From: Star Zeng <star.zeng@intel.com>
To: edk2-devel@lists.01.org
Cc: Star Zeng <star.zeng@intel.com>, Liming Gao <liming.gao@intel.com>
Subject: [PATCH 4/5] MdeModulePkg Core: Propagate PEI-phase FV authentication status to DXE
Date: Wed, 4 Oct 2017 22:21:20 +0800 [thread overview]
Message-ID: <20171004142121.7404-5-star.zeng@intel.com> (raw)
In-Reply-To: <20171004142121.7404-1-star.zeng@intel.com>
FV3 HOB was introduced by new (>= 1.5) PI spec, it is intended to
be used to propagate PEI-phase FV authentication status to DXE.
This patch is to update PeiCore to build FV3 HOB with the
authentication status and DxeCore to get the authentication
status from FV3 HOB when producing FVB Protocol.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
---
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 41 ++++++++++++++++++++++++---
MdeModulePkg/Core/Dxe/FwVol/FwVol.c | 13 ++++-----
MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c | 23 +++++++++++----
MdeModulePkg/Core/Pei/FwVol/FwVol.c | 9 ++++++
4 files changed, 69 insertions(+), 17 deletions(-)
diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
index 91e94a78d205..433cca3a800c 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -380,10 +380,43 @@ DxeMain (
}
}
for (Hob.Raw = HobStart; !END_OF_HOB_LIST(Hob); Hob.Raw = GET_NEXT_HOB(Hob)) {
- if (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_FV2) {
- DEBUG ((DEBUG_INFO | DEBUG_LOAD, "FV2 Hob 0x%0lx - 0x%0lx\n", Hob.FirmwareVolume2->BaseAddress, Hob.FirmwareVolume2->BaseAddress + Hob.FirmwareVolume2->Length - 1));
- } else if (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_FV) {
- DEBUG ((DEBUG_INFO | DEBUG_LOAD, "FV Hob 0x%0lx - 0x%0lx\n", Hob.FirmwareVolume->BaseAddress, Hob.FirmwareVolume->BaseAddress + Hob.FirmwareVolume->Length - 1));
+ if (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_FV) {
+ DEBUG ((
+ DEBUG_INFO | DEBUG_LOAD,
+ "FV Hob 0x%0lx - 0x%0lx\n",
+ Hob.FirmwareVolume->BaseAddress,
+ Hob.FirmwareVolume->BaseAddress + Hob.FirmwareVolume->Length - 1
+ ));
+ } else if (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_FV2) {
+ DEBUG ((
+ DEBUG_INFO | DEBUG_LOAD,
+ "FV2 Hob 0x%0lx - 0x%0lx\n",
+ Hob.FirmwareVolume2->BaseAddress,
+ Hob.FirmwareVolume2->BaseAddress + Hob.FirmwareVolume2->Length - 1
+ ));
+ DEBUG ((
+ DEBUG_INFO | DEBUG_LOAD,
+ " %g - %g\n",
+ &Hob.FirmwareVolume2->FvName,
+ &Hob.FirmwareVolume2->FileName
+ ));
+ } else if (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_FV3) {
+ DEBUG ((
+ DEBUG_INFO | DEBUG_LOAD,
+ "FV3 Hob 0x%0lx - 0x%0lx - 0x%x - 0x%x\n",
+ Hob.FirmwareVolume3->BaseAddress,
+ Hob.FirmwareVolume3->BaseAddress + Hob.FirmwareVolume3->Length - 1,
+ Hob.FirmwareVolume3->AuthenticationStatus,
+ Hob.FirmwareVolume3->ExtractedFv
+ ));
+ if (Hob.FirmwareVolume3->ExtractedFv) {
+ DEBUG ((
+ DEBUG_INFO | DEBUG_LOAD,
+ " %g - %g\n",
+ &Hob.FirmwareVolume3->FvName,
+ &Hob.FirmwareVolume3->FileName
+ ));
+ }
}
}
DEBUG_CODE_END ();
diff --git a/MdeModulePkg/Core/Dxe/FwVol/FwVol.c b/MdeModulePkg/Core/Dxe/FwVol/FwVol.c
index fe12d6e0ac30..2f5867b59d90 100644
--- a/MdeModulePkg/Core/Dxe/FwVol/FwVol.c
+++ b/MdeModulePkg/Core/Dxe/FwVol/FwVol.c
@@ -3,7 +3,7 @@
Layers on top of Firmware Block protocol to produce a file abstraction
of FV based files.
-Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -711,13 +711,10 @@ NotifyFwVolBlock (
FvDevice->FwVolHeader = FwVolHeader;
FvDevice->IsFfs3Fv = CompareGuid (&FwVolHeader->FileSystemGuid, &gEfiFirmwareFileSystem3Guid);
FvDevice->Fv.ParentHandle = Fvb->ParentHandle;
-
- if (Fvb->ParentHandle != NULL) {
- //
- // Inherit the authentication status from FVB.
- //
- FvDevice->AuthenticationStatus = GetFvbAuthenticationStatus (Fvb);
- }
+ //
+ // Inherit the authentication status from FVB.
+ //
+ FvDevice->AuthenticationStatus = GetFvbAuthenticationStatus (Fvb);
if (!EFI_ERROR (FvCheck (FvDevice))) {
//
diff --git a/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c b/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c
index bc7b34140f84..f7fb18ae15df 100644
--- a/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c
+++ b/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c
@@ -4,7 +4,7 @@
It consumes FV HOBs and creates read-only Firmare Volume Block protocol
instances for each of them.
-Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -517,9 +517,7 @@ ProduceFVBProtocolOnBuffer (
FvbDev->BaseAddress = BaseAddress;
FvbDev->FvbAttributes = FwVolHeader->Attributes;
FvbDev->FwVolBlockInstance.ParentHandle = ParentHandle;
- if (ParentHandle != NULL) {
- FvbDev->AuthenticationStatus = AuthenticationStatus;
- }
+ FvbDev->AuthenticationStatus = AuthenticationStatus;
//
// Init the block caching fields of the device
@@ -630,16 +628,31 @@ FwVolBlockDriverInit (
)
{
EFI_PEI_HOB_POINTERS FvHob;
+ EFI_PEI_HOB_POINTERS Fv3Hob;
+ UINT32 AuthenticationStatus;
//
// Core Needs Firmware Volumes to function
//
FvHob.Raw = GetHobList ();
while ((FvHob.Raw = GetNextHob (EFI_HOB_TYPE_FV, FvHob.Raw)) != NULL) {
+ AuthenticationStatus = 0;
+ //
+ // Get the authentication status propagated from PEI-phase to DXE.
+ //
+ Fv3Hob.Raw = GetHobList ();
+ while ((Fv3Hob.Raw = GetNextHob (EFI_HOB_TYPE_FV3, Fv3Hob.Raw)) != NULL) {
+ if ((Fv3Hob.FirmwareVolume3->BaseAddress == FvHob.FirmwareVolume->BaseAddress) &&
+ (Fv3Hob.FirmwareVolume3->Length == FvHob.FirmwareVolume->Length)) {
+ AuthenticationStatus = Fv3Hob.FirmwareVolume3->AuthenticationStatus;
+ break;
+ }
+ Fv3Hob.Raw = GET_NEXT_HOB (Fv3Hob);
+ }
//
// Produce an FVB protocol for it
//
- ProduceFVBProtocolOnBuffer (FvHob.FirmwareVolume->BaseAddress, FvHob.FirmwareVolume->Length, NULL, 0, NULL);
+ ProduceFVBProtocolOnBuffer (FvHob.FirmwareVolume->BaseAddress, FvHob.FirmwareVolume->Length, NULL, AuthenticationStatus, NULL);
FvHob.Raw = GET_NEXT_HOB (FvHob);
}
diff --git a/MdeModulePkg/Core/Pei/FwVol/FwVol.c b/MdeModulePkg/Core/Pei/FwVol/FwVol.c
index c90a70b5f799..f3f93ac1a3af 100644
--- a/MdeModulePkg/Core/Pei/FwVol/FwVol.c
+++ b/MdeModulePkg/Core/Pei/FwVol/FwVol.c
@@ -1452,6 +1452,15 @@ ProcessFvFile (
&FileInfo.FileName
);
+ BuildFv3Hob (
+ (EFI_PHYSICAL_ADDRESS) (UINTN) FvHeader,
+ FvHeader->FvLength,
+ AuthenticationStatus,
+ TRUE,
+ &ParentFvImageInfo.FvName,
+ &FileInfo.FileName
+ );
+
return EFI_SUCCESS;
}
--
2.13.3.windows.1
next prev parent reply other threads:[~2017-10-04 14:18 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-04 14:21 [PATCH 0/5] Propagate PEI-phase FV authentication status to DXE Star Zeng
2017-10-04 14:21 ` [PATCH 1/5] MdePkg PiHob.h: Add FV3 HOB definitions Star Zeng
2017-10-04 14:21 ` [PATCH 2/5] MdePkg HobLib: Add BuildFv3Hob API Star Zeng
2017-10-04 15:38 ` Laszlo Ersek
2017-10-05 6:46 ` Zeng, Star
2017-10-04 14:21 ` [PATCH 3/5] IntelFrameworkPkg PeiHobLibFramework: Implement BuildFv3Hob Star Zeng
2017-10-04 14:21 ` Star Zeng [this message]
2017-10-04 14:21 ` [PATCH 5/5] IntelFrameworkModulePkg FwVolDxe: Get FV auth status propagated from PEI Star Zeng
2017-10-09 7:44 ` [PATCH 0/5] Propagate PEI-phase FV authentication status to DXE Gao, Liming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171004142121.7404-5-star.zeng@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox