From: Jiewen Yao <jiewen.yao@intel.com>
To: edk2-devel@lists.01.org
Cc: David Wei <david.wei@intel.com>, Feng Tian <feng.tian@intel.com>,
Star Zeng <star.zeng@intel.com>,
Michael D Kinney <michael.d.kinney@intel.com>,
Liming Gao <liming.gao@intel.com>,
Chao Zhang <chao.b.zhang@intel.com>
Subject: [PATCH V9 5/9] Vlv2TbltDevicePkg/PlatformBootManager: Add capsule/recovery handling.
Date: Mon, 7 Nov 2016 20:42:09 +0800 [thread overview]
Message-ID: <1478522533-12532-6-git-send-email-jiewen.yao@intel.com> (raw)
In-Reply-To: <1478522533-12532-1-git-send-email-jiewen.yao@intel.com>
1) Add capsule and recovery boot path handling in platform BDS.
2) Add check if the platform is using default test key for capsule.
Produce PcdTestKeyUsed to indicate if there is any
test key used in current BIOS, such as recovery key,
or capsule update key.
Then the generic UI may consume this PCD to show warning information.
Cc: David Wei <david.wei@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: David Wei <david.wei@intel.com>
---
Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c | 82 ++++++++++++++++++--
Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf | 6 ++
2 files changed, 83 insertions(+), 5 deletions(-)
diff --git a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c b/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
index 7dd289e..7f91777 100644
--- a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
+++ b/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
@@ -1872,9 +1872,9 @@ PlatformBdsPolicyBehavior (
PlatformBdsConnectConsole (gPlatformConsole);
PlatformBdsDiagnostics (EXTENSIVE, FALSE, BaseMemoryTest);
- DEBUG((EFI_D_INFO, "ProcessCapsules Before EndOfDxe......\n"));
+ DEBUG((DEBUG_INFO, "ProcessCapsules Before EndOfDxe......\n"));
ProcessCapsules ();
- DEBUG((EFI_D_INFO, "ProcessCapsules Done\n"));
+ DEBUG((DEBUG_INFO, "ProcessCapsules Done\n"));
//
// Close boot script and install ready to lock
@@ -1901,9 +1901,9 @@ PlatformBdsPolicyBehavior (
EsrtManagement->SyncEsrtFmp();
}
- DEBUG((EFI_D_INFO, "ProcessCapsules After ConnectAll......\n"));
+ DEBUG((DEBUG_INFO, "ProcessCapsules After ConnectAll......\n"));
ProcessCapsules();
- DEBUG((EFI_D_INFO, "ProcessCapsules Done\n"));
+ DEBUG((DEBUG_INFO, "ProcessCapsules Done\n"));
break;
case BOOT_IN_RECOVERY_MODE:
@@ -2411,6 +2411,12 @@ ShowProgressHotKey (
EFI_GRAPHICS_OUTPUT_BLT_PIXEL Background;
EFI_GRAPHICS_OUTPUT_BLT_PIXEL Color;
UINT32 GpioValue;
+ CHAR16 *TmpStr1;
+ CHAR16 *TmpStr2;
+ CHAR16 *TmpStr3;
+ UINTN TmpStrSize;
+ VOID *Buffer;
+ UINTN Size;
if (TimeoutDefault == 0) {
return EFI_TIMEOUT;
@@ -2434,10 +2440,76 @@ ShowProgressHotKey (
SetMem (&Background, sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL), 0x0);
SetMem (&Color, sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL), 0xff);
+ TmpStr2 = NULL;
+ TmpStr3 = NULL;
+
+ //
+ // Check if the platform is using test key.
+ //
+ Status = GetSectionFromAnyFv(
+ PcdGetPtr(PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid),
+ EFI_SECTION_RAW,
+ 0,
+ &Buffer,
+ &Size
+ );
+ if (!EFI_ERROR(Status)) {
+ if ((Size == PcdGetSize(PcdRsa2048Sha256PublicKeyBuffer)) &&
+ (CompareMem(Buffer, PcdGetPtr(PcdRsa2048Sha256PublicKeyBuffer), Size) == 0)) {
+ TmpStr2 = L"WARNING: Recovery Test Key is used.\r\n";
+ if (DebugAssertEnabled()) {
+ DEBUG ((DEBUG_INFO, "\n\nWARNING: Recovery Test Key is used.\n"));
+ } else {
+ SerialPortWrite((UINT8 *)"\n\nWARNING: Recovery Test Key is used.", sizeof("\n\nWARNING: Recovery Test Key is used."));
+ }
+ PcdSetBoolS(PcdTestKeyUsed, TRUE);
+ }
+ FreePool(Buffer);
+ }
+ Status = GetSectionFromAnyFv(
+ PcdGetPtr(PcdEdkiiPkcs7TestPublicKeyFileGuid),
+ EFI_SECTION_RAW,
+ 0,
+ &Buffer,
+ &Size
+ );
+ if (!EFI_ERROR(Status)) {
+ if ((Size == PcdGetSize(PcdPkcs7CertBuffer)) &&
+ (CompareMem(Buffer, PcdGetPtr(PcdPkcs7CertBuffer), Size) == 0)) {
+ TmpStr3 = L"WARNING: Capsule Test Key is used.\r\n";
+ if (DebugAssertEnabled()) {
+ DEBUG ((DEBUG_INFO, "\n\nWARNING: Capsule Test Key is used.\r\n"));
+ } else {
+ SerialPortWrite((UINT8 *)"\n\nWARNING: Capsule Test Key is used.", sizeof("\n\nWARNING: Capsule Test Key is used."));
+ }
+ PcdSetBoolS(PcdTestKeyUsed, TRUE);
+ }
+ FreePool(Buffer);
+ }
+
//
// Clear the progress status bar first
//
- TmpStr = L"Start boot option, Press <F2> or <DEL> to enter setup page.";
+ TmpStr1 = L"Start boot option, Press <F2> or <DEL> to enter setup page.\r\n";
+ TmpStrSize = StrSize(TmpStr1);
+ if (TmpStr2 != NULL) {
+ TmpStrSize += StrSize(TmpStr2);
+ }
+ if (TmpStr3 != NULL) {
+ TmpStrSize += StrSize(TmpStr3);
+ }
+ TmpStr = AllocatePool (TmpStrSize);
+ if (TmpStr == NULL) {
+ TmpStr = TmpStr1;
+ } else {
+ StrCpyS(TmpStr, TmpStrSize/sizeof(CHAR16), TmpStr1);
+ if (TmpStr2 != NULL) {
+ StrCatS(TmpStr, TmpStrSize/sizeof(CHAR16), TmpStr2);
+ }
+ if (TmpStr3 != NULL) {
+ StrCatS(TmpStr, TmpStrSize/sizeof(CHAR16), TmpStr3);
+ }
+ }
PlatformBdsShowProgress (Foreground, Background, TmpStr, Color, 0, 0);
TimeoutRemain = TimeoutDefault;
diff --git a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf b/Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf
index ce7c426..3e45a31 100644
--- a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf
+++ b/Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf
@@ -49,6 +49,7 @@
ShellPkg/ShellPkg.dec
CryptoPkg/CryptoPkg.dec
SecurityPkg/SecurityPkg.dec
+ SignedCapsulePkg/SignedCapsulePkg.dec
[LibraryClasses]
DxeServicesTableLib
@@ -102,6 +103,11 @@
gEfiEndOfDxeEventGroupGuid
[Pcd]
+ gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid
+ gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid
+ gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer
+ gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer
+ gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed
gPlatformModuleTokenSpaceGuid.PcdFlashFvRecovery2Base
gPlatformModuleTokenSpaceGuid.PcdFlashFvMainBase
gPlatformModuleTokenSpaceGuid.PcdFlashFvRecoveryBase
--
2.7.4.windows.1
next prev parent reply other threads:[~2016-11-07 12:42 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-07 12:42 [PATCH 0/9] Add capsule support for Vlv2 Jiewen Yao
2016-11-07 12:42 ` [PATCH V9 1/9] Vlv2TbltDevicePkg/PlatformFlashAccessLib: Add instance for update Jiewen Yao
2016-11-07 12:42 ` [PATCH V9 2/9] Vlv2TbltDevicePkg/SystemFirmwareDescriptor: Add Capsule Descriptor Jiewen Yao
2016-11-07 12:42 ` [PATCH V9 3/9] Vlv2TbltDevicePkg/SystemFirmwareUpdateConfig: Add capsule config file Jiewen Yao
2016-11-07 12:42 ` [PATCH V9 4/9] Vlv2TbltDevicePkg/FlashDeviceLib: Add DXE flash device lib Jiewen Yao
2016-11-07 12:42 ` Jiewen Yao [this message]
2016-11-07 12:42 ` [PATCH V9 6/9] Vlv2TbltDevicePkg/dsc/fdf: Add capsule/recovery support Jiewen Yao
2016-11-07 12:42 ` [PATCH V9 7/9] Vlv2TbltDevicePkg/dsc/fdf: add capsule generation DSC/FDF Jiewen Yao
2016-11-07 12:42 ` [PATCH V9 8/9] Vlv2TbltDevicePkg/bat: add capsule generation in bat Jiewen Yao
2016-11-07 12:42 ` [PATCH V9 9/9] Vlv2TbltDevicePkg/Build: Add capsule/recovery in help info Jiewen Yao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1478522533-12532-6-git-send-email-jiewen.yao@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox