public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: Star Zeng <star.zeng@intel.com>
To: edk2-devel@lists.01.org
Cc: Star Zeng <star.zeng@intel.com>, Liming Gao <liming.gao@intel.com>
Subject: [PATCH 5/5] IntelFrameworkModulePkg FwVolDxe: Get FV auth status propagated from PEI
Date: Wed,  4 Oct 2017 22:21:21 +0800	[thread overview]
Message-ID: <20171004142121.7404-6-star.zeng@intel.com> (raw)
In-Reply-To: <20171004142121.7404-1-star.zeng@intel.com>

FV3 HOB was introduced by new (>= 1.5) PI spec, it is intended to
be used to propagate PEI-phase FV authentication status to DXE.
This patch is to update FwVolDxe to get the authentication status
propagated from PEI-phase to DXE by FV3 HOB when producing FV
protocol.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
---
 .../Universal/FirmwareVolume/FwVolDxe/FwVol.c      | 73 ++++++++++++++++------
 .../FirmwareVolume/FwVolDxe/FwVolDriver.h          |  3 +-
 .../Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf |  4 +-
 3 files changed, 57 insertions(+), 23 deletions(-)

diff --git a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c
index 65a292db6b91..91fcd4721244 100644
--- a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c
+++ b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c
@@ -4,7 +4,7 @@
   Layers on top of Firmware Block protocol to produce a file abstraction
   of FV based files.
 
-  Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions
@@ -195,7 +195,7 @@ FreeFvDeviceResource (
 /**
 
   Firmware volume inherits authentication status from the FV image file and section(in another firmware volume)
-  where it came from.
+  where it came from or propagated from PEI-phase.
 
   @param  FvDevice              A pointer to the FvDevice.
 
@@ -205,26 +205,30 @@ FwVolInheritAuthenticationStatus (
   IN FV_DEVICE  *FvDevice
   )
 {
-  EFI_STATUS                        Status;
-  EFI_FIRMWARE_VOLUME_HEADER        *CachedFvHeader;
-  EFI_FIRMWARE_VOLUME_EXT_HEADER    *CachedFvExtHeader;
-  EFI_FIRMWARE_VOLUME2_PROTOCOL     *ParentFvProtocol;
-  UINTN                             Key;
-  EFI_GUID                          FileNameGuid;
-  EFI_FV_FILETYPE                   FileType;
-  EFI_FV_FILE_ATTRIBUTES            FileAttributes;
-  UINTN                             FileSize;
-  EFI_SECTION_TYPE                  SectionType;
-  UINT32                            AuthenticationStatus;
-  EFI_FIRMWARE_VOLUME_HEADER        *FvHeader;
-  EFI_FIRMWARE_VOLUME_EXT_HEADER    *FvExtHeader;
-  UINTN                             BufferSize;
-
-  CachedFvHeader = (EFI_FIRMWARE_VOLUME_HEADER *) (UINTN) FvDevice->CachedFv;
+  EFI_STATUS                            Status;
+  EFI_FIRMWARE_VOLUME_HEADER            *CachedFvHeader;
+  EFI_FIRMWARE_VOLUME_EXT_HEADER        *CachedFvExtHeader;
+  EFI_FIRMWARE_VOLUME2_PROTOCOL         *ParentFvProtocol;
+  UINTN                                 Key;
+  EFI_GUID                              FileNameGuid;
+  EFI_FV_FILETYPE                       FileType;
+  EFI_FV_FILE_ATTRIBUTES                FileAttributes;
+  UINTN                                 FileSize;
+  EFI_SECTION_TYPE                      SectionType;
+  UINT32                                AuthenticationStatus;
+  EFI_FIRMWARE_VOLUME_HEADER            *FvHeader;
+  EFI_FIRMWARE_VOLUME_EXT_HEADER        *FvExtHeader;
+  UINTN                                 BufferSize;
+  EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL    *Fvb;
+  EFI_FVB_ATTRIBUTES_2                  FvbAttributes;
+  EFI_PHYSICAL_ADDRESS                  BaseAddress;
+  EFI_PEI_HOB_POINTERS                  Fv3Hob;
 
   if (FvDevice->Fv.ParentHandle != NULL) {
+    CachedFvHeader = (EFI_FIRMWARE_VOLUME_HEADER *) (UINTN) FvDevice->CachedFv;
+
     //
-    // By Parent Handle, find out the FV image file and section(in another firmware volume) where the firmware volume came from 
+    // By Parent Handle, find out the FV image file and section(in another firmware volume) where the firmware volume came from
     //
     Status = gBS->HandleProtocol (FvDevice->Fv.ParentHandle, &gEfiFirmwareVolume2ProtocolGuid, (VOID **) &ParentFvProtocol);
     if (!EFI_ERROR (Status) && (ParentFvProtocol != NULL)) {
@@ -258,7 +262,7 @@ FwVolInheritAuthenticationStatus (
         if (!EFI_ERROR (Status)) {
           if ((FvHeader->FvLength == CachedFvHeader->FvLength) &&
               (FvHeader->ExtHeaderOffset == CachedFvHeader->ExtHeaderOffset)) {
-            if (FvHeader->ExtHeaderOffset !=0) {
+            if (FvHeader->ExtHeaderOffset != 0) {
               //
               // Both FVs contain extension header, then compare their FV Name GUID
               //
@@ -292,6 +296,35 @@ FwVolInheritAuthenticationStatus (
         }
       } while (TRUE);
     }
+  } else {
+    Fvb = FvDevice->Fvb;
+
+    Status  = Fvb->GetAttributes (Fvb, &FvbAttributes);
+    if (EFI_ERROR (Status)) {
+      return;
+    }
+
+    if ((FvbAttributes & EFI_FVB2_MEMORY_MAPPED) != 0) {
+      //
+      // Get volume base address
+      //
+      Status = Fvb->GetPhysicalAddress (Fvb, &BaseAddress);
+      if (EFI_ERROR (Status)) {
+        return;
+      }
+
+      //
+      // Get the authentication status propagated from PEI-phase to DXE.
+      //
+      Fv3Hob.Raw = GetHobList ();
+      while ((Fv3Hob.Raw = GetNextHob (EFI_HOB_TYPE_FV3, Fv3Hob.Raw)) != NULL) {
+        if (Fv3Hob.FirmwareVolume3->BaseAddress == BaseAddress) {
+          FvDevice->AuthenticationStatus = Fv3Hob.FirmwareVolume3->AuthenticationStatus;
+          return;
+        }
+        Fv3Hob.Raw = GET_NEXT_HOB (Fv3Hob);
+      }
+    }
   }
 }
 
diff --git a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h
index b1646dd39edf..b14a488ead88 100644
--- a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h
+++ b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h
@@ -1,7 +1,7 @@
 /** @file
   Common defines and definitions for a FwVolDxe driver.
 
-  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions
@@ -33,6 +33,7 @@
 #include <Library/BaseMemoryLib.h>
 #include <Library/MemoryAllocationLib.h>
 #include <Library/UefiBootServicesTableLib.h>
+#include <Library/HobLib.h>
 
 #define FV_DEVICE_SIGNATURE           SIGNATURE_32 ('_', 'F', 'V', '_')
 
diff --git a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf
index 057266bb2b68..6844afb063e7 100644
--- a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf
+++ b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf
@@ -4,7 +4,7 @@
 #  This driver produces Firmware Volume2 protocol with full services
 #  (read/write, get/set) based on Firmware Volume Block protocol.
 #
-# Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 #
 # This program and the accompanying materials are
 # licensed and made available under the terms and conditions of the BSD License
@@ -55,7 +55,7 @@ [LibraryClasses]
   UefiLib
   UefiDriverEntryPoint
   DebugLib
-
+  HobLib
 
 [Guids]
   gEfiFirmwareVolumeTopFileGuid                ## CONSUMES ## File # VTF file
-- 
2.13.3.windows.1



  parent reply	other threads:[~2017-10-04 14:18 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-10-04 14:21 [PATCH 0/5] Propagate PEI-phase FV authentication status to DXE Star Zeng
2017-10-04 14:21 ` [PATCH 1/5] MdePkg PiHob.h: Add FV3 HOB definitions Star Zeng
2017-10-04 14:21 ` [PATCH 2/5] MdePkg HobLib: Add BuildFv3Hob API Star Zeng
2017-10-04 15:38   ` Laszlo Ersek
2017-10-05  6:46     ` Zeng, Star
2017-10-04 14:21 ` [PATCH 3/5] IntelFrameworkPkg PeiHobLibFramework: Implement BuildFv3Hob Star Zeng
2017-10-04 14:21 ` [PATCH 4/5] MdeModulePkg Core: Propagate PEI-phase FV authentication status to DXE Star Zeng
2017-10-04 14:21 ` Star Zeng [this message]
2017-10-09  7:44 ` [PATCH 0/5] " Gao, Liming

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20171004142121.7404-6-star.zeng@intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox