From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-qv1-f51.google.com (mail-qv1-f51.google.com [209.85.219.51]) by mx.groups.io with SMTP id smtpd.web11.12558.1631420593107821804 for ; Sat, 11 Sep 2021 21:23:13 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=cGJZHOwV; spf=pass (domain: gmail.com, ip: 209.85.219.51, mailfrom: benjamin.doron00@gmail.com) Received: by mail-qv1-f51.google.com with SMTP id r18so4013608qvy.8 for ; Sat, 11 Sep 2021 21:23:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=VotlCYZC2R4284k3ri8ruIAW5BqASK9A85VbWm5iZPk=; b=cGJZHOwVxHxXO5mX3HyvPnhdoXKowNf+6is5A9IX+ftfmmsCh0ehiOKda4yu934gDA YSbm+KcVIqYTuY8wKs8QofNf8T5tObQoXo8T/9II7CFIFLpbc1Df2PRFj+vgxBt5dcQ9 wNF6U1MWDOLEGGhvGzTvdr7TnTglSynNzGys3+ltisBg85S+2/XhP9xmnueaf5wjdtYI lkMd4KMKX6f5702G9rXE6XLDQW4uPM5Q47AlAidgoch/efmbDASzGLPpicHimgRVGwx1 Ag3ijEhlwzn/jWj3KfNOjsEAmFgpbc7HURh/NbLBjlZi0f5vcNPJz/lvNk3oJ/KbN/+H iKkQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=VotlCYZC2R4284k3ri8ruIAW5BqASK9A85VbWm5iZPk=; b=QT5Vxlzf39CgcRj/y/YNdi//TlAplhPGwo2givGKeqbIoq05E9JNTUPZzHzIZzHV33 mX7rpi4VT8Mi6Q0GglFQHcBzHeBRGvX5Tnow0I9W4EeAuLJxbx2hasDWeIhPXfa777TW yB9rx4K3gBgu6Po2kTtZGPLT8kjEq8ovfX37EUKSI8b3Dq9fzyKP6ETK/Io+Oihrd7Ke 9NwCG/ApQWnlO8fknnmgqoFD279L1lZb5Runl2k48aEkMqanPD1EsUjK68pNlr4ZKcrF HE1GlJWEQdxDtQz4VMqe++mfKDSVh0HcSr8ZzjPvGbGSTEf+3CbvQ9Bpti2luurpVTGE ukyA== X-Gm-Message-State: AOAM530OLZ7TEVJVWzKWXCSyhyFWCfaKddqVAc/gi/zns8KuXYXZ6+uT kEcj1ozb2OR7COPU0FClFoGbLJC8CVA= X-Google-Smtp-Source: ABdhPJwJ5aNXV4hbsKoYferq9SsiegzF1TMHwkWPow2mgWX//fLE608hxpOX60g0LJeTn+GLZt5C9w== X-Received: by 2002:a0c:ac03:: with SMTP id l3mr4606347qvb.12.1631420591645; Sat, 11 Sep 2021 21:23:11 -0700 (PDT) Return-Path: Received: from benjamind-benjamindomain.. ([2607:f2c0:e98c:24:a84f:66e9:b28b:eae6]) by smtp.gmail.com with ESMTPSA id p187sm2592909qkd.101.2021.09.11.21.23.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 11 Sep 2021 21:23:11 -0700 (PDT) From: "Benjamin Doron" To: devel@edk2.groups.io Cc: Chasel Chiu , Nate DeSimone Subject: [edk2-platforms][PATCH v2 2/3] KabylakeOpenBoardPkg/AspireVn7Dash572G: Use Setup to control security Date: Sun, 12 Sep 2021 00:22:44 -0400 Message-Id: <20210912042245.9512-2-benjamin.doron00@gmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210912042245.9512-1-benjamin.doron00@gmail.com> References: <20210912042245.9512-1-benjamin.doron00@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Add a HII form to Setup for controlling lockdown UPDs. Default to strict security, allowing it to be lifted for the user's convenience. This is not board-specific, and could be ported to other boards. To add more entries to the HII form, modify the VFR, VFR strings, variable structure and consume the variable in the appropriate place. Cc: Chasel Chiu Cc: Nate DeSimone Signed-off-by: Benjamin Doron --- Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/FspWrapper/Library/P= eiSiliconPolicyUpdateLibFsp/PeiBoardPolicyUpdate.c | 51 ++- Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/FspWrapper/Library/P= eiSiliconPolicyUpdateLibFsp/PeiSiliconPolicyUpdateLibFsp.inf | 7 +- Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Include/BoardConfigN= vData.h | 37 ++ Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardInitLib= /BoardConfigVfr.vfr | 68 ++++ Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardInitLib= /BoardConfigVfrStrings.uni | 29 ++ Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardInitLib= /DxeBoardConfigHii.c | 382 ++++++++= ++++++++++++ Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardInitLib= /DxeBoardInitLib.c | 21 +- Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardInitLib= /DxeBoardInitLib.h | 131 +++++++ Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardInitLib= /DxeBoardInitLib.inf | 10 + 9 files changed, 717 insertions(+), 19 deletions(-) diff --git a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/FspWrapp= er/Library/PeiSiliconPolicyUpdateLibFsp/PeiBoardPolicyUpdate.c b/Platform/I= ntel/KabylakeOpenBoardPkg/AspireVn7Dash572G/FspWrapper/Library/PeiSiliconPo= licyUpdateLibFsp/PeiBoardPolicyUpdate.c index 81cd8b940f05..d4d8c26a368d 100644 --- a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/FspWrapper/Libr= ary/PeiSiliconPolicyUpdateLibFsp/PeiBoardPolicyUpdate.c +++ b/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/FspWrapper/Libr= ary/PeiSiliconPolicyUpdateLibFsp/PeiBoardPolicyUpdate.c @@ -6,11 +6,13 @@ =0D **/=0D =0D +#include "PeiSaPolicyUpdate.h"=0D #include "PeiPchPolicyUpdate.h"=0D #include =0D -#include =0D #include =0D -#include =0D +#include =0D +#include =0D +#include =0D =0D /* TODO:=0D * - Validate PCH Sample policies: only SA one used by default.=0D @@ -52,8 +54,6 @@ PeiFspBoardPolicyUpdatePreMem ( DEBUG ((DEBUG_INFO, "%a() Start\n", __FUNCTION__));=0D =0D // BUGBUG: Preserve FSP defaults - PeiSiliconPolicyInitLibFsp ultimately= overrides to 0.=0D - // Drop when https://edk2.groups.io/g/devel/message/79391 is merged=0D - FspmUpd->FspmConfig.PeciC10Reset =3D 1;=0D FspmUpd->FspmConfig.RefClk =3D 1; // Maybe "auto" is safe, but that isn= 't the FSP default=0D =0D // TODO: Why should this be here?=0D @@ -90,18 +90,41 @@ PeiFspBoardPolicyUpdate ( IN OUT FSPS_UPD *FspsUpd=0D )=0D {=0D - INTN Index;=0D + EFI_STATUS Status;=0D + EFI_PEI_READ_ONLY_VARIABLE2_PPI *VariablePpi;=0D + UINTN DataSize;=0D + EFI_GUID BoardConfigFormsetGuid =3D BOARD_CONFIG= _FORMSET_GUID;=0D + BOARD_CONFIGURATION BoardConfig;=0D + INTN Index;=0D =0D DEBUG ((DEBUG_INFO, "%a() Start\n", __FUNCTION__));=0D =0D - // FIXME/NB: This is insecure and not production-ready!=0D - // TODO: Configure SPI lockdown by variable on FrontPage?=0D - // - Later, also configure stronger protection: PRRs=0D - FspsUpd->FspsConfig.PchLockDownBiosLock =3D 0; // Default. Will enable,= not remove=0D - FspsUpd->FspsConfig.PchLockDownSpiEiss =3D 0;=0D - // This may be PWRM+0x18[BIT22], causing HSTI "PCH Security Configuratio= n - Reserved Check failure"=0D - // I think the intel_pmc_core kernel module requires this to populate de= bugfs?=0D - FspsUpd->FspsTestConfig.PchPmPmcReadDisable =3D 0;=0D + // Use variable services directly, to avoid casting reference to pointer= into struct=0D + // from PeiGetVariable()=0D + Status =3D PeiServicesLocatePpi (&gEfiPeiReadOnlyVariable2PpiGuid, 0, NU= LL, (VOID **) &VariablePpi);=0D + ASSERT_EFI_ERROR (Status);=0D +=0D + DataSize =3D sizeof (BoardConfig);=0D + Status =3D VariablePpi->GetVariable (=0D + VariablePpi,=0D + BOARD_CONFIG_NV_NAME,=0D + &BoardConfigFormsetGuid,=0D + NULL,=0D + &DataSize,=0D + &BoardConfig=0D + );=0D + // TODO: Also configure stronger protection: PRRs=0D + if (!EFI_ERROR (Status)) {=0D + DEBUG ((DEBUG_INFO, "BoardConfig: Set FSP UPDs from variable\n"));=0D + FspsUpd->FspsConfig.PchLockDownBiosLock =3D BoardConfig.LockDownBiosLo= ck;=0D + FspsUpd->FspsConfig.PchLockDownSpiEiss =3D BoardConfig.LockDownBiosLoc= k;=0D + FspsUpd->FspsTestConfig.PchPmPmcReadDisable =3D BoardConfig.LockDownPm= cReadDisable;=0D + } else {=0D + DEBUG ((DEBUG_INFO, "BoardConfig: Set FSP UPDs to secure default\n"));= =0D + FspsUpd->FspsConfig.PchLockDownBiosLock =3D 1; // FSP default not sec= ure=0D + FspsUpd->FspsConfig.PchLockDownSpiEiss =3D 1;=0D + FspsUpd->FspsTestConfig.PchPmPmcReadDisable =3D 1;=0D + }=0D =0D // BUGBUG: Preserve FSP defaults - Pei*PolicyLib ultimately overrides=0D // Requires HW support?=0D @@ -114,7 +137,7 @@ PeiFspBoardPolicyUpdate ( FspsUpd->FspsConfig.SerialIoDevMode[0] =3D 2;=0D FspsUpd->FspsConfig.SerialIoDevMode[1] =3D 2;=0D =0D - // Acer IDs (TODO: "Newgate" IDs)=0D + // Acer IDs (TODO: "Newgate" and "RayleighSLS" IDs)=0D FspsUpd->FspsConfig.DefaultSvid =3D 0x1025;=0D FspsUpd->FspsConfig.DefaultSid =3D 0x1037;=0D FspsUpd->FspsConfig.PchSubSystemVendorId =3D 0x1025;=0D diff --git a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/FspWrapp= er/Library/PeiSiliconPolicyUpdateLibFsp/PeiSiliconPolicyUpdateLibFsp.inf b/= Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/FspWrapper/Library/Pe= iSiliconPolicyUpdateLibFsp/PeiSiliconPolicyUpdateLibFsp.inf index e4a657c5f1d0..323fa5d60e4e 100644 --- a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/FspWrapper/Libr= ary/PeiSiliconPolicyUpdateLibFsp/PeiSiliconPolicyUpdateLibFsp.inf +++ b/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/FspWrapper/Libr= ary/PeiSiliconPolicyUpdateLibFsp/PeiSiliconPolicyUpdateLibFsp.inf @@ -77,6 +77,7 @@ MemoryAllocationLib=0D SiPolicyLib=0D PeiLib=0D + PeiServicesLib=0D =0D [Pcd]=0D gSiPkgTokenSpaceGuid.PcdTsegSize ## CONSUME= S=0D @@ -135,10 +136,14 @@ =0D gKabylakeOpenBoardPkgTokenSpaceGuid.PcdGraphicsVbtGuid=0D =0D +[Ppis]=0D + gEfiPeiReadOnlyVariable2PpiGuid ## CONSUMES=0D +=0D [Guids]=0D gFspNonVolatileStorageHobGuid ## CONSUMES=0D gTianoLogoGuid ## CONSUMES=0D gEfiMemoryOverwriteControlDataGuid=0D =0D [Depex]=0D - gEdkiiVTdInfoPpiGuid=0D + gEdkiiVTdInfoPpiGuid AND=0D + gEfiPeiReadOnlyVariable2PpiGuid=0D diff --git a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Include/= BoardConfigNvData.h b/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G= /Include/BoardConfigNvData.h new file mode 100644 index 000000000000..feaa324eaea4 --- /dev/null +++ b/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Include/BoardCo= nfigNvData.h @@ -0,0 +1,37 @@ +/** @file=0D + Header file for NV data structure definition.=0D +=0D +Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2021, Baruch Binyamin Doron=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#ifndef __BOARD_CONFIG_NV_DATA_H__=0D +#define __BOARD_CONFIG_NV_DATA_H__=0D +=0D +#define BOARD_CONFIG_FORMSET_GUID \=0D + { \=0D + 0x6E38A4A7, 0xB6B7, 0x41E0, { 0xA6, 0xF3, 0x41, 0x35, 0x72, 0xDF, 0x88= , 0x2F } \=0D + }=0D +=0D +#define BOARD_CONFIGURATION_VARSTORE_ID 0x0001=0D +#define BOARD_CONFIGURATION_FORM_ID 0x0001=0D +=0D +#define BOARD_LOCK_DOWN_BIOS_LOCK 0x2000=0D +#define BOARD_LOCK_DOWN_PMC_READ_DISABLE 0x2001=0D +=0D +#define QUESTION_SAVE_EXIT 0x2ffe=0D +#define QUESTION_DISCARD_EXIT 0x2fff=0D +=0D +//=0D +// NV data structure=0D +//=0D +typedef struct {=0D + UINT8 LockDownBiosLock;=0D + UINT8 LockDownPmcReadDisable;=0D +} BOARD_CONFIGURATION;=0D +=0D +#define BOARD_CONFIG_NV_NAME L"BoardSetup"=0D +=0D +#endif=0D diff --git a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/= BoardInitLib/BoardConfigVfr.vfr b/Platform/Intel/KabylakeOpenBoardPkg/Aspir= eVn7Dash572G/Library/BoardInitLib/BoardConfigVfr.vfr new file mode 100644 index 000000000000..c5af8d955de8 --- /dev/null +++ b/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardIn= itLib/BoardConfigVfr.vfr @@ -0,0 +1,68 @@ +/** @file=0D + VFR file used by Aspire VN7-572G board configuration component.=0D +=0D +Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2021, Baruch Binyamin Doron=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include =0D +#include =0D +=0D +formset=0D + guid =3D BOARD_CONFIG_FORMSET_GUID,=0D + title =3D STRING_TOKEN(STR_BOARD_TITLE),=0D + help =3D STRING_TOKEN(STR_BOARD_HELP),=0D + classguid =3D EFI_HII_PLATFORM_SETUP_FORMSET_GUID,=0D +=0D + efivarstore BOARD_CONFIGURATION,=0D + varid =3D BOARD_CONFIGURATION_VARSTORE_ID,=0D + attribute =3D 0x03, // VARIABLE_ATTRIBUTE_NV_BS=0D + name =3D BoardSetup,=0D + guid =3D BOARD_CONFIG_FORMSET_GUID;=0D +=0D + form formid =3D BOARD_CONFIGURATION_FORM_ID,=0D + title =3D STRING_TOKEN(STR_BOARD_TITLE);=0D +=0D + subtitle text =3D STRING_TOKEN(STR_NULL);=0D +=0D + checkbox varid =3D BoardSetup.LockDownBiosLock,=0D + questionid =3D BOARD_LOCK_DOWN_BIOS_LOCK,=0D + prompt =3D STRING_TOKEN(STR_BOARD_LOCK_DOWN_BIOS_LOCK),=0D + help =3D STRING_TOKEN(STR_BOARD_LOCK_DOWN_BIOS_LOCK_HEL= P),=0D + flags =3D RESET_REQUIRED,=0D + default =3D 1,=0D + endcheckbox;=0D +=0D + checkbox varid =3D BoardSetup.LockDownPmcReadDisable,=0D + questionid =3D BOARD_LOCK_DOWN_PMC_READ_DISABLE,=0D + prompt =3D STRING_TOKEN(STR_BOARD_LOCK_DOWN_PMC_READ_DISA= BLE),=0D + help =3D STRING_TOKEN(STR_BOARD_LOCK_DOWN_PMC_READ_DISA= BLE_HELP),=0D + flags =3D RESET_REQUIRED,=0D + default =3D 1,=0D + endcheckbox;=0D +=0D +#if 0=0D + resetbutton=0D + defaultstore =3D BoardConfig,=0D + prompt =3D STRING_TOKEN(STR_RESET_DEFAULTS_PROMPT_RESET= ),=0D + help =3D STRING_TOKEN(STR_RESET_DEFAULTS_PROMPT_RESET= _HELP),=0D + endresetbutton;=0D +#endif=0D +=0D + text=0D + help =3D STRING_TOKEN(STR_SAVE_EXIT),=0D + text =3D STRING_TOKEN(STR_SAVE_EXIT),=0D + flags =3D INTERACTIVE,=0D + key =3D QUESTION_SAVE_EXIT;=0D +=0D + text=0D + help =3D STRING_TOKEN(STR_DISCARD_EXIT),=0D + text =3D STRING_TOKEN(STR_DISCARD_EXIT),=0D + flags =3D INTERACTIVE,=0D + key =3D QUESTION_DISCARD_EXIT;=0D +=0D + endform;=0D +=0D +endformset;=0D diff --git a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/= BoardInitLib/BoardConfigVfrStrings.uni b/Platform/Intel/KabylakeOpenBoardPk= g/AspireVn7Dash572G/Library/BoardInitLib/BoardConfigVfrStrings.uni new file mode 100644 index 000000000000..f3c7b66d0217 --- /dev/null +++ b/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardIn= itLib/BoardConfigVfrStrings.uni @@ -0,0 +1,29 @@ +/** @file=0D + String definitions for Aspire VN7-572G board configuration form.=0D +=0D +Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2021, Baruch Binyamin Doron=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#langdef en-US "English"=0D +=0D +#string STR_BOARD_TITLE #language en-US "Board = Configuration"=0D +#string STR_BOARD_HELP #language en-US "Press = to select board Setup options."=0D +=0D +#string STR_BOARD_LOCK_DOWN_BIOS_LOCK #language en-US "BIOS L= ock"=0D +#string STR_BOARD_LOCK_DOWN_BIOS_LOCK_HELP #language en-US "Enable= SPI flash lockdown\n"=0D + "Disable th= is option to flash the BIOS image.\n"=0D + "For securi= ty purposes, this option should be enabled."=0D +#string STR_BOARD_LOCK_DOWN_PMC_READ_DISABLE #language en-US "PMC XR= AM read disable"=0D +#string STR_BOARD_LOCK_DOWN_PMC_READ_DISABLE_HELP #language en-US "Disabl= e PMC XRAM read\n"=0D + "Disable th= is option to permit OS drivers to retrieve data from the PMC.\n"=0D + "This may h= ave security impact."=0D +=0D +#string STR_RESET_DEFAULTS_PROMPT_RESET #language en-US "Reset = to defaults"=0D +#string STR_RESET_DEFAULTS_PROMPT_RESET_HELP #language en-US "This w= ill reset the configuration entries to their default values"=0D +#string STR_SAVE_EXIT #language en-US "Commit= Changes and Exit"=0D +#string STR_DISCARD_EXIT #language en-US "Discar= d Changes and Exit"=0D +=0D +#string STR_NULL #language en-US ""=0D diff --git a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/= BoardInitLib/DxeBoardConfigHii.c b/Platform/Intel/KabylakeOpenBoardPkg/Aspi= reVn7Dash572G/Library/BoardInitLib/DxeBoardConfigHii.c new file mode 100644 index 000000000000..fcd3b0f90b8d --- /dev/null +++ b/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardIn= itLib/DxeBoardConfigHii.c @@ -0,0 +1,382 @@ +/** @file=0D + Installs Aspire VN7-572G board config and handles the HII callbacks.=0D + NOTE: Variable structure is expected to change, so in-place updates are = fragile.=0D + - An updated structure may be larger than a present variable. Will this = over-read,=0D + or will HII validation mitigate this?=0D +=0D + Copyright (c) 2021, Baruch Binyamin Doron=0D + SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "DxeBoardInitLib.h"=0D +#include =0D +#include =0D +#include =0D +#include =0D +#include =0D +#include =0D +=0D +BOARD_CONFIG_CALLBACK_DATA gBoardConfigPrivate =3D {=0D + BOARD_CONFIG_CALLBACK_DATA_SIGNATURE,=0D + NULL,=0D + NULL,=0D + {=0D + BoardConfigExtractConfig,=0D + BoardConfigRouteConfig,=0D + BoardConfigCallback=0D + }=0D +};=0D +=0D +EFI_GUID mBoardConfigFormsetGuid =3D BOARD_CONFIG_FORMSET_GUID;=0D +=0D +HII_VENDOR_DEVICE_PATH mBoardConfigHiiVendorDevicePath =3D {=0D + {=0D + {=0D + HARDWARE_DEVICE_PATH,=0D + HW_VENDOR_DP,=0D + {=0D + (UINT8) (sizeof (VENDOR_DEVICE_PATH)),=0D + (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)=0D + }=0D + },=0D + BOARD_CONFIG_FORMSET_GUID=0D + },=0D + {=0D + END_DEVICE_PATH_TYPE,=0D + END_ENTIRE_DEVICE_PATH_SUBTYPE,=0D + {=0D + (UINT8) (END_DEVICE_PATH_LENGTH),=0D + (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)=0D + }=0D + }=0D +};=0D +=0D +/**=0D + This function allows a caller to extract the current configuration for o= ne=0D + or more named elements from the target driver.=0D +=0D +=0D + @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.=0D + @param Request A null-terminated Unicode string in format.=0D + @param Progress On return, points to a character in the Request s= tring.=0D + Points to the string's null terminator if request= was successful.=0D + Points to the most recent '&' before the first fa= iling name/value=0D + pair (or the beginning of the string if the failu= re is in the=0D + first name/value pair) if the request was not suc= cessful.=0D + @param Results A null-terminated Unicode string in format which=0D + has all values filled in for the names in the Req= uest string.=0D + String to be allocated by the called function.=0D +=0D + @retval EFI_SUCCESS The Results is filled with the requested= values.=0D + @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.= =0D + @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown na= me.=0D + @retval EFI_NOT_FOUND Routing data doesn't match any storage i= n this driver.=0D +=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +BoardConfigExtractConfig (=0D + IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,=0D + IN CONST EFI_STRING Request,=0D + OUT EFI_STRING *Progress,=0D + OUT EFI_STRING *Results=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINTN DataSize;=0D + BOARD_CONFIGURATION BoardConfig;=0D +=0D + if (Progress =3D=3D NULL || Results =3D=3D NULL) {=0D + return EFI_INVALID_PARAMETER;=0D + }=0D +=0D + *Progress =3D Request;=0D + if ((Request !=3D NULL) &&=0D + !HiiIsConfigHdrMatch (Request, &mBoardConfigFormsetGuid, BOARD_CONFIG_= NV_NAME)) {=0D + return EFI_NOT_FOUND;=0D + }=0D +=0D + DEBUG ((DEBUG_INFO, "%a(): Request=3D\"%s\"\n", __FUNCTION__, Request));= =0D +=0D + // Get variable=0D + DataSize =3D sizeof (BoardConfig);=0D + Status =3D gRT->GetVariable (=0D + BOARD_CONFIG_NV_NAME,=0D + &mBoardConfigFormsetGuid,=0D + NULL,=0D + &DataSize,=0D + &BoardConfig=0D + );=0D + if (EFI_ERROR (Status)) {=0D + return Status;=0D + }=0D +=0D + // Use HII helper to convert variable data to config=0D + Status =3D gHiiConfigRouting->BlockToConfig (=0D + gHiiConfigRouting,=0D + Request,=0D + (VOID *) &BoardConfig,=0D + DataSize,=0D + Results,=0D + Progress=0D + );=0D + if (!EFI_ERROR (Status)) {=0D + DEBUG ((DEBUG_INFO, "%a(): Results=3D\"%s\"\n", __FUNCTION__, *Results= ));=0D + } else {=0D + DEBUG ((DEBUG_ERROR, "%a(): Failed to retrieve board config - %r!\n", = Status));=0D + }=0D +=0D + return Status;=0D +}=0D +=0D +/**=0D + This function processes the results of changes in configuration.=0D +=0D +=0D + @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.=0D + @param Configuration A null-terminated Unicode string in = format.=0D + @param Progress A pointer to a string filled in with the offset o= f the most=0D + recent '&' before the first failing name/value pa= ir (or the=0D + beginning of the string if the failure is in the = first=0D + name/value pair) or the terminating NULL if all w= as successful.=0D +=0D + @retval EFI_SUCCESS The Results is processed successfully.=0D + @retval EFI_INVALID_PARAMETER Configuration is NULL.=0D + @retval EFI_NOT_FOUND Routing data doesn't match any storage i= n this driver.=0D +=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +BoardConfigRouteConfig (=0D + IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,=0D + IN CONST EFI_STRING Configuration,=0D + OUT EFI_STRING *Progress=0D + )=0D +{=0D + EFI_STATUS Status;=0D + UINTN DataSize;=0D + BOARD_CONFIGURATION BoardConfig;=0D +=0D + if (Configuration =3D=3D NULL || Progress =3D=3D NULL) {=0D + return EFI_INVALID_PARAMETER;=0D + }=0D +=0D + *Progress =3D Configuration;=0D + if (!HiiIsConfigHdrMatch (Configuration, &mBoardConfigFormsetGuid, BOARD= _CONFIG_NV_NAME)) {=0D + return EFI_NOT_FOUND;=0D + }=0D +=0D + DEBUG ((DEBUG_INFO, "%a(): Configuration=3D\"%s\"\n", __FUNCTION__, Conf= iguration));=0D +=0D + // Get variable=0D + DataSize =3D sizeof (BoardConfig);=0D + Status =3D gRT->GetVariable (=0D + BOARD_CONFIG_NV_NAME,=0D + &mBoardConfigFormsetGuid,=0D + NULL,=0D + &DataSize,=0D + &BoardConfig=0D + );=0D + if (EFI_ERROR (Status)) {=0D + return Status;=0D + }=0D +=0D + // Use HII helper to convert updated config to variable data=0D + Status =3D gHiiConfigRouting->ConfigToBlock (=0D + gHiiConfigRouting,=0D + Configuration,=0D + (VOID *) &BoardConfig,=0D + &DataSize,=0D + Progress=0D + );=0D + if (!EFI_ERROR (Status)) {=0D + DEBUG ((DEBUG_INFO, "%a(): Progress=3D\"%s\"\n", __FUNCTION__, *Progre= ss));=0D + } else {=0D + DEBUG ((DEBUG_ERROR, "%a(): Failed to convert board config - %r!\n", S= tatus));=0D + }=0D +=0D + // Set variable=0D + Status =3D gRT->SetVariable (=0D + BOARD_CONFIG_NV_NAME,=0D + &mBoardConfigFormsetGuid,=0D + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACC= ESS,=0D + DataSize,=0D + &BoardConfig=0D + );=0D +=0D + return Status;=0D +}=0D +=0D +/**=0D + This callback function is registered with the formset. When user selects= a configuration,=0D + this call back function will be triggered.=0D +=0D +=0D + @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.=0D + @param Action Specifies the type of action taken by the browser= .=0D + @param QuestionId A unique value which is sent to the original expo= rting driver=0D + so that it can identify the type of data to expec= t.=0D + @param Type The type of value for the question.=0D + @param Value A pointer to the data being sent to the original = exporting driver.=0D + @param ActionRequest On return, points to the action requested by the = callback function.=0D +=0D + @retval EFI_SUCCESS The callback successfully handled the act= ion.=0D + @retval EFI_INVALID_PARAMETER The setup browser call this function with= invalid parameters.=0D +=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +BoardConfigCallback (=0D + IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,=0D + IN EFI_BROWSER_ACTION Action,=0D + IN EFI_QUESTION_ID QuestionId,=0D + IN UINT8 Type,=0D + IN EFI_IFR_TYPE_VALUE *Value,=0D + OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest=0D + )=0D +{=0D + if ((Value =3D=3D NULL) || (ActionRequest =3D=3D NULL)) {=0D + return EFI_INVALID_PARAMETER;=0D + }=0D +=0D + if (Action !=3D EFI_BROWSER_ACTION_CHANGED) {=0D + return EFI_UNSUPPORTED;=0D + }=0D +=0D + if (QuestionId =3D=3D QUESTION_SAVE_EXIT) {=0D + *ActionRequest =3D EFI_BROWSER_ACTION_REQUEST_FORM_SUBMIT_EXIT;=0D + } else if (QuestionId =3D=3D QUESTION_DISCARD_EXIT) {=0D + *ActionRequest =3D EFI_BROWSER_ACTION_REQUEST_FORM_DISCARD_EXIT;=0D + }=0D +=0D + return EFI_SUCCESS;=0D +}=0D +=0D +/**=0D + This function installs the HII form.=0D +=0D +**/=0D +VOID=0D +EFIAPI=0D +InstallBoardConfigHiiForm (=0D + VOID=0D + )=0D +{=0D + EFI_STATUS Status;=0D + BOARD_CONFIGURATION BoardConfig;=0D + EFI_STRING ConfigRequestHdr;=0D + UINTN DataSize;=0D + BOOLEAN ActionFlag;=0D +=0D + DEBUG ((DEBUG_INFO, "%a() Starts\n", __FUNCTION__));=0D +=0D + //=0D + // Install Device Path and Config Access protocols to driver handle=0D + //=0D + gBoardConfigPrivate.DriverHandle =3D NULL;=0D + Status =3D gBS->InstallMultipleProtocolInterfaces (=0D + &gBoardConfigPrivate.DriverHandle,=0D + &gEfiDevicePathProtocolGuid,=0D + &mBoardConfigHiiVendorDevicePath,=0D + &gEfiHiiConfigAccessProtocolGuid,=0D + &gBoardConfigPrivate.ConfigAccess,=0D + NULL=0D + );=0D + ASSERT_EFI_ERROR (Status);=0D +=0D + //=0D + // Publish our HII data=0D + //=0D + gBoardConfigPrivate.HiiHandle =3D HiiAddPackages (=0D + &mBoardConfigFormsetGuid,=0D + gBoardConfigPrivate.DriverHandle,=0D + BoardConfigVfrBin,=0D + DxeBoardInitLibStrings,=0D + NULL=0D + );=0D + ASSERT (gBoardConfigPrivate.HiiHandle !=3D NULL);=0D +=0D + //=0D + // Initialise VarStore data.=0D + //=0D + ZeroMem (&BoardConfig, sizeof (BoardConfig));=0D + ConfigRequestHdr =3D HiiConstructConfigHdr (=0D + &mBoardConfigFormsetGuid,=0D + BOARD_CONFIG_NV_NAME,=0D + gBoardConfigPrivate.DriverHandle=0D + );=0D + ASSERT (ConfigRequestHdr !=3D NULL);=0D +=0D + // Attempt to retrieve variable=0D + DataSize =3D sizeof (BoardConfig);=0D + Status =3D gRT->GetVariable (=0D + BOARD_CONFIG_NV_NAME,=0D + &mBoardConfigFormsetGuid,=0D + NULL,=0D + &DataSize,=0D + &BoardConfig=0D + );=0D + // HII helper functions will use ExtractConfig() and RouteConfig(),=0D + // where we will set the variable as required=0D + if (!EFI_ERROR (Status)) {=0D + DEBUG ((DEBUG_INFO, "Config variable exists, validate contents\n"));=0D + ActionFlag =3D HiiValidateSettings (ConfigRequestHdr);=0D + if (!ActionFlag) {=0D + DEBUG ((DEBUG_INFO, "Variable is invalid, reset to defaults\n"));=0D + ActionFlag =3D HiiSetToDefaults (ConfigRequestHdr, EFI_HII_DEFAULT_C= LASS_STANDARD);=0D + ASSERT (ActionFlag);=0D + }=0D + } else {=0D + DEBUG ((DEBUG_INFO, "Config variable does not exist, create and set to= defaults\n"));=0D + Status =3D gRT->SetVariable (=0D + BOARD_CONFIG_NV_NAME,=0D + &mBoardConfigFormsetGuid,=0D + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_A= CCESS,=0D + DataSize,=0D + &BoardConfig=0D + );=0D + ASSERT_EFI_ERROR (Status);=0D + ActionFlag =3D HiiSetToDefaults (ConfigRequestHdr, EFI_HII_DEFAULT_CLA= SS_STANDARD);=0D + ASSERT (ActionFlag);=0D + }=0D +=0D + FreePool (ConfigRequestHdr);=0D +=0D + DEBUG ((DEBUG_INFO, "%a() Ends\n", __FUNCTION__));=0D +}=0D +=0D +/**=0D + This function uninstalls the HII form.=0D +=0D +**/=0D +VOID=0D +EFIAPI=0D +UninstallBoardConfigHiiForm (=0D + VOID=0D + )=0D +{=0D + EFI_STATUS Status;=0D +=0D + DEBUG ((DEBUG_INFO, "%a() Starts\n", __FUNCTION__));=0D +=0D + //=0D + // Uninstall Device Path and Config Access protocols=0D + //=0D + Status =3D gBS->UninstallMultipleProtocolInterfaces (=0D + gBoardConfigPrivate.DriverHandle,=0D + &gEfiDevicePathProtocolGuid,=0D + &mBoardConfigHiiVendorDevicePath,=0D + &gEfiHiiConfigAccessProtocolGuid,=0D + &gBoardConfigPrivate.ConfigAccess,=0D + NULL=0D + );=0D + ASSERT_EFI_ERROR (Status);=0D +=0D + //=0D + // Remove our HII data=0D + //=0D + HiiRemovePackages (gBoardConfigPrivate.HiiHandle);=0D +=0D + DEBUG ((DEBUG_INFO, "%a() Ends\n", __FUNCTION__));=0D +}=0D diff --git a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/= BoardInitLib/DxeBoardInitLib.c b/Platform/Intel/KabylakeOpenBoardPkg/Aspire= Vn7Dash572G/Library/BoardInitLib/DxeBoardInitLib.c index eb3ab9acb6bd..8fbae45cced2 100644 --- a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardIn= itLib/DxeBoardInitLib.c +++ b/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardIn= itLib/DxeBoardInitLib.c @@ -6,13 +6,10 @@ =0D **/=0D =0D -#include =0D +#include "DxeBoardInitLib.h"=0D #include =0D #include =0D -#include =0D #include =0D -#include =0D -#include =0D #include =0D =0D EFI_RESET_NOTIFICATION_PROTOCOL *mResetNotify;=0D @@ -130,6 +127,12 @@ EcResetSystemHook ( }=0D }=0D =0D +VOID=0D +EFIAPI=0D +InstallBoardConfigHiiForm (=0D + VOID=0D + );=0D +=0D /**=0D A hook for board-specific initialization after PCI enumeration.=0D =0D @@ -158,6 +161,8 @@ BoardInitAfterPciEnumeration ( DEBUG ((DEBUG_INFO, "EC: Added callback to notify EC of resets\n"));=0D }=0D =0D + InstallBoardConfigHiiForm ();=0D +=0D DEBUG ((DEBUG_INFO, "%a() Ends\n", __FUNCTION__));=0D return EFI_SUCCESS;=0D }=0D @@ -177,6 +182,12 @@ BoardInitReadyToBoot ( return EFI_SUCCESS;=0D }=0D =0D +VOID=0D +EFIAPI=0D +UninstallBoardConfigHiiForm (=0D + VOID=0D + );=0D +=0D /**=0D A hook for board-specific functionality for the ExitBootServices event.= =0D =0D @@ -200,6 +211,8 @@ BoardInitEndOfFirmware ( DEBUG ((DEBUG_INFO, "EC: Removed callback to notify EC of resets\n"));= =0D }=0D =0D + UninstallBoardConfigHiiForm ();=0D +=0D DEBUG ((DEBUG_INFO, "%a() Ends\n", __FUNCTION__));=0D return EFI_SUCCESS;=0D }=0D diff --git a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/= BoardInitLib/DxeBoardInitLib.h b/Platform/Intel/KabylakeOpenBoardPkg/Aspire= Vn7Dash572G/Library/BoardInitLib/DxeBoardInitLib.h new file mode 100644 index 000000000000..17383b71f7d9 --- /dev/null +++ b/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardIn= itLib/DxeBoardInitLib.h @@ -0,0 +1,131 @@ +/** @file=0D + Aspire VN7-572G Board Initialization DXE library=0D +=0D + Copyright (c) 2021, Baruch Binyamin Doron=0D + SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#ifndef _DXE_BOARD_INIT_LIB_H_=0D +#define _DXE_BOARD_INIT_LIB_H_=0D +=0D +#include =0D +#include =0D +#include =0D +#include =0D +#include =0D +=0D +//=0D +// These are the VFR compiler generated data representing our VFR data.=0D +//=0D +extern UINT8 BoardConfigVfrBin[];=0D +=0D +#define BOARD_CONFIG_CALLBACK_DATA_SIGNATURE SIGNATURE_32 ('B', 'C', 'C',= 'B')=0D +=0D +typedef struct {=0D + UINTN Signature;=0D +=0D + //=0D + // HII relative handles=0D + //=0D + EFI_HII_HANDLE HiiHandle;=0D + EFI_HANDLE DriverHandle;=0D +=0D + //=0D + // Produced protocols=0D + //=0D + EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;=0D +} BOARD_CONFIG_CALLBACK_DATA;=0D +=0D +///=0D +/// HII specific Vendor Device Path definition.=0D +///=0D +typedef struct {=0D + VENDOR_DEVICE_PATH VendorDevicePath;=0D + EFI_DEVICE_PATH_PROTOCOL End;=0D +} HII_VENDOR_DEVICE_PATH;=0D +=0D +/**=0D + This function allows a caller to extract the current configuration for o= ne=0D + or more named elements from the target driver.=0D +=0D +=0D + @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.=0D + @param Request A null-terminated Unicode string in format.=0D + @param Progress On return, points to a character in the Request s= tring.=0D + Points to the string's null terminator if request= was successful.=0D + Points to the most recent '&' before the first fa= iling name/value=0D + pair (or the beginning of the string if the failu= re is in the=0D + first name/value pair) if the request was not suc= cessful.=0D + @param Results A null-terminated Unicode string in format which=0D + has all values filled in for the names in the Req= uest string.=0D + String to be allocated by the called function.=0D +=0D + @retval EFI_SUCCESS The Results is filled with the requested= values.=0D + @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.= =0D + @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown na= me.=0D + @retval EFI_NOT_FOUND Routing data doesn't match any storage i= n this driver.=0D +=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +BoardConfigExtractConfig (=0D + IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,=0D + IN CONST EFI_STRING Request,=0D + OUT EFI_STRING *Progress,=0D + OUT EFI_STRING *Results=0D + );=0D +=0D +/**=0D + This function processes the results of changes in configuration.=0D +=0D +=0D + @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.=0D + @param Configuration A null-terminated Unicode string in = format.=0D + @param Progress A pointer to a string filled in with the offset o= f the most=0D + recent '&' before the first failing name/value pa= ir (or the=0D + beginning of the string if the failure is in the = first=0D + name/value pair) or the terminating NULL if all w= as successful.=0D +=0D + @retval EFI_SUCCESS The Results is processed successfully.=0D + @retval EFI_INVALID_PARAMETER Configuration is NULL.=0D + @retval EFI_NOT_FOUND Routing data doesn't match any storage i= n this driver.=0D +=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +BoardConfigRouteConfig (=0D + IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,=0D + IN CONST EFI_STRING Configuration,=0D + OUT EFI_STRING *Progress=0D + );=0D +=0D +/**=0D + This callback function is registered with the formset. When user selects= a configuration,=0D + this call back function will be triggered.=0D +=0D +=0D + @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.=0D + @param Action Specifies the type of action taken by the browser= .=0D + @param QuestionId A unique value which is sent to the original expo= rting driver=0D + so that it can identify the type of data to expec= t.=0D + @param Type The type of value for the question.=0D + @param Value A pointer to the data being sent to the original = exporting driver.=0D + @param ActionRequest On return, points to the action requested by the = callback function.=0D +=0D + @retval EFI_SUCCESS The callback successfully handled the act= ion.=0D + @retval EFI_INVALID_PARAMETER The setup browser call this function with= invalid parameters.=0D +=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +BoardConfigCallback (=0D + IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,=0D + IN EFI_BROWSER_ACTION Action,=0D + IN EFI_QUESTION_ID QuestionId,=0D + IN UINT8 Type,=0D + IN EFI_IFR_TYPE_VALUE *Value,=0D + OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest=0D + );=0D +=0D +#endif // _DXE_BOARD_INIT_LIB_H_=0D diff --git a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/= BoardInitLib/DxeBoardInitLib.inf b/Platform/Intel/KabylakeOpenBoardPkg/Aspi= reVn7Dash572G/Library/BoardInitLib/DxeBoardInitLib.inf index 24747fa7b224..cd74f957ce10 100644 --- a/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardIn= itLib/DxeBoardInitLib.inf +++ b/Platform/Intel/KabylakeOpenBoardPkg/AspireVn7Dash572G/Library/BoardIn= itLib/DxeBoardInitLib.inf @@ -17,17 +17,27 @@ [LibraryClasses]=0D UefiBootServicesTableLib=0D UefiRuntimeServicesTableLib=0D + BaseMemoryLib=0D DebugLib=0D EcLib=0D BoardEcLib=0D + HiiLib=0D + MemoryAllocationLib=0D + UefiHiiServicesLib=0D =0D [Packages]=0D MdePkg/MdePkg.dec=0D + MdeModulePkg/MdeModulePkg.dec=0D MinPlatformPkg/MinPlatformPkg.dec=0D KabylakeOpenBoardPkg/OpenBoardPkg.dec=0D =0D [Sources]=0D DxeBoardInitLib.c=0D + DxeBoardConfigHii.c=0D + BoardConfigVfr.vfr=0D + BoardConfigVfrStrings.uni=0D =0D [Protocols]=0D gEfiResetNotificationProtocolGuid ## CONSUMES=0D + gEfiDevicePathProtocolGuid ## PRODUCES=0D + gEfiHiiConfigAccessProtocolGuid ## PRODUCES=0D --=20 2.31.1