From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2a00:1450:4864:20::542; helo=mail-ed1-x542.google.com; envelope-from=ard.biesheuvel@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-ed1-x542.google.com (mail-ed1-x542.google.com [IPv6:2a00:1450:4864:20::542]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D3A7A211AE8D3 for ; Fri, 4 Jan 2019 06:43:42 -0800 (PST) Received: by mail-ed1-x542.google.com with SMTP id f23so32000607edb.3 for ; Fri, 04 Jan 2019 06:43:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=rYSNf66LQZbOWNj2heIxB2LcEH/VonExswX2VwXWK3Q=; b=FQPP9C08nhKjCE1lPiNUAxV2CWrIDhECGjeWi3PbJYtLX4QGAwWfdeAFW4q5dvmOWl 8XIOzUG28/qGa5kvIZTNGX+Bbc8xzhRHkglQ26GmFVZNtYtHiQMSqkRjLoeWQG9Jfd55 IPPt8VJbR+6N0II6cjgfy3EWblwu3Pa1m8oP8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=rYSNf66LQZbOWNj2heIxB2LcEH/VonExswX2VwXWK3Q=; b=M9Fs7xre6YEKCb63L2S/+qhtqkTWj4d2qralrz0J7Cso9ChlwSjkIXEc3gu/ZpBJ4R x+my0+c+4IcWRpSX5vGBq5jw7RZWNXt+oXFVn7bVE0zOuz00V/emBk2Z/NOn06RIJDF8 N35tIs8Z+mS122iE+Hg3qyFus0AwPIjtIVVg4SyuqZY6RABCnjiDa5BI9M1Lm+3GwE9/ KsJfPCR0Ix5K6aha6n+iCPvIEJXJPRIHPsx7IgSOW5BoZgo9jkYJb3L/oWERMsJPe1b1 dFVv0s7M+Q78MB0KLeix7yufxFZl7WIQ7VaIuwV3Oy+c3rGXsLwcunGAk7kPXFNI6Lfh H0Gg== X-Gm-Message-State: AA+aEWbphGvESW3S/WHiqO9eLhhdzTthtzovlckn+uTDImksHrWYMXgu v3ZNb+YBbFYNgmnXXFjHlRz9eZtVqIl18w== X-Google-Smtp-Source: AFSGD/WJT5OhCwSLbKcbKawFIwQZ7TrSJ+xZVlzB1LSjAu8lH0jWWGJVhMUAJHoNDkTOWD/4eITshQ== X-Received: by 2002:a50:9665:: with SMTP id y92mr45004407eda.282.1546613020742; Fri, 04 Jan 2019 06:43:40 -0800 (PST) Received: from dogfood.home ([2a01:cb1d:112:6f00:183a:9013:d5a3:37a8]) by smtp.gmail.com with ESMTPSA id q16sm21608226eds.60.2019.01.04.06.43.39 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 04 Jan 2019 06:43:39 -0800 (PST) From: Ard Biesheuvel To: edk2-devel@lists.01.org Date: Fri, 4 Jan 2019 15:43:29 +0100 Message-Id: <20190104144336.8941-1-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 Subject: [PATCH edk2-platforms 0/7] Silicon/SynQuacer: implement SMM based secure boot X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jan 2019 14:43:43 -0000 Wire up the various pieces so that the authenticated variable store runs entirely in standalone MM context residing in a secure partition. This primarily involves refactoring the platform's NOR flash driver so we can build a version that can work in the standalone MM context. Beyond that, it is just a matter of enabling all the boilerplate in the .DSC and .FDF files. Note that the resulting standalone MM firmware volume needs to be wrapped in a FIP, which is not part of the build sequence. Cc: Leif Lindholm Cc: Masahisa Kojima Ard Biesheuvel (7): Silicon/SynQuacer/Fip006Dxe: drop block I/O and disk I/O routines Silicon/SynQuacer/Fip006Dxe: factor out DXE specific pieces Silicon/SynQuacer/Fip006Dxe: implement standalone MM variant Silicon/SynQuacer/Fip006Dxe: use proper accessor for unaligned access Platform/DeveloperBox: create shared .DSC include file Platform/DeveloperBox: add .DSC/.FDF description of MM components Platform/DeveloperBox: add MM based UEFI secure boot support .../Socionext/DeveloperBox/DeveloperBox.dsc | 304 +--- .../DeveloperBox/DeveloperBox.dsc.inc | 315 ++++ .../Socionext/DeveloperBox/DeveloperBox.fdf | 13 + .../Socionext/DeveloperBox/DeveloperBoxMm.dsc | 103 ++ .../Socionext/DeveloperBox/DeveloperBoxMm.fdf | 161 ++ .../SynQuacer/Drivers/Fip006Dxe/Fip006Dxe.inf | 9 +- .../Drivers/Fip006Dxe/Fip006StandaloneMm.inf | 71 + .../SynQuacer/Drivers/Fip006Dxe/NorFlash.c | 1006 +++++++++++++ .../Fip006Dxe/{NorFlashDxe.h => NorFlash.h} | 93 +- .../Drivers/Fip006Dxe/NorFlashBlockIoDxe.c | 138 -- .../SynQuacer/Drivers/Fip006Dxe/NorFlashDxe.c | 1341 ++--------------- .../{NorFlashFvbDxe.c => NorFlashFvb.c} | 197 +-- .../SynQuacer/Drivers/Fip006Dxe/NorFlashSmm.c | 182 +++ 13 files changed, 2076 insertions(+), 1857 deletions(-) create mode 100644 Platform/Socionext/DeveloperBox/DeveloperBox.dsc.inc create mode 100644 Platform/Socionext/DeveloperBox/DeveloperBoxMm.dsc create mode 100644 Platform/Socionext/DeveloperBox/DeveloperBoxMm.fdf create mode 100644 Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/Fip006StandaloneMm.inf create mode 100644 Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.c rename Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/{NorFlashDxe.h => NorFlash.h} (85%) delete mode 100644 Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlashBlockIoDxe.c rename Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/{NorFlashFvbDxe.c => NorFlashFvb.c} (76%) create mode 100644 Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlashSmm.c -- 2.17.1