From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 6F896D80685 for ; Sun, 14 Jul 2024 12:22:43 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=a7jAlsksd7D5jzRDfh0lo3/UvRPARlglBA/URwmAhkI=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20240206; t=1720959763; v=1; b=p5wjkRB21ifNQbZ6DR0ybyqi9ld+7/0jI1BZG/Tdp9RPg330Te45wtCp3uztnlj+gKwD/OtH ilJ1B3jubdtL1XTxTnLM2jFcbAxLy7a7sNJbQbZkjWIIgTijd5CxKwKImKqG+PRyseEZfYTAjxB khNk96lTltfgH8FhlpO6NynJF8EYOVYq+PRxvgX3zM/sb7rV6KEhc4wralrFTJ92uxfGmauWi/C ipy5/CtJSv8cUdHrPdXZV6J4ApaiiXI4JU49eh3huS8qqiKMJsixDVqYB5SLmg7Q2c96e4/CGuK jX75BPuRGFHyxE9ILI2+kgvm4p6zCidlMwHG1Bqt9wzmA== X-Received: by 127.0.0.2 with SMTP id DfSmYY7687511x8bcAuPmQHt; Sun, 14 Jul 2024 05:22:41 -0700 X-Received: from m16.mail.163.com (m16.mail.163.com [220.197.31.3]) by mx.groups.io with SMTP id smtpd.web10.15253.1720959760516160982 for ; Sun, 14 Jul 2024 05:22:41 -0700 X-Received: from sh-hanliyang.Hygon.cn (unknown [118.242.3.34]) by gzga-smtp-mta-g3-5 (Coremail) with SMTP id _____wDnTxAHw5Nmo4nwCw--.62321S3; Sun, 14 Jul 2024 20:22:35 +0800 (CST) From: wojiaohanliyang@163.com To: devel@edk2.groups.io Cc: hanliyang Subject: [edk2-devel] [PATCH 1/3] OvmfPkg/PlatformInitLib: Detect FlashNvVarStore before validate it Date: Sun, 14 Jul 2024 20:22:28 +0800 Message-Id: <20240714122230.123680-2-wojiaohanliyang@163.com> In-Reply-To: <20240714122230.123680-1-wojiaohanliyang@163.com> References: <20240714122230.123680-1-wojiaohanliyang@163.com> MIME-Version: 1.0 X-CM-TRANSID: _____wDnTxAHw5Nmo4nwCw--.62321S3 X-Coremail-Antispam: 1Uf129KBjvJXoWxAr4rWr4xGF1fWFW7uF4xtFb_yoWrCw17pr WUJw4fArnrWFW0y3Z7Zas7Gw1rC3yIv3s8GayYqanrGa95Kr1qka1UJr1rAFs3Ar1rt3WD XF4jqws29FZxuaDanT9S1TB71UUUUU7qnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDUYxBIdaVFxhVjvjDU0xZFpf9x0pR4KZLUUUUU= X-Originating-IP: [118.242.3.34] X-CM-SenderInfo: 5zrmxthrkd0zxl1d0wi6rwjhhfrp/xtbBZw0cL2V4IGbzRwAAs2 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Sun, 14 Jul 2024 05:22:41 -0700 Resent-From: wojiaohanliyang@163.com Reply-To: devel@edk2.groups.io,wojiaohanliyang@163.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: oT4PHxgZWfXK5wxFgYhKyxIMx7686176AA= Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=p5wjkRB2; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=163.com (policy=none) From: hanliyang BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4807 The commit 4f173db8b45b ("OvmfPkg/PlatformInitLib: Add functions for EmuVariableNvStore") rename the function from TdxValidateCfv to PlatformValidateNvVarStore. PlatformValidateNvVarStore is placed in the PlatformInitLib and is used in the case that OVMF is launched with -bios parameter and to validate the integrity of FlashNvVarStore. But if we launch a VM without FlashNvVarStore, the PlatformValidateNvVarStore will fail to validate the integrity and will trigger ASSERT (FALSE) in PlatformInitEmuVariableNvStore. In order to prevent calls to PlatformValidateNvVarStore in the case lack of FlashNvVarStore, we should detect FlashNvVarStore before calls to PlatformValidateNvVarStore. If fail to detect FlashNvVarStore, we should return don't initialize the EmuVariableNvStore, otherwise calls to PlatformValidateNvVarStore and initialize the EmuVariableNvStore when succeed to validate the integrity of NvVarStore. Fixes: 4f173db8b45b ("OvmfPkg/PlatformInitLib: Add functions for EmuVariableNvStore") Signed-off-by: hanliyang --- OvmfPkg/Library/PlatformInitLib/Platform.c | 47 +++++++++++++++++++ .../PlatformInitLib/PlatformInitLib.inf | 1 + 2 files changed, 48 insertions(+) diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c b/OvmfPkg/Library/PlatformInitLib/Platform.c index f48bf16ae3..0a720a4c2c 100644 --- a/OvmfPkg/Library/PlatformInitLib/Platform.c +++ b/OvmfPkg/Library/PlatformInitLib/Platform.c @@ -895,6 +895,16 @@ PlatformReserveEmuVariableNvStore ( return VariableStore; } +#define WRITE_BYTE_CMD 0x10 +#define BLOCK_ERASE_CMD 0x20 +#define CLEAR_STATUS_CMD 0x50 +#define READ_STATUS_CMD 0x70 +#define READ_DEVID_CMD 0x90 +#define BLOCK_ERASE_CONFIRM_CMD 0xd0 +#define READ_ARRAY_CMD 0xff + +#define CLEARED_ARRAY_STATUS 0x00 + /** When OVMF is lauched with -bios parameter, UEFI variables will be partially emulated, and non-volatile variables may lose their contents @@ -928,6 +938,43 @@ PlatformInitEmuVariableNvStore ( Size = (UINT32)PcdGet32 (PcdFlashNvStorageVariableSize); ASSERT (Size < EmuVariableNvStoreSize); + // + // If launch a VM without OvmfFlashNvStorage device, then we'll fail + // to check the integrity of NvVarStore and trigger ASSERT (FALSE). + // So, we should detect the OvmfFlashNvStorage before calls to + // PlatformValidateNvVarStore(). If fail to detect OvmfFlashNvStorage, + // we should return and don't initialize the EmuVariableNvStore, + // otherwise calls to PlatformValidateNvVarStore() and initialize the + // EmuVariableNvStore when succeed to check the integrity of + // NvVarStore. + // + // This method to detect the OvmfFlashNvStorage here references + // OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c. + // + volatile UINT8 *Ptr; + + UINTN BlockSize; + UINTN Offset; + UINT8 ProbeUint8; + + BlockSize = PcdGet32 (PcdOvmfFirmwareBlockSize); + + for (Offset = 0; Offset < BlockSize; Offset++) { + Ptr = Base + Offset; + ProbeUint8 = *Ptr; + if ((ProbeUint8 != CLEAR_STATUS_CMD) && + (ProbeUint8 != READ_STATUS_CMD) && + (ProbeUint8 != CLEARED_ARRAY_STATUS)) + { + break; + } + } + + if (Offset >= BlockSize) { + DEBUG ((DEBUG_INFO, "OvmfFlashNvStorage: Failed to find probe location\n")); + return EFI_INVALID_PARAMETER; + } + if (!PlatformValidateNvVarStore (Base, PcdGet32 (PcdCfvRawDataSize))) { ASSERT (FALSE); return EFI_INVALID_PARAMETER; diff --git a/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf b/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf index 21e6efa5e0..b7d5e63dcd 100644 --- a/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf +++ b/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf @@ -104,6 +104,7 @@ gUefiOvmfPkgTokenSpaceGuid.PcdTdxAcceptPageSize gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageVariableBase gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataSize + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFirmwareBlockSize [FeaturePcd] gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119922): https://edk2.groups.io/g/devel/message/119922 Mute This Topic: https://groups.io/mt/107212920/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-