIT_TABLE_TYPE_VAB_PROVISION_TABLE &n= bsp;       26+#define FIT_TABLE_TYPE_VAB_BOOT= _IMAGE_MANIFEST     27+#define FIT_TABLE_TYPE_VAB_BOOT_= KEY_MANIFEST       28+  // // With Optio= nalModule Address isn't known until free space has been@@ -322,8 +326,10 @@= Returns:

-= -*/ {   printf (-    "%s - Tiano IA32/X64 FIT= table generation Utility for FIT spec revision 1.2."" Version %i= .%i\n\n",+    "%s - Tiano IA32/X64 FIT table gener= ation Utility for FIT spec revision %i.%i."" Version %i.%i\n\n&qu= ot;,     UTILITY_NAME,+    FIT_SPEC_VERS= ION_MAJOR,+    FIT_SPEC_VERSION_MINOR,   &nbs= p; UTILITY_MAJOR_VERSION,     UTILITY_MINOR_VERSION&nbs= p;    );@@ -1956,7 +1962,10 @@ Returns:

     &= nbsp;   (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_T= ABLE_TYPE_KEY_MANIFEST) ||         = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BOOT_POL= ICY_MANIFEST) ||         (gFitTable= Context.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||= -        (gFitTableContext.OptionalModul= e[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT)) {+   &= nbsp;    (gFitTableContext.OptionalModule[Index].Type =3D=3D= FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+      &nb= sp; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_= PROVISION_TABLE) ||+        (gFitTableCo= ntext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIF= EST) ||+        (gFitTableContext.Option= alModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST)) {  =      // NOTE: It might be virtual address now. Jus= t put a place holder.       FitEntryNumber ++= ;     }@@ -2154,8 +2163,11 @@ Returns:

    &nb= sp;      (gFitTableContext.OptionalModule[Index].T= ype =3D=3D FIT_TABLE_TYPE_KEY_MANIFEST) ||     &nb= sp;     (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||     = ;      (gFitTableContext.OptionalModule[Index].Typ= e =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-     &n= bsp;    (gFitTableContext.OptionalModule[Index].Type =3D=3D = FIT_TABLE_TYPE_CSE_SECURE_BOOT)) {-       &nb= sp;// Let it 64 byte align+        =   (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_C= SE_SECURE_BOOT) ||+          (= gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_PROVI= SION_TABLE) ||+          (gFit= TableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAG= E_MANIFEST) ||+          (gFit= TableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KEY_= MANIFEST)) {+          // Let = it 64 byte align         AlignedSiz= e +=3D BIOS_MODULE_ALIGNMENT;       &nbs= p; AlignedSize &=3D ~BIOS_MODULE_ALIGNMENT;    &nbs= p;  }@@ -2166,8 +2178,11 @@ Returns:

       &n= bsp;   (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TA= BLE_TYPE_KEY_MANIFEST) ||        &n= bsp;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TY= PE_BOOT_POLICY_MANIFEST) ||        =    (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_= TYPE_BIOS_DATA_AREA) ||-        &nb= sp; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_= SECURE_BOOT)) {-        // Let it 64 byt= e align+          (gFitTableCo= ntext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+=           (gFitTableContext.Op= tionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+&nbs= p;         (gFitTableContext.Option= alModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+&nbs= p;         (gFitTableContext.Option= alModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST)) {+ =          // Let it 64 byte align&nb= sp;        OptionalModuleAddress =3D (UI= NT8 *)((UINTN)OptionalModuleAddress & ~BIOS_MODULE_ALIGNMENT); &nb= sp;     } @@ -2201,7 +2216,11 @@ Returns:

    =      (gFitTableContext.OptionalModule[Index].Type =3D= =3D FIT_TABLE_TYPE_KEY_MANIFEST) ||      &nbs= p;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE= _BOOT_POLICY_MANIFEST) ||         (= gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA= _AREA) ||-        (gFitTableContext.Opti= onalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT)) {+ &nbs= p;      (gFitTableContext.OptionalModule[Index].Ty= pe =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+     =    (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_= TYPE_VAB_PROVISION_TABLE) ||+        (gF= itTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IM= AGE_MANIFEST) ||+        (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST))= {+       CheckOverlap (gFitTableContext.Opti= onalModule[Index].Address, AlignedSize);     } &nb= sp; }diff --git a/Silicon/Intel/Tools/FitGen/FitGen.h b/Silicon/Intel/Tools= /FitGen/FitGen.h

index 80a1423ceb..511ab652ab 100644

--- a/Silicon/Intel/Tools/FitGen/FitGen.h

+++ b/Silicon= /Intel/Tools/FitGen/FitGen.h

<= span lang=3DEN-US>@@ -31,9 +31,12 @@ SPDX-License-Identifier: BSD-2-Clause-= Patent

// U= tility version information // #define UTILITY_MAJOR_VERSION 0-#define UTILI= TY_MINOR_VERSION 66+#define UTILITY_MINOR_VERSION 67 #define UTILITY_DATE&n= bsp;         __DATE__ +#define FIT_= SPEC_VERSION_MAJOR 1+#define FIT_SPEC_VERSION_MINOR 4+ // // The minimum nu= mber of arguments accepted from the command line. //--

2.26.2.windows.1

 =

------=_NextPart_000_0238_01D8EAAD.26CB7760--