[PATCH 0/5] Propagate PEI-phase FV authentication status to DXE

[PATCH 0/5] Propagate PEI-phase FV authentication status to DXE

[Star Zeng]

FV3 HOB was introduced by new (>= 1.5) PI spec, it is intended to
be used to propagate PEI-phase FV authentication status to DXE.
Check the separated patches for the details.


Cc: Liming Gao <liming.gao@intel.com>

Star Zeng (5):
  MdePkg PiHob.h: Add FV3 HOB definitions
  MdePkg HobLib: Add BuildFv3Hob API
  IntelFrameworkPkg PeiHobLibFramework: Implement BuildFv3Hob
  MdeModulePkg Core: Propagate PEI-phase FV authentication status to DXE
  IntelFrameworkModulePkg FwVolDxe: Get FV auth status propagated from
    PEI

 .../Universal/FirmwareVolume/FwVolDxe/FwVol.c      | 73 ++++++++++++++++------
 .../FirmwareVolume/FwVolDxe/FwVolDriver.h          |  3 +-
 .../Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf |  4 +-
 .../Library/PeiHobLibFramework/HobLib.c            | 54 +++++++++++++++-
 MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c            | 41 ++++++++++--
 MdeModulePkg/Core/Dxe/FwVol/FwVol.c                | 13 ++--
 MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c      | 23 +++++--
 MdeModulePkg/Core/Pei/FwVol/FwVol.c                |  9 +++
 MdePkg/Include/Library/HobLib.h                    | 34 +++++++++-
 MdePkg/Include/Pi/PiHob.h                          | 43 ++++++++++++-
 MdePkg/Library/DxeCoreHobLib/HobLib.c              | 35 ++++++++++-
 MdePkg/Library/DxeHobLib/HobLib.c                  | 32 ++++++++++
 MdePkg/Library/PeiHobLib/HobLib.c                  | 54 +++++++++++++++-
 13 files changed, 371 insertions(+), 47 deletions(-)

-- 
2.13.3.windows.1

[PATCH 1/5] MdePkg PiHob.h: Add FV3 HOB definitions

[Star Zeng]

Follow PI 1.6 spec to add FV3 HOB definitions

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
---
 MdePkg/Include/Pi/PiHob.h | 43 +++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 41 insertions(+), 2 deletions(-)

diff --git a/MdePkg/Include/Pi/PiHob.h b/MdePkg/Include/Pi/PiHob.h
index 29467e79d59c..4c90998bc03c 100644
--- a/MdePkg/Include/Pi/PiHob.h
+++ b/MdePkg/Include/Pi/PiHob.h
@@ -1,7 +1,7 @@
 /** @file
   HOB related definitions in PI.
 
-Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials are licensed and made available under
 the terms and conditions of the BSD License that accompanies this distribution.
 The full text of the license may be found at
@@ -11,7 +11,7 @@ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 
   @par Revision Reference:
-  PI Version 1.4a
+  PI Version 1.6
 
 **/
 
@@ -31,6 +31,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #define EFI_HOB_TYPE_FV2                  0x0009
 #define EFI_HOB_TYPE_LOAD_PEIM_UNUSED     0x000A
 #define EFI_HOB_TYPE_UEFI_CAPSULE         0x000B
+#define EFI_HOB_TYPE_FV3                  0x000C
 #define EFI_HOB_TYPE_UNUSED               0xFFFE
 #define EFI_HOB_TYPE_END_OF_HOB_LIST      0xFFFF
 
@@ -399,6 +400,43 @@ typedef struct {
   EFI_GUID                FileName;
 } EFI_HOB_FIRMWARE_VOLUME2;
 
+///
+/// Details the location of a firmware volume that was extracted
+/// from a file within another firmware volume.
+///
+typedef struct {
+  ///
+  /// The HOB generic header. Header.HobType = EFI_HOB_TYPE_FV3.
+  ///
+  EFI_HOB_GENERIC_HEADER  Header;
+  ///
+  /// The physical memory-mapped base address of the firmware volume.
+  ///
+  EFI_PHYSICAL_ADDRESS    BaseAddress;
+  ///
+  /// The length in bytes of the firmware volume.
+  ///
+  UINT64                  Length;
+  ///
+  /// The authentication status.
+  ///
+  UINT32                  AuthenticationStatus;
+  ///
+  /// TRUE if the FV was extracted as a file within another firmware volume.
+  /// FALSE otherwise.
+  ///
+  BOOLEAN                 ExtractedFv;
+  ///
+  /// The name of the firmware volume.
+  /// Valid only if IsExtractedFv is TRUE.
+  ///
+  EFI_GUID                FvName;
+  ///
+  /// The name of the firmware file that contained this firmware volume.
+  /// Valid only if IsExtractedFv is TRUE.
+  ///
+  EFI_GUID                FileName;
+} EFI_HOB_FIRMWARE_VOLUME3;
 
 ///
 /// Describes processor information, such as address space and I/O space capabilities.
@@ -469,6 +507,7 @@ typedef union {
   EFI_HOB_GUID_TYPE                   *Guid;
   EFI_HOB_FIRMWARE_VOLUME             *FirmwareVolume;
   EFI_HOB_FIRMWARE_VOLUME2            *FirmwareVolume2;
+  EFI_HOB_FIRMWARE_VOLUME3            *FirmwareVolume3;
   EFI_HOB_CPU                         *Cpu;
   EFI_HOB_MEMORY_POOL                 *Pool;
   EFI_HOB_UEFI_CAPSULE                *Capsule;
-- 
2.13.3.windows.1

[PATCH 2/5] MdePkg HobLib: Add BuildFv3Hob API

[Star Zeng]

Add BuildFv3Hob API in HobLib.h and implement the API
in HobLib instances PeiHobLib, DxeHobLib and DxeCoreHobLib.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
---
 MdePkg/Include/Library/HobLib.h       | 34 ++++++++++++++++++++--
 MdePkg/Library/DxeCoreHobLib/HobLib.c | 35 ++++++++++++++++++++++-
 MdePkg/Library/DxeHobLib/HobLib.c     | 32 +++++++++++++++++++++
 MdePkg/Library/PeiHobLib/HobLib.c     | 54 ++++++++++++++++++++++++++++++++++-
 4 files changed, 151 insertions(+), 4 deletions(-)

diff --git a/MdePkg/Include/Library/HobLib.h b/MdePkg/Include/Library/HobLib.h
index fc48703826c5..6f1f7b3f5f20 100644
--- a/MdePkg/Include/Library/HobLib.h
+++ b/MdePkg/Include/Library/HobLib.h
@@ -6,9 +6,9 @@
   defined in the PI Specification.
   A HOB is a Hand-Off Block, defined in the Framework architecture, that
   allows the PEI phase to pass information to the DXE phase. HOBs are position
-  independent and can be relocated easily to different memory memory locations.
+  independent and can be relocated easily to different memory locations.
 
-Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -343,6 +343,36 @@ BuildFv2Hob (
   );
 
 /**
+  Builds a EFI_HOB_TYPE_FV3 HOB.
+
+  This function builds a EFI_HOB_TYPE_FV3 HOB.
+  It can only be invoked during PEI phase;
+  for DXE phase, it will ASSERT() since PEI HOB is read-only for DXE phase.
+
+  If there is no additional space for HOB creation, then ASSERT().
+  If the FvImage buffer is not at its required alignment, then ASSERT().
+
+  @param BaseAddress            The base address of the Firmware Volume.
+  @param Length                 The size of the Firmware Volume in bytes.
+  @param AuthenticationStatus   The authentication status.
+  @param ExtractedFv            TRUE if the FV was extracted as a file within another firmware volume.
+                                FALSE otherwise.
+  @param FvName                 The name of the Firmware Volume. Valid only if IsExtractedFv is TRUE
+  @param FileName               The name of the file. Valid only if IsExtractedFv is TRUE
+
+**/
+VOID
+EFIAPI
+BuildFv3Hob (
+  IN          EFI_PHYSICAL_ADDRESS        BaseAddress,
+  IN          UINT64                      Length,
+  IN          UINT32                      AuthenticationStatus,
+  IN          BOOLEAN                     ExtractedFv,
+  IN CONST    EFI_GUID                    *FvName, OPTIONAL
+  IN CONST    EFI_GUID                    *FileName OPTIONAL
+  );
+
+/**
   Builds a Capsule Volume HOB.
 
   This function builds a Capsule Volume HOB.
diff --git a/MdePkg/Library/DxeCoreHobLib/HobLib.c b/MdePkg/Library/DxeCoreHobLib/HobLib.c
index 2e5fb1c6ee55..2f4f4b473386 100644
--- a/MdePkg/Library/DxeCoreHobLib/HobLib.c
+++ b/MdePkg/Library/DxeCoreHobLib/HobLib.c
@@ -1,7 +1,7 @@
 /** @file
   HOB Library implementation for DxeCore driver.
 
-Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -433,6 +433,39 @@ BuildFv2Hob (
 }
 
 /**
+  Builds a EFI_HOB_TYPE_FV3 HOB.
+
+  This function builds a EFI_HOB_TYPE_FV3 HOB.
+  It can only be invoked during PEI phase;
+  for DXE phase, it will ASSERT() since PEI HOB is read-only for DXE phase.
+
+  If there is no additional space for HOB creation, then ASSERT().
+  If the FvImage buffer is not at its required alignment, then ASSERT().
+
+  @param BaseAddress            The base address of the Firmware Volume.
+  @param Length                 The size of the Firmware Volume in bytes.
+  @param AuthenticationStatus   The authentication status.
+  @param ExtractedFv            TRUE if the FV was extracted as a file within another firmware volume.
+                                FALSE otherwise.
+  @param FvName                 The name of the Firmware Volume. Valid only if IsExtractedFv is TRUE
+  @param FileName               The name of the file. Valid only if IsExtractedFv is TRUE
+
+**/
+VOID
+EFIAPI
+BuildFv3Hob (
+  IN          EFI_PHYSICAL_ADDRESS        BaseAddress,
+  IN          UINT64                      Length,
+  IN          UINT32                      AuthenticationStatus,
+  IN          BOOLEAN                     ExtractedFv,
+  IN CONST    EFI_GUID                    *FvName, OPTIONAL
+  IN CONST    EFI_GUID                    *FileName OPTIONAL
+  )
+{
+  ASSERT (FALSE);
+}
+
+/**
   Builds a Capsule Volume HOB.
 
   This function builds a Capsule Volume HOB.
diff --git a/MdePkg/Library/DxeHobLib/HobLib.c b/MdePkg/Library/DxeHobLib/HobLib.c
index bb65206b044a..dac593d5da9d 100644
--- a/MdePkg/Library/DxeHobLib/HobLib.c
+++ b/MdePkg/Library/DxeHobLib/HobLib.c
@@ -466,6 +466,38 @@ BuildFv2Hob (
   ASSERT (FALSE);
 }
 
+/**
+  Builds a EFI_HOB_TYPE_FV3 HOB.
+
+  This function builds a EFI_HOB_TYPE_FV3 HOB.
+  It can only be invoked during PEI phase;
+  for DXE phase, it will ASSERT() since PEI HOB is read-only for DXE phase.
+
+  If there is no additional space for HOB creation, then ASSERT().
+  If the FvImage buffer is not at its required alignment, then ASSERT().
+
+  @param BaseAddress            The base address of the Firmware Volume.
+  @param Length                 The size of the Firmware Volume in bytes.
+  @param AuthenticationStatus   The authentication status.
+  @param ExtractedFv            TRUE if the FV was extracted as a file within another firmware volume.
+                                FALSE otherwise.
+  @param FvName                 The name of the Firmware Volume. Valid only if IsExtractedFv is TRUE
+  @param FileName               The name of the file. Valid only if IsExtractedFv is TRUE
+
+**/
+VOID
+EFIAPI
+BuildFv3Hob (
+  IN          EFI_PHYSICAL_ADDRESS        BaseAddress,
+  IN          UINT64                      Length,
+  IN          UINT32                      AuthenticationStatus,
+  IN          BOOLEAN                     ExtractedFv,
+  IN CONST    EFI_GUID                    *FvName, OPTIONAL
+  IN CONST    EFI_GUID                    *FileName OPTIONAL
+  )
+{
+  ASSERT (FALSE);
+}
 
 /**
   Builds a Capsule Volume HOB.
diff --git a/MdePkg/Library/PeiHobLib/HobLib.c b/MdePkg/Library/PeiHobLib/HobLib.c
index a1522dd9f5ff..68df7292a7ec 100644
--- a/MdePkg/Library/PeiHobLib/HobLib.c
+++ b/MdePkg/Library/PeiHobLib/HobLib.c
@@ -1,7 +1,7 @@
 /** @file
   Provide Hob Library functions for Pei phase.
 
-Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2007 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -610,6 +610,58 @@ BuildFv2Hob (
 }
 
 /**
+  Builds a EFI_HOB_TYPE_FV3 HOB.
+
+  This function builds a EFI_HOB_TYPE_FV3 HOB.
+  It can only be invoked during PEI phase;
+  for DXE phase, it will ASSERT() since PEI HOB is read-only for DXE phase.
+
+  If there is no additional space for HOB creation, then ASSERT().
+  If the FvImage buffer is not at its required alignment, then ASSERT().
+
+  @param BaseAddress            The base address of the Firmware Volume.
+  @param Length                 The size of the Firmware Volume in bytes.
+  @param AuthenticationStatus   The authentication status.
+  @param ExtractedFv            TRUE if the FV was extracted as a file within another firmware volume.
+                                FALSE otherwise.
+  @param FvName                 The name of the Firmware Volume. Valid only if IsExtractedFv is TRUE
+  @param FileName               The name of the file. Valid only if IsExtractedFv is TRUE
+
+**/
+VOID
+EFIAPI
+BuildFv3Hob (
+  IN          EFI_PHYSICAL_ADDRESS        BaseAddress,
+  IN          UINT64                      Length,
+  IN          UINT32                      AuthenticationStatus,
+  IN          BOOLEAN                     ExtractedFv,
+  IN CONST    EFI_GUID                    *FvName, OPTIONAL
+  IN CONST    EFI_GUID                    *FileName OPTIONAL
+  )
+{
+  EFI_HOB_FIRMWARE_VOLUME3  *Hob;
+
+  if (!InternalCheckFvAlignment (BaseAddress, Length)) {
+    ASSERT (FALSE);
+    return;
+  }
+
+  Hob = InternalPeiCreateHob (EFI_HOB_TYPE_FV3, (UINT16) sizeof (EFI_HOB_FIRMWARE_VOLUME3));
+  if (Hob == NULL) {
+    return;
+  }
+
+  Hob->BaseAddress          = BaseAddress;
+  Hob->Length               = Length;
+  Hob->AuthenticationStatus = AuthenticationStatus;
+  Hob->ExtractedFv          = ExtractedFv;
+  if (ExtractedFv) {
+    CopyGuid (&Hob->FvName, FvName);
+    CopyGuid (&Hob->FileName, FileName);
+  }
+}
+
+/**
   Builds a Capsule Volume HOB.
 
   This function builds a Capsule Volume HOB.
-- 
2.13.3.windows.1

[PATCH 3/5] IntelFrameworkPkg PeiHobLibFramework: Implement BuildFv3Hob

[Star Zeng]

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
---
 .../Library/PeiHobLibFramework/HobLib.c            | 54 +++++++++++++++++++++-
 1 file changed, 53 insertions(+), 1 deletion(-)

diff --git a/IntelFrameworkPkg/Library/PeiHobLibFramework/HobLib.c b/IntelFrameworkPkg/Library/PeiHobLibFramework/HobLib.c
index 223e56a9db12..c7e6d4b75aba 100644
--- a/IntelFrameworkPkg/Library/PeiHobLibFramework/HobLib.c
+++ b/IntelFrameworkPkg/Library/PeiHobLibFramework/HobLib.c
@@ -5,7 +5,7 @@
  This library instance uses EFI_HOB_TYPE_CV defined in Intel framework HOB specification v0.9
  to implement HobLib BuildCvHob() API. 
 
-Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2007 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -612,6 +612,58 @@ BuildFv2Hob (
 }
 
 /**
+  Builds a EFI_HOB_TYPE_FV3 HOB.
+
+  This function builds a EFI_HOB_TYPE_FV3 HOB.
+  It can only be invoked during PEI phase;
+  for DXE phase, it will ASSERT() since PEI HOB is read-only for DXE phase.
+
+  If there is no additional space for HOB creation, then ASSERT().
+  If the FvImage buffer is not at its required alignment, then ASSERT().
+
+  @param BaseAddress            The base address of the Firmware Volume.
+  @param Length                 The size of the Firmware Volume in bytes.
+  @param AuthenticationStatus   The authentication status.
+  @param ExtractedFv            TRUE if the FV was extracted as a file within another firmware volume.
+                                FALSE otherwise.
+  @param FvName                 The name of the Firmware Volume. Valid only if IsExtractedFv is TRUE
+  @param FileName               The name of the file. Valid only if IsExtractedFv is TRUE
+
+**/
+VOID
+EFIAPI
+BuildFv3Hob (
+  IN          EFI_PHYSICAL_ADDRESS        BaseAddress,
+  IN          UINT64                      Length,
+  IN          UINT32                      AuthenticationStatus,
+  IN          BOOLEAN                     ExtractedFv,
+  IN CONST    EFI_GUID                    *FvName, OPTIONAL
+  IN CONST    EFI_GUID                    *FileName OPTIONAL
+  )
+{
+  EFI_HOB_FIRMWARE_VOLUME3  *Hob;
+
+  if (!InternalCheckFvAlignment (BaseAddress, Length)) {
+    ASSERT (FALSE);
+    return;
+  }
+
+  Hob = InternalPeiCreateHob (EFI_HOB_TYPE_FV3, (UINT16) sizeof (EFI_HOB_FIRMWARE_VOLUME3));
+  if (Hob == NULL) {
+    return;
+  }
+
+  Hob->BaseAddress          = BaseAddress;
+  Hob->Length               = Length;
+  Hob->AuthenticationStatus = AuthenticationStatus;
+  Hob->ExtractedFv          = ExtractedFv;
+  if (ExtractedFv) {
+    CopyGuid (&Hob->FvName, FvName);
+    CopyGuid (&Hob->FileName, FileName);
+  }
+}
+
+/**
   Builds a Capsule Volume HOB.
 
   This function builds a Capsule Volume HOB.
-- 
2.13.3.windows.1

[PATCH 4/5] MdeModulePkg Core: Propagate PEI-phase FV authentication status to DXE

[Star Zeng]

FV3 HOB was introduced by new (>= 1.5) PI spec, it is intended to
be used to propagate PEI-phase FV authentication status to DXE.
This patch is to update PeiCore to build FV3 HOB with the
authentication status and DxeCore to get the authentication
status from FV3 HOB when producing FVB Protocol.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
---
 MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c       | 41 ++++++++++++++++++++++++---
 MdeModulePkg/Core/Dxe/FwVol/FwVol.c           | 13 ++++-----
 MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c | 23 +++++++++++----
 MdeModulePkg/Core/Pei/FwVol/FwVol.c           |  9 ++++++
 4 files changed, 69 insertions(+), 17 deletions(-)

diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
index 91e94a78d205..433cca3a800c 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -380,10 +380,43 @@ DxeMain (
       }
     }
     for (Hob.Raw = HobStart; !END_OF_HOB_LIST(Hob); Hob.Raw = GET_NEXT_HOB(Hob)) {
-      if (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_FV2) {
-        DEBUG ((DEBUG_INFO | DEBUG_LOAD, "FV2 Hob           0x%0lx - 0x%0lx\n", Hob.FirmwareVolume2->BaseAddress, Hob.FirmwareVolume2->BaseAddress + Hob.FirmwareVolume2->Length - 1));
-      } else if (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_FV) {
-        DEBUG ((DEBUG_INFO | DEBUG_LOAD, "FV Hob            0x%0lx - 0x%0lx\n", Hob.FirmwareVolume->BaseAddress, Hob.FirmwareVolume->BaseAddress + Hob.FirmwareVolume->Length - 1));
+      if (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_FV) {
+        DEBUG ((
+          DEBUG_INFO | DEBUG_LOAD,
+          "FV Hob            0x%0lx - 0x%0lx\n",
+          Hob.FirmwareVolume->BaseAddress,
+          Hob.FirmwareVolume->BaseAddress + Hob.FirmwareVolume->Length - 1
+          ));
+      } else if (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_FV2) {
+        DEBUG ((
+          DEBUG_INFO | DEBUG_LOAD,
+          "FV2 Hob           0x%0lx - 0x%0lx\n",
+          Hob.FirmwareVolume2->BaseAddress,
+          Hob.FirmwareVolume2->BaseAddress + Hob.FirmwareVolume2->Length - 1
+          ));
+        DEBUG ((
+          DEBUG_INFO | DEBUG_LOAD,
+          "                  %g - %g\n",
+          &Hob.FirmwareVolume2->FvName,
+          &Hob.FirmwareVolume2->FileName
+          ));
+      } else if (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_FV3) {
+        DEBUG ((
+          DEBUG_INFO | DEBUG_LOAD,
+          "FV3 Hob           0x%0lx - 0x%0lx - 0x%x - 0x%x\n",
+          Hob.FirmwareVolume3->BaseAddress,
+          Hob.FirmwareVolume3->BaseAddress + Hob.FirmwareVolume3->Length - 1,
+          Hob.FirmwareVolume3->AuthenticationStatus,
+          Hob.FirmwareVolume3->ExtractedFv
+          ));
+        if (Hob.FirmwareVolume3->ExtractedFv) {
+          DEBUG ((
+            DEBUG_INFO | DEBUG_LOAD,
+            "                  %g - %g\n",
+            &Hob.FirmwareVolume3->FvName,
+            &Hob.FirmwareVolume3->FileName
+            ));
+        }
       }
     }
   DEBUG_CODE_END ();
diff --git a/MdeModulePkg/Core/Dxe/FwVol/FwVol.c b/MdeModulePkg/Core/Dxe/FwVol/FwVol.c
index fe12d6e0ac30..2f5867b59d90 100644
--- a/MdeModulePkg/Core/Dxe/FwVol/FwVol.c
+++ b/MdeModulePkg/Core/Dxe/FwVol/FwVol.c
@@ -3,7 +3,7 @@
   Layers on top of Firmware Block protocol to produce a file abstraction
   of FV based files.
 
-Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -711,13 +711,10 @@ NotifyFwVolBlock (
       FvDevice->FwVolHeader     = FwVolHeader;
       FvDevice->IsFfs3Fv        = CompareGuid (&FwVolHeader->FileSystemGuid, &gEfiFirmwareFileSystem3Guid);
       FvDevice->Fv.ParentHandle = Fvb->ParentHandle;
-
-      if (Fvb->ParentHandle != NULL) {
-        //
-        // Inherit the authentication status from FVB.
-        //
-        FvDevice->AuthenticationStatus = GetFvbAuthenticationStatus (Fvb);
-      }
+      //
+      // Inherit the authentication status from FVB.
+      //
+      FvDevice->AuthenticationStatus = GetFvbAuthenticationStatus (Fvb);
       
       if (!EFI_ERROR (FvCheck (FvDevice))) {
         //
diff --git a/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c b/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c
index bc7b34140f84..f7fb18ae15df 100644
--- a/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c
+++ b/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c
@@ -4,7 +4,7 @@
   It consumes FV HOBs and creates read-only Firmare Volume Block protocol
   instances for each of them.
 
-Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -517,9 +517,7 @@ ProduceFVBProtocolOnBuffer (
   FvbDev->BaseAddress   = BaseAddress;
   FvbDev->FvbAttributes = FwVolHeader->Attributes;
   FvbDev->FwVolBlockInstance.ParentHandle = ParentHandle;
-  if (ParentHandle != NULL) {
-    FvbDev->AuthenticationStatus = AuthenticationStatus;
-  }
+  FvbDev->AuthenticationStatus = AuthenticationStatus;
 
   //
   // Init the block caching fields of the device
@@ -630,16 +628,31 @@ FwVolBlockDriverInit (
   )
 {
   EFI_PEI_HOB_POINTERS          FvHob;
+  EFI_PEI_HOB_POINTERS          Fv3Hob;
+  UINT32                        AuthenticationStatus;
 
   //
   // Core Needs Firmware Volumes to function
   //
   FvHob.Raw = GetHobList ();
   while ((FvHob.Raw = GetNextHob (EFI_HOB_TYPE_FV, FvHob.Raw)) != NULL) {
+    AuthenticationStatus = 0;
+    //
+    // Get the authentication status propagated from PEI-phase to DXE.
+    //
+    Fv3Hob.Raw = GetHobList ();
+    while ((Fv3Hob.Raw = GetNextHob (EFI_HOB_TYPE_FV3, Fv3Hob.Raw)) != NULL) {
+      if ((Fv3Hob.FirmwareVolume3->BaseAddress == FvHob.FirmwareVolume->BaseAddress) &&
+          (Fv3Hob.FirmwareVolume3->Length == FvHob.FirmwareVolume->Length)) {
+        AuthenticationStatus = Fv3Hob.FirmwareVolume3->AuthenticationStatus;
+        break;
+      }
+      Fv3Hob.Raw = GET_NEXT_HOB (Fv3Hob);
+    }
     //
     // Produce an FVB protocol for it
     //
-    ProduceFVBProtocolOnBuffer (FvHob.FirmwareVolume->BaseAddress, FvHob.FirmwareVolume->Length, NULL, 0, NULL);
+    ProduceFVBProtocolOnBuffer (FvHob.FirmwareVolume->BaseAddress, FvHob.FirmwareVolume->Length, NULL, AuthenticationStatus, NULL);
     FvHob.Raw = GET_NEXT_HOB (FvHob);
   }
 
diff --git a/MdeModulePkg/Core/Pei/FwVol/FwVol.c b/MdeModulePkg/Core/Pei/FwVol/FwVol.c
index c90a70b5f799..f3f93ac1a3af 100644
--- a/MdeModulePkg/Core/Pei/FwVol/FwVol.c
+++ b/MdeModulePkg/Core/Pei/FwVol/FwVol.c
@@ -1452,6 +1452,15 @@ ProcessFvFile (
     &FileInfo.FileName
     );
 
+  BuildFv3Hob (
+    (EFI_PHYSICAL_ADDRESS) (UINTN) FvHeader,
+    FvHeader->FvLength,
+    AuthenticationStatus,
+    TRUE,
+    &ParentFvImageInfo.FvName,
+    &FileInfo.FileName
+    );
+
   return EFI_SUCCESS;
 }
 
-- 
2.13.3.windows.1

[PATCH 5/5] IntelFrameworkModulePkg FwVolDxe: Get FV auth status propagated from PEI

[Star Zeng]

FV3 HOB was introduced by new (>= 1.5) PI spec, it is intended to
be used to propagate PEI-phase FV authentication status to DXE.
This patch is to update FwVolDxe to get the authentication status
propagated from PEI-phase to DXE by FV3 HOB when producing FV
protocol.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
---
 .../Universal/FirmwareVolume/FwVolDxe/FwVol.c      | 73 ++++++++++++++++------
 .../FirmwareVolume/FwVolDxe/FwVolDriver.h          |  3 +-
 .../Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf |  4 +-
 3 files changed, 57 insertions(+), 23 deletions(-)

diff --git a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c
index 65a292db6b91..91fcd4721244 100644
--- a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c
+++ b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c
@@ -4,7 +4,7 @@
   Layers on top of Firmware Block protocol to produce a file abstraction
   of FV based files.
 
-  Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions
@@ -195,7 +195,7 @@ FreeFvDeviceResource (
 /**
 
   Firmware volume inherits authentication status from the FV image file and section(in another firmware volume)
-  where it came from.
+  where it came from or propagated from PEI-phase.
 
   @param  FvDevice              A pointer to the FvDevice.
 
@@ -205,26 +205,30 @@ FwVolInheritAuthenticationStatus (
   IN FV_DEVICE  *FvDevice
   )
 {
-  EFI_STATUS                        Status;
-  EFI_FIRMWARE_VOLUME_HEADER        *CachedFvHeader;
-  EFI_FIRMWARE_VOLUME_EXT_HEADER    *CachedFvExtHeader;
-  EFI_FIRMWARE_VOLUME2_PROTOCOL     *ParentFvProtocol;
-  UINTN                             Key;
-  EFI_GUID                          FileNameGuid;
-  EFI_FV_FILETYPE                   FileType;
-  EFI_FV_FILE_ATTRIBUTES            FileAttributes;
-  UINTN                             FileSize;
-  EFI_SECTION_TYPE                  SectionType;
-  UINT32                            AuthenticationStatus;
-  EFI_FIRMWARE_VOLUME_HEADER        *FvHeader;
-  EFI_FIRMWARE_VOLUME_EXT_HEADER    *FvExtHeader;
-  UINTN                             BufferSize;
-
-  CachedFvHeader = (EFI_FIRMWARE_VOLUME_HEADER *) (UINTN) FvDevice->CachedFv;
+  EFI_STATUS                            Status;
+  EFI_FIRMWARE_VOLUME_HEADER            *CachedFvHeader;
+  EFI_FIRMWARE_VOLUME_EXT_HEADER        *CachedFvExtHeader;
+  EFI_FIRMWARE_VOLUME2_PROTOCOL         *ParentFvProtocol;
+  UINTN                                 Key;
+  EFI_GUID                              FileNameGuid;
+  EFI_FV_FILETYPE                       FileType;
+  EFI_FV_FILE_ATTRIBUTES                FileAttributes;
+  UINTN                                 FileSize;
+  EFI_SECTION_TYPE                      SectionType;
+  UINT32                                AuthenticationStatus;
+  EFI_FIRMWARE_VOLUME_HEADER            *FvHeader;
+  EFI_FIRMWARE_VOLUME_EXT_HEADER        *FvExtHeader;
+  UINTN                                 BufferSize;
+  EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL    *Fvb;
+  EFI_FVB_ATTRIBUTES_2                  FvbAttributes;
+  EFI_PHYSICAL_ADDRESS                  BaseAddress;
+  EFI_PEI_HOB_POINTERS                  Fv3Hob;
 
   if (FvDevice->Fv.ParentHandle != NULL) {
+    CachedFvHeader = (EFI_FIRMWARE_VOLUME_HEADER *) (UINTN) FvDevice->CachedFv;
+
     //
-    // By Parent Handle, find out the FV image file and section(in another firmware volume) where the firmware volume came from 
+    // By Parent Handle, find out the FV image file and section(in another firmware volume) where the firmware volume came from
     //
     Status = gBS->HandleProtocol (FvDevice->Fv.ParentHandle, &gEfiFirmwareVolume2ProtocolGuid, (VOID **) &ParentFvProtocol);
     if (!EFI_ERROR (Status) && (ParentFvProtocol != NULL)) {
@@ -258,7 +262,7 @@ FwVolInheritAuthenticationStatus (
         if (!EFI_ERROR (Status)) {
           if ((FvHeader->FvLength == CachedFvHeader->FvLength) &&
               (FvHeader->ExtHeaderOffset == CachedFvHeader->ExtHeaderOffset)) {
-            if (FvHeader->ExtHeaderOffset !=0) {
+            if (FvHeader->ExtHeaderOffset != 0) {
               //
               // Both FVs contain extension header, then compare their FV Name GUID
               //
@@ -292,6 +296,35 @@ FwVolInheritAuthenticationStatus (
         }
       } while (TRUE);
     }
+  } else {
+    Fvb = FvDevice->Fvb;
+
+    Status  = Fvb->GetAttributes (Fvb, &FvbAttributes);
+    if (EFI_ERROR (Status)) {
+      return;
+    }
+
+    if ((FvbAttributes & EFI_FVB2_MEMORY_MAPPED) != 0) {
+      //
+      // Get volume base address
+      //
+      Status = Fvb->GetPhysicalAddress (Fvb, &BaseAddress);
+      if (EFI_ERROR (Status)) {
+        return;
+      }
+
+      //
+      // Get the authentication status propagated from PEI-phase to DXE.
+      //
+      Fv3Hob.Raw = GetHobList ();
+      while ((Fv3Hob.Raw = GetNextHob (EFI_HOB_TYPE_FV3, Fv3Hob.Raw)) != NULL) {
+        if (Fv3Hob.FirmwareVolume3->BaseAddress == BaseAddress) {
+          FvDevice->AuthenticationStatus = Fv3Hob.FirmwareVolume3->AuthenticationStatus;
+          return;
+        }
+        Fv3Hob.Raw = GET_NEXT_HOB (Fv3Hob);
+      }
+    }
   }
 }
 
diff --git a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h
index b1646dd39edf..b14a488ead88 100644
--- a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h
+++ b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h
@@ -1,7 +1,7 @@
 /** @file
   Common defines and definitions for a FwVolDxe driver.
 
-  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions
@@ -33,6 +33,7 @@
 #include <Library/BaseMemoryLib.h>
 #include <Library/MemoryAllocationLib.h>
 #include <Library/UefiBootServicesTableLib.h>
+#include <Library/HobLib.h>
 
 #define FV_DEVICE_SIGNATURE           SIGNATURE_32 ('_', 'F', 'V', '_')
 
diff --git a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf
index 057266bb2b68..6844afb063e7 100644
--- a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf
+++ b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf
@@ -4,7 +4,7 @@
 #  This driver produces Firmware Volume2 protocol with full services
 #  (read/write, get/set) based on Firmware Volume Block protocol.
 #
-# Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 #
 # This program and the accompanying materials are
 # licensed and made available under the terms and conditions of the BSD License
@@ -55,7 +55,7 @@ [LibraryClasses]
   UefiLib
   UefiDriverEntryPoint
   DebugLib
-
+  HobLib
 
 [Guids]
   gEfiFirmwareVolumeTopFileGuid                ## CONSUMES ## File # VTF file
-- 
2.13.3.windows.1

Re: [PATCH 2/5] MdePkg HobLib: Add BuildFv3Hob API

[Laszlo Ersek]

Hi Star,

On 10/04/17 16:21, Star Zeng wrote:
> Add BuildFv3Hob API in HobLib.h and implement the API
> in HobLib instances PeiHobLib, DxeHobLib and DxeCoreHobLib.
> 
> Cc: Liming Gao <liming.gao@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Star Zeng <star.zeng@intel.com>
> ---
>  MdePkg/Include/Library/HobLib.h       | 34 ++++++++++++++++++++--
>  MdePkg/Library/DxeCoreHobLib/HobLib.c | 35 ++++++++++++++++++++++-
>  MdePkg/Library/DxeHobLib/HobLib.c     | 32 +++++++++++++++++++++
>  MdePkg/Library/PeiHobLib/HobLib.c     | 54 ++++++++++++++++++++++++++++++++++-
>  4 files changed, 151 insertions(+), 4 deletions(-)
> 
> diff --git a/MdePkg/Include/Library/HobLib.h b/MdePkg/Include/Library/HobLib.h
> index fc48703826c5..6f1f7b3f5f20 100644
> --- a/MdePkg/Include/Library/HobLib.h
> +++ b/MdePkg/Include/Library/HobLib.h
> @@ -6,9 +6,9 @@
>    defined in the PI Specification.
>    A HOB is a Hand-Off Block, defined in the Framework architecture, that
>    allows the PEI phase to pass information to the DXE phase. HOBs are position
> -  independent and can be relocated easily to different memory memory locations.
> +  independent and can be relocated easily to different memory locations.
>  
> -Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
>  This program and the accompanying materials
>  are licensed and made available under the terms and conditions of the BSD License
>  which accompanies this distribution.  The full text of the license may be found at
> @@ -343,6 +343,36 @@ BuildFv2Hob (
>    );
>  
>  /**
> +  Builds a EFI_HOB_TYPE_FV3 HOB.
> +
> +  This function builds a EFI_HOB_TYPE_FV3 HOB.
> +  It can only be invoked during PEI phase;
> +  for DXE phase, it will ASSERT() since PEI HOB is read-only for DXE phase.
> +
> +  If there is no additional space for HOB creation, then ASSERT().
> +  If the FvImage buffer is not at its required alignment, then ASSERT().
> +
> +  @param BaseAddress            The base address of the Firmware Volume.
> +  @param Length                 The size of the Firmware Volume in bytes.
> +  @param AuthenticationStatus   The authentication status.
> +  @param ExtractedFv            TRUE if the FV was extracted as a file within another firmware volume.
> +                                FALSE otherwise.
> +  @param FvName                 The name of the Firmware Volume. Valid only if IsExtractedFv is TRUE
> +  @param FileName               The name of the file. Valid only if IsExtractedFv is TRUE
> +
> +**/
> +VOID
> +EFIAPI
> +BuildFv3Hob (
> +  IN          EFI_PHYSICAL_ADDRESS        BaseAddress,
> +  IN          UINT64                      Length,
> +  IN          UINT32                      AuthenticationStatus,
> +  IN          BOOLEAN                     ExtractedFv,
> +  IN CONST    EFI_GUID                    *FvName, OPTIONAL
> +  IN CONST    EFI_GUID                    *FileName OPTIONAL
> +  );
> +
> +/**
>    Builds a Capsule Volume HOB.
>  
>    This function builds a Capsule Volume HOB.

do we need to copy the implementation(s) of this function to other
instances of HobLib?

edk2 has the following HobLib instances:

1 ArmVirtPkg/Library/ArmVirtDxeHobLib/ArmVirtDxeHobLib.inf
2 EmbeddedPkg/Library/PrePiHobLib/PrePiHobLib.inf
3 IntelFrameworkPkg/Library/PeiHobLibFramework/PeiHobLibFramework.inf
4 MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
5 MdePkg/Library/DxeHobLib/DxeHobLib.inf
6 MdePkg/Library/PeiHobLib/PeiHobLib.inf

Instances #4 through #6 are extended in this patch; instance #3 is
extended in the next patch.

Instances #1 and #2 are not changed. Is that OK? (For example, some of
the ArmVirt platforms use instance #1 for all DXE and "later" modules.
Some other ArmVirt platforms use instance #2.)

Thanks,
Laszlo

Re: [PATCH 2/5] MdePkg HobLib: Add BuildFv3Hob API

[Zeng, Star]

Thanks for the reminder.
I just sent patch series https://lists.01.org/pipermail/edk2-devel/2017-October/015614.html as supplement.

The FfsProcessFvFile() in EmbeddedPkg/Library/PrePiLib/FwVol.c may need to build FV3 HOB with authentication status to be propagated to DXE.
(FfsProcessFvFile() -> FfsFindSectionData() -> FfsProcessSection() -> ExtractGuidedSectionDecode()), FfsFindSectionData() and FfsProcessSection() may need to be updated to return authentication status to FfsProcessFvFile().

But it is not really needed at all after checking the platforms as they are all using MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf that has no concept of authentication status at all and always returns 0 authentication status (https://github.com/tianocore/edk2/blob/master/MdeModulePkg/Library/LzmaCustomDecompressLib/GuidedSectionExtraction.c L154 and L172), so the EmbeddedPkg/Library/PrePiLib/FwVol.c can be kept with no change. :)


Thanks,
Star
-----Original Message-----
From: Laszlo Ersek [mailto:lersek@redhat.com] 
Sent: Wednesday, October 4, 2017 11:39 PM
To: Zeng, Star <star.zeng@intel.com>; edk2-devel@lists.01.org
Cc: Gao, Liming <liming.gao@intel.com>; Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: Re: [edk2] [PATCH 2/5] MdePkg HobLib: Add BuildFv3Hob API

Hi Star,

On 10/04/17 16:21, Star Zeng wrote:
> Add BuildFv3Hob API in HobLib.h and implement the API in HobLib 
> instances PeiHobLib, DxeHobLib and DxeCoreHobLib.
> 
> Cc: Liming Gao <liming.gao@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Star Zeng <star.zeng@intel.com>
> ---
>  MdePkg/Include/Library/HobLib.h       | 34 ++++++++++++++++++++--
>  MdePkg/Library/DxeCoreHobLib/HobLib.c | 35 ++++++++++++++++++++++-
>  MdePkg/Library/DxeHobLib/HobLib.c     | 32 +++++++++++++++++++++
>  MdePkg/Library/PeiHobLib/HobLib.c     | 54 ++++++++++++++++++++++++++++++++++-
>  4 files changed, 151 insertions(+), 4 deletions(-)
> 
> diff --git a/MdePkg/Include/Library/HobLib.h 
> b/MdePkg/Include/Library/HobLib.h index fc48703826c5..6f1f7b3f5f20 
> 100644
> --- a/MdePkg/Include/Library/HobLib.h
> +++ b/MdePkg/Include/Library/HobLib.h
> @@ -6,9 +6,9 @@
>    defined in the PI Specification.
>    A HOB is a Hand-Off Block, defined in the Framework architecture, that
>    allows the PEI phase to pass information to the DXE phase. HOBs are 
> position
> -  independent and can be relocated easily to different memory memory locations.
> +  independent and can be relocated easily to different memory locations.
>  
> -Copyright (c) 2006 - 2016, Intel Corporation. All rights 
> reserved.<BR>
> +Copyright (c) 2006 - 2017, Intel Corporation. All rights 
> +reserved.<BR>
>  This program and the accompanying materials  are licensed and made 
> available under the terms and conditions of the BSD License  which 
> accompanies this distribution.  The full text of the license may be 
> found at @@ -343,6 +343,36 @@ BuildFv2Hob (
>    );
>  
>  /**
> +  Builds a EFI_HOB_TYPE_FV3 HOB.
> +
> +  This function builds a EFI_HOB_TYPE_FV3 HOB.
> +  It can only be invoked during PEI phase;  for DXE phase, it will 
> + ASSERT() since PEI HOB is read-only for DXE phase.
> +
> +  If there is no additional space for HOB creation, then ASSERT().
> +  If the FvImage buffer is not at its required alignment, then ASSERT().
> +
> +  @param BaseAddress            The base address of the Firmware Volume.
> +  @param Length                 The size of the Firmware Volume in bytes.
> +  @param AuthenticationStatus   The authentication status.
> +  @param ExtractedFv            TRUE if the FV was extracted as a file within another firmware volume.
> +                                FALSE otherwise.
> +  @param FvName                 The name of the Firmware Volume. Valid only if IsExtractedFv is TRUE
> +  @param FileName               The name of the file. Valid only if IsExtractedFv is TRUE
> +
> +**/
> +VOID
> +EFIAPI
> +BuildFv3Hob (
> +  IN          EFI_PHYSICAL_ADDRESS        BaseAddress,
> +  IN          UINT64                      Length,
> +  IN          UINT32                      AuthenticationStatus,
> +  IN          BOOLEAN                     ExtractedFv,
> +  IN CONST    EFI_GUID                    *FvName, OPTIONAL
> +  IN CONST    EFI_GUID                    *FileName OPTIONAL
> +  );
> +
> +/**
>    Builds a Capsule Volume HOB.
>  
>    This function builds a Capsule Volume HOB.

do we need to copy the implementation(s) of this function to other instances of HobLib?

edk2 has the following HobLib instances:

1 ArmVirtPkg/Library/ArmVirtDxeHobLib/ArmVirtDxeHobLib.inf
2 EmbeddedPkg/Library/PrePiHobLib/PrePiHobLib.inf
3 IntelFrameworkPkg/Library/PeiHobLibFramework/PeiHobLibFramework.inf
4 MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
5 MdePkg/Library/DxeHobLib/DxeHobLib.inf
6 MdePkg/Library/PeiHobLib/PeiHobLib.inf

Instances #4 through #6 are extended in this patch; instance #3 is extended in the next patch.

Instances #1 and #2 are not changed. Is that OK? (For example, some of the ArmVirt platforms use instance #1 for all DXE and "later" modules.
Some other ArmVirt platforms use instance #2.)

Thanks,
Laszlo

Re: [PATCH 0/5] Propagate PEI-phase FV authentication status to DXE

[Gao, Liming]

Reviewed-by: Liming Gao <liming.gao@intel.com>

>-----Original Message-----
>From: Zeng, Star
>Sent: Wednesday, October 04, 2017 10:21 PM
>To: edk2-devel@lists.01.org
>Cc: Zeng, Star <star.zeng@intel.com>; Gao, Liming <liming.gao@intel.com>
>Subject: [PATCH 0/5] Propagate PEI-phase FV authentication status to DXE
>
>FV3 HOB was introduced by new (>= 1.5) PI spec, it is intended to
>be used to propagate PEI-phase FV authentication status to DXE.
>Check the separated patches for the details.
>
>
>Cc: Liming Gao <liming.gao@intel.com>
>
>Star Zeng (5):
>  MdePkg PiHob.h: Add FV3 HOB definitions
>  MdePkg HobLib: Add BuildFv3Hob API
>  IntelFrameworkPkg PeiHobLibFramework: Implement BuildFv3Hob
>  MdeModulePkg Core: Propagate PEI-phase FV authentication status to DXE
>  IntelFrameworkModulePkg FwVolDxe: Get FV auth status propagated from
>    PEI
>
> .../Universal/FirmwareVolume/FwVolDxe/FwVol.c      | 73
>++++++++++++++++------
> .../FirmwareVolume/FwVolDxe/FwVolDriver.h          |  3 +-
> .../Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf |  4 +-
> .../Library/PeiHobLibFramework/HobLib.c            | 54 +++++++++++++++-
> MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c            | 41 ++++++++++--
> MdeModulePkg/Core/Dxe/FwVol/FwVol.c                | 13 ++--
> MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c      | 23 +++++--
> MdeModulePkg/Core/Pei/FwVol/FwVol.c                |  9 +++
> MdePkg/Include/Library/HobLib.h                    | 34 +++++++++-
> MdePkg/Include/Pi/PiHob.h                          | 43 ++++++++++++-
> MdePkg/Library/DxeCoreHobLib/HobLib.c              | 35 ++++++++++-
> MdePkg/Library/DxeHobLib/HobLib.c                  | 32 ++++++++++
> MdePkg/Library/PeiHobLib/HobLib.c                  | 54 +++++++++++++++-
> 13 files changed, 371 insertions(+), 47 deletions(-)
>
>--
>2.13.3.windows.1