From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (NAM04-MW2-obe.outbound.protection.outlook.com [40.107.101.113]) by mx.groups.io with SMTP id smtpd.web10.5454.1622023881437034633 for ; Wed, 26 May 2021 03:11:21 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@os.amperecomputing.com header.s=selector2 header.b=VBABwnkG; spf=pass (domain: os.amperecomputing.com, ip: 40.107.101.113, mailfrom: nhi@os.amperecomputing.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NCh6DKvFbl5707l0hDD0SN38O4Lsw/+qMFpWVXgbHx2WBBd5F1RGncxRtM9MymD6swzXJLUA6dHhJW3cq/OwMaqaxhAcTB7os8pizujvPWTpxG7dlpezSaH0ZjeYESQ73i4hkY01LV6ttEDGM/xL5z0u9CO7a5K/gcjZooOlxCs7I8Uot+L/VrhD8k2KMPnJoevCN28/SrkqXTIK0AywPsD81Vg/wiaCYg3cJRmdBeb8jbQZotVejf5XnHpc77/srjen6ibF3L5rwX/lVcuDhXOKLZ1TzR6Y/oiR5cSgFmnDFVra4xRjd9r9//HUBaer5umpNL97P4WMKtj4V7GE0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SwOl0ex4KRu1JRhK6vGvcezR4QEOKdbp6CFtZnAALoQ=; b=fhI0Ha1s/W1r7biMLP/ZTS/matvw/+qJDV2ZerMyD8X9Wn7/UhgW6OQc8drhFHZOPZLi1e0iMdFBJ8EUxFUnmlsO9uuVy3hGD5JGuZbmoYvYJ6zyVx9y7JoftHimzorao/B/16mOilOyk0EP5PiPXu+aQd2E112qHlXOjQLtTluCgU7Ag6tTX0Dh3j0yIoPWLWtu+NUeGCjNRHYriiMh7pFqdCfpLQPl1saM+ig7BXOgd+4dpte01QvePpy9qEfNZOLVUv0JoBw5GUrvyJDfxftmH7cXu9mxRP3l4iCogUMkqUcOheDPylGbMvcmuhepcUK2B00pUU4v8bLGVll0PA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=os.amperecomputing.com; dmarc=pass action=none header.from=os.amperecomputing.com; dkim=pass header.d=os.amperecomputing.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=os.amperecomputing.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SwOl0ex4KRu1JRhK6vGvcezR4QEOKdbp6CFtZnAALoQ=; b=VBABwnkGuwHA6dPG+OnOM7OOyeALgcmL/U0c38CxJ92Cbmyht5LlZ7l3z/J9M/UoZsQzr/YguBrCi8ixDVk36eVYzpIh+Ula1AOSVT5XGgkxztDGQdFhu8twV0JFVfryA35bR70vxG84OjI+ys16WMwh0Fql4uaqSRi933D21yE= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=os.amperecomputing.com; Received: from DM6PR01MB5849.prod.exchangelabs.com (2603:10b6:5:205::20) by DM8PR01MB6808.prod.exchangelabs.com (2603:10b6:8:23::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.21; Wed, 26 May 2021 10:11:20 +0000 Received: from DM6PR01MB5849.prod.exchangelabs.com ([fe80::60d2:86dd:1f1c:51dd]) by DM6PR01MB5849.prod.exchangelabs.com ([fe80::60d2:86dd:1f1c:51dd%7]) with mapi id 15.20.4173.020; Wed, 26 May 2021 10:11:20 +0000 From: "Nhi Pham" To: devel@edk2.groups.io CC: Nhi Pham , Thang Nguyen , Chuong Tran , Phong Vo , Leif Lindholm , Michael D Kinney , Ard Biesheuvel , Nate DeSimone Subject: [edk2-platforms][PATCH v2 03/32] AmperePlatformPkg: Implement FailSafe library Date: Wed, 26 May 2021 17:06:55 +0700 Message-ID: <20210526100724.5359-5-nhi@os.amperecomputing.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210526100724.5359-1-nhi@os.amperecomputing.com> References: <20210526100724.5359-1-nhi@os.amperecomputing.com> X-Originating-IP: [118.69.219.201] X-ClientProxiedBy: HKAPR04CA0008.apcprd04.prod.outlook.com (2603:1096:203:d0::18) To DM6PR01MB5849.prod.exchangelabs.com (2603:10b6:5:205::20) Return-Path: nhi@os.amperecomputing.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from localhost.localdomain (118.69.219.201) by HKAPR04CA0008.apcprd04.prod.outlook.com (2603:1096:203:d0::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.20 via Frontend Transport; Wed, 26 May 2021 10:11:17 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: d0b983c8-e3ba-4194-6f9f-08d9202e9bb3 X-MS-TrafficTypeDiagnostic: DM8PR01MB6808: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5516; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: O18oWcfVSaSOBqJllwhIAxlzkD3/bh8hBGE32ElyfMH1XPoefHapKC3b4CenwB309q8R23O5I36EdpsgXJtxzBJddvwjskj4+3hO9u6XRKHNg97IGj3gJVVohDuqwndT1xnppqX/Ge2Do8C0NCmumAoBddE2i4HBICPJy3mTV4btcWvyvXOKP/OChH4tHtVBJEiXSXZVqPe3evSoYqiKp034rlZM89PuPVMw1YhCq06xuxNYs411GRM0iDxF3nMV3Y35fi42gNDmHule5zp79v96Q/ningCjLKcmnTFT08xTVr+fBj/H6fnuU68loxNNt8IYwxWfpwncnZr00LpqJsWl5BXWJ01lm+ugFhc71Wkhq5jgmRqTkK57+IaUl/lboDnCgoFESXWb2pzSAUdWH+aD/MxuFDCKN/mdPzKyKhwWJTV4FJHAaYcxfLFxbl6oXHF0OTLHYNztK5I7mtkWzJrSvltXu9lOZioT1KpOl63iqJDDCSV19Roj7E4xy+vnjARjV6e5Ujydna9mf1VFa67e8N0dD5kfrr6VMXqKoQEbVxR/2JtIlOyu1tumyEEuDwuTr9LxwwBb93metCjyUSYLuQM8zU2KpQ8k46zhnkAvAupBa8a4b+Yc1UUB6ldQZz31nju9vVuo5fJeanVKONjBaF9ZCN74RHa1NB/i/Bzj8M1GAMuUBol3PHPkJLLq X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR01MB5849.prod.exchangelabs.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(396003)(346002)(136003)(376002)(39850400004)(6666004)(4326008)(8676002)(52116002)(8936002)(1076003)(86362001)(66476007)(66946007)(66556008)(54906003)(186003)(6486002)(6916009)(6506007)(2906002)(6512007)(2616005)(316002)(478600001)(956004)(26005)(30864003)(38100700002)(38350700002)(5660300002)(16526019)(83380400001)(69590400013);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?gbhQp/eID1QXO4i1uNMw+X3S72MT99MXtZiBZsTEGsfZEC3bgWTl0QqdIJWm?= =?us-ascii?Q?mhO+rcSjjv5im9/+2+mk8qdul4S5VzNU+nimx6YuVHRDejXUdbndVv7+jQp7?= =?us-ascii?Q?UMT+dTrN9lj0MEgcwyRLkylLLejzKLsIWHQxplKH8LIlRgj8qfQ+9MD0sgas?= =?us-ascii?Q?S43X9NI9jY3PzI+Kv5WraBsD8tmz5G07OrWoT6tValnirWpv54MfVXtlY2sj?= =?us-ascii?Q?cpYSPAGAxjoga/XDYV6kqia4pI10IGFmOIHwmh0fq9p8TYf0y7mXGzp+OToq?= =?us-ascii?Q?AovcCcEOOqIVmG3cHnvHIh7yf0Q1Je7/K6hJ9i35MXAnoWLvAMVezDvCUEwU?= =?us-ascii?Q?IRw40deaFdmVom8NvoUBXTVHMnPLrf1GE4RJLrABJaN7jDQ+/8OI0Y3qMSna?= =?us-ascii?Q?dNlmQQUmkwZB0ymRE6EAQS7O30EVJpmnwCsIjaKrg0O1dFP2oA2MVYnlE1Di?= =?us-ascii?Q?yKk/aoWH2o/8F8FWvRYBPIGSJK0mYpc4ycZN+dvd7Zozu5I7xpbpFaVE9AnP?= =?us-ascii?Q?UWmUOyfZuYpT1bF7pB1eUiAwbE14PxLnNZrqu3xDgpyDm9Vi/ddh6HcEIJjb?= =?us-ascii?Q?lHGNTDcic8UHNQIRcswY0K4893qP+g9ATZBQyFv7iqMZEBg6sSsn4+ybenir?= =?us-ascii?Q?ipaX3GlOWQDx3Qa8MEmzH6Xy448G+KOxRZ/QjndFbILRqfXY3a+7xFOI3C9S?= =?us-ascii?Q?pFNMUvV5SrE9UDDbqpDc4ZWrvbMvb7PqUVFozb0SuOiMLFVhlEIShYJdmfnE?= =?us-ascii?Q?S5fDTD/PXIx+Iv5ecCH9BpjZUebW0dul8W+Z6HMpLUmwa29bKkK1EOd486Ni?= =?us-ascii?Q?B+yTcLu1pUT++n1WSygjm2kHj6dfctJngVoNUwxsvV2X9borh4hkV6/3SPPS?= =?us-ascii?Q?427flFa/TnTnpWI9KS3PeaiJZ54E/o693PXiJPPk6blm6pE2/cEqLtM5CrFp?= =?us-ascii?Q?NUs0AbMK37cSvg33KMgSOgsI6F84xVTx61ArU0rU2xffwZc06/Sm70PSlCd6?= =?us-ascii?Q?T+xJvVJ4a9khcDO4lZAnJDAL+eUhdEzBDCPzjFSnwfCyj/EnhiANjEQaeqZu?= =?us-ascii?Q?TSpBtlvMkkstwRo2+A8TTuB5u20G4pLShZdKilKgaYeJmFDi1iGSVB7gL2GN?= =?us-ascii?Q?EbKFYrJHDOmlVi8Vhs9kYvtt+ESyfVrR5/yJIgYLau9vAjFjqQ8db7rBv5ux?= =?us-ascii?Q?zScLa1iwu4S7mXV97qzV2ymfOshSivI9+g7xTJ9yJnAxPBckfqwJ/tqzJIUU?= =?us-ascii?Q?zJ4JucuUnBAptf4g/e1tOfJ0XTAbqtFmtMCdyPl8ueWfItI4r/HtM5uIyzBI?= =?us-ascii?Q?azSS7MOSjJUSU23xzVzxAxXX?= X-OriginatorOrg: os.amperecomputing.com X-MS-Exchange-CrossTenant-Network-Message-Id: d0b983c8-e3ba-4194-6f9f-08d9202e9bb3 X-MS-Exchange-CrossTenant-AuthSource: DM6PR01MB5849.prod.exchangelabs.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 May 2021 10:11:20.4027 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3bc2b170-fd94-476d-b0ce-4229bdc904a7 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: DnInsDkD1xnRMjRijCfQp7xiqBKkD5ObKfBa3cQhqFVZX7jjAm4iaCBvteXovVvAmJ+wDdogBLca1+LpusIQ9WQQuV5CBzrehnztCGAknvo= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM8PR01MB6808 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain The Ampere Altra System Firmware provides a fail-safe feature to help recover the system if there are setting changes such as Core voltage, DRAM parameters that cause the UEFI failed to boot. The FailSafeLib supports API calls to Secure World to: * Get the FailSafe region information. * Get the current FailSafe status. * Inform to FailSafe monitor that the system boots successfully. * Simulate UEFI boot failure due to config wrong NVPARAM for testing failsafe feature. This library will be consumed by FailSafe DXE driver. Cc: Thang Nguyen Cc: Chuong Tran Cc: Phong Vo Cc: Leif Lindholm Cc: Michael D Kinney Cc: Ard Biesheuvel Cc: Nate DeSimone Signed-off-by: Nhi Pham --- Platform/Ampere/AmperePlatformPkg/AmperePlatformPkg.dec | = 3 + Platform/Ampere/AmperePlatformPkg/Library/FailSafeLib/FailSafeLib.inf | 4= 1 +++ Platform/Ampere/AmperePlatformPkg/Include/Library/FailSafeLib.h | 6= 2 ++++ Platform/Ampere/AmperePlatformPkg/Library/FailSafeLib/FailSafeLib.c | 32= 0 ++++++++++++++++++++ 4 files changed, 426 insertions(+) diff --git a/Platform/Ampere/AmperePlatformPkg/AmperePlatformPkg.dec b/Plat= form/Ampere/AmperePlatformPkg/AmperePlatformPkg.dec index 7c1d1f84f780..6e33d96c7ea5 100755 --- a/Platform/Ampere/AmperePlatformPkg/AmperePlatformPkg.dec +++ b/Platform/Ampere/AmperePlatformPkg/AmperePlatformPkg.dec @@ -22,7 +22,10 @@ [Defines] # ##########################################################################= ###### [Includes] + Include # Root include for the package =20 [LibraryClasses] + ## @libraryclass Provides functions to support FailSafe operations. + FailSafeLib|Platform/Ampere/AmperePlatformPkg/Include/Library/FailSafeLi= b.h =20 [Guids] diff --git a/Platform/Ampere/AmperePlatformPkg/Library/FailSafeLib/FailSafe= Lib.inf b/Platform/Ampere/AmperePlatformPkg/Library/FailSafeLib/FailSafeLib= .inf new file mode 100755 index 000000000000..456b9d5fc85b --- /dev/null +++ b/Platform/Ampere/AmperePlatformPkg/Library/FailSafeLib/FailSafeLib.inf @@ -0,0 +1,41 @@ +## @file +# +# Copyright (c) 2020 - 2021, Ampere Computing LLC. All rights reserved. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION =3D 0x0001001B + BASE_NAME =3D FailSafeLib + FILE_GUID =3D 3403D080-6D76-11E7-907B-A6006AD3DBA0 + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D FailSafeLib + +[Sources] + FailSafeLib.c + +[Protocols] + gEfiMmCommunicationProtocolGuid ## CONSUMES + +[Packages] + ArmPkg/ArmPkg.dec + ArmPlatformPkg/ArmPlatformPkg.dec + MdePkg/MdePkg.dec + Platform/Ampere/AmperePlatformPkg/AmperePlatformPkg.dec + Silicon/Ampere/AmpereAltraPkg/AmpereAltraPkg.dec + Silicon/Ampere/AmpereSiliconPkg/AmpereSiliconPkg.dec + +[LibraryClasses] + ArmSmcLib + BaseLib + BaseMemoryLib + DebugLib + HobLib + IoLib + NVParamLib + +[Guids] + gSpiNorMmGuid diff --git a/Platform/Ampere/AmperePlatformPkg/Include/Library/FailSafeLib.= h b/Platform/Ampere/AmperePlatformPkg/Include/Library/FailSafeLib.h new file mode 100644 index 000000000000..7ebd1c8a74a2 --- /dev/null +++ b/Platform/Ampere/AmperePlatformPkg/Include/Library/FailSafeLib.h @@ -0,0 +1,62 @@ +/** @file + + Copyright (c) 2020 - 2021, Ampere Computing LLC. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef FAILSAFE_LIB_H_ +#define FAILSAFE_LIB_H_ + +enum { + MM_SPINOR_FUNC_GET_INFO, + MM_SPINOR_FUNC_READ, + MM_SPINOR_FUNC_WRITE, + MM_SPINOR_FUNC_ERASE, + MM_SPINOR_FUNC_GET_NVRAM_INFO, + MM_SPINOR_FUNC_GET_NVRAM2_INFO, + MM_SPINOR_FUNC_GET_FAILSAFE_INFO +}; + +#define MM_SPINOR_RES_SUCCESS 0xAABBCC00 +#define MM_SPINOR_RES_FAIL 0xAABBCCFF + +enum { + FAILSAFE_BOOT_NORMAL =3D 0, + FAILSAFE_BOOT_LAST_KNOWN_SETTINGS, + FAILSAFE_BOOT_DEFAULT_SETTINGS, + FAILSAFE_BOOT_DDR_DOWNGRADE, + FAILSAFE_BOOT_SUCCESSFUL +}; + +/** + Get the FailSafe region information. +**/ +EFI_STATUS +EFIAPI +FailSafeGetRegionInfo ( + UINT64 *Offset, + UINT64 *Size + ); + +/** + Inform to FailSafe monitor that the system boots successfully. +**/ +EFI_STATUS +EFIAPI +FailSafeBootSuccessfully ( + VOID + ); + +/** + Simulate UEFI boot failure due to config wrong NVPARAM for + testing failsafe feature +**/ +EFI_STATUS +EFIAPI +FailSafeTestBootFailure ( + VOID + ); + +#endif /* FAILSAFE_LIB_H_ */ diff --git a/Platform/Ampere/AmperePlatformPkg/Library/FailSafeLib/FailSafe= Lib.c b/Platform/Ampere/AmperePlatformPkg/Library/FailSafeLib/FailSafeLib.c new file mode 100644 index 000000000000..a567ab91375f --- /dev/null +++ b/Platform/Ampere/AmperePlatformPkg/Library/FailSafeLib/FailSafeLib.c @@ -0,0 +1,320 @@ +/** @file + + Copyright (c) 2020 - 2021, Ampere Computing LLC. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define EFI_MM_MAX_PAYLOAD_U64_E 10 +#define EFI_MM_MAX_PAYLOAD_SIZE (EFI_MM_MAX_PAYLOAD_U64_E * sizeof (UINT= 64)) + +EFI_MM_COMMUNICATION_PROTOCOL *mFlashLibMmCommProtocol =3D NULL; + +typedef struct { + /* Allows for disambiguation of the message format */ + EFI_GUID HeaderGuid; + /* + * Describes the size of Data (in bytes) and does not include the size + * of the header + */ + UINTN MsgLength; +} EFI_MM_COMM_HEADER_NOPAYLOAD; + +typedef struct { + UINT64 Data[EFI_MM_MAX_PAYLOAD_U64_E]; +} EFI_MM_COMM_SPINOR_PAYLOAD; + +typedef struct { + EFI_MM_COMM_HEADER_NOPAYLOAD EfiMmHdr; + EFI_MM_COMM_SPINOR_PAYLOAD PayLoad; +} EFI_MM_COMM_REQUEST; + +typedef struct { + UINT64 Status; +} EFI_MM_COMMUNICATE_SPINOR_RES; + +typedef struct { + UINT64 Status; + UINT64 FailSafeBase; + UINT64 FailSafeSize; +} EFI_MM_COMMUNICATE_SPINOR_FAILSAFE_INFO_RES; + +EFI_MM_COMM_REQUEST mEfiMmSpiNorReq; + +#pragma pack(1) +typedef struct { + UINT8 ImgMajorVer; + UINT8 ImgMinorVer; + UINT32 NumRetry1; + UINT32 NumRetry2; + UINT32 MaxRetry; + UINT8 Status; + /* + * Byte[3]: Reserved + * Byte[2]: Slave MCU Failure Mask + * Byte[1]: Reserved + * Byte[0]: Master MCU Failure Mask + */ + UINT32 MCUFailsMask; + UINT16 CRC16; + UINT8 Reserved[3]; +} FAIL_SAFE_CONTEXT; + +#pragma pack() + +STATIC +EFI_STATUS +UefiMmCreateSpiNorReq ( + VOID *Data, + UINT64 Size + ) +{ + CopyGuid (&mEfiMmSpiNorReq.EfiMmHdr.HeaderGuid, &gSpiNorMmGuid); + mEfiMmSpiNorReq.EfiMmHdr.MsgLength =3D Size; + + if (Size !=3D 0) { + ASSERT (Data); + ASSERT (Size <=3D EFI_MM_MAX_PAYLOAD_SIZE); + + CopyMem (mEfiMmSpiNorReq.PayLoad.Data, Data, Size); + } + + return EFI_SUCCESS; +} + +STATIC +INTN +CheckCrc16 ( + UINT8 *Pointer, + INTN Count + ) +{ + INTN Crc =3D 0; + INTN Index; + + while (--Count >=3D 0) { + Crc =3D Crc ^ (INTN)*Pointer++ << 8; + for (Index =3D 0; Index < 8; ++Index) { + if ((Crc & 0x8000) !=3D 0) { + Crc =3D Crc << 1 ^ 0x1021; + } else { + Crc =3D Crc << 1; + } + } + } + + return Crc & 0xFFFF; +} + +BOOLEAN +FailSafeValidCRC ( + FAIL_SAFE_CONTEXT *FailSafeBuf + ) +{ + UINT8 Valid; + UINT16 Crc; + UINT32 Len; + + Len =3D sizeof (FAIL_SAFE_CONTEXT); + Crc =3D FailSafeBuf->CRC16; + FailSafeBuf->CRC16 =3D 0; + + Valid =3D (Crc =3D=3D CheckCrc16 ((UINT8 *)FailSafeBuf, Len)); + FailSafeBuf->CRC16 =3D Crc; + + return Valid; +} + +BOOLEAN +FailSafeFailureStatus ( + UINT8 Status + ) +{ + if ((Status =3D=3D FAILSAFE_BOOT_LAST_KNOWN_SETTINGS) || + (Status =3D=3D FAILSAFE_BOOT_DEFAULT_SETTINGS) || + (Status =3D=3D FAILSAFE_BOOT_DDR_DOWNGRADE)) + { + return TRUE; + } + + return FALSE; +} + +EFI_STATUS +EFIAPI +FailSafeGetRegionInfo ( + UINT64 *Offset, + UINT64 *Size + ) +{ + EFI_MM_COMMUNICATE_SPINOR_FAILSAFE_INFO_RES *MmSpiNorFailSafeInfoRes; + UINT64 MmData[5]; + UINTN DataSize; + EFI_STATUS Status; + + if (mFlashLibMmCommProtocol =3D=3D NULL) { + Status =3D gBS->LocateProtocol ( + &gEfiMmCommunicationProtocolGuid, + NULL, + (VOID **)&mFlashLibMmCommProtocol + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: Can't locate gEfiMmCommunicationProtocolGu= id\n", __FUNCTION__)); + return Status; + } + } + + MmData[0] =3D MM_SPINOR_FUNC_GET_FAILSAFE_INFO; + UefiMmCreateSpiNorReq ((VOID *)&MmData, sizeof (MmData)); + + DataSize =3D sizeof (EFI_MM_COMM_HEADER_NOPAYLOAD) + sizeof (MmData); + Status =3D mFlashLibMmCommProtocol->Communicate ( + mFlashLibMmCommProtocol, + (VOID *)&mEfiMmSpiNorReq, + &DataSize + ); + ASSERT_EFI_ERROR (Status); + + MmSpiNorFailSafeInfoRes =3D (EFI_MM_COMMUNICATE_SPINOR_FAILSAFE_INFO_RES= *)&mEfiMmSpiNorReq.PayLoad; + if (MmSpiNorFailSafeInfoRes->Status !=3D MM_SPINOR_RES_SUCCESS) { + DEBUG (( + DEBUG_ERROR, + "%a: Get flash information failed: 0x%llx\n", + __FUNCTION__, + MmSpiNorFailSafeInfoRes->Status + )); + return EFI_DEVICE_ERROR; + } + + *Offset =3D MmSpiNorFailSafeInfoRes->FailSafeBase; + *Size =3D MmSpiNorFailSafeInfoRes->FailSafeSize; + + return EFI_SUCCESS; +} + +EFI_STATUS +EFIAPI +FailSafeBootSuccessfully ( + VOID + ) +{ + EFI_MM_COMMUNICATE_SPINOR_RES *MmSpiNorRes; + UINT64 MmData[5]; + UINTN Size; + EFI_STATUS Status; + UINT64 FailSafeStartOffset; + UINT64 FailSafeSize; + FAIL_SAFE_CONTEXT FailSafeBuf; + + Status =3D FailSafeGetRegionInfo (&FailSafeStartOffset, &FailSafeSize); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: Failed to get context region information\n",= __FUNCTION__)); + return EFI_DEVICE_ERROR; + } + + MmData[0] =3D MM_SPINOR_FUNC_READ; + MmData[1] =3D FailSafeStartOffset; + MmData[2] =3D (UINT64)sizeof (FAIL_SAFE_CONTEXT); + MmData[3] =3D (UINT64)&FailSafeBuf; + UefiMmCreateSpiNorReq ((VOID *)&MmData, sizeof (MmData)); + + Size =3D sizeof (EFI_MM_COMM_HEADER_NOPAYLOAD) + sizeof (MmData); + Status =3D mFlashLibMmCommProtocol->Communicate ( + mFlashLibMmCommProtocol, + (VOID *)&mEfiMmSpiNorReq, + &Size + ); + ASSERT_EFI_ERROR (Status); + + MmSpiNorRes =3D (EFI_MM_COMMUNICATE_SPINOR_RES *)&mEfiMmSpiNorReq.PayLoa= d; + if (MmSpiNorRes->Status !=3D MM_SPINOR_RES_SUCCESS) { + DEBUG (( + DEBUG_ERROR, + "%a: Read context failed: 0x%llx\n", + __FUNCTION__, + MmSpiNorRes->Status + )); + return EFI_DEVICE_ERROR; + } + + /* + * If failsafe context is invalid, it is already indicate a successful b= oot + * and don't need to be cleared + */ + if (!FailSafeValidCRC (&FailSafeBuf)) { + return EFI_SUCCESS; + } + + /* + * If failsafe context is valid, and: + * - The status indicate non-failure, then don't clear it + * - The status indicate a failure, then go and clear it + */ + if (!FailSafeFailureStatus (FailSafeBuf.Status)) { + return EFI_SUCCESS; + } + + MmData[0] =3D MM_SPINOR_FUNC_ERASE; + MmData[1] =3D FailSafeStartOffset; + MmData[2] =3D FailSafeSize; + UefiMmCreateSpiNorReq ((VOID *)&MmData, sizeof (MmData)); + + Size =3D sizeof (EFI_MM_COMM_HEADER_NOPAYLOAD) + sizeof (MmData); + Status =3D mFlashLibMmCommProtocol->Communicate ( + mFlashLibMmCommProtocol, + (VOID *)&mEfiMmSpiNorReq, + &Size + ); + ASSERT_EFI_ERROR (Status); + + MmSpiNorRes =3D (EFI_MM_COMMUNICATE_SPINOR_RES *)&mEfiMmSpiNorReq.PayLoa= d; + if (MmSpiNorRes->Status !=3D MM_SPINOR_RES_SUCCESS) { + DEBUG (( + DEBUG_ERROR, + "%a: Erase context failed: 0x%llx\n", + __FUNCTION__, + MmSpiNorRes->Status + )); + return EFI_DEVICE_ERROR; + } + + return EFI_SUCCESS; +} + +EFI_STATUS +EFIAPI +FailSafeTestBootFailure ( + VOID + ) +{ + EFI_STATUS Status; + UINT32 Value =3D 0; + + /* + * Simulate UEFI boot failure due to config wrong NVPARAM for + * testing failsafe feature + */ + Status =3D NVParamGet (NV_UEFI_FAILURE_FAILSAFE_OFFSET, NV_PERM_ALL, &Va= lue); + if (!EFI_ERROR (Status) && (Value =3D=3D 1)) { + while (1) { + } + } + + return EFI_SUCCESS; +} --=20 2.17.1