From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 3E26C81D8C for ; Wed, 2 Nov 2016 07:08:52 -0700 (PDT) Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga103.jf.intel.com with ESMTP; 02 Nov 2016 07:08:53 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,583,1473145200"; d="scan'208";a="26600637" Received: from qchen3-mobl.ccr.corp.intel.com (HELO jyao1-MOBL.ccr.corp.intel.com) ([10.254.214.228]) by orsmga005.jf.intel.com with ESMTP; 02 Nov 2016 07:08:50 -0700 From: Jiewen Yao To: edk2-devel@lists.01.org Cc: Michael D Kinney , Kelly Steele , Feng Tian , Star Zeng , Liming Gao , Chao Zhang Date: Wed, 2 Nov 2016 22:08:34 +0800 Message-Id: <1478095715-8632-7-git-send-email-jiewen.yao@intel.com> X-Mailer: git-send-email 2.7.4.windows.1 In-Reply-To: <1478095715-8632-1-git-send-email-jiewen.yao@intel.com> References: <1478095715-8632-1-git-send-email-jiewen.yao@intel.com> Subject: [PATCH V8 6/7] QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Nov 2016 14:08:52 -0000 Add capsule and recovery support module in platform dsc and fdf. Cc: Michael D Kinney Cc: Kelly Steele Cc: Feng Tian Cc: Star Zeng Cc: Liming Gao Cc: Chao Zhang Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao --- QuarkPlatformPkg/Quark.dsc | 73 +++++++++-- QuarkPlatformPkg/Quark.fdf | 137 ++++++++++++++++++++ QuarkPlatformPkg/QuarkMin.dsc | 7 +- 3 files changed, 202 insertions(+), 15 deletions(-) diff --git a/QuarkPlatformPkg/Quark.dsc b/QuarkPlatformPkg/Quark.dsc index d5988da..0bd9120 100644 --- a/QuarkPlatformPkg/Quark.dsc +++ b/QuarkPlatformPkg/Quark.dsc @@ -39,6 +39,8 @@ DEFINE SOURCE_DEBUG_ENABLE = FALSE DEFINE PERFORMANCE_ENABLE = FALSE DEFINE LOGGING = FALSE + DEFINE CAPSULE_ENABLE = FALSE + DEFINE RECOVERY_ENABLE = FALSE # # Galileo board. Options are [GEN1, GEN2] @@ -160,11 +162,9 @@ PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf !endif -!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf -!endif !if $(SECURE_BOOT_ENABLE) PlatformSecureLib|QuarkPlatformPkg/Library/PlatformSecureLib/PlatformSecureLib.inf @@ -225,6 +225,17 @@ PlatformPcieHelperLib|QuarkPlatformPkg/Library/PlatformPcieHelperLib/PlatformPcieHelperLib.inf PlatformHelperLib|QuarkPlatformPkg/Library/PlatformHelperLib/DxePlatformHelperLib.inf +!if $(CAPSULE_ENABLE) + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf +!else + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf +!endif + + EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf + FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf + IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf + PlatformFlashAccessLib|QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.inf + [LibraryClasses.common.SEC] # # SEC specific phase @@ -250,9 +261,7 @@ PlatformHelperLib|QuarkPlatformPkg/Library/PlatformHelperLib/PeiPlatformHelperLib.inf CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf -!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE) BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf -!endif !if $(PERFORMANCE_ENABLE) PerformanceLib|MdeModulePkg/Library/PeiPerformanceLib/PeiPerformanceLib.inf !endif @@ -273,9 +282,7 @@ PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf -!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE) BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf -!endif !if $(PERFORMANCE_ENABLE) PerformanceLib|MdeModulePkg/Library/SmmPerformanceLib/SmmPerformanceLib.inf !endif @@ -301,6 +308,10 @@ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf !endif +!if $(CAPSULE_ENABLE) + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf +!endif + [LibraryClasses.IA32.UEFI_DRIVER,LibraryClasses.IA32.UEFI_APPLICATION] PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf @@ -431,6 +442,10 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdConInConnectOnDemand|FALSE +!if $(RECOVERY_ENABLE) + gEfiMdeModulePkgTokenSpaceGuid.PcdRecoveryFileName|L"QUARKREC.Cap" +!endif + [PcdsPatchableInModule] gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x803000C7 gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0 @@ -449,6 +464,12 @@ gQuarkPlatformTokenSpaceGuid.PcdUserIsPhysicallyPresent|FALSE gQuarkPlatformTokenSpaceGuid.PcdSpiFlashDeviceSize|0 +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100 + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0xc0, 0x20, 0xaf, 0x62, 0x16, 0x70, 0x4a, 0x42, 0x9b, 0xf8, 0x9c, 0xcc, 0x86, 0x58, 0x40, 0x90} + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0x59, 0x3A, 0xD8, 0x14, 0x10, 0xA8, 0x56, 0x45, 0x81, 0x92, 0x1C, 0x0A, 0x59, 0x3C, 0x06, 0x5C} +!endif + !if $(MEASURED_BOOT_ENABLE) # # TPM1.2 { 0x8b01e5b6, 0x4f19, 0x46e8, { 0xab, 0x93, 0x1c, 0x53, 0x67, 0x1b, 0x90, 0xcc } } @@ -540,6 +561,11 @@ !endif } +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) + # FMP image decriptor + QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf +!endif + # # PEI Core # @@ -594,6 +620,7 @@ # # Recovery # +!if $(RECOVERY_ENABLE) QuarkSocPkg/QuarkSouthCluster/Usb/Common/Pei/UsbPei.inf MdeModulePkg/Bus/Pci/EhciPei/EhciPei.inf QuarkSocPkg/QuarkSouthCluster/Usb/Ohci/Pei/OhciPei.inf @@ -601,6 +628,11 @@ MdeModulePkg/Bus/Usb/UsbBusPei/UsbBusPei.inf FatPkg/FatPei/FatPei.inf MdeModulePkg/Universal/Disk/CdExpressPei/CdExpressPei.inf + SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.inf { + + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf + } +!endif [Components.IA32] # @@ -645,11 +677,7 @@ NULL|MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf } - MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf { - - GenericBdsLib|IntelFrameworkModulePkg/Library/GenericBdsLib/GenericBdsLib.inf - CapsuleLib|IntelFrameworkModulePkg/Library/DxeCapsuleLib/DxeCapsuleLib.inf - } + MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf @@ -675,6 +703,11 @@ UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf PlatformBootManagerLib|QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf +!if $(CAPSULE_ENABLE) + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf +!else + FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf +!endif } MdeModulePkg/Application/UiApp/UiApp.inf { @@ -889,5 +922,23 @@ gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000 } +!if $(CAPSULE_ENABLE) + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf + + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf { + + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf + } + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf { + + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf + } + + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf { + + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf + } +!endif + [BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER] MSFT:*_*_*_DLINK_FLAGS = /ALIGN:4096 diff --git a/QuarkPlatformPkg/Quark.fdf b/QuarkPlatformPkg/Quark.fdf index 9f51eb3..19533b2 100644 --- a/QuarkPlatformPkg/Quark.fdf +++ b/QuarkPlatformPkg/Quark.fdf @@ -317,6 +317,11 @@ APRIORI PEI { ## INF UefiCpuPkg/SecCore/SecCore.inf +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) + # FMP image decriptor +INF RuleOverride = FMP_IMAGE_DESC QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf +!endif + INF MdeModulePkg/Core/Pei/PeiMain.inf ## @@ -347,12 +352,16 @@ INF SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf INF SecurityPkg/Tcg/TcgPei/TcgPei.inf !endif +!if $(RECOVERY_ENABLE) FILE FV_IMAGE = 1E9D7604-EF45-46a0-BD8A-71AC78C17AC1 { SECTION PEI_DEPEX_EXP = {gEfiPeiMemoryDiscoveredPpiGuid AND gEfiPeiBootInRecoveryModePpiGuid} SECTION GUIDED A31280AD-481E-41B6-95E8-127F4C984779 { # TIANO COMPRESS GUID SECTION FV_IMAGE = FVRECOVERY_COMPONENTS } } +!endif + +!if $(RECOVERY_ENABLE) ################################################################################ # @@ -390,6 +399,9 @@ INF MdeModulePkg/Bus/Usb/UsbBusPei/UsbBusPei.inf INF MdeModulePkg/Bus/Usb/UsbBotPei/UsbBotPei.inf INF FatPkg/FatPei/FatPei.inf INF MdeModulePkg/Universal/Disk/CdExpressPei/CdExpressPei.inf +INF SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.inf + +!endif ################################################################################ # @@ -579,6 +591,25 @@ INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf INF RuleOverride = DRIVER_ACPITABLE SecurityPkg/Tcg/TcgSmm/TcgSmm.inf !endif +!if $(CAPSULE_ENABLE) +INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf +INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf +!endif + +!if $(RECOVERY_ENABLE) +FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid) { + SECTION RAW = BaseTools/Source/Python/Rsa2048Sha256Sign/TestSigningPublicKey.bin + SECTION UI = "Rsa2048Sha256TestSigningPublicKey" + } +!endif + +!if $(CAPSULE_ENABLE) +FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) { + SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer + SECTION UI = "Pkcs7TestRoot" + } +!endif + ################################################################################ # # FV Section @@ -650,6 +681,102 @@ INF RuleOverride = TIANOCOMPRESSED ShellPkg/Application/Shell/Shell.inf INF RuleOverride = TIANOCOMPRESSED PerformancePkg/Dp_App/Dp.inf !endif +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE) + +[FV.CapsuleDispatchFv] +FvAlignment = 16 +ERASE_POLARITY = 1 +MEMORY_MAPPED = TRUE +STICKY_WRITE = TRUE +LOCK_CAP = TRUE +LOCK_STATUS = TRUE +WRITE_DISABLED_CAP = TRUE +WRITE_ENABLED_CAP = TRUE +WRITE_STATUS = TRUE +WRITE_LOCK_CAP = TRUE +WRITE_LOCK_STATUS = TRUE +READ_DISABLED_CAP = TRUE +READ_ENABLED_CAP = TRUE +READ_STATUS = TRUE +READ_LOCK_CAP = TRUE +READ_LOCK_STATUS = TRUE + +!if $(CAPSULE_ENABLE) +INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf +!endif + +[FV.SystemFirmwareUpdateCargo] +FvAlignment = 16 +ERASE_POLARITY = 1 +MEMORY_MAPPED = TRUE +STICKY_WRITE = TRUE +LOCK_CAP = TRUE +LOCK_STATUS = TRUE +WRITE_DISABLED_CAP = TRUE +WRITE_ENABLED_CAP = TRUE +WRITE_STATUS = TRUE +WRITE_LOCK_CAP = TRUE +WRITE_LOCK_STATUS = TRUE +READ_DISABLED_CAP = TRUE +READ_ENABLED_CAP = TRUE +READ_STATUS = TRUE +READ_LOCK_CAP = TRUE +READ_LOCK_STATUS = TRUE + +FILE RAW = 14D83A59-A810-4556-8192-1C0A593C065C { # PcdEdkiiSystemFirmwareFileGuid + FD = Quark + } + +FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid + FV = CapsuleDispatchFv + } + +FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid + QuarkPlatformPkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini + } + +!endif + +!if $(CAPSULE_ENABLE) +[FmpPayload.FmpPayloadSystemFirmwarePkcs7] +IMAGE_HEADER_INIT_VERSION = 0x02 +IMAGE_TYPE_ID = 62af20c0-7016-424a-9bf8-9ccc86584090 # PcdSystemFmpCapsuleImageTypeIdGuid +IMAGE_INDEX = 0x1 +HARDWARE_INSTANCE = 0x0 +MONOTONIC_COUNT = 0x2 +CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7 + +FV = SystemFirmwareUpdateCargo + +[Capsule.QuarkFirmwareUpdateCapsuleFmpPkcs7] +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid +CAPSULE_FLAGS = PersistAcrossReset,InitiateReset +CAPSULE_HEADER_SIZE = 0x20 +CAPSULE_HEADER_INIT_VERSION = 0x1 + +FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7 +!endif + +!if $(RECOVERY_ENABLE) +[FmpPayload.FmpPayloadSystemFirmwareRsa2048] +IMAGE_HEADER_INIT_VERSION = 0x02 +IMAGE_TYPE_ID = 62af20c0-7016-424a-9bf8-9ccc86584090 # PcdSystemFmpCapsuleImageTypeIdGuid +IMAGE_INDEX = 0x1 +HARDWARE_INSTANCE = 0x0 +MONOTONIC_COUNT = 0x2 +CERTIFICATE_GUID = A7717414-C616-4977-9420-844712A735BF # RSA2048SHA256 + +FV = SystemFirmwareUpdateCargo + +[Capsule.QuarkRec] +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid +CAPSULE_FLAGS = PersistAcrossReset,InitiateReset +CAPSULE_HEADER_SIZE = 0x20 +CAPSULE_HEADER_INIT_VERSION = 0x1 + +FMP_PAYLOAD = FmpPayloadSystemFirmwareRsa2048 +!endif + ################################################################################ # # Rules are use with the [FV] section's module INF type to define @@ -771,3 +898,13 @@ INF RuleOverride = TIANOCOMPRESSED PerformancePkg/Dp_App/Dp.inf RAW ACPI |.acpi RAW ASL |.aml } + +[Rule.Common.PEIM.FMP_IMAGE_DESC] + FILE PEIM = $(NAMED_GUID) { + RAW BIN |.acpi + PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex + PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi + UI STRING="$(MODULE_NAME)" Optional + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER) + } + diff --git a/QuarkPlatformPkg/QuarkMin.dsc b/QuarkPlatformPkg/QuarkMin.dsc index 1a4bd30..be85e3f 100644 --- a/QuarkPlatformPkg/QuarkMin.dsc +++ b/QuarkPlatformPkg/QuarkMin.dsc @@ -161,6 +161,8 @@ AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf !endif + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf + # # CPU # @@ -547,10 +549,7 @@ MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf MdeModulePkg/Universal/Variable/EmuRuntimeDxe/EmuVariableRuntimeDxe.inf - MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf { - - CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf - } + MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf -- 2.7.4.windows.1