public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: wojiaohanliyang@163.com
To: devel@edk2.groups.io
Cc: erdemaktas@google.com, jejb@linux.ibm.com, jiewen.yao@intel.com,
	min.m.xu@intel.com, thomas.lendacky@amd.com, kraxel@redhat.com,
	hanliyang <wojiaohanliyang@163.com>
Subject: [edk2-devel] [PATCH 1/3] OvmfPkg/PlatformInitLib: Detect FlashNvVarStore before validate it
Date: Sun, 14 Jul 2024 20:24:53 +0800	[thread overview]
Message-ID: <20240714122455.136148-2-wojiaohanliyang@163.com> (raw)
In-Reply-To: <20240714122455.136148-1-wojiaohanliyang@163.com>

From: hanliyang <wojiaohanliyang@163.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4807

The commit 4f173db8b45b ("OvmfPkg/PlatformInitLib: Add functions for
EmuVariableNvStore") rename the function from TdxValidateCfv to
PlatformValidateNvVarStore.

PlatformValidateNvVarStore is placed in the PlatformInitLib and is used
in the case that OVMF is launched with -bios parameter and to validate
the integrity of FlashNvVarStore. But if we launch a VM without
FlashNvVarStore, the PlatformValidateNvVarStore will fail to validate
the integrity and will trigger ASSERT (FALSE) in
PlatformInitEmuVariableNvStore.

In order to prevent calls to PlatformValidateNvVarStore in the case lack
of FlashNvVarStore, we should detect FlashNvVarStore before calls to
PlatformValidateNvVarStore. If fail to detect FlashNvVarStore, we should
return don't initialize the EmuVariableNvStore, otherwise calls to
PlatformValidateNvVarStore and initialize the EmuVariableNvStore when
succeed to validate the integrity of NvVarStore.

Fixes: 4f173db8b45b ("OvmfPkg/PlatformInitLib: Add functions for EmuVariableNvStore")
Signed-off-by: hanliyang <wojiaohanliyang@163.com>
---
 OvmfPkg/Library/PlatformInitLib/Platform.c    | 47 +++++++++++++++++++
 .../PlatformInitLib/PlatformInitLib.inf       |  1 +
 2 files changed, 48 insertions(+)

diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c b/OvmfPkg/Library/PlatformInitLib/Platform.c
index f48bf16ae3..0a720a4c2c 100644
--- a/OvmfPkg/Library/PlatformInitLib/Platform.c
+++ b/OvmfPkg/Library/PlatformInitLib/Platform.c
@@ -895,6 +895,16 @@ PlatformReserveEmuVariableNvStore (
   return VariableStore;
 }
 
+#define WRITE_BYTE_CMD           0x10
+#define BLOCK_ERASE_CMD          0x20
+#define CLEAR_STATUS_CMD         0x50
+#define READ_STATUS_CMD          0x70
+#define READ_DEVID_CMD           0x90
+#define BLOCK_ERASE_CONFIRM_CMD  0xd0
+#define READ_ARRAY_CMD           0xff
+
+#define CLEARED_ARRAY_STATUS  0x00
+
 /**
  When OVMF is lauched with -bios parameter, UEFI variables will be
  partially emulated, and non-volatile variables may lose their contents
@@ -928,6 +938,43 @@ PlatformInitEmuVariableNvStore (
   Size = (UINT32)PcdGet32 (PcdFlashNvStorageVariableSize);
   ASSERT (Size < EmuVariableNvStoreSize);
 
+  //
+  // If launch a VM without OvmfFlashNvStorage device, then we'll fail
+  // to check the integrity of NvVarStore and trigger ASSERT (FALSE).
+  // So, we should detect the OvmfFlashNvStorage before calls to
+  // PlatformValidateNvVarStore(). If fail to detect OvmfFlashNvStorage,
+  // we should return and don't initialize the EmuVariableNvStore,
+  // otherwise calls to PlatformValidateNvVarStore() and initialize the
+  // EmuVariableNvStore when succeed to check the integrity of
+  // NvVarStore.
+  //
+  // This method to detect the OvmfFlashNvStorage here references
+  // OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c.
+  //
+  volatile UINT8  *Ptr;
+
+  UINTN  BlockSize;
+  UINTN  Offset;
+  UINT8  ProbeUint8;
+
+  BlockSize = PcdGet32 (PcdOvmfFirmwareBlockSize);
+
+  for (Offset = 0; Offset < BlockSize; Offset++) {
+    Ptr        = Base + Offset;
+    ProbeUint8 = *Ptr;
+    if ((ProbeUint8 != CLEAR_STATUS_CMD) &&
+        (ProbeUint8 != READ_STATUS_CMD) &&
+        (ProbeUint8 != CLEARED_ARRAY_STATUS))
+    {
+      break;
+    }
+  }
+
+  if (Offset >= BlockSize) {
+    DEBUG ((DEBUG_INFO, "OvmfFlashNvStorage: Failed to find probe location\n"));
+    return EFI_INVALID_PARAMETER;
+  }
+
   if (!PlatformValidateNvVarStore (Base, PcdGet32 (PcdCfvRawDataSize))) {
     ASSERT (FALSE);
     return EFI_INVALID_PARAMETER;
diff --git a/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf b/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf
index 21e6efa5e0..b7d5e63dcd 100644
--- a/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf
+++ b/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf
@@ -104,6 +104,7 @@
   gUefiOvmfPkgTokenSpaceGuid.PcdTdxAcceptPageSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageVariableBase
   gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFirmwareBlockSize
 
 [FeaturePcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119927): https://edk2.groups.io/g/devel/message/119927
Mute This Topic: https://groups.io/mt/107212942/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



  reply	other threads:[~2024-07-14 12:25 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-07-14 12:24 [edk2-devel] [PATCH 0/3] Fix boot failure when use secure boot supported (-D SECURE_BOOT_ENABLE=TRUE) OVMF packages wojiaohanliyang
2024-07-14 12:24 ` wojiaohanliyang [this message]
2024-07-15 14:15   ` [edk2-devel] [PATCH 1/3] OvmfPkg/PlatformInitLib: Detect FlashNvVarStore before validate it Lendacky, Thomas via groups.io
2024-07-15 14:32     ` Lendacky, Thomas via groups.io
2024-07-17  2:30       ` 韩里洋
2024-07-19  0:57         ` Lendacky, Thomas via groups.io
2024-07-19  7:35           ` Gerd Hoffmann
2024-08-01 23:47             ` Andrew Fish via groups.io
2024-07-14 12:24 ` [edk2-devel] [PATCH 2/3] OvmfPkg/PlatformInitLib: Init the EmuVariableNvStore before copy data wojiaohanliyang
2024-07-14 12:24 ` [edk2-devel] [PATCH 3/3] OvmfPkg/PlatformPei: Update mapping of FlashNvVarStore before validate it wojiaohanliyang
  -- strict thread matches above, loose matches on Subject: below --
2024-07-14 12:22 [edk2-devel] [PATCH 0/3] Fix boot failure when use secure boot supported (-D SECURE_BOOT_ENABLE=TRUE) OVMF packages wojiaohanliyang
2024-07-14 12:22 ` [edk2-devel] [PATCH 1/3] OvmfPkg/PlatformInitLib: Detect FlashNvVarStore before validate it wojiaohanliyang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240714122455.136148-2-wojiaohanliyang@163.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox