From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: edk2-devel@lists.01.org
Subject: [PATCH edk2-platforms 6/7] Platform/DeveloperBox: add .DSC/.FDF description of MM components
Date: Fri, 4 Jan 2019 15:43:35 +0100 [thread overview]
Message-ID: <20190104144336.8941-7-ard.biesheuvel@linaro.org> (raw)
In-Reply-To: <20190104144336.8941-1-ard.biesheuvel@linaro.org>
Create a pair of .DSC/.FDF files that describe the components and
the firmware volumes and flash device that will be dispatched into
a secure partition in the secure world to control the UEFI secure
variable store.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
Platform/Socionext/DeveloperBox/DeveloperBox.dsc | 5 +-
Platform/Socionext/DeveloperBox/DeveloperBox.dsc.inc | 7 +-
Platform/Socionext/DeveloperBox/DeveloperBoxMm.dsc | 103 +++++++++++++
Platform/Socionext/DeveloperBox/DeveloperBoxMm.fdf | 161 ++++++++++++++++++++
4 files changed, 270 insertions(+), 6 deletions(-)
diff --git a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
index 56787a744157..666bd2716336 100644
--- a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
+++ b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
@@ -250,10 +250,7 @@ [Components.common]
#
# Variable services
#
- Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/Fip006Dxe.inf {
- <LibraryClasses>
- NorFlashPlatformLib|Silicon/Socionext/SynQuacer/Library/NorFlashSynQuacerLib/NorFlashSynQuacerLib.inf
- }
+ Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/Fip006Dxe.inf
MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf {
<LibraryClasses>
diff --git a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc.inc b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc.inc
index 56adc21d5caf..87b2094cb356 100644
--- a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc.inc
+++ b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc.inc
@@ -125,6 +125,7 @@ [LibraryClasses.common]
PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf
NorFlashInfoLib|EmbeddedPkg/Library/NorFlashInfoLib/NorFlashInfoLib.inf
+ NorFlashPlatformLib|Silicon/Socionext/SynQuacer/Library/NorFlashSynQuacerLib/NorFlashSynQuacerLib.inf
################################################################################
#
@@ -294,8 +295,10 @@ [PcdsFixedAtBuild.common]
!endif
gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareRevision|$(BUILD_NUMBER)
- gArmTokenSpaceGuid.PcdMmBufferBase|0xFFC00000
- gArmTokenSpaceGuid.PcdMmBufferSize|0x00200000
+ gEfiSecurityPkgTokenSpaceGuid.PcdUserPhysicalPresence|TRUE
+
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800
[PcdsPatchableInModule]
gEfiMdeModulePkgTokenSpaceGuid.PcdVideoHorizontalResolution|0
diff --git a/Platform/Socionext/DeveloperBox/DeveloperBoxMm.dsc b/Platform/Socionext/DeveloperBox/DeveloperBoxMm.dsc
new file mode 100644
index 000000000000..45cfd5645d9b
--- /dev/null
+++ b/Platform/Socionext/DeveloperBox/DeveloperBoxMm.dsc
@@ -0,0 +1,103 @@
+#
+# Copyright (c) 2013-2014, ARM Limited. All rights reserved.
+# Copyright (c) 2017-2018, Linaro Limited. All rights reserved.
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+
+################################################################################
+#
+# Defines Section - statements that will be processed to create a Makefile.
+#
+################################################################################
+[Defines]
+ PLATFORM_NAME = DeveloperBoxMm
+ PLATFORM_GUID = cedcc3f9-fb42-45e6-b134-e7ca97abbffd
+ PLATFORM_VERSION = 0.1
+ DSC_SPECIFICATION = 0x0001001B
+ OUTPUT_DIRECTORY = Build/$(PLATFORM_NAME)
+ SUPPORTED_ARCHITECTURES = AARCH64
+ BUILD_TARGETS = DEBUG|RELEASE|NOOPT
+ SKUID_IDENTIFIER = DEFAULT
+ FLASH_DEFINITION = Platform/Socionext/DeveloperBox/$(PLATFORM_NAME).fdf
+ BUILD_NUMBER = 1
+
+!include Platform/Socionext/DeveloperBox/DeveloperBox.dsc.inc
+
+[LibraryClasses.common.MM_STANDALONE, LibraryClasses.common.MM_CORE_STANDALONE]
+ ArmSvcLib|ArmPkg/Library/ArmSvcLib/ArmSvcLib.inf
+ BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
+ FvLib|StandaloneMmPkg/Library/FvLib/FvLib.inf
+ MemLib|StandaloneMmPkg/Library/StandaloneMmMemLib/StandaloneMmMemLib.inf
+ PeCoffExtraActionLib|StandaloneMmPkg/Library/StandaloneMmPeCoffExtraActionLib/StandaloneMmPeCoffExtraActionLib.inf
+ StandaloneMmCoreEntryPoint|StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf
+ StandaloneMmDriverEntryPoint|StandaloneMmPkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf
+ StandaloneMmMmuLib|ArmPkg/Library/StandaloneMmMmuLib/ArmMmuStandaloneMmLib.inf
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+
+ SerialPortLib|MdeModulePkg/Library/BaseSerialPortLib16550/BaseSerialPortLib16550.inf
+ PlatformHookLib|MdeModulePkg/Library/BasePlatformHookLibNull/BasePlatformHookLibNull.inf
+ PciLib|MdePkg/Library/BasePciLibPciExpress/BasePciLibPciExpress.inf
+ PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf
+
+[LibraryClasses.common.MM_CORE_STANDALONE]
+ HobLib|StandaloneMmPkg/Library/StandaloneMmCoreHobLib/StandaloneMmCoreHobLib.inf
+ MemoryAllocationLib|StandaloneMmPkg/Library/StandaloneMmCoreMemoryAllocationLib/StandaloneMmCoreMemoryAllocationLib.inf
+
+[LibraryClasses.common.MM_STANDALONE]
+ HobLib|StandaloneMmPkg/Library/StandaloneMmHobLib/StandaloneMmHobLib.inf
+ MemoryAllocationLib|StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf
+ MmServicesTableLib|StandaloneMmPkg/Library/MmServicesTableLib/MmServicesTableLib.inf
+
+[BuildOptions.common.EDKII.MM_STANDALONE, BuildOptions.common.EDKII.MM_CORE_STANDALONE]
+ GCC:*_*_*_CC_FLAGS = -mstrict-align -mgeneral-regs-only
+ GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000
+
+################################################################################
+#
+# Pcd Section - list of all EDK II PCD Entries defined by this Platform
+#
+################################################################################
+
+[PcdsFixedAtBuild]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSerialRegisterBase|0x51040000
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSerialUseMmio|TRUE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSerialUseHardwareFlowControl|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSerialClockRate|62500000
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSerialRegisterStride|4
+
+[PcdsPatchableInModule]
+ gEfiMdePkgTokenSpaceGuid.PcdGuidedExtractHandlerTableAddress|0x0
+
+################################################################################
+#
+# Components Section - list of all EDK II Modules needed by this Platform
+#
+################################################################################
+[Components.common]
+ #
+ # Standalone MM components
+ #
+ StandaloneMmPkg/Core/StandaloneMmCore.inf {
+ <LibraryClasses>
+ ExtractGuidedSectionLib|MdePkg/Library/BaseExtractGuidedSectionLib/BaseExtractGuidedSectionLib.inf
+ NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf
+ }
+
+ StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/StandaloneMmCpu.inf
+ Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/Fip006StandaloneMm.inf
+ MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
+ MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf {
+ <LibraryClasses>
+ AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
+ VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
+ NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
+ }
diff --git a/Platform/Socionext/DeveloperBox/DeveloperBoxMm.fdf b/Platform/Socionext/DeveloperBox/DeveloperBoxMm.fdf
new file mode 100644
index 000000000000..790a391080e6
--- /dev/null
+++ b/Platform/Socionext/DeveloperBox/DeveloperBoxMm.fdf
@@ -0,0 +1,161 @@
+#
+# Copyright (c) 2013-2014, ARM Limited. All rights reserved.
+# Copyright (c) 2017-2018, Linaro Limited. All rights reserved.
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+
+################################################################################
+#
+# FD Section
+# The [FD] Section is made up of the definition statements and a
+# description of what goes into the Flash Device Image. Each FD section
+# defines one flash "device" image. A flash device image may be one of
+# the following: Removable media bootable image (like a boot floppy
+# image,) an Option ROM image (that would be "flashed" into an add-in
+# card,) a System "Flash" image (that would be burned into a system's
+# flash) or an Update ("Capsule") image that will be used to update and
+# existing system flash.
+#
+################################################################################
+
+[FD.STANDALONE_MM]
+BaseAddress = 0xfc000000
+Size = 0x00040000
+ErasePolarity = 1
+
+# This one is tricky, it must be: BlockSize * NumBlocks = Size
+BlockSize = 0x00010000
+NumBlocks = 0x4
+
+################################################################################
+#
+# Following are lists of FD Region layout which correspond to the locations of different
+# images within the flash device.
+#
+# Regions must be defined in ascending order and may not overlap.
+#
+# A Layout Region start with a eight digit hex offset (leading "0x" required) followed by
+# the pipe "|" character, followed by the size of the region, also in hex with the leading
+# "0x" characters. Like:
+# Offset|Size
+# PcdOffsetCName|PcdSizeCName
+# RegionType <FV, DATA, or FILE>
+#
+################################################################################
+
+0x00000000|0x00040000
+FV = FvStandaloneMmCompact
+
+################################################################################
+#
+# FV Section
+#
+# [FV] section is used to define what components or modules are placed within a flash
+# device file. This section also defines order the components and modules are positioned
+# within the image. The [FV] section consists of define statements, set statements and
+# module statements.
+#
+################################################################################
+
+[FV.FvStandaloneMmCompact]
+FvNameGuid = db7dcad2-de57-455d-a385-c297a6536cd8
+BlockSize = 0x10000
+NumBlocks = 0
+FvAlignment = 8
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+ INF StandaloneMmPkg/Core/StandaloneMmCore.inf
+
+ FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
+ SECTION GUIDED EE4E5898-3914-4259-9D6E-DC7BD79403CF PROCESSING_REQUIRED = TRUE {
+ SECTION FV_IMAGE = FVSTANDALONEMM
+ }
+ }
+
+[FV.FvStandaloneMm]
+FvNameGuid = 2160589f-77f4-4cae-b9ba-0be99d2e33a4
+BlockSize = 0x40
+NumBlocks = 0 # This FV gets compressed so make it just big enough
+FvAlignment = 8 # FV alignment and FV attributes setting.
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+ INF Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/Fip006StandaloneMm.inf
+ INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteStandaloneMm.inf
+ INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
+ INF StandaloneMmPkg/Drivers/StandaloneMmCpu/AArch64/StandaloneMmCpu.inf
+
+################################################################################
+#
+# Rules are use with the [FV] section's module INF type to define
+# how an FFS file is created for a given INF file. The following Rule are the default
+# rules for the different module type. User can add the customized rules to define the
+# content of the FFS file.
+#
+################################################################################
+
+
+############################################################################
+# Example of a DXE_DRIVER FFS file with a Checksum encapsulation section #
+############################################################################
+#
+#[Rule.Common.DXE_DRIVER]
+# FILE DRIVER = $(NAMED_GUID) {
+# DXE_DEPEX DXE_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
+# COMPRESS PI_STD {
+# GUIDED {
+# PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
+# UI STRING="$(MODULE_NAME)" Optional
+# VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+# }
+# }
+# }
+#
+############################################################################
+
+[Rule.Common.MM_CORE_STANDALONE]
+ FILE SEC = $(NAMED_GUID) RELOCS_STRIPPED FIXED {
+ TE TE Align = 4K $(INF_OUTPUT)/$(MODULE_NAME).efi
+ }
+
+[Rule.Common.MM_STANDALONE]
+ FILE MM_STANDALONE = $(NAMED_GUID) {
+ SMM_DEPEX SMM_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
+ PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
--
2.17.1
next prev parent reply other threads:[~2019-01-04 14:43 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-04 14:43 [PATCH edk2-platforms 0/7] Silicon/SynQuacer: implement SMM based secure boot Ard Biesheuvel
2019-01-04 14:43 ` [PATCH edk2-platforms 1/7] Silicon/SynQuacer/Fip006Dxe: drop block I/O and disk I/O routines Ard Biesheuvel
2019-01-17 9:50 ` Leif Lindholm
2019-01-17 10:59 ` Ard Biesheuvel
2019-01-04 14:43 ` [PATCH edk2-platforms 2/7] Silicon/SynQuacer/Fip006Dxe: factor out DXE specific pieces Ard Biesheuvel
2019-01-17 10:10 ` Leif Lindholm
2019-01-17 11:27 ` Ard Biesheuvel
2019-01-21 16:16 ` Ard Biesheuvel
2019-01-21 16:46 ` Leif Lindholm
2019-01-21 16:47 ` Ard Biesheuvel
2019-01-21 16:53 ` Leif Lindholm
2019-01-04 14:43 ` [PATCH edk2-platforms 3/7] Silicon/SynQuacer/Fip006Dxe: implement standalone MM variant Ard Biesheuvel
2019-01-04 14:43 ` [PATCH edk2-platforms 4/7] Silicon/SynQuacer/Fip006Dxe: use proper accessor for unaligned access Ard Biesheuvel
2019-01-04 14:43 ` [PATCH edk2-platforms 5/7] Platform/DeveloperBox: create shared .DSC include file Ard Biesheuvel
2019-01-04 14:43 ` Ard Biesheuvel [this message]
2019-01-17 11:04 ` [PATCH edk2-platforms 6/7] Platform/DeveloperBox: add .DSC/.FDF description of MM components Leif Lindholm
2019-01-17 11:10 ` Ard Biesheuvel
2019-01-17 12:08 ` Leif Lindholm
2019-01-17 12:18 ` Ard Biesheuvel
2019-01-21 16:57 ` Ard Biesheuvel
2019-01-21 17:03 ` Leif Lindholm
2019-01-04 14:43 ` [PATCH edk2-platforms 7/7] Platform/DeveloperBox: add MM based UEFI secure boot support Ard Biesheuvel
2019-01-17 11:14 ` [PATCH edk2-platforms 0/7] Silicon/SynQuacer: implement SMM based secure boot Leif Lindholm
2019-01-21 17:40 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190104144336.8941-7-ard.biesheuvel@linaro.org \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox