* [PATCH V4 0/8] Add capsule support for Quark.
@ 2016-10-23 2:31 Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 1/8] QuarkPlatformPkg/dec: Add test key file guid Jiewen Yao
` (7 more replies)
0 siblings, 8 replies; 17+ messages in thread
From: Jiewen Yao @ 2016-10-23 2:31 UTC (permalink / raw)
To: edk2-devel
Cc: Feng Tian, Star Zeng, Michael D Kinney, Liming Gao, Chao Zhang,
Jeff Fan
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 8451 bytes --]
This is series 4 of the whole capsule solution. Version 4.
According to feedback, we split the big patch series to smaller one.
Series 4: Quark update
The code is also in https://github.com/jyao1/edk2
V4 is at Capsule_V4 branch.
V3, V2, V1 are also pushed to coresponding branch.
Below is detail description for each version.
==Below is V4 description==
1) SecurityPkg - Refine AuthenticateFmpImage() API to let caller
input PublicKeyData and PublicKeyDataLength, instead of PCD.
The benefit is that then this API can be used for a platform
which stores PublicKeyData in anywhere other than PCD.
2) SecurityPkg - Use OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData)
for better understanding the code.
3) MdeModulePkg - Update CapsuleApp to let it consume
ShellParameters protocol to get Argc and Argv.
4) UefiCpuPkg - Update MicrocodeCapsuleApp to let it consume
ShellParameters protocol to get Argc and Argv.
5) QuarkPlatformPkg - Merge QuarkCapsule.fdf to Quark.fdf.
==Below is V3 description==
1) We move all EDKII related capsule definition to SignedCapsulePkg.
MdeModulePkg only contains FmAuthenticationLib and CapsuleApp,
because they are generic and follow UEFI specification on FMP/ESRT
and Microsoft platform firmware update document.
Any capsule implementation can use them.
Here is full library classes:
MdeModulePkg:
FmpAuthenticationLib.h: new lib - follow UEFI spec. (*)
Verify FMP signature of FMP Capsule
CapsuleLib.h: new API ¨C ProcessCapsules()
It processes all the capsules. Remove duplicated code in platform BDS.
UefiCpuPkg:
MicrocodeFlashAccessLib.h: Update Microcode region.
SignedCapsulePkg:
EdkiiSystemCapsuleLib.h ¨C Library for EDKII system FMP.
IniParsingLib.h ¨C Library for INI file parsing.
PlatformFlashAccessLib.h ¨C Library for write flash.
2) We will submit 5 series.
Series 1: Generic Update (MdeModulePkg/SecurityPkg)
DxeCapsuleLib
FmAuthenticationLib (*)
CapsuleApp (*)
Series 2: EDKII Capsule (SignedCapsulePkg)
IniParsingLib
EdkiiSystemCapsuleLib
PlatformFlashAccessLib
SystemFirmwareUpdate driver
RecoveryModuleLoadPei driver
Series 3: Microcode Update (UefiCpuPkg)
MicrocodeFlashAccessLib
MicrocodeUpdate driver.
Series 4: Quark update
Series 5: Vlv2 update
3) DxeCapsuleLib: Move code that performs authentication and parsing of
the capsule format into the implementation of the FMP Protocol.
We move the dispatch FV code from CapsuleLib to SystemFirmwareReport.efi.
SystemFirmwareReport.efi supports SetImage() to verify and dispatch the
SystemFirmwareUpdate.efi, then pass thru SetImage() request to
SystemFirmwareUpdate.efi.
Now the DxeCapsuleLib is very clean and it does not have any EDKII
capsule format knowledge.
4) DxeCapsuleLib: Fix issue where a reset may be too soon.
Defer reset to 2nd pass.
5) DxeCapsuleLib: Boot mode check is removed.
Capsule should be populated to system table even boot mode is not BIOS_UPDATE.
5) FmAuthenticationLib: Add zero ImageSize check.
6) FmAuthenticationLib: Remove Authentication Library Registration.
Each FMP Producer needs to carry its own auth algoritms(s).
Now we have FmpAuthenticationLibPkcs7 and FmpAuthenticationLibRsa2048Sha256.
No registration is needed.
7) FmAuthenticationLib: Move MonotonicCount handling after Payload
We confirmed with USWG to process MonotonicCount after PayLoad.
==Below is V2 description==
The V2 series patch incorporated the feedback for V1.
There are 3 major updates.
1) BDS is update to display a warning message if TEST key
is used to sign recovery image or capsule image.
So a production BIOS should always use its own production singing
key for the capsule image generation. A production BIOS should
never use test key.
2) IniParsingLib is enhanced to do more sanity check for invalid
input. The detail data format is added in IniParsingLib.h header
file. If there is any vialation, the OpenInitFile() API will
return failure.
3) The *Bios* keyword is renamed to *SystemFirmware* in any
header file or c file data structure definition.
The rest is minor update, such as add help info, clean
up debug message, coding style.
==Below is V1 description==
This series patch provides sample on how to do signed capsule update
and recovery in EDKII.
This series patch is also checked into git@github.com:jyao1/edk2.git.
The feature includes:
1) Define EDKII signed system BIOS capsule format.
2) Provide EDKII signed system BIOS update sample.
3) Provide EDKII signed recovery sample.
4) Provide Microcode update sample for X86 system.
5) Update Quark to use new capsule/recovery solution.
6) Update Vlv2(MinnowMax) to use new capsule/recovery solution.
The signed capsule/recovery solution is in MdeModulePkg.
The capsule in IntelFrameworkModulePkg is deprecated.
The Microcode update solution is in UefiCpuPkg.
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jeff Fan <jeff.fan@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Jiewen Yao (8):
QuarkPlatformPkg/dec: Add test key file guid.
QuarkPlatformPkg/PlatformFlashAccessLib: Add instance for capsule
update.
QuarkPlatformPkg/SystemFirmwareDescriptor: Add Descriptor for capsule
update.
QuarkPlatformPkg/SystemFirmwareUpdateConfig: Add capsule config file.
QuarkPlatformPkg/PlatformInit: Remove recovery PPI installation.
QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling.
QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support.
QuarkPlatformPkg/Readme: add capsule/recovery related content.
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.c | 206 ++++++++++++
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.inf | 53 +++
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.c | 336 ++++++++++++++++++++
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.h | 186 +++++++++++
QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc | 89 ++++++
QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf | 46 +++
QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei.c | 66 ++++
QuarkPlatformPkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini | 62 ++++
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c | 131 +++++++-
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h | 9 +-
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf | 16 +-
QuarkPlatformPkg/Platform/Pei/PlatformInit/MemoryCallback.c | 3 +-
QuarkPlatformPkg/Quark.dsc | 72 ++++-
QuarkPlatformPkg/Quark.fdf | 141 ++++++++
QuarkPlatformPkg/QuarkMin.dsc | 7 +-
QuarkPlatformPkg/QuarkPlatformPkg.dec | 3 +
QuarkPlatformPkg/Readme.md | 18 ++
17 files changed, 1422 insertions(+), 22 deletions(-)
create mode 100644 QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.c
create mode 100644 QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.inf
create mode 100644 QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.c
create mode 100644 QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.h
create mode 100644 QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc
create mode 100644 QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
create mode 100644 QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei.c
create mode 100644 QuarkPlatformPkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
--
2.7.4.windows.1
^ permalink raw reply [flat|nested] 17+ messages in thread
* [PATCH V4 1/8] QuarkPlatformPkg/dec: Add test key file guid.
2016-10-23 2:31 [PATCH V4 0/8] Add capsule support for Quark Jiewen Yao
@ 2016-10-23 2:31 ` Jiewen Yao
2016-10-27 1:27 ` Kinney, Michael D
2016-10-23 2:31 ` [PATCH V4 2/8] QuarkPlatformPkg/PlatformFlashAccessLib: Add instance for capsule update Jiewen Yao
` (6 subsequent siblings)
7 siblings, 1 reply; 17+ messages in thread
From: Jiewen Yao @ 2016-10-23 2:31 UTC (permalink / raw)
To: edk2-devel
Cc: Michael D Kinney, Kelly Steele, Feng Tian, Star Zeng, Liming Gao,
Chao Zhang
We will add PKCS7 and RSA2048SHA256 test key file to FDF,
to check if the platform is using default test key,
or different production key.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
QuarkPlatformPkg/QuarkPlatformPkg.dec | 3 +++
1 file changed, 3 insertions(+)
diff --git a/QuarkPlatformPkg/QuarkPlatformPkg.dec b/QuarkPlatformPkg/QuarkPlatformPkg.dec
index f4ab18c..fbd7987 100644
--- a/QuarkPlatformPkg/QuarkPlatformPkg.dec
+++ b/QuarkPlatformPkg/QuarkPlatformPkg.dec
@@ -895,6 +895,9 @@
gQuarkPlatformTokenSpaceGuid.PcdFlashFvRecoveryBase|0xFFEC0400|UINT32|0xA00002AB
gQuarkPlatformTokenSpaceGuid.PcdFlashFvRecoverySize|0x0003F000|UINT32|0xA00002AC
+ gQuarkPlatformTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid|{0x04, 0xe1, 0xfe, 0xc4, 0x57, 0x66, 0x36, 0x49, 0xa6, 0x11, 0x13, 0x8d, 0xbc, 0x2a, 0x76, 0xad}|VOID*|0xA0010001
+ gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid|{0xba, 0xf5, 0x93, 0xf0, 0x37, 0x6f, 0x16, 0x48, 0x9e, 0x52, 0x91, 0xbe, 0xa0, 0xf7, 0xe0, 0xb8}|VOID*|0xA0010002
+
[PcdsDynamic, PcdsDynamicEx]
## Provides the ability to enable the Fast Boot feature of the BIOS. This
# enables the system to boot faster but may only enumerate the hardware
--
2.7.4.windows.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PATCH V4 2/8] QuarkPlatformPkg/PlatformFlashAccessLib: Add instance for capsule update.
2016-10-23 2:31 [PATCH V4 0/8] Add capsule support for Quark Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 1/8] QuarkPlatformPkg/dec: Add test key file guid Jiewen Yao
@ 2016-10-23 2:31 ` Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 3/8] QuarkPlatformPkg/SystemFirmwareDescriptor: Add Descriptor " Jiewen Yao
` (5 subsequent siblings)
7 siblings, 0 replies; 17+ messages in thread
From: Jiewen Yao @ 2016-10-23 2:31 UTC (permalink / raw)
To: edk2-devel
Cc: Michael D Kinney, Kelly Steele, Feng Tian, Star Zeng, Liming Gao,
Chao Zhang
Add PlatformFlashAccessLib for capsule update.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.c | 206 ++++++++++++
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.inf | 53 +++
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.c | 336 ++++++++++++++++++++
QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.h | 186 +++++++++++
4 files changed, 781 insertions(+)
diff --git a/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.c b/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.c
new file mode 100644
index 0000000..b38a2b2
--- /dev/null
+++ b/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.c
@@ -0,0 +1,206 @@
+/** @file
+ Platform Flash Access library.
+
+ Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiDxe.h>
+
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/PcdLib.h>
+#include <Library/PlatformFlashAccessLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Protocol/Spi.h>
+
+//
+// SPI default opcode slots
+//
+#define SPI_OPCODE_JEDEC_ID_INDEX 0
+#define SPI_OPCODE_READ_ID_INDEX 1
+#define SPI_OPCODE_WRITE_S_INDEX 2
+#define SPI_OPCODE_WRITE_INDEX 3
+#define SPI_OPCODE_READ_INDEX 4
+#define SPI_OPCODE_ERASE_INDEX 5
+#define SPI_OPCODE_READ_S_INDEX 6
+#define SPI_OPCODE_CHIP_ERASE_INDEX 7
+
+#define SPI_ERASE_SECTOR_SIZE SIZE_4KB //This is the chipset requirement
+
+STATIC EFI_PHYSICAL_ADDRESS mInternalFdAddress;
+EFI_SPI_PROTOCOL *mSpiProtocol;
+
+/**
+ Writes specified number of bytes from the input buffer to the address
+
+ @param WriteAddress The flash address to be written.
+ @param NumBytes The number of bytes.
+ @param Buffer The data buffer to be written.
+
+ @return The status of flash write.
+**/
+EFI_STATUS
+FlashFdWrite (
+ IN UINTN WriteAddress,
+ IN OUT UINTN *NumBytes,
+ IN UINT8 *Buffer
+ )
+{
+ EFI_STATUS Status;
+
+ Status = EFI_SUCCESS;
+
+ Status = mSpiProtocol->Execute (
+ mSpiProtocol,
+ SPI_OPCODE_WRITE_INDEX, // OpcodeIndex
+ 0, // PrefixOpcodeIndex
+ TRUE, // DataCycle
+ TRUE, // Atomic
+ TRUE, // ShiftOut
+ WriteAddress, // Address
+ (UINT32) (*NumBytes), // Data Number
+ Buffer,
+ EnumSpiRegionBios
+ );
+ DEBUG((EFI_D_INFO, "FlashFdWrite - 0x%x - %r\n", (UINTN)WriteAddress, Status));
+
+ AsmWbinvd ();
+
+ return Status;
+}
+
+/**
+ Erase a certain block from address LbaWriteAddress
+
+ @param WriteAddress The flash address to be erased.
+
+ @return The status of flash erase.
+**/
+EFI_STATUS
+FlashFdErase (
+ IN UINTN WriteAddress
+ )
+{
+ EFI_STATUS Status;
+
+ Status = mSpiProtocol->Execute (
+ mSpiProtocol,
+ SPI_OPCODE_ERASE_INDEX, // OpcodeIndex
+ 0, // PrefixOpcodeIndex
+ FALSE, // DataCycle
+ TRUE, // Atomic
+ FALSE, // ShiftOut
+ WriteAddress, // Address
+ 0, // Data Number
+ NULL,
+ EnumSpiRegionBios // SPI_REGION_TYPE
+ );
+ DEBUG((EFI_D_INFO, "FlashFdErase - 0x%x - %r\n", (UINTN)WriteAddress, Status));
+
+ AsmWbinvd ();
+
+ return Status;
+}
+
+/**
+ Perform flash write opreation.
+
+ @param FirmwareType The type of firmware.
+ @param FlashAddress The address of flash device to be accessed.
+ @param FlashAddressType The type of flash device address.
+ @param Buffer The pointer to the data buffer.
+ @param Length The length of data buffer in bytes.
+
+ @retval EFI_SUCCESS The operation returns successfully.
+ @retval EFI_WRITE_PROTECTED The flash device is read only.
+ @retval EFI_UNSUPPORTED The flash device access is unsupported.
+ @retval EFI_INVALID_PARAMETER The input parameter is not valid.
+**/
+EFI_STATUS
+EFIAPI
+PerformFlashWrite(
+ IN PLATFORM_FIRMWARE_TYPE FirmwareType,
+ IN EFI_PHYSICAL_ADDRESS FlashAddress,
+ IN FLASH_ADDRESS_TYPE FlashAddressType,
+ IN VOID *Buffer,
+ IN UINTN Length
+ )
+{
+ EFI_STATUS Status;
+ UINTN SectorNum;
+ UINTN Index;
+ UINTN NumBytes;
+
+ DEBUG((EFI_D_INFO, "PerformFlashWrite - 0x%x(%x) - 0x%x\n", (UINTN)FlashAddress, (UINTN)FlashAddressType, Length));
+ if (FlashAddressType == FlashAddressTypeAbsoluteAddress) {
+ FlashAddress = FlashAddress - mInternalFdAddress;
+ }
+
+ //
+ // Erase & Write
+ //
+ SectorNum = Length / SPI_ERASE_SECTOR_SIZE;
+ for (Index = 0; Index < SectorNum; Index++){
+ if (CompareMem(
+ (UINT8 *)(UINTN)(FlashAddress + mInternalFdAddress) + Index * SPI_ERASE_SECTOR_SIZE,
+ (UINT8 *)Buffer + Index * SPI_ERASE_SECTOR_SIZE,
+ SPI_ERASE_SECTOR_SIZE) == 0) {
+ DEBUG((EFI_D_INFO, "Sector - 0x%x - skip\n", Index));
+ continue;
+ }
+ DEBUG((EFI_D_INFO, "Sector - 0x%x - update...\n", Index));
+
+ Status = FlashFdErase (
+ (UINTN)FlashAddress + Index * SPI_ERASE_SECTOR_SIZE
+ );
+ if (Status != EFI_SUCCESS){
+ break;
+ }
+ NumBytes = SPI_ERASE_SECTOR_SIZE;
+ Status = FlashFdWrite (
+ (UINTN)FlashAddress + Index * SPI_ERASE_SECTOR_SIZE,
+ &NumBytes,
+ (UINT8 *)Buffer + Index * SPI_ERASE_SECTOR_SIZE
+ );
+ if (Status != EFI_SUCCESS){
+ break;
+ }
+ }
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Platform Flash Access Lib Constructor.
+
+ @param ImageHandle The firmware allocated handle for the EFI image.
+ @param SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS Constructor returns successfully.
+**/
+EFI_STATUS
+EFIAPI
+PerformFlashAccessLibConstructor (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ mInternalFdAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)PcdGet32(PcdFlashAreaBaseAddress);
+ DEBUG((EFI_D_INFO, "PcdFlashAreaBaseAddress - 0x%x\n", mInternalFdAddress));
+
+ Status = gBS->LocateProtocol(&gEfiSpiProtocolGuid, NULL, (VOID **)&mSpiProtocol);
+ ASSERT_EFI_ERROR(Status);
+
+ return EFI_SUCCESS;
+}
diff --git a/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.inf b/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.inf
new file mode 100644
index 0000000..508cde6
--- /dev/null
+++ b/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.inf
@@ -0,0 +1,53 @@
+## @file
+# Platform Flash Access library.
+#
+# Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = PlatformFlashAccessLibDxe
+ FILE_GUID = 9168384A-5F66-4CF7-AEB6-845BDEBD3012
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = PlatformFlashAccessLib|DXE_DRIVER DXE_RUNTIME_DRIVER
+ CONSTRUCTOR = PerformFlashAccessLibConstructor
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF EBC
+#
+
+[Sources]
+ PlatformFlashAccessLibDxe.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ SignedCapsulePkg/SignedCapsulePkg.dec
+ QuarkSocPkg/QuarkSocPkg.dec
+ QuarkPlatformPkg/QuarkPlatformPkg.dec
+
+[LibraryClasses]
+ BaseMemoryLib
+ PcdLib
+ DebugLib
+ UefiBootServicesTableLib
+
+[Protocols]
+ gEfiSpiProtocolGuid
+
+[Pcd]
+ gQuarkPlatformTokenSpaceGuid.PcdFlashAreaBaseAddress
+
+[Depex]
+ gEfiSpiProtocolGuid
diff --git a/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.c b/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.c
new file mode 100644
index 0000000..e2827b9
--- /dev/null
+++ b/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.c
@@ -0,0 +1,336 @@
+/** @file
+ SPI flash device description.
+
+ Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+
+**/
+
+#include "SpiFlashDevice.h"
+
+#define FLASH_SIZE (FixedPcdGet32 (PcdFlashAreaSize))
+
+SPI_INIT_TABLE mSpiInitTable[] = {
+ //
+ // Macronix 32Mbit part
+ //
+ {
+ SPI_MX25L3205_ID1,
+ SPI_MX25L3205_ID2,
+ SPI_MX25L3205_ID3,
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle33MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle33MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle33MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle33MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle20MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_BLOCK_ERASE, EnumSpiCycle33MHz, EnumSpiOperationErase_64K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle33MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle33MHz, EnumSpiOperationFullChipErase}
+ },
+ (UINTN)(0x400000 - FLASH_SIZE), // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+ //
+ // Winbond 32Mbit part
+ //
+ {
+ SPI_W25X32_ID1,
+ SF_DEVICE_ID0_W25QXX,
+ SF_DEVICE_ID1_W25Q32,
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle50MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle50MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle50MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle50MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle50MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_ERASE, EnumSpiCycle50MHz, EnumSpiOperationErase_4K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle50MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle50MHz, EnumSpiOperationFullChipErase}
+ },
+ (UINTN)(0x400000 - FLASH_SIZE), // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+ //
+ // Winbond 32Mbit part
+ //
+ {
+ SPI_W25X32_ID1,
+ SPI_W25X32_ID2,
+ SPI_W25X32_ID3,
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle33MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle33MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle33MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle33MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle33MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_ERASE, EnumSpiCycle33MHz, EnumSpiOperationErase_4K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle33MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle33MHz, EnumSpiOperationFullChipErase}
+ },
+ (UINTN)(0x400000 - FLASH_SIZE), // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+ //
+ // Atmel 32Mbit part
+ //
+ {
+ SPI_AT26DF321_ID1,
+ SPI_AT26DF321_ID2, // issue: byte 2 identifies family/density for Atmel
+ SPI_AT26DF321_ID3,
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle33MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle33MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle33MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle33MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle33MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_BLOCK_ERASE, EnumSpiCycle33MHz, EnumSpiOperationErase_64K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle33MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle33MHz, EnumSpiOperationFullChipErase}
+ },
+ (UINTN)(0x400000 - FLASH_SIZE), // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+
+ //
+ // Intel 32Mbit part bottom boot
+ //
+ {
+ SPI_QH25F320_ID1,
+ SPI_QH25F320_ID2,
+ SPI_QH25F320_ID3,
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_ENABLE
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle33MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle33MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle33MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle33MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle33MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_BLOCK_ERASE, EnumSpiCycle33MHz, EnumSpiOperationErase_64K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle33MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle33MHz, EnumSpiOperationFullChipErase}
+ },
+ 0, // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+ //
+ // SST 64Mbit part
+ //
+ {
+ SPI_SST25VF080B_ID1, // VendorId
+ SF_DEVICE_ID0_25VF064C, // DeviceId 0
+ SF_DEVICE_ID1_25VF064C, // DeviceId 1
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle50MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle50MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle50MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle50MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle50MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_ERASE, EnumSpiCycle50MHz, EnumSpiOperationErase_4K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle50MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle50MHz, EnumSpiOperationFullChipErase}
+ },
+ 0x800000 - FLASH_SIZE, // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+ //
+ // NUMONYX 64Mbit part
+ //
+ {
+ SF_VENDOR_ID_NUMONYX, // VendorId
+ SF_DEVICE_ID0_M25PX64, // DeviceId 0
+ SF_DEVICE_ID1_M25PX64, // DeviceId 1
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle50MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle50MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle50MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle50MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle50MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_ERASE, EnumSpiCycle50MHz, EnumSpiOperationErase_4K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle50MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle50MHz, EnumSpiOperationFullChipErase}
+ },
+ 0x800000 - FLASH_SIZE, // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+ //
+ // Atmel 64Mbit part
+ //
+ {
+ SF_VENDOR_ID_ATMEL, // VendorId
+ SF_DEVICE_ID0_AT25DF641, // DeviceId 0
+ SF_DEVICE_ID1_AT25DF641, // DeviceId 1
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle50MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle50MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle50MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle50MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle50MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_ERASE, EnumSpiCycle50MHz, EnumSpiOperationErase_4K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle50MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle50MHz, EnumSpiOperationFullChipErase}
+ },
+ 0x800000 - FLASH_SIZE, // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+
+ //
+ // Spansion 64Mbit part
+ //
+ {
+ SF_VENDOR_ID_SPANSION, // VendorId
+ SF_DEVICE_ID0_S25FL064K, // DeviceId 0
+ SF_DEVICE_ID1_S25FL064K, // DeviceId 1
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle50MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle50MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle50MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle50MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle50MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_ERASE, EnumSpiCycle50MHz, EnumSpiOperationErase_4K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle50MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle50MHz, EnumSpiOperationFullChipErase}
+ },
+ 0x800000 - FLASH_SIZE, // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+
+ //
+ // Macronix 64Mbit part bottom boot
+ //
+ {
+ SF_VENDOR_ID_MX, // VendorId
+ SF_DEVICE_ID0_25L6405D, // DeviceId 0
+ SF_DEVICE_ID1_25L6405D, // DeviceId 1
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle50MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle50MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle50MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle50MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle50MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_BLOCK_ERASE, EnumSpiCycle50MHz, EnumSpiOperationErase_64K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle50MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle50MHz, EnumSpiOperationFullChipErase}
+ },
+ 0x800000 - FLASH_SIZE, // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+ //
+ // Winbond 64Mbit part bottom boot
+ //
+ {
+ SPI_W25X64_ID1,
+ SF_DEVICE_ID0_W25QXX,
+ SF_DEVICE_ID1_W25Q64,
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle50MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle50MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle50MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle50MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle50MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_ERASE, EnumSpiCycle50MHz, EnumSpiOperationErase_4K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle50MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle50MHz, EnumSpiOperationFullChipErase}
+ },
+ 0x800000 - FLASH_SIZE, // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+ //
+ // Winbond 64Mbit part bottom boot
+ //
+ {
+ SPI_W25X64_ID1,
+ SPI_W25X64_ID2,
+ SPI_W25X64_ID3,
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle50MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle50MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle50MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle50MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle50MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_ERASE, EnumSpiCycle50MHz, EnumSpiOperationErase_4K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle50MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle50MHz, EnumSpiOperationFullChipErase}
+ },
+ 0x800000 - FLASH_SIZE, // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ },
+ //
+ // Intel 64Mbit part bottom boot
+ //
+ {
+ SPI_QH25F640_ID1,
+ SPI_QH25F640_ID2,
+ SPI_QH25F640_ID3,
+ {
+ SPI_COMMAND_WRITE_ENABLE,
+ SPI_COMMAND_WRITE_S_EN
+ },
+ {
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_JEDEC_ID, EnumSpiCycle33MHz, EnumSpiOperationJedecId},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ_ID, EnumSpiCycle33MHz, EnumSpiOperationOther},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_WRITE_S, EnumSpiCycle33MHz, EnumSpiOperationWriteStatus},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_WRITE, EnumSpiCycle33MHz, EnumSpiOperationProgramData_1_Byte},
+ {EnumSpiOpcodeRead, SPI_COMMAND_READ, EnumSpiCycle33MHz, EnumSpiOperationReadData},
+ {EnumSpiOpcodeWrite, SPI_COMMAND_BLOCK_ERASE, EnumSpiCycle33MHz, EnumSpiOperationErase_64K_Byte},
+ {EnumSpiOpcodeReadNoAddr, SPI_COMMAND_READ_S, EnumSpiCycle33MHz, EnumSpiOperationReadStatus},
+ {EnumSpiOpcodeWriteNoAddr, SPI_COMMAND_CHIP_ERASE, EnumSpiCycle33MHz, EnumSpiOperationFullChipErase}
+ },
+ 0x800000 - FLASH_SIZE, // BIOS Start Offset
+ FLASH_SIZE // BIOS image size in flash
+ }
+};
diff --git a/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.h b/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.h
new file mode 100644
index 0000000..298ecfa
--- /dev/null
+++ b/QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/SpiFlashDevice.h
@@ -0,0 +1,186 @@
+/** @file
+ SPI flash device header file.
+
+ Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _SPI_FLASH_DEVICE_H_
+#define _SPI_FLASH_DEVICE_H_
+
+#include <PiDxe.h>
+#include <Protocol/Spi.h>
+#include <Protocol/FirmwareVolumeBlock.h>
+
+//
+// Supported SPI Flash Devices
+//
+typedef enum {
+ EnumSpiFlash25L3205D, // Macronix 32Mbit part
+ EnumSpiFlashW25Q32, // Winbond 32Mbit part
+ EnumSpiFlashW25X32, // Winbond 32Mbit part
+ EnumSpiFlashAT25DF321, // Atmel 32Mbit part
+ EnumSpiFlashQH25F320, // Intel 32Mbit part
+ EnumSpiFlash25VF064C, // SST 64Mbit part
+ EnumSpiFlashM25PX64, // NUMONYX 64Mbit part
+ EnumSpiFlashAT25DF641, // Atmel 64Mbit part
+ EnumSpiFlashS25FL064K, // Spansion 64Mbit part
+ EnumSpiFlash25L6405D, // Macronix 64Mbit part
+ EnumSpiFlashW25Q64, // Winbond 64Mbit part
+ EnumSpiFlashW25X64, // Winbond 64Mbit part
+ EnumSpiFlashQH25F640, // Intel 64Mbit part
+ EnumSpiFlashMax
+} SPI_FLASH_TYPES_SUPPORTED;
+
+//
+// Flash Device commands
+//
+// If a supported device uses a command different from the list below, a device specific command
+// will be defined just below it's JEDEC id section.
+//
+#define SPI_COMMAND_WRITE 0x02
+#define SPI_COMMAND_WRITE_AAI 0xAD
+#define SPI_COMMAND_READ 0x03
+#define SPI_COMMAND_ERASE 0x20
+#define SPI_COMMAND_WRITE_DISABLE 0x04
+#define SPI_COMMAND_READ_S 0x05
+#define SPI_COMMAND_WRITE_ENABLE 0x06
+#define SPI_COMMAND_READ_ID 0xAB
+#define SPI_COMMAND_JEDEC_ID 0x9F
+#define SPI_COMMAND_WRITE_S_EN 0x50
+#define SPI_COMMAND_WRITE_S 0x01
+#define SPI_COMMAND_CHIP_ERASE 0xC7
+#define SPI_COMMAND_BLOCK_ERASE 0xD8
+
+//
+// Flash JEDEC device ids
+//
+// SST 8Mbit part
+//
+#define SPI_SST25VF080B_ID1 0xBF
+#define SPI_SST25VF080B_ID2 0x25
+#define SPI_SST25VF080B_ID3 0x8E
+//
+// SST 16Mbit part
+//
+#define SPI_SST25VF016B_ID1 0xBF
+#define SPI_SST25VF016B_ID2 0x25
+#define SPI_SST25V016BF_ID3 0x41
+//
+// Macronix 32Mbit part
+//
+// MX25 part does not support WRITE_AAI comand (0xAD)
+//
+#define SPI_MX25L3205_ID1 0xC2
+#define SPI_MX25L3205_ID2 0x20
+#define SPI_MX25L3205_ID3 0x16
+//
+// Intel 32Mbit part bottom boot
+//
+#define SPI_QH25F320_ID1 0x89
+#define SPI_QH25F320_ID2 0x89
+#define SPI_QH25F320_ID3 0x12 // 32Mbit bottom boot
+//
+// Intel 64Mbit part bottom boot
+//
+#define SPI_QH25F640_ID1 0x89
+#define SPI_QH25F640_ID2 0x89
+#define SPI_QH25F640_ID3 0x13 // 64Mbit bottom boot
+//
+// QH part does not support command 0x20 for erase; only 0xD8 (sector erase)
+// QH part has 0x40 command for erase of parameter block (8 x 8K blocks at bottom of part)
+// 0x40 command ignored if address outside of parameter block range
+//
+#define SPI_QH25F320_COMMAND_PBLOCK_ERASE 0x40
+//
+// Winbond 32Mbit part
+//
+#define SPI_W25X32_ID1 0xEF
+#define SPI_W25X32_ID2 0x30 // Memory Type
+#define SPI_W25X32_ID3 0x16 // Capacity
+#define SF_DEVICE_ID1_W25Q32 0x16
+
+//
+// Winbond 64Mbit part
+//
+#define SPI_W25X64_ID1 0xEF
+#define SPI_W25X64_ID2 0x30 // Memory Type
+#define SPI_W25X64_ID3 0x17 // Capacity
+#define SF_DEVICE_ID0_W25QXX 0x40
+#define SF_DEVICE_ID1_W25Q64 0x17
+//
+// Winbond 128Mbit part
+//
+#define SF_DEVICE_ID0_W25Q128 0x40
+#define SF_DEVICE_ID1_W25Q128 0x18
+
+//
+// Atmel 32Mbit part
+//
+#define SPI_AT26DF321_ID1 0x1F
+#define SPI_AT26DF321_ID2 0x47 // [7:5]=Family, [4:0]=Density
+#define SPI_AT26DF321_ID3 0x00
+
+#define SF_VENDOR_ID_ATMEL 0x1F
+#define SF_DEVICE_ID0_AT25DF641 0x48
+#define SF_DEVICE_ID1_AT25DF641 0x00
+
+//
+// SST 8Mbit part
+//
+#define SPI_SST25VF080B_ID1 0xBF
+#define SPI_SST25VF080B_ID2 0x25
+#define SPI_SST25VF080B_ID3 0x8E
+#define SF_DEVICE_ID0_25VF064C 0x25
+#define SF_DEVICE_ID1_25VF064C 0x4B
+
+//
+// SST 16Mbit part
+//
+#define SPI_SST25VF016B_ID1 0xBF
+#define SPI_SST25VF016B_ID2 0x25
+#define SPI_SST25V016BF_ID3 0x41
+
+//
+// Winbond 32Mbit part
+//
+#define SPI_W25X32_ID1 0xEF
+#define SPI_W25X32_ID2 0x30 // Memory Type
+#define SPI_W25X32_ID3 0x16 // Capacity
+
+#define SF_VENDOR_ID_MX 0xC2
+#define SF_DEVICE_ID0_25L6405D 0x20
+#define SF_DEVICE_ID1_25L6405D 0x17
+
+#define SF_VENDOR_ID_NUMONYX 0x20
+#define SF_DEVICE_ID0_M25PX64 0x71
+#define SF_DEVICE_ID1_M25PX64 0x17
+
+//
+// Spansion 64Mbit part
+//
+#define SF_VENDOR_ID_SPANSION 0xEF
+#define SF_DEVICE_ID0_S25FL064K 0x40
+#define SF_DEVICE_ID1_S25FL064K 0x00
+
+//
+// index for prefix opcodes
+//
+#define SPI_WREN_INDEX 0 // Prefix Opcode 0: SPI_COMMAND_WRITE_ENABLE
+#define SPI_EWSR_INDEX 1 // Prefix Opcode 1: SPI_COMMAND_WRITE_S_EN
+#define BIOS_CTRL 0xDC
+
+#define PFAB_CARD_DEVICE_ID 0x5150
+#define PFAB_CARD_VENDOR_ID 0x8086
+#define PFAB_CARD_SETUP_REGISTER 0x40
+#define PFAB_CARD_SETUP_BYTE 0x0d
+
+
+#endif
--
2.7.4.windows.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PATCH V4 3/8] QuarkPlatformPkg/SystemFirmwareDescriptor: Add Descriptor for capsule update.
2016-10-23 2:31 [PATCH V4 0/8] Add capsule support for Quark Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 1/8] QuarkPlatformPkg/dec: Add test key file guid Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 2/8] QuarkPlatformPkg/PlatformFlashAccessLib: Add instance for capsule update Jiewen Yao
@ 2016-10-23 2:31 ` Jiewen Yao
2016-10-27 0:30 ` Kinney, Michael D
2016-10-23 2:31 ` [PATCH V4 4/8] QuarkPlatformPkg/SystemFirmwareUpdateConfig: Add capsule config file Jiewen Yao
` (4 subsequent siblings)
7 siblings, 1 reply; 17+ messages in thread
From: Jiewen Yao @ 2016-10-23 2:31 UTC (permalink / raw)
To: edk2-devel
Cc: Michael D Kinney, Kelly Steele, Feng Tian, Star Zeng, Liming Gao,
Chao Zhang
Add SystemFirmwareDescriptor for capsule update.
The PEIM extracts SystemFirmwareDescriptor info from FFS and reports it via PCD.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc | 89 ++++++++++++++++++++
QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf | 46 ++++++++++
QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei.c | 66 +++++++++++++++
3 files changed, 201 insertions(+)
diff --git a/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc
new file mode 100644
index 0000000..693a632
--- /dev/null
+++ b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc
@@ -0,0 +1,89 @@
+/** @file
+ System Firmware descriptor.
+
+ Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiPei.h>
+#include <Protocol/FirmwareManagement.h>
+#include <Guid/EdkiiSystemFmpCapsule.h>
+
+#define PACKAGE_VERSION 0xFFFFFFFF
+#define PACKAGE_VERSION_STRING L"Unknown"
+
+#define CURRENT_FIRMWARE_VERSION 0x00000002
+#define CURRENT_FIRMWARE_VERSION_STRING L"0x00000002"
+#define LOWEST_SUPPORTED_FIRMWARE_VERSION 0x00000001
+
+#define IMAGE_ID SIGNATURE_64('Q', 'U', 'A', 'R', 'K', '_', 'F', 'd')
+#define IMAGE_ID_STRING L"QuarkPlatformFd"
+
+// PcdSystemFmpCapsuleImageTypeIdGuid
+#define IMAGE_TYPE_ID_GUID { 0x62af20c0, 0x7016, 0x424a, { 0x9b, 0xf8, 0x9c, 0xcc, 0x86, 0x58, 0x40, 0x90 } }
+
+typedef struct {
+ EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR Descriptor;
+ // real string data
+ CHAR16 ImageIdNameStr[16];
+ CHAR16 VersionNameStr[16];
+ CHAR16 PackageVersionNameStr[16];
+} IMAGE_DESCRIPTOR;
+
+IMAGE_DESCRIPTOR mImageDescriptor =
+{
+ {
+ EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR_SIGNATURE,
+ sizeof(EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR),
+ sizeof(IMAGE_DESCRIPTOR),
+ PACKAGE_VERSION, // PackageVersion
+ OFFSET_OF (IMAGE_DESCRIPTOR, PackageVersionNameStr), // PackageVersionName
+ 1, // ImageIndex;
+ {0x0}, // Reserved
+ IMAGE_TYPE_ID_GUID, // ImageTypeId;
+ IMAGE_ID, // ImageId;
+ OFFSET_OF (IMAGE_DESCRIPTOR, ImageIdNameStr), // ImageIdName;
+ CURRENT_FIRMWARE_VERSION, // Version;
+ OFFSET_OF (IMAGE_DESCRIPTOR, VersionNameStr), // VersionName;
+ {0x0}, // Reserved2
+ FixedPcdGet32(PcdFlashAreaSize), // Size;
+ IMAGE_ATTRIBUTE_IMAGE_UPDATABLE |
+ IMAGE_ATTRIBUTE_RESET_REQUIRED |
+ IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED |
+ IMAGE_ATTRIBUTE_IN_USE, // AttributesSupported;
+ IMAGE_ATTRIBUTE_IMAGE_UPDATABLE |
+ IMAGE_ATTRIBUTE_RESET_REQUIRED |
+ IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED |
+ IMAGE_ATTRIBUTE_IN_USE, // AttributesSetting;
+ 0x0, // Compatibilities;
+ LOWEST_SUPPORTED_FIRMWARE_VERSION, // LowestSupportedImageVersion;
+ 0x00000000, // LastAttemptVersion;
+ 0, // LastAttemptStatus;
+ {0x0}, // Reserved3
+ 0, // HardwareInstance;
+ },
+ // real string data
+ {IMAGE_ID_STRING},
+ {CURRENT_FIRMWARE_VERSION_STRING},
+ {PACKAGE_VERSION_STRING},
+};
+
+
+VOID*
+ReferenceAcpiTable (
+ VOID
+ )
+{
+ //
+ // Reference the table being generated to prevent the optimizer from
+ // removing the data structure from the executable
+ //
+ return (VOID*)&mImageDescriptor;
+}
diff --git a/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
new file mode 100644
index 0000000..3134a58
--- /dev/null
+++ b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
@@ -0,0 +1,46 @@
+## @file
+# System Firmware descriptor.
+#
+# Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = SystemFirmwareDescriptor
+ FILE_GUID = 90B2B846-CA6D-4D6E-A8D3-C140A8E110AC
+ MODULE_TYPE = PEIM
+ VERSION_STRING = 1.0
+ ENTRY_POINT = SystemFirmwareDescriptorPeimEntry
+
+[Sources]
+ SystemFirmwareDescriptorPei.c
+ SystemFirmwareDescriptor.aslc
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ SignedCapsulePkg/SignedCapsulePkg.dec
+ QuarkPlatformPkg/QuarkPlatformPkg.dec
+
+[LibraryClasses]
+ PcdLib
+ PeiServicesLib
+ DebugLib
+ PeimEntryPoint
+
+[FixedPcd]
+ gQuarkPlatformTokenSpaceGuid.PcdFlashAreaSize
+
+[Pcd]
+ gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor
+
+[Depex]
+ TRUE
diff --git a/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei.c b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei.c
new file mode 100644
index 0000000..e6474e3
--- /dev/null
+++ b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei.c
@@ -0,0 +1,66 @@
+/** @file
+ System Firmware descriptor producer.
+
+ Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiPei.h>
+#include <Library/PcdLib.h>
+#include <Library/PeiServicesLib.h>
+#include <Library/DebugLib.h>
+#include <Protocol/FirmwareManagement.h>
+#include <Guid/EdkiiSystemFmpCapsule.h>
+
+/**
+ Entrypoint for SystemFirmwareDescriptor PEIM.
+
+ @param FileHandle Handle of the file being invoked.
+ @param PeiServices Describes the list of possible PEI Services.
+
+ @retval EFI_SUCCESS PPI successfully installed.
+**/
+EFI_STATUS
+EFIAPI
+SystemFirmwareDescriptorPeimEntry(
+ IN EFI_PEI_FILE_HANDLE FileHandle,
+ IN CONST EFI_PEI_SERVICES **PeiServices
+ )
+{
+ EFI_STATUS Status;
+ EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR *Descriptor;
+ UINTN Size;
+ UINTN Index;
+ UINT32 AuthenticationStatus;
+
+ //
+ // Search RAW section.
+ //
+ Index = 0;
+ while (TRUE) {
+ Status = PeiServicesFfsFindSectionData3(EFI_SECTION_RAW, Index, FileHandle, (VOID **)&Descriptor, &AuthenticationStatus);
+ if (EFI_ERROR(Status)) {
+ // Should not happen, must something wrong in FDF.
+ ASSERT(FALSE);
+ return EFI_NOT_FOUND;
+ }
+ if (Descriptor->Signature == EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR_SIGNATURE) {
+ break;
+ }
+ Index++;
+ }
+
+ DEBUG((EFI_D_INFO, "EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR size - 0x%x\n", Descriptor->Length));
+
+ Size = Descriptor->Length;
+ PcdSetPtrS (PcdEdkiiSystemFirmwareImageDescriptor, &Size, Descriptor);
+
+ return EFI_SUCCESS;
+}
--
2.7.4.windows.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PATCH V4 4/8] QuarkPlatformPkg/SystemFirmwareUpdateConfig: Add capsule config file.
2016-10-23 2:31 [PATCH V4 0/8] Add capsule support for Quark Jiewen Yao
` (2 preceding siblings ...)
2016-10-23 2:31 ` [PATCH V4 3/8] QuarkPlatformPkg/SystemFirmwareDescriptor: Add Descriptor " Jiewen Yao
@ 2016-10-23 2:31 ` Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 5/8] QuarkPlatformPkg/PlatformInit: Remove recovery PPI installation Jiewen Yao
` (3 subsequent siblings)
7 siblings, 0 replies; 17+ messages in thread
From: Jiewen Yao @ 2016-10-23 2:31 UTC (permalink / raw)
To: edk2-devel
Cc: Michael D Kinney, Kelly Steele, Feng Tian, Star Zeng, Liming Gao,
Chao Zhang
Add SystemFirmwareUpdateConfig as capsule configuration file.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
QuarkPlatformPkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini | 62 ++++++++++++++++++++
1 file changed, 62 insertions(+)
diff --git a/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
new file mode 100644
index 0000000..9f9f71d
--- /dev/null
+++ b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
@@ -0,0 +1,62 @@
+## @file
+#
+# Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Head]
+NumOfUpdate = 4
+NumOfRecovery = 1
+Update0 = QuarkFvMain
+Update1 = QuarkFvBinary
+Update2 = QuarkFvRecovery
+Update3 = QuarkFvNvRam
+Recovery0 = QuarkFvMain
+
+[QuarkFvPayload]
+FirmwareType = 0 # SystemFirmware
+AddressType = 0 # 0 - relative address, 1 - absolute address.
+BaseAddress = 0x00400000 # Base address offset on flash
+Length = 0x00100000 # Length
+ImageOffset = 0x00400000 # Image offset of this SystemFirmware image
+FileGuid = AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215 # PcdEdkiiSystemFirmwareFileGuid
+
+[QuarkFvMain]
+FirmwareType = 0 # SystemFirmware
+AddressType = 0 # 0 - relative address, 1 - absolute address.
+BaseAddress = 0x00500000 # Base address offset on flash
+Length = 0x001E0000 # Length
+ImageOffset = 0x00500000 # Image offset of this SystemFirmware image
+FileGuid = AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215 # PcdEdkiiSystemFirmwareFileGuid
+
+[QuarkFvNvRam]
+FirmwareType = 1 # NvRam
+AddressType = 0 # 0 - relative address, 1 - absolute address.
+BaseAddress = 0x006E0000 # Base address offset on flash
+Length = 0x00020000 # Length
+ImageOffset = 0x006E0000 # Image offset of this SystemFirmware image
+FileGuid = AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215 # PcdEdkiiSystemFirmwareFileGuid
+
+[QuarkFvBinary]
+FirmwareType = 0 # SystemFirmware
+AddressType = 0 # 0 - relative address, 1 - absolute address.
+BaseAddress = 0x00700000 # Base address offset on flash
+Length = 0x00010000 # Length
+ImageOffset = 0x00700000 # Image offset of this SystemFirmware image
+FileGuid = AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215 # PcdEdkiiSystemFirmwareFileGuid
+
+[QuarkFvRecovery]
+FirmwareType = 0 # SystemFirmware
+AddressType = 0 # 0 - relative address, 1 - absolute address.
+BaseAddress = 0x00710000 # Base address offset on flash
+Length = 0x000F0000 # Length
+ImageOffset = 0x00710000 # Image offset of this SystemFirmware image
+FileGuid = AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215 # PcdEdkiiSystemFirmwareFileGuid
+
--
2.7.4.windows.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PATCH V4 5/8] QuarkPlatformPkg/PlatformInit: Remove recovery PPI installation.
2016-10-23 2:31 [PATCH V4 0/8] Add capsule support for Quark Jiewen Yao
` (3 preceding siblings ...)
2016-10-23 2:31 ` [PATCH V4 4/8] QuarkPlatformPkg/SystemFirmwareUpdateConfig: Add capsule config file Jiewen Yao
@ 2016-10-23 2:31 ` Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling Jiewen Yao
` (2 subsequent siblings)
7 siblings, 0 replies; 17+ messages in thread
From: Jiewen Yao @ 2016-10-23 2:31 UTC (permalink / raw)
To: edk2-devel
Cc: Michael D Kinney, Kelly Steele, Feng Tian, Star Zeng, Liming Gao,
Chao Zhang
The QuarkPlatform will use MdeModulePkg/RecoveryModuleLoadPei for recovery.
There is no need to produce recovery PPI in platform module.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
QuarkPlatformPkg/Platform/Pei/PlatformInit/MemoryCallback.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/QuarkPlatformPkg/Platform/Pei/PlatformInit/MemoryCallback.c b/QuarkPlatformPkg/Platform/Pei/PlatformInit/MemoryCallback.c
index d5fb941..f9b769d 100644
--- a/QuarkPlatformPkg/Platform/Pei/PlatformInit/MemoryCallback.c
+++ b/QuarkPlatformPkg/Platform/Pei/PlatformInit/MemoryCallback.c
@@ -222,8 +222,7 @@ MemoryDiscoveredPpiNotifyCallback (
QNCPortWrite (QUARK_NC_HOST_BRIDGE_SB_PORT_ID, QNC_MSG_FSBIC_REG_HMISC, RegData32);
if (BootMode == BOOT_IN_RECOVERY_MODE) {
- Status = PeimInitializeRecovery (PeiServices);
- ASSERT_EFI_ERROR (Status);
+ // Do nothing here. A generic RecoveryModule will handle it.
} else if (BootMode == BOOT_ON_S3_RESUME) {
return EFI_SUCCESS;
} else {
--
2.7.4.windows.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling.
2016-10-23 2:31 [PATCH V4 0/8] Add capsule support for Quark Jiewen Yao
` (4 preceding siblings ...)
2016-10-23 2:31 ` [PATCH V4 5/8] QuarkPlatformPkg/PlatformInit: Remove recovery PPI installation Jiewen Yao
@ 2016-10-23 2:31 ` Jiewen Yao
2016-10-26 23:36 ` Kinney, Michael D
2016-10-23 2:31 ` [PATCH V4 7/8] QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 8/8] QuarkPlatformPkg/Readme: add capsule/recovery related content Jiewen Yao
7 siblings, 1 reply; 17+ messages in thread
From: Jiewen Yao @ 2016-10-23 2:31 UTC (permalink / raw)
To: edk2-devel
Cc: Michael D Kinney, Kelly Steele, Feng Tian, Star Zeng, Liming Gao,
Chao Zhang
1) Add capsule and recovery boot path handling in platform BDS.
2) Add check if the platform is using default test key for recovery or update.
Produce PcdTestKeyUsed to indicate if there is any
test key used in current BIOS, such as recovery key,
or capsule update key.
Then the generic UI may consume this PCD to show warning information.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c | 131 +++++++++++++++++++-
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h | 9 +-
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf | 16 ++-
3 files changed, 151 insertions(+), 5 deletions(-)
diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
index 19ff3d0..f327c89 100644
--- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
+++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
@@ -2,7 +2,7 @@
This file include all platform action which can be customized
by IBV/OEM.
-Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -205,6 +205,8 @@ PlatformBootManagerBeforeConsole (
EFI_INPUT_KEY Enter;
EFI_INPUT_KEY F2;
EFI_BOOT_MANAGER_LOAD_OPTION BootOption;
+ ESRT_MANAGEMENT_PROTOCOL *EsrtManagement;
+ EFI_BOOT_MODE BootMode;
EFI_ACPI_S3_SAVE_PROTOCOL *AcpiS3Save;
EFI_HANDLE Handle;
EFI_EVENT EndOfDxeEvent;
@@ -246,6 +248,40 @@ PlatformBootManagerBeforeConsole (
//
PlatformRegisterFvBootOption (&mUefiShellFileGuid, L"UEFI Shell", LOAD_OPTION_ACTIVE);
+ Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID **)&EsrtManagement);
+ if (EFI_ERROR(Status)) {
+ EsrtManagement = NULL;
+ }
+
+ BootMode = GetBootModeHob();
+ switch (BootMode) {
+ case BOOT_ON_FLASH_UPDATE:
+ DEBUG((EFI_D_INFO, "ProcessCapsules Before EndOfDxe ......\n"));
+ Status = ProcessCapsules ();
+ DEBUG((EFI_D_INFO, "ProcessCapsules %r\n", Status));
+ break;
+ case BOOT_IN_RECOVERY_MODE:
+ break;
+ case BOOT_ASSUMING_NO_CONFIGURATION_CHANGES:
+ case BOOT_WITH_MINIMAL_CONFIGURATION:
+ case BOOT_ON_S4_RESUME:
+ if (EsrtManagement != NULL) {
+ //
+ // Lock ESRT cache repository before EndofDxe if ESRT sync is not needed
+ //
+ EsrtManagement->LockEsrtRepository();
+ }
+ break;
+ default:
+ //
+ // Require to sync ESRT from FMP in a new boot
+ //
+ if (EsrtManagement != NULL) {
+ EsrtManagement->SyncEsrtFmp();
+ }
+ break;
+ }
+
//
// Prepare for S3
//
@@ -303,7 +339,64 @@ PlatformBootManagerAfterConsole (
VOID
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
+ EFI_BOOT_MODE BootMode;
+ ESRT_MANAGEMENT_PROTOCOL *EsrtManagement;
+ VOID *Buffer;
+ UINTN Size;
+
+ Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID **)&EsrtManagement);
+ if (EFI_ERROR(Status)) {
+ EsrtManagement = NULL;
+ }
+
+ BootMode = GetBootModeHob();
+ switch (BootMode) {
+ case BOOT_ON_FLASH_UPDATE:
+ DEBUG((EFI_D_INFO, "Capsule Mode detected\n"));
+ if (FeaturePcdGet(PcdSupportUpdateCapsuleReset)) {
+ EfiBootManagerConnectAll ();
+ EfiBootManagerRefreshAllBootOption ();
+
+ //
+ // Always sync ESRT Cache from FMP Instances after connect all and before capsule process
+ //
+ if (EsrtManagement != NULL) {
+ EsrtManagement->SyncEsrtFmp();
+ }
+
+ DEBUG((EFI_D_INFO, "ProcessCapsules After ConnectAll ......\n"));
+ Status = ProcessCapsules();
+ DEBUG((EFI_D_INFO, "ProcessCapsules %r\n", Status));
+ }
+ break;
+
+ case BOOT_IN_RECOVERY_MODE:
+ DEBUG((EFI_D_INFO, "Recovery Mode detected\n"));
+ // Passthrough
+
+ case BOOT_ASSUMING_NO_CONFIGURATION_CHANGES:
+ case BOOT_WITH_MINIMAL_CONFIGURATION:
+ case BOOT_WITH_FULL_CONFIGURATION:
+ case BOOT_WITH_FULL_CONFIGURATION_PLUS_DIAGNOSTICS:
+ case BOOT_WITH_DEFAULT_SETTINGS:
+ default:
+ EfiBootManagerConnectAll ();
+ EfiBootManagerRefreshAllBootOption ();
+
+ //
+ // Sync ESRT Cache from FMP Instance on demand after Connect All
+ //
+ if ((BootMode != BOOT_ASSUMING_NO_CONFIGURATION_CHANGES) &&
+ (BootMode != BOOT_WITH_MINIMAL_CONFIGURATION) &&
+ (BootMode != BOOT_ON_S4_RESUME)) {
+ if (EsrtManagement != NULL) {
+ EsrtManagement->SyncEsrtFmp();
+ }
+ }
+
+ break;
+ }
Print (
L"\n"
@@ -313,6 +406,40 @@ PlatformBootManagerAfterConsole (
);
//
+ // Check if the platform is using test key.
+ //
+ Status = GetSectionFromAnyFv(
+ PcdGetPtr(PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid),
+ EFI_SECTION_RAW,
+ 0,
+ &Buffer,
+ &Size
+ );
+ if (!EFI_ERROR(Status)) {
+ if ((Size == PcdGetSize(PcdRsa2048Sha256PublicKeyBuffer)) &&
+ (CompareMem(Buffer, PcdGetPtr(PcdRsa2048Sha256PublicKeyBuffer), Size) == 0)) {
+ Print(L"WARNING: Recovery Test Key is used.\n");
+ PcdSetBoolS(PcdTestKeyUsed, TRUE);
+ }
+ FreePool(Buffer);
+ }
+ Status = GetSectionFromAnyFv(
+ PcdGetPtr(PcdEdkiiPkcs7TestPublicKeyFileGuid),
+ EFI_SECTION_RAW,
+ 0,
+ &Buffer,
+ &Size
+ );
+ if (!EFI_ERROR(Status)) {
+ if ((Size == PcdGetSize(PcdPkcs7CertBuffer)) &&
+ (CompareMem(Buffer, PcdGetPtr(PcdPkcs7CertBuffer), Size) == 0)) {
+ Print(L"WARNING: Capsule Test Key is used.\n");
+ PcdSetBoolS(PcdTestKeyUsed, TRUE);
+ }
+ FreePool(Buffer);
+ }
+
+ //
// Use a DynamicHii type pcd to save the boot status, which is used to
// control configuration mode, such as FULL/MINIMAL/NO_CHANGES configuration.
//
diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
index 7413883..395f78b 100644
--- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
+++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
@@ -1,7 +1,7 @@
/** @file
Head file for BDS Platform specific code
-Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -21,6 +21,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Protocol/FirmwareVolume2.h>
#include <Protocol/AcpiS3Save.h>
#include <Protocol/DxeSmmReadyToLock.h>
+#include <Protocol/EsrtManagement.h>
#include <Guid/DebugAgentGuid.h>
#include <Guid/EventGroup.h>
#include <Guid/PcAnsi.h>
@@ -32,9 +33,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/DevicePathLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
#include <Library/UefiLib.h>
#include <Library/UefiBootManagerLib.h>
-
+#include <Library/PrintLib.h>
+#include <Library/HobLib.h>
+#include <Library/CapsuleLib.h>
+#include <Library/DxeServicesLib.h>
typedef struct {
EFI_DEVICE_PATH_PROTOCOL *DevicePath;
diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index d59f14a..eadf1fe 100644
--- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -1,7 +1,7 @@
## @file
# Include all platform action which can be customized by IBV/OEM.
#
-# Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2012 - 2016, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -38,6 +38,8 @@
IntelFrameworkPkg/IntelFrameworkPkg.dec
IntelFrameworkModulePkg/IntelFrameworkModulePkg.dec
SourceLevelDebugPkg/SourceLevelDebugPkg.dec
+ QuarkPlatformPkg/QuarkPlatformPkg.dec
+ SecurityPkg/SecurityPkg.dec
[LibraryClasses]
BaseLib
@@ -49,11 +51,16 @@
UefiBootServicesTableLib
UefiLib
UefiBootManagerLib
+ PrintLib
+ HobLib
+ CapsuleLib
+ DxeServicesLib
[Protocols]
gEfiFirmwareVolume2ProtocolGuid
gEfiAcpiS3SaveProtocolGuid
gEfiDxeSmmReadyToLockProtocolGuid
+ gEsrtManagementProtocolGuid
[Guids]
gEfiPcAnsiGuid
@@ -70,3 +77,10 @@
gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits
gEfiMdePkgTokenSpaceGuid.PcdDefaultTerminalType
gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdBootState
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSupportUpdateCapsuleReset
+ gQuarkPlatformTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid
+ gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid
+ gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer
+ gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer
+ gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed
+
--
2.7.4.windows.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PATCH V4 7/8] QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support.
2016-10-23 2:31 [PATCH V4 0/8] Add capsule support for Quark Jiewen Yao
` (5 preceding siblings ...)
2016-10-23 2:31 ` [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling Jiewen Yao
@ 2016-10-23 2:31 ` Jiewen Yao
2016-10-27 0:40 ` Kinney, Michael D
2016-10-23 2:31 ` [PATCH V4 8/8] QuarkPlatformPkg/Readme: add capsule/recovery related content Jiewen Yao
7 siblings, 1 reply; 17+ messages in thread
From: Jiewen Yao @ 2016-10-23 2:31 UTC (permalink / raw)
To: edk2-devel
Cc: Michael D Kinney, Kelly Steele, Feng Tian, Star Zeng, Liming Gao,
Chao Zhang
Add capsule and recovery support module in platform dsc and fdf.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
QuarkPlatformPkg/Quark.dsc | 72 ++++++++--
QuarkPlatformPkg/Quark.fdf | 141 ++++++++++++++++++++
QuarkPlatformPkg/QuarkMin.dsc | 7 +-
3 files changed, 205 insertions(+), 15 deletions(-)
diff --git a/QuarkPlatformPkg/Quark.dsc b/QuarkPlatformPkg/Quark.dsc
index d5988da..153f6e7 100644
--- a/QuarkPlatformPkg/Quark.dsc
+++ b/QuarkPlatformPkg/Quark.dsc
@@ -39,6 +39,8 @@
DEFINE SOURCE_DEBUG_ENABLE = FALSE
DEFINE PERFORMANCE_ENABLE = FALSE
DEFINE LOGGING = FALSE
+ DEFINE CAPSULE_ENABLE = TRUE
+ DEFINE RECOVERY_ENABLE = TRUE
#
# Galileo board. Options are [GEN1, GEN2]
@@ -160,11 +162,9 @@
PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
!endif
-!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE)
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
-!endif
!if $(SECURE_BOOT_ENABLE)
PlatformSecureLib|QuarkPlatformPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
@@ -225,6 +225,17 @@
PlatformPcieHelperLib|QuarkPlatformPkg/Library/PlatformPcieHelperLib/PlatformPcieHelperLib.inf
PlatformHelperLib|QuarkPlatformPkg/Library/PlatformHelperLib/DxePlatformHelperLib.inf
+!if $(CAPSULE_ENABLE)
+ CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
+!else
+ CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
+!endif
+
+ EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf
+ FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf
+ IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf
+ PlatformFlashAccessLib|QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/PlatformFlashAccessLibDxe.inf
+
[LibraryClasses.common.SEC]
#
# SEC specific phase
@@ -250,9 +261,7 @@
PlatformHelperLib|QuarkPlatformPkg/Library/PlatformHelperLib/PeiPlatformHelperLib.inf
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf
MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
-!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE)
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
-!endif
!if $(PERFORMANCE_ENABLE)
PerformanceLib|MdeModulePkg/Library/PeiPerformanceLib/PeiPerformanceLib.inf
!endif
@@ -273,9 +282,7 @@
PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf
SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
-!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE)
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
-!endif
!if $(PERFORMANCE_ENABLE)
PerformanceLib|MdeModulePkg/Library/SmmPerformanceLib/SmmPerformanceLib.inf
!endif
@@ -301,6 +308,10 @@
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
!endif
+!if $(CAPSULE_ENABLE)
+ CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
+!endif
+
[LibraryClasses.IA32.UEFI_DRIVER,LibraryClasses.IA32.UEFI_APPLICATION]
PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
@@ -431,6 +442,10 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdConInConnectOnDemand|FALSE
+!if $(RECOVERY_ENABLE)
+ gEfiMdeModulePkgTokenSpaceGuid.PcdRecoveryFileName|L"QUARKREC.Cap"
+!endif
+
[PcdsPatchableInModule]
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x803000C7
gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0
@@ -449,6 +464,11 @@
gQuarkPlatformTokenSpaceGuid.PcdUserIsPhysicallyPresent|FALSE
gQuarkPlatformTokenSpaceGuid.PcdSpiFlashDeviceSize|0
+!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
+ gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0xc0, 0x20, 0xaf, 0x62, 0x16, 0x70, 0x4a, 0x42, 0x9b, 0xf8, 0x9c, 0xcc, 0x86, 0x58, 0x40, 0x90}
+!endif
+
!if $(MEASURED_BOOT_ENABLE)
#
# TPM1.2 { 0x8b01e5b6, 0x4f19, 0x46e8, { 0xab, 0x93, 0x1c, 0x53, 0x67, 0x1b, 0x90, 0xcc } }
@@ -540,6 +560,11 @@
!endif
}
+!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
+ # FMP image decriptor
+ QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
+!endif
+
#
# PEI Core
#
@@ -594,6 +619,7 @@
#
# Recovery
#
+!if $(RECOVERY_ENABLE)
QuarkSocPkg/QuarkSouthCluster/Usb/Common/Pei/UsbPei.inf
MdeModulePkg/Bus/Pci/EhciPei/EhciPei.inf
QuarkSocPkg/QuarkSouthCluster/Usb/Ohci/Pei/OhciPei.inf
@@ -601,6 +627,11 @@
MdeModulePkg/Bus/Usb/UsbBusPei/UsbBusPei.inf
FatPkg/FatPei/FatPei.inf
MdeModulePkg/Universal/Disk/CdExpressPei/CdExpressPei.inf
+ SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.inf {
+ <LibraryClasses>
+ FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf
+ }
+!endif
[Components.IA32]
#
@@ -645,11 +676,7 @@
NULL|MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf
}
- MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf {
- <LibraryClasses>
- GenericBdsLib|IntelFrameworkModulePkg/Library/GenericBdsLib/GenericBdsLib.inf
- CapsuleLib|IntelFrameworkModulePkg/Library/DxeCapsuleLib/DxeCapsuleLib.inf
- }
+ MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
@@ -675,6 +702,11 @@
<LibraryClasses>
UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
PlatformBootManagerLib|QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+!if $(CAPSULE_ENABLE)
+ FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
+!else
+ FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf
+!endif
}
MdeModulePkg/Application/UiApp/UiApp.inf {
<LibraryClasses>
@@ -889,5 +921,23 @@
gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
}
+!if $(CAPSULE_ENABLE)
+ MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
+
+ SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf {
+ <LibraryClasses>
+ FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
+ }
+ SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf {
+ <LibraryClasses>
+ FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf
+ }
+
+ MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf {
+ <LibraryClasses>
+ PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
+ }
+!endif
+
[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]
MSFT:*_*_*_DLINK_FLAGS = /ALIGN:4096
diff --git a/QuarkPlatformPkg/Quark.fdf b/QuarkPlatformPkg/Quark.fdf
index 9f51eb3..a9d828d 100644
--- a/QuarkPlatformPkg/Quark.fdf
+++ b/QuarkPlatformPkg/Quark.fdf
@@ -317,6 +317,11 @@ APRIORI PEI {
##
INF UefiCpuPkg/SecCore/SecCore.inf
+!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
+ # FMP image decriptor
+INF RuleOverride = FMP_IMAGE_DESC QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
+!endif
+
INF MdeModulePkg/Core/Pei/PeiMain.inf
##
@@ -347,12 +352,16 @@ INF SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf
INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
!endif
+!if $(RECOVERY_ENABLE)
FILE FV_IMAGE = 1E9D7604-EF45-46a0-BD8A-71AC78C17AC1 {
SECTION PEI_DEPEX_EXP = {gEfiPeiMemoryDiscoveredPpiGuid AND gEfiPeiBootInRecoveryModePpiGuid}
SECTION GUIDED A31280AD-481E-41B6-95E8-127F4C984779 { # TIANO COMPRESS GUID
SECTION FV_IMAGE = FVRECOVERY_COMPONENTS
}
}
+!endif
+
+!if $(RECOVERY_ENABLE)
################################################################################
#
@@ -390,6 +399,9 @@ INF MdeModulePkg/Bus/Usb/UsbBusPei/UsbBusPei.inf
INF MdeModulePkg/Bus/Usb/UsbBotPei/UsbBotPei.inf
INF FatPkg/FatPei/FatPei.inf
INF MdeModulePkg/Universal/Disk/CdExpressPei/CdExpressPei.inf
+INF SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.inf
+
+!endif
################################################################################
#
@@ -579,6 +591,25 @@ INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
INF RuleOverride = DRIVER_ACPITABLE SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
!endif
+!if $(CAPSULE_ENABLE)
+INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
+INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
+!endif
+
+!if $(RECOVERY_ENABLE)
+FILE FREEFORM = PCD(gQuarkPlatformTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid) {
+ SECTION RAW = BaseTools/Source/Python/Rsa2048Sha256Sign/TestSigningPublicKey.bin
+ SECTION UI = "Rsa2048Sha256TestSigningPublicKey"
+ }
+!endif
+
+!if $(CAPSULE_ENABLE)
+FILE FREEFORM = PCD(gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) {
+ SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer
+ SECTION UI = "Pkcs7TestRoot"
+ }
+!endif
+
################################################################################
#
# FV Section
@@ -650,6 +681,106 @@ INF RuleOverride = TIANOCOMPRESSED ShellPkg/Application/Shell/Shell.inf
INF RuleOverride = TIANOCOMPRESSED PerformancePkg/Dp_App/Dp.inf
!endif
+!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
+
+[FV.CapsuleDispatchFv]
+FvAlignment = 16
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+!if $(CAPSULE_ENABLE)
+INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf
+!endif
+
+[FV.SystemFirmwareUpdateCargo]
+FvAlignment = 16
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+FILE RAW = AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215 { # PcdEdkiiSystemFirmwareFileGuid
+ FD = Quark
+ }
+
+FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid
+ FV = CapsuleDispatchFv
+ }
+
+FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid
+ QuarkPlatformPkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini
+ }
+
+!if $(CAPSULE_ENABLE)
+[FmpPayload.FmpPayloadSystemFirmwarePkcs7]
+IMAGE_HEADER_INIT_VERSION = 0x02
+IMAGE_TYPE_ID = 62af20c0-7016-424a-9bf8-9ccc86584090 # PcdSystemFmpCapsuleImageTypeIdGuid
+IMAGE_INDEX = 0x1
+HARDWARE_INSTANCE = 0x0
+MONOTONIC_COUNT = 0x2
+CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7
+
+FV = SystemFirmwareUpdateCargo
+!endif
+
+!if $(RECOVERY_ENABLE)
+[FmpPayload.FmpPayloadSystemFirmwareRsa2048]
+IMAGE_HEADER_INIT_VERSION = 0x02
+IMAGE_TYPE_ID = 62af20c0-7016-424a-9bf8-9ccc86584090 # PcdSystemFmpCapsuleImageTypeIdGuid
+IMAGE_INDEX = 0x1
+HARDWARE_INSTANCE = 0x0
+MONOTONIC_COUNT = 0x2
+CERTIFICATE_GUID = A7717414-C616-4977-9420-844712A735BF # RSA2048SHA256
+
+FV = SystemFirmwareUpdateCargo
+!endif
+
+!if $(CAPSULE_ENABLE)
+[Capsule.QuarkFirmwareUpdateCapsuleFmpPkcs7]
+CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid
+CAPSULE_FLAGS = PersistAcrossReset,InitiateReset
+CAPSULE_HEADER_SIZE = 0x20
+CAPSULE_HEADER_INIT_VERSION = 0x1
+
+FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7
+!endif
+
+!if $(RECOVERY_ENABLE)
+[Capsule.QuarkRec]
+CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid
+CAPSULE_FLAGS = PersistAcrossReset,InitiateReset
+CAPSULE_HEADER_SIZE = 0x20
+CAPSULE_HEADER_INIT_VERSION = 0x1
+
+FMP_PAYLOAD = FmpPayloadSystemFirmwareRsa2048
+!endif
+
+!endif
+
################################################################################
#
# Rules are use with the [FV] section's module INF type to define
@@ -771,3 +902,13 @@ INF RuleOverride = TIANOCOMPRESSED PerformancePkg/Dp_App/Dp.inf
RAW ACPI |.acpi
RAW ASL |.aml
}
+
+[Rule.Common.PEIM.FMP_IMAGE_DESC]
+ FILE PEIM = $(NAMED_GUID) {
+ RAW BIN |.acpi
+ PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
+ PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
+
diff --git a/QuarkPlatformPkg/QuarkMin.dsc b/QuarkPlatformPkg/QuarkMin.dsc
index 1a4bd30..be85e3f 100644
--- a/QuarkPlatformPkg/QuarkMin.dsc
+++ b/QuarkPlatformPkg/QuarkMin.dsc
@@ -161,6 +161,8 @@
AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
!endif
+ CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
+
#
# CPU
#
@@ -547,10 +549,7 @@
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
MdeModulePkg/Universal/Variable/EmuRuntimeDxe/EmuVariableRuntimeDxe.inf
- MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf {
- <LibraryClasses>
- CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
- }
+ MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
--
2.7.4.windows.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* [PATCH V4 8/8] QuarkPlatformPkg/Readme: add capsule/recovery related content.
2016-10-23 2:31 [PATCH V4 0/8] Add capsule support for Quark Jiewen Yao
` (6 preceding siblings ...)
2016-10-23 2:31 ` [PATCH V4 7/8] QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support Jiewen Yao
@ 2016-10-23 2:31 ` Jiewen Yao
7 siblings, 0 replies; 17+ messages in thread
From: Jiewen Yao @ 2016-10-23 2:31 UTC (permalink / raw)
To: edk2-devel
Cc: Michael D Kinney, Kelly Steele, Feng Tian, Star Zeng, Liming Gao,
Chao Zhang
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
QuarkPlatformPkg/Readme.md | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/QuarkPlatformPkg/Readme.md b/QuarkPlatformPkg/Readme.md
index 8f5b898..f925f9e 100644
--- a/QuarkPlatformPkg/Readme.md
+++ b/QuarkPlatformPkg/Readme.md
@@ -146,6 +146,8 @@ features on the build command line using ```-D``` flags.
| ```SECURE_BOOT_ENABLE``` | FALSE | TRUE, FALSE |
| ```MEASURED_BOOT_ENABLE``` | FALSE | TRUE, FALSE |
| ```TPM_12_HARDWARE``` | NONE | NONE, LPC, ATMEL_I2C, INFINEON_I2C |
+| ```CAPSULE_ENABLE``` | FALSE | TRUE, FALSE |
+| ```RECOVERY_ENABLE``` | FALSE | TRUE, FALSE |
* ```GALILEO``` - Used to specify the type of Intel(R) Galileo board type. The
default is ```GEN2``` for the [Intel(R) Galileo Gen 2 Development Board](
@@ -199,6 +201,22 @@ features on the build command line using ```-D``` flags.
has been tested with the [CryptoShield](https://www.sparkfun.com/products/13183)
available from [SparkFun](https://www.sparkfun.com/).
+* ```CAPSULE_ENABLE``` - Used to enable/disable capsule update features.
+ The default is FALSE for disabled. Add ```-D CAPSULE_ENABLE``` to the
+ build command line to enable capsule update features.
+ The build process generate capsule update image - QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap.
+ The user need copy QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap and CapsuleApp.efi
+ to a storage media attached to the Quark Board.
+ Then the user can boot to shell and run ```CapsuleApp QUARKFIRMWAREUPDATECAPSULEFMPPKCS7.Cap```.
+ In next reboot, the system firmware is updated.
+
+* ```RECOVERY_ENABLE``` - Used to enable/disable recovery features.
+ The default is FALSE for disabled. Add ```-D RECOVERY_ENABLE``` to the
+ build command line to enable recovery features.
+ The build process generates the recovery capsule image - QUARKREC.Cap.
+ Then the user need copy QUARKREC.Cap to a USB KEY, plug the USB KEY to the Quark Board.
+ In next boot, if a user runs ForceRecovery.efi in shell, or if a user presses the RESET button during power on, warm reset or REBOOT,
+ or if the FvMain is corrupted in flash, the system will boot into recovery mode.
### **Example Build Commands**
--
2.7.4.windows.1
^ permalink raw reply related [flat|nested] 17+ messages in thread
* Re: [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling.
2016-10-23 2:31 ` [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling Jiewen Yao
@ 2016-10-26 23:36 ` Kinney, Michael D
2016-10-27 1:48 ` Yao, Jiewen
0 siblings, 1 reply; 17+ messages in thread
From: Kinney, Michael D @ 2016-10-26 23:36 UTC (permalink / raw)
To: Yao, Jiewen, edk2-devel@lists.01.org, Kinney, Michael D
Cc: Tian, Feng, Gao, Liming, Zeng, Star, Zhang, Chao B
Jiewen,
Can the code that checks for the use of a test key be moved into a common BDS lib or module?
Maybe in MdeModulePkg\Universal\BdsDxe\BdsEntry.c right before the call to
PlatformBootManagerAfterConsole()? The logic in BdsEntry.c can do the check and set the
PcdTestKeyUsed PCD and can go a DEBUG() message for the use of a test key.
With the current design, you depend on a platform specific BDS library to include the test
key check, and we want to make sure the check for the use of a test key is always performed.
Also, the test key check against PcdRsa2048Sha256PublicKeyBuffer is incomplete. The DEC file
description of this PCD is as follows:
## Provides one or more SHA 256 Hashes of the RSA 2048 public keys used to verify Recovery and Capsule Update images
# WARNING: The default value is treated as test key. Please do not use default value in the production.
# @Prompt One or more SHA 256 Hashes of RSA 2048 bit public keys used to verify Recovery and Capsule Update images
#
gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0x91, 0x29, 0xc4, 0xbd, 0xea, 0x6d, 0xda, 0xb3, 0xaa, 0x6f, 0x50, 0x16, 0xfc, 0xdb, 0x4b, 0x7e, 0x3c, 0xd6, 0xdc, 0xa4, 0x7a, 0x0e, 0xdd, 0xe6, 0x15, 0x8c, 0x73, 0x96, 0xa2, 0xd4, 0xa6, 0x4d}|VOID*|0x00010013
Since this PCD provides one or more SHA 256 Hashes, the check for the use of a test key needs to get the
Size, determine how many hashes are in this PCD, and compare the test key value against each entry in
this array.
Thanks,
Mike
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:32 PM
> To: edk2-devel@lists.01.org
> Cc: Tian, Feng <feng.tian@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star
> <star.zeng@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>
> Subject: [edk2] [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add
> capsule/recovery handling.
>
> 1) Add capsule and recovery boot path handling in platform BDS.
> 2) Add check if the platform is using default test key for recovery or update.
> Produce PcdTestKeyUsed to indicate if there is any
> test key used in current BIOS, such as recovery key,
> or capsule update key.
> Then the generic UI may consume this PCD to show warning information.
>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Kelly Steele <kelly.steele@intel.com>
> Cc: Feng Tian <feng.tian@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> ---
> QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c | 131
> +++++++++++++++++++-
> QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h | 9 +-
> QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf | 16 ++-
> 3 files changed, 151 insertions(+), 5 deletions(-)
>
> diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> index 19ff3d0..f327c89 100644
> --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> @@ -2,7 +2,7 @@
> This file include all platform action which can be customized
> by IBV/OEM.
>
> -Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
> This program and the accompanying materials
> are licensed and made available under the terms and conditions of the BSD License
> which accompanies this distribution. The full text of the license may be found at
> @@ -205,6 +205,8 @@ PlatformBootManagerBeforeConsole (
> EFI_INPUT_KEY Enter;
> EFI_INPUT_KEY F2;
> EFI_BOOT_MANAGER_LOAD_OPTION BootOption;
> + ESRT_MANAGEMENT_PROTOCOL *EsrtManagement;
> + EFI_BOOT_MODE BootMode;
> EFI_ACPI_S3_SAVE_PROTOCOL *AcpiS3Save;
> EFI_HANDLE Handle;
> EFI_EVENT EndOfDxeEvent;
> @@ -246,6 +248,40 @@ PlatformBootManagerBeforeConsole (
> //
> PlatformRegisterFvBootOption (&mUefiShellFileGuid, L"UEFI Shell",
> LOAD_OPTION_ACTIVE);
>
> + Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtManagement);
> + if (EFI_ERROR(Status)) {
> + EsrtManagement = NULL;
> + }
> +
> + BootMode = GetBootModeHob();
> + switch (BootMode) {
> + case BOOT_ON_FLASH_UPDATE:
> + DEBUG((EFI_D_INFO, "ProcessCapsules Before EndOfDxe ......\n"));
> + Status = ProcessCapsules ();
> + DEBUG((EFI_D_INFO, "ProcessCapsules %r\n", Status));
> + break;
> + case BOOT_IN_RECOVERY_MODE:
> + break;
> + case BOOT_ASSUMING_NO_CONFIGURATION_CHANGES:
> + case BOOT_WITH_MINIMAL_CONFIGURATION:
> + case BOOT_ON_S4_RESUME:
> + if (EsrtManagement != NULL) {
> + //
> + // Lock ESRT cache repository before EndofDxe if ESRT sync is not needed
> + //
> + EsrtManagement->LockEsrtRepository();
> + }
> + break;
> + default:
> + //
> + // Require to sync ESRT from FMP in a new boot
> + //
> + if (EsrtManagement != NULL) {
> + EsrtManagement->SyncEsrtFmp();
> + }
> + break;
> + }
> +
> //
> // Prepare for S3
> //
> @@ -303,7 +339,64 @@ PlatformBootManagerAfterConsole (
> VOID
> )
> {
> - EFI_STATUS Status;
> + EFI_STATUS Status;
> + EFI_BOOT_MODE BootMode;
> + ESRT_MANAGEMENT_PROTOCOL *EsrtManagement;
> + VOID *Buffer;
> + UINTN Size;
> +
> + Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtManagement);
> + if (EFI_ERROR(Status)) {
> + EsrtManagement = NULL;
> + }
> +
> + BootMode = GetBootModeHob();
> + switch (BootMode) {
> + case BOOT_ON_FLASH_UPDATE:
> + DEBUG((EFI_D_INFO, "Capsule Mode detected\n"));
> + if (FeaturePcdGet(PcdSupportUpdateCapsuleReset)) {
> + EfiBootManagerConnectAll ();
> + EfiBootManagerRefreshAllBootOption ();
> +
> + //
> + // Always sync ESRT Cache from FMP Instances after connect all and before
> capsule process
> + //
> + if (EsrtManagement != NULL) {
> + EsrtManagement->SyncEsrtFmp();
> + }
> +
> + DEBUG((EFI_D_INFO, "ProcessCapsules After ConnectAll ......\n"));
> + Status = ProcessCapsules();
> + DEBUG((EFI_D_INFO, "ProcessCapsules %r\n", Status));
> + }
> + break;
> +
> + case BOOT_IN_RECOVERY_MODE:
> + DEBUG((EFI_D_INFO, "Recovery Mode detected\n"));
> + // Passthrough
> +
> + case BOOT_ASSUMING_NO_CONFIGURATION_CHANGES:
> + case BOOT_WITH_MINIMAL_CONFIGURATION:
> + case BOOT_WITH_FULL_CONFIGURATION:
> + case BOOT_WITH_FULL_CONFIGURATION_PLUS_DIAGNOSTICS:
> + case BOOT_WITH_DEFAULT_SETTINGS:
> + default:
> + EfiBootManagerConnectAll ();
> + EfiBootManagerRefreshAllBootOption ();
> +
> + //
> + // Sync ESRT Cache from FMP Instance on demand after Connect All
> + //
> + if ((BootMode != BOOT_ASSUMING_NO_CONFIGURATION_CHANGES) &&
> + (BootMode != BOOT_WITH_MINIMAL_CONFIGURATION) &&
> + (BootMode != BOOT_ON_S4_RESUME)) {
> + if (EsrtManagement != NULL) {
> + EsrtManagement->SyncEsrtFmp();
> + }
> + }
> +
> + break;
> + }
>
> Print (
> L"\n"
> @@ -313,6 +406,40 @@ PlatformBootManagerAfterConsole (
> );
>
> //
> + // Check if the platform is using test key.
> + //
> + Status = GetSectionFromAnyFv(
> + PcdGetPtr(PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid),
> + EFI_SECTION_RAW,
> + 0,
> + &Buffer,
> + &Size
> + );
> + if (!EFI_ERROR(Status)) {
> + if ((Size == PcdGetSize(PcdRsa2048Sha256PublicKeyBuffer)) &&
> + (CompareMem(Buffer, PcdGetPtr(PcdRsa2048Sha256PublicKeyBuffer), Size) == 0)) {
> + Print(L"WARNING: Recovery Test Key is used.\n");
> + PcdSetBoolS(PcdTestKeyUsed, TRUE);
> + }
> + FreePool(Buffer);
> + }
> + Status = GetSectionFromAnyFv(
> + PcdGetPtr(PcdEdkiiPkcs7TestPublicKeyFileGuid),
> + EFI_SECTION_RAW,
> + 0,
> + &Buffer,
> + &Size
> + );
> + if (!EFI_ERROR(Status)) {
> + if ((Size == PcdGetSize(PcdPkcs7CertBuffer)) &&
> + (CompareMem(Buffer, PcdGetPtr(PcdPkcs7CertBuffer), Size) == 0)) {
> + Print(L"WARNING: Capsule Test Key is used.\n");
> + PcdSetBoolS(PcdTestKeyUsed, TRUE);
> + }
> + FreePool(Buffer);
> + }
> +
> + //
> // Use a DynamicHii type pcd to save the boot status, which is used to
> // control configuration mode, such as FULL/MINIMAL/NO_CHANGES configuration.
> //
> diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> index 7413883..395f78b 100644
> --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> @@ -1,7 +1,7 @@
> /** @file
> Head file for BDS Platform specific code
>
> -Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
> This program and the accompanying materials
> are licensed and made available under the terms and conditions of the BSD License
> which accompanies this distribution. The full text of the license may be found at
> @@ -21,6 +21,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
> IMPLIED.
> #include <Protocol/FirmwareVolume2.h>
> #include <Protocol/AcpiS3Save.h>
> #include <Protocol/DxeSmmReadyToLock.h>
> +#include <Protocol/EsrtManagement.h>
> #include <Guid/DebugAgentGuid.h>
> #include <Guid/EventGroup.h>
> #include <Guid/PcAnsi.h>
> @@ -32,9 +33,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
> IMPLIED.
> #include <Library/DevicePathLib.h>
> #include <Library/MemoryAllocationLib.h>
> #include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> #include <Library/UefiLib.h>
> #include <Library/UefiBootManagerLib.h>
> -
> +#include <Library/PrintLib.h>
> +#include <Library/HobLib.h>
> +#include <Library/CapsuleLib.h>
> +#include <Library/DxeServicesLib.h>
>
> typedef struct {
> EFI_DEVICE_PATH_PROTOCOL *DevicePath;
> diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> index d59f14a..eadf1fe 100644
> --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> @@ -1,7 +1,7 @@
> ## @file
> # Include all platform action which can be customized by IBV/OEM.
> #
> -# Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
> +# Copyright (c) 2012 - 2016, Intel Corporation. All rights reserved.<BR>
> # This program and the accompanying materials
> # are licensed and made available under the terms and conditions of the BSD License
> # which accompanies this distribution. The full text of the license may be found at
> @@ -38,6 +38,8 @@
> IntelFrameworkPkg/IntelFrameworkPkg.dec
> IntelFrameworkModulePkg/IntelFrameworkModulePkg.dec
> SourceLevelDebugPkg/SourceLevelDebugPkg.dec
> + QuarkPlatformPkg/QuarkPlatformPkg.dec
> + SecurityPkg/SecurityPkg.dec
>
> [LibraryClasses]
> BaseLib
> @@ -49,11 +51,16 @@
> UefiBootServicesTableLib
> UefiLib
> UefiBootManagerLib
> + PrintLib
> + HobLib
> + CapsuleLib
> + DxeServicesLib
>
> [Protocols]
> gEfiFirmwareVolume2ProtocolGuid
> gEfiAcpiS3SaveProtocolGuid
> gEfiDxeSmmReadyToLockProtocolGuid
> + gEsrtManagementProtocolGuid
>
> [Guids]
> gEfiPcAnsiGuid
> @@ -70,3 +77,10 @@
> gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits
> gEfiMdePkgTokenSpaceGuid.PcdDefaultTerminalType
> gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdBootState
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSupportUpdateCapsuleReset
> + gQuarkPlatformTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid
> + gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid
> + gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer
> + gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer
> + gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed
> +
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH V4 3/8] QuarkPlatformPkg/SystemFirmwareDescriptor: Add Descriptor for capsule update.
2016-10-23 2:31 ` [PATCH V4 3/8] QuarkPlatformPkg/SystemFirmwareDescriptor: Add Descriptor " Jiewen Yao
@ 2016-10-27 0:30 ` Kinney, Michael D
0 siblings, 0 replies; 17+ messages in thread
From: Kinney, Michael D @ 2016-10-27 0:30 UTC (permalink / raw)
To: Yao, Jiewen, edk2-devel@lists.01.org, Kinney, Michael D
Cc: Tian, Feng, Gao, Liming, Zeng, Star, Zhang, Chao B
Jiewen,
Why is .aslc file used in this PEIM. It is not an ACPI table.
You are generating a C structure that is used to set the value of
a PCD. The C structure could be a global variable in the PEIM
that is initialized the same way the .aslc file does or you
could initialize the fields in the PEIM entry point. Or some
combination of the two.
Thanks,
Mike
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:32 PM
> To: edk2-devel@lists.01.org
> Cc: Tian, Feng <feng.tian@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star
> <star.zeng@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>
> Subject: [edk2] [PATCH V4 3/8] QuarkPlatformPkg/SystemFirmwareDescriptor: Add
> Descriptor for capsule update.
>
> Add SystemFirmwareDescriptor for capsule update.
> The PEIM extracts SystemFirmwareDescriptor info from FFS and reports it via PCD.
>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Kelly Steele <kelly.steele@intel.com>
> Cc: Feng Tian <feng.tian@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> ---
>
> QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc
> | 89 ++++++++++++++++++++
> QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> | 46 ++++++++++
>
> QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei.c
> | 66 +++++++++++++++
> 3 files changed, 201 insertions(+)
>
> diff --git
> a/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.as
> lc
> b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.as
> lc
> new file mode 100644
> index 0000000..693a632
> --- /dev/null
> +++
> b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.as
> lc
> @@ -0,0 +1,89 @@
> +/** @file
> + System Firmware descriptor.
> +
> + Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> + This program and the accompanying materials
> + are licensed and made available under the terms and conditions of the BSD License
> + which accompanies this distribution. The full text of the license may be found at
> + http://opensource.org/licenses/bsd-license.php
> +
> + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiPei.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Guid/EdkiiSystemFmpCapsule.h>
> +
> +#define PACKAGE_VERSION 0xFFFFFFFF
> +#define PACKAGE_VERSION_STRING L"Unknown"
> +
> +#define CURRENT_FIRMWARE_VERSION 0x00000002
> +#define CURRENT_FIRMWARE_VERSION_STRING L"0x00000002"
> +#define LOWEST_SUPPORTED_FIRMWARE_VERSION 0x00000001
> +
> +#define IMAGE_ID SIGNATURE_64('Q', 'U', 'A', 'R', 'K', '_',
> 'F', 'd')
> +#define IMAGE_ID_STRING L"QuarkPlatformFd"
> +
> +// PcdSystemFmpCapsuleImageTypeIdGuid
> +#define IMAGE_TYPE_ID_GUID { 0x62af20c0, 0x7016, 0x424a, { 0x9b,
> 0xf8, 0x9c, 0xcc, 0x86, 0x58, 0x40, 0x90 } }
> +
> +typedef struct {
> + EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR Descriptor;
> + // real string data
> + CHAR16 ImageIdNameStr[16];
> + CHAR16 VersionNameStr[16];
> + CHAR16 PackageVersionNameStr[16];
> +} IMAGE_DESCRIPTOR;
> +
> +IMAGE_DESCRIPTOR mImageDescriptor =
> +{
> + {
> + EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR_SIGNATURE,
> + sizeof(EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR),
> + sizeof(IMAGE_DESCRIPTOR),
> + PACKAGE_VERSION, // PackageVersion
> + OFFSET_OF (IMAGE_DESCRIPTOR, PackageVersionNameStr), // PackageVersionName
> + 1, // ImageIndex;
> + {0x0}, // Reserved
> + IMAGE_TYPE_ID_GUID, // ImageTypeId;
> + IMAGE_ID, // ImageId;
> + OFFSET_OF (IMAGE_DESCRIPTOR, ImageIdNameStr), // ImageIdName;
> + CURRENT_FIRMWARE_VERSION, // Version;
> + OFFSET_OF (IMAGE_DESCRIPTOR, VersionNameStr), // VersionName;
> + {0x0}, // Reserved2
> + FixedPcdGet32(PcdFlashAreaSize), // Size;
> + IMAGE_ATTRIBUTE_IMAGE_UPDATABLE |
> + IMAGE_ATTRIBUTE_RESET_REQUIRED |
> + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED |
> + IMAGE_ATTRIBUTE_IN_USE, // AttributesSupported;
> + IMAGE_ATTRIBUTE_IMAGE_UPDATABLE |
> + IMAGE_ATTRIBUTE_RESET_REQUIRED |
> + IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED |
> + IMAGE_ATTRIBUTE_IN_USE, // AttributesSetting;
> + 0x0, // Compatibilities;
> + LOWEST_SUPPORTED_FIRMWARE_VERSION, //
> LowestSupportedImageVersion;
> + 0x00000000, // LastAttemptVersion;
> + 0, // LastAttemptStatus;
> + {0x0}, // Reserved3
> + 0, // HardwareInstance;
> + },
> + // real string data
> + {IMAGE_ID_STRING},
> + {CURRENT_FIRMWARE_VERSION_STRING},
> + {PACKAGE_VERSION_STRING},
> +};
> +
> +
> +VOID*
> +ReferenceAcpiTable (
> + VOID
> + )
> +{
> + //
> + // Reference the table being generated to prevent the optimizer from
> + // removing the data structure from the executable
> + //
> + return (VOID*)&mImageDescriptor;
> +}
> diff --git
> a/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.in
> f
> b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.in
> f
> new file mode 100644
> index 0000000..3134a58
> --- /dev/null
> +++
> b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.in
> f
> @@ -0,0 +1,46 @@
> +## @file
> +# System Firmware descriptor.
> +#
> +# Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> +# This program and the accompanying materials
> +# are licensed and made available under the terms and conditions of the BSD License
> +# which accompanies this distribution. The full text of the license may be found at
> +# http://opensource.org/licenses/bsd-license.php
> +#
> +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +#
> +##
> +
> +[Defines]
> + INF_VERSION = 0x00010005
> + BASE_NAME = SystemFirmwareDescriptor
> + FILE_GUID = 90B2B846-CA6D-4D6E-A8D3-C140A8E110AC
> + MODULE_TYPE = PEIM
> + VERSION_STRING = 1.0
> + ENTRY_POINT = SystemFirmwareDescriptorPeimEntry
> +
> +[Sources]
> + SystemFirmwareDescriptorPei.c
> + SystemFirmwareDescriptor.aslc
> +
> +[Packages]
> + MdePkg/MdePkg.dec
> + MdeModulePkg/MdeModulePkg.dec
> + SignedCapsulePkg/SignedCapsulePkg.dec
> + QuarkPlatformPkg/QuarkPlatformPkg.dec
> +
> +[LibraryClasses]
> + PcdLib
> + PeiServicesLib
> + DebugLib
> + PeimEntryPoint
> +
> +[FixedPcd]
> + gQuarkPlatformTokenSpaceGuid.PcdFlashAreaSize
> +
> +[Pcd]
> + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor
> +
> +[Depex]
> + TRUE
> diff --git
> a/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei
> .c
> b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei
> .c
> new file mode 100644
> index 0000000..e6474e3
> --- /dev/null
> +++
> b/QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptorPei
> .c
> @@ -0,0 +1,66 @@
> +/** @file
> + System Firmware descriptor producer.
> +
> + Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
> + This program and the accompanying materials
> + are licensed and made available under the terms and conditions of the BSD License
> + which accompanies this distribution. The full text of the license may be found at
> + http://opensource.org/licenses/bsd-license.php
> +
> + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#include <PiPei.h>
> +#include <Library/PcdLib.h>
> +#include <Library/PeiServicesLib.h>
> +#include <Library/DebugLib.h>
> +#include <Protocol/FirmwareManagement.h>
> +#include <Guid/EdkiiSystemFmpCapsule.h>
> +
> +/**
> + Entrypoint for SystemFirmwareDescriptor PEIM.
> +
> + @param FileHandle Handle of the file being invoked.
> + @param PeiServices Describes the list of possible PEI Services.
> +
> + @retval EFI_SUCCESS PPI successfully installed.
> +**/
> +EFI_STATUS
> +EFIAPI
> +SystemFirmwareDescriptorPeimEntry(
> + IN EFI_PEI_FILE_HANDLE FileHandle,
> + IN CONST EFI_PEI_SERVICES **PeiServices
> + )
> +{
> + EFI_STATUS Status;
> + EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR *Descriptor;
> + UINTN Size;
> + UINTN Index;
> + UINT32 AuthenticationStatus;
> +
> + //
> + // Search RAW section.
> + //
> + Index = 0;
> + while (TRUE) {
> + Status = PeiServicesFfsFindSectionData3(EFI_SECTION_RAW, Index, FileHandle, (VOID
> **)&Descriptor, &AuthenticationStatus);
> + if (EFI_ERROR(Status)) {
> + // Should not happen, must something wrong in FDF.
> + ASSERT(FALSE);
> + return EFI_NOT_FOUND;
> + }
> + if (Descriptor->Signature == EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR_SIGNATURE) {
> + break;
> + }
> + Index++;
> + }
> +
> + DEBUG((EFI_D_INFO, "EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR size - 0x%x\n",
> Descriptor->Length));
> +
> + Size = Descriptor->Length;
> + PcdSetPtrS (PcdEdkiiSystemFirmwareImageDescriptor, &Size, Descriptor);
> +
> + return EFI_SUCCESS;
> +}
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH V4 7/8] QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support.
2016-10-23 2:31 ` [PATCH V4 7/8] QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support Jiewen Yao
@ 2016-10-27 0:40 ` Kinney, Michael D
2016-10-27 1:08 ` Yao, Jiewen
0 siblings, 1 reply; 17+ messages in thread
From: Kinney, Michael D @ 2016-10-27 0:40 UTC (permalink / raw)
To: Yao, Jiewen, edk2-devel@lists.01.org, Kinney, Michael D
Cc: Tian, Feng, Gao, Liming, Zeng, Star, Zhang, Chao B
Jiewen,
A couple comments inline below.
Mike
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:32 PM
> To: edk2-devel@lists.01.org
> Cc: Tian, Feng <feng.tian@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star
> <star.zeng@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>
> Subject: [edk2] [PATCH V4 7/8] QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support.
>
> Add capsule and recovery support module in platform dsc and fdf.
>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Kelly Steele <kelly.steele@intel.com>
> Cc: Feng Tian <feng.tian@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> ---
> QuarkPlatformPkg/Quark.dsc | 72 ++++++++--
> QuarkPlatformPkg/Quark.fdf | 141 ++++++++++++++++++++
> QuarkPlatformPkg/QuarkMin.dsc | 7 +-
> 3 files changed, 205 insertions(+), 15 deletions(-)
>
> diff --git a/QuarkPlatformPkg/Quark.dsc b/QuarkPlatformPkg/Quark.dsc
> index d5988da..153f6e7 100644
> --- a/QuarkPlatformPkg/Quark.dsc
> +++ b/QuarkPlatformPkg/Quark.dsc
> @@ -39,6 +39,8 @@
> DEFINE SOURCE_DEBUG_ENABLE = FALSE
> DEFINE PERFORMANCE_ENABLE = FALSE
> DEFINE LOGGING = FALSE
> + DEFINE CAPSULE_ENABLE = TRUE
> + DEFINE RECOVERY_ENABLE = TRUE
>
> #
> # Galileo board. Options are [GEN1, GEN2]
> @@ -160,11 +162,9 @@
> PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
> !endif
>
> -!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE)
> OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> -!endif
>
> !if $(SECURE_BOOT_ENABLE)
> PlatformSecureLib|QuarkPlatformPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
> @@ -225,6 +225,17 @@
>
> PlatformPcieHelperLib|QuarkPlatformPkg/Library/PlatformPcieHelperLib/PlatformPcieHelper
> Lib.inf
>
> PlatformHelperLib|QuarkPlatformPkg/Library/PlatformHelperLib/DxePlatformHelperLib.inf
>
> +!if $(CAPSULE_ENABLE)
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
> +!else
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
> +!endif
> +
> +
> EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsule
> Lib.inf
> +
> FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLib
> Null.inf
> + IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf
> +
> PlatformFlashAccessLib|QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/
> PlatformFlashAccessLibDxe.inf
> +
> [LibraryClasses.common.SEC]
> #
> # SEC specific phase
> @@ -250,9 +261,7 @@
>
> PlatformHelperLib|QuarkPlatformPkg/Library/PlatformHelperLib/PeiPlatformHelperLib.inf
>
> CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHand
> lerLib.inf
> MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
> -!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE)
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> -!endif
> !if $(PERFORMANCE_ENABLE)
> PerformanceLib|MdeModulePkg/Library/PeiPerformanceLib/PeiPerformanceLib.inf
> !endif
> @@ -273,9 +282,7 @@
> PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
>
> CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandler
> Lib.inf
> SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
> -!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE)
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> -!endif
> !if $(PERFORMANCE_ENABLE)
> PerformanceLib|MdeModulePkg/Library/SmmPerformanceLib/SmmPerformanceLib.inf
> !endif
> @@ -301,6 +308,10 @@
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> !endif
>
> +!if $(CAPSULE_ENABLE)
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
> +!endif
> +
> [LibraryClasses.IA32.UEFI_DRIVER,LibraryClasses.IA32.UEFI_APPLICATION]
> PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
>
> @@ -431,6 +442,10 @@
>
> gEfiMdeModulePkgTokenSpaceGuid.PcdConInConnectOnDemand|FALSE
>
> +!if $(RECOVERY_ENABLE)
> + gEfiMdeModulePkgTokenSpaceGuid.PcdRecoveryFileName|L"QUARKREC.Cap"
> +!endif
> +
> [PcdsPatchableInModule]
> gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x803000C7
> gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0
> @@ -449,6 +464,11 @@
> gQuarkPlatformTokenSpaceGuid.PcdUserIsPhysicallyPresent|FALSE
> gQuarkPlatformTokenSpaceGuid.PcdSpiFlashDeviceSize|0
>
> +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
> +
> gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x
> 100
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0xc0, 0x20, 0xaf,
> 0x62, 0x16, 0x70, 0x4a, 0x42, 0x9b, 0xf8, 0x9c, 0xcc, 0x86, 0x58, 0x40, 0x90}
> +!endif
> +
> !if $(MEASURED_BOOT_ENABLE)
> #
> # TPM1.2 { 0x8b01e5b6, 0x4f19, 0x46e8, { 0xab, 0x93, 0x1c, 0x53, 0x67, 0x1b,
> 0x90, 0xcc } }
> @@ -540,6 +560,11 @@
> !endif
> }
>
> +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
> + # FMP image decriptor
> +
> QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> +!endif
> +
> #
> # PEI Core
> #
> @@ -594,6 +619,7 @@
> #
> # Recovery
> #
> +!if $(RECOVERY_ENABLE)
> QuarkSocPkg/QuarkSouthCluster/Usb/Common/Pei/UsbPei.inf
> MdeModulePkg/Bus/Pci/EhciPei/EhciPei.inf
> QuarkSocPkg/QuarkSouthCluster/Usb/Ohci/Pei/OhciPei.inf
> @@ -601,6 +627,11 @@
> MdeModulePkg/Bus/Usb/UsbBusPei/UsbBusPei.inf
> FatPkg/FatPei/FatPei.inf
> MdeModulePkg/Universal/Disk/CdExpressPei/CdExpressPei.inf
> + SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.inf {
> + <LibraryClasses>
> +
> FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthentic
> ationLibRsa2048Sha256.inf
> + }
> +!endif
>
> [Components.IA32]
> #
> @@ -645,11 +676,7 @@
> NULL|MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf
> }
>
> - MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf {
> - <LibraryClasses>
> - GenericBdsLib|IntelFrameworkModulePkg/Library/GenericBdsLib/GenericBdsLib.inf
> - CapsuleLib|IntelFrameworkModulePkg/Library/DxeCapsuleLib/DxeCapsuleLib.inf
> - }
> + MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
> MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
> MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
> PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
> @@ -675,6 +702,11 @@
> <LibraryClasses>
>
> UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
>
> PlatformBootManagerLib|QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootMana
> gerLib.inf
> +!if $(CAPSULE_ENABLE)
> +
> FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLib
> Pkcs7.inf
> +!else
> +
> FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLib
> Null.inf
> +!endif
> }
> MdeModulePkg/Application/UiApp/UiApp.inf {
> <LibraryClasses>
> @@ -889,5 +921,23 @@
> gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
> }
>
> +!if $(CAPSULE_ENABLE)
> + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
> +
> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf {
> + <LibraryClasses>
> +
> FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLib
> Pkcs7.inf
> + }
> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf {
> + <LibraryClasses>
> +
> FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLib
> Pkcs7.inf
> + }
> +
> + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf {
> + <LibraryClasses>
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> + }
> +!endif
> +
> [BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]
> MSFT:*_*_*_DLINK_FLAGS = /ALIGN:4096
> diff --git a/QuarkPlatformPkg/Quark.fdf b/QuarkPlatformPkg/Quark.fdf
> index 9f51eb3..a9d828d 100644
> --- a/QuarkPlatformPkg/Quark.fdf
> +++ b/QuarkPlatformPkg/Quark.fdf
> @@ -317,6 +317,11 @@ APRIORI PEI {
> ##
> INF UefiCpuPkg/SecCore/SecCore.inf
>
> +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
> + # FMP image decriptor
> +INF RuleOverride = FMP_IMAGE_DESC
> QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> +!endif
> +
> INF MdeModulePkg/Core/Pei/PeiMain.inf
>
> ##
> @@ -347,12 +352,16 @@ INF SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf
> INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
> !endif
>
> +!if $(RECOVERY_ENABLE)
> FILE FV_IMAGE = 1E9D7604-EF45-46a0-BD8A-71AC78C17AC1 {
> SECTION PEI_DEPEX_EXP = {gEfiPeiMemoryDiscoveredPpiGuid AND
> gEfiPeiBootInRecoveryModePpiGuid}
> SECTION GUIDED A31280AD-481E-41B6-95E8-127F4C984779 { # TIANO COMPRESS GUID
> SECTION FV_IMAGE = FVRECOVERY_COMPONENTS
> }
> }
> +!endif
> +
> +!if $(RECOVERY_ENABLE)
>
> ################################################################################
> #
> @@ -390,6 +399,9 @@ INF MdeModulePkg/Bus/Usb/UsbBusPei/UsbBusPei.inf
> INF MdeModulePkg/Bus/Usb/UsbBotPei/UsbBotPei.inf
> INF FatPkg/FatPei/FatPei.inf
> INF MdeModulePkg/Universal/Disk/CdExpressPei/CdExpressPei.inf
> +INF SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.inf
> +
> +!endif
>
> ################################################################################
> #
> @@ -579,6 +591,25 @@ INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
> INF RuleOverride = DRIVER_ACPITABLE SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
> !endif
>
> +!if $(CAPSULE_ENABLE)
> +INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
> +INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
> +!endif
> +
> +!if $(RECOVERY_ENABLE)
> +FILE FREEFORM =
> PCD(gQuarkPlatformTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid) {
> + SECTION RAW = BaseTools/Source/Python/Rsa2048Sha256Sign/TestSigningPublicKey.bin
> + SECTION UI = "Rsa2048Sha256TestSigningPublicKey"
> + }
> +!endif
> +
> +!if $(CAPSULE_ENABLE)
> +FILE FREEFORM = PCD(gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) {
> + SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer
> + SECTION UI = "Pkcs7TestRoot"
> + }
> +!endif
> +
> ################################################################################
> #
> # FV Section
> @@ -650,6 +681,106 @@ INF RuleOverride = TIANOCOMPRESSED
> ShellPkg/Application/Shell/Shell.inf
> INF RuleOverride = TIANOCOMPRESSED PerformancePkg/Dp_App/Dp.inf
> !endif
>
> +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
> +
> +[FV.CapsuleDispatchFv]
> +FvAlignment = 16
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> +!if $(CAPSULE_ENABLE)
> +INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf
> +!endif
> +
> +[FV.SystemFirmwareUpdateCargo]
> +FvAlignment = 16
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> +FILE RAW = AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215 { # PcdEdkiiSystemFirmwareFileGuid
> + FD = Quark
> + }
> +
> +FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { #
> gEdkiiSystemFmpCapsuleDriverFvFileGuid
> + FV = CapsuleDispatchFv
> + }
> +
> +FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { #
> gEdkiiSystemFmpCapsuleConfigFileGuid
> +
> QuarkPlatformPkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.
> ini
> + }
> +
Add !endif here. Non need to nest !if.
> +!if $(CAPSULE_ENABLE)
> +[FmpPayload.FmpPayloadSystemFirmwarePkcs7]
> +IMAGE_HEADER_INIT_VERSION = 0x02
> +IMAGE_TYPE_ID = 62af20c0-7016-424a-9bf8-9ccc86584090 #
> PcdSystemFmpCapsuleImageTypeIdGuid
> +IMAGE_INDEX = 0x1
> +HARDWARE_INSTANCE = 0x0
> +MONOTONIC_COUNT = 0x2
> +CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7
> +
> +FV = SystemFirmwareUpdateCargo
> +!endif
> +
Move the following section down with the other RECOVERY_ENABLE section so there
is only one !if (CAPSULE_ENABLE) with 2 sections and one !if (RECOVERY_ENABLE)
with 2 sections,
> +!if $(RECOVERY_ENABLE)
> +[FmpPayload.FmpPayloadSystemFirmwareRsa2048]
> +IMAGE_HEADER_INIT_VERSION = 0x02
> +IMAGE_TYPE_ID = 62af20c0-7016-424a-9bf8-9ccc86584090 #
> PcdSystemFmpCapsuleImageTypeIdGuid
> +IMAGE_INDEX = 0x1
> +HARDWARE_INSTANCE = 0x0
> +MONOTONIC_COUNT = 0x2
> +CERTIFICATE_GUID = A7717414-C616-4977-9420-844712A735BF # RSA2048SHA256
> +
> +FV = SystemFirmwareUpdateCargo
> +!endif
> +
> +!if $(CAPSULE_ENABLE)
> +[Capsule.QuarkFirmwareUpdateCapsuleFmpPkcs7]
> +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a #
> gEfiFmpCapsuleGuid
> +CAPSULE_FLAGS = PersistAcrossReset,InitiateReset
> +CAPSULE_HEADER_SIZE = 0x20
> +CAPSULE_HEADER_INIT_VERSION = 0x1
> +
> +FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7
> +!endif
> +
> +!if $(RECOVERY_ENABLE)
> +[Capsule.QuarkRec]
> +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a #
> gEfiFmpCapsuleGuid
> +CAPSULE_FLAGS = PersistAcrossReset,InitiateReset
> +CAPSULE_HEADER_SIZE = 0x20
> +CAPSULE_HEADER_INIT_VERSION = 0x1
> +
> +FMP_PAYLOAD = FmpPayloadSystemFirmwareRsa2048
> +!endif
> +
> +!endif
> +
> ################################################################################
> #
> # Rules are use with the [FV] section's module INF type to define
> @@ -771,3 +902,13 @@ INF RuleOverride = TIANOCOMPRESSED PerformancePkg/Dp_App/Dp.inf
> RAW ACPI |.acpi
> RAW ASL |.aml
> }
> +
> +[Rule.Common.PEIM.FMP_IMAGE_DESC]
> + FILE PEIM = $(NAMED_GUID) {
> + RAW BIN |.acpi
> + PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
> + PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> diff --git a/QuarkPlatformPkg/QuarkMin.dsc b/QuarkPlatformPkg/QuarkMin.dsc
> index 1a4bd30..be85e3f 100644
> --- a/QuarkPlatformPkg/QuarkMin.dsc
> +++ b/QuarkPlatformPkg/QuarkMin.dsc
> @@ -161,6 +161,8 @@
> AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
> !endif
>
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
> +
> #
> # CPU
> #
> @@ -547,10 +549,7 @@
> MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
> MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
> MdeModulePkg/Universal/Variable/EmuRuntimeDxe/EmuVariableRuntimeDxe.inf
> - MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf {
> - <LibraryClasses>
> - CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
> - }
> + MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
> MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
> MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
> PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH V4 7/8] QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support.
2016-10-27 0:40 ` Kinney, Michael D
@ 2016-10-27 1:08 ` Yao, Jiewen
0 siblings, 0 replies; 17+ messages in thread
From: Yao, Jiewen @ 2016-10-27 1:08 UTC (permalink / raw)
To: Kinney, Michael D, edk2-devel@lists.01.org
Cc: Tian, Feng, Gao, Liming, Zeng, Star, Zhang, Chao B
Agree and updated.
From: Kinney, Michael D
Sent: Thursday, October 27, 2016 8:41 AM
To: Yao, Jiewen <jiewen.yao@intel.com>; edk2-devel@lists.01.org; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Tian, Feng <feng.tian@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star <star.zeng@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [edk2] [PATCH V4 7/8] QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support.
Jiewen,
A couple comments inline below.
Mike
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:32 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star
> <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Subject: [edk2] [PATCH V4 7/8] QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support.
>
> Add capsule and recovery support module in platform dsc and fdf.
>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Kelly Steele <kelly.steele@intel.com<mailto:kelly.steele@intel.com>>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> ---
> QuarkPlatformPkg/Quark.dsc | 72 ++++++++--
> QuarkPlatformPkg/Quark.fdf | 141 ++++++++++++++++++++
> QuarkPlatformPkg/QuarkMin.dsc | 7 +-
> 3 files changed, 205 insertions(+), 15 deletions(-)
>
> diff --git a/QuarkPlatformPkg/Quark.dsc b/QuarkPlatformPkg/Quark.dsc
> index d5988da..153f6e7 100644
> --- a/QuarkPlatformPkg/Quark.dsc
> +++ b/QuarkPlatformPkg/Quark.dsc
> @@ -39,6 +39,8 @@
> DEFINE SOURCE_DEBUG_ENABLE = FALSE
> DEFINE PERFORMANCE_ENABLE = FALSE
> DEFINE LOGGING = FALSE
> + DEFINE CAPSULE_ENABLE = TRUE
> + DEFINE RECOVERY_ENABLE = TRUE
>
> #
> # Galileo board. Options are [GEN1, GEN2]
> @@ -160,11 +162,9 @@
> PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
> !endif
>
> -!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE)
> OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> -!endif
>
> !if $(SECURE_BOOT_ENABLE)
> PlatformSecureLib|QuarkPlatformPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
> @@ -225,6 +225,17 @@
>
> PlatformPcieHelperLib|QuarkPlatformPkg/Library/PlatformPcieHelperLib/PlatformPcieHelper
> Lib.inf
>
> PlatformHelperLib|QuarkPlatformPkg/Library/PlatformHelperLib/DxePlatformHelperLib.inf
>
> +!if $(CAPSULE_ENABLE)
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
> +!else
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
> +!endif
> +
> +
> EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsule
> Lib.inf
> +
> FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLib
> Null.inf
> + IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf
> +
> PlatformFlashAccessLib|QuarkPlatformPkg/Feature/Capsule/Library/PlatformFlashAccessLib/
> PlatformFlashAccessLibDxe.inf
> +
> [LibraryClasses.common.SEC]
> #
> # SEC specific phase
> @@ -250,9 +261,7 @@
>
> PlatformHelperLib|QuarkPlatformPkg/Library/PlatformHelperLib/PeiPlatformHelperLib.inf
>
> CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHand
> lerLib.inf
> MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
> -!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE)
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> -!endif
> !if $(PERFORMANCE_ENABLE)
> PerformanceLib|MdeModulePkg/Library/PeiPerformanceLib/PeiPerformanceLib.inf
> !endif
> @@ -273,9 +282,7 @@
> PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
>
> CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandler
> Lib.inf
> SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
> -!if $(SECURE_BOOT_ENABLE) || $(MEASURED_BOOT_ENABLE)
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> -!endif
> !if $(PERFORMANCE_ENABLE)
> PerformanceLib|MdeModulePkg/Library/SmmPerformanceLib/SmmPerformanceLib.inf
> !endif
> @@ -301,6 +308,10 @@
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> !endif
>
> +!if $(CAPSULE_ENABLE)
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
> +!endif
> +
> [LibraryClasses.IA32.UEFI_DRIVER,LibraryClasses.IA32.UEFI_APPLICATION]
> PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
>
> @@ -431,6 +442,10 @@
>
> gEfiMdeModulePkgTokenSpaceGuid.PcdConInConnectOnDemand|FALSE
>
> +!if $(RECOVERY_ENABLE)
> + gEfiMdeModulePkgTokenSpaceGuid.PcdRecoveryFileName|L"QUARKREC.Cap"
> +!endif
> +
> [PcdsPatchableInModule]
> gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x803000C7
> gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0
> @@ -449,6 +464,11 @@
> gQuarkPlatformTokenSpaceGuid.PcdUserIsPhysicallyPresent|FALSE
> gQuarkPlatformTokenSpaceGuid.PcdSpiFlashDeviceSize|0
>
> +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
> +
> gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x
> 100
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0xc0, 0x20, 0xaf,
> 0x62, 0x16, 0x70, 0x4a, 0x42, 0x9b, 0xf8, 0x9c, 0xcc, 0x86, 0x58, 0x40, 0x90}
> +!endif
> +
> !if $(MEASURED_BOOT_ENABLE)
> #
> # TPM1.2 { 0x8b01e5b6, 0x4f19, 0x46e8, { 0xab, 0x93, 0x1c, 0x53, 0x67, 0x1b,
> 0x90, 0xcc } }
> @@ -540,6 +560,11 @@
> !endif
> }
>
> +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
> + # FMP image decriptor
> +
> QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> +!endif
> +
> #
> # PEI Core
> #
> @@ -594,6 +619,7 @@
> #
> # Recovery
> #
> +!if $(RECOVERY_ENABLE)
> QuarkSocPkg/QuarkSouthCluster/Usb/Common/Pei/UsbPei.inf
> MdeModulePkg/Bus/Pci/EhciPei/EhciPei.inf
> QuarkSocPkg/QuarkSouthCluster/Usb/Ohci/Pei/OhciPei.inf
> @@ -601,6 +627,11 @@
> MdeModulePkg/Bus/Usb/UsbBusPei/UsbBusPei.inf
> FatPkg/FatPei/FatPei.inf
> MdeModulePkg/Universal/Disk/CdExpressPei/CdExpressPei.inf
> + SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.inf {
> + <LibraryClasses>
> +
> FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthentic
> ationLibRsa2048Sha256.inf
> + }
> +!endif
>
> [Components.IA32]
> #
> @@ -645,11 +676,7 @@
> NULL|MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf
> }
>
> - MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf {
> - <LibraryClasses>
> - GenericBdsLib|IntelFrameworkModulePkg/Library/GenericBdsLib/GenericBdsLib.inf
> - CapsuleLib|IntelFrameworkModulePkg/Library/DxeCapsuleLib/DxeCapsuleLib.inf
> - }
> + MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
> MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
> MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
> PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
> @@ -675,6 +702,11 @@
> <LibraryClasses>
>
> UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
>
> PlatformBootManagerLib|QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootMana
> gerLib.inf
> +!if $(CAPSULE_ENABLE)
> +
> FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLib
> Pkcs7.inf
> +!else
> +
> FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLib
> Null.inf
> +!endif
> }
> MdeModulePkg/Application/UiApp/UiApp.inf {
> <LibraryClasses>
> @@ -889,5 +921,23 @@
> gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
> }
>
> +!if $(CAPSULE_ENABLE)
> + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
> +
> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf {
> + <LibraryClasses>
> +
> FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLib
> Pkcs7.inf
> + }
> + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf {
> + <LibraryClasses>
> +
> FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLib
> Pkcs7.inf
> + }
> +
> + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf {
> + <LibraryClasses>
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> + }
> +!endif
> +
> [BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]
> MSFT:*_*_*_DLINK_FLAGS = /ALIGN:4096
> diff --git a/QuarkPlatformPkg/Quark.fdf b/QuarkPlatformPkg/Quark.fdf
> index 9f51eb3..a9d828d 100644
> --- a/QuarkPlatformPkg/Quark.fdf
> +++ b/QuarkPlatformPkg/Quark.fdf
> @@ -317,6 +317,11 @@ APRIORI PEI {
> ##
> INF UefiCpuPkg/SecCore/SecCore.inf
>
> +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
> + # FMP image decriptor
> +INF RuleOverride = FMP_IMAGE_DESC
> QuarkPlatformPkg/Feature/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf
> +!endif
> +
> INF MdeModulePkg/Core/Pei/PeiMain.inf
>
> ##
> @@ -347,12 +352,16 @@ INF SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf
> INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
> !endif
>
> +!if $(RECOVERY_ENABLE)
> FILE FV_IMAGE = 1E9D7604-EF45-46a0-BD8A-71AC78C17AC1 {
> SECTION PEI_DEPEX_EXP = {gEfiPeiMemoryDiscoveredPpiGuid AND
> gEfiPeiBootInRecoveryModePpiGuid}
> SECTION GUIDED A31280AD-481E-41B6-95E8-127F4C984779 { # TIANO COMPRESS GUID
> SECTION FV_IMAGE = FVRECOVERY_COMPONENTS
> }
> }
> +!endif
> +
> +!if $(RECOVERY_ENABLE)
>
> ################################################################################
> #
> @@ -390,6 +399,9 @@ INF MdeModulePkg/Bus/Usb/UsbBusPei/UsbBusPei.inf
> INF MdeModulePkg/Bus/Usb/UsbBotPei/UsbBotPei.inf
> INF FatPkg/FatPei/FatPei.inf
> INF MdeModulePkg/Universal/Disk/CdExpressPei/CdExpressPei.inf
> +INF SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPei.inf
> +
> +!endif
>
> ################################################################################
> #
> @@ -579,6 +591,25 @@ INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
> INF RuleOverride = DRIVER_ACPITABLE SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
> !endif
>
> +!if $(CAPSULE_ENABLE)
> +INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf
> +INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf
> +!endif
> +
> +!if $(RECOVERY_ENABLE)
> +FILE FREEFORM =
> PCD(gQuarkPlatformTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid) {
> + SECTION RAW = BaseTools/Source/Python/Rsa2048Sha256Sign/TestSigningPublicKey.bin
> + SECTION UI = "Rsa2048Sha256TestSigningPublicKey"
> + }
> +!endif
> +
> +!if $(CAPSULE_ENABLE)
> +FILE FREEFORM = PCD(gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) {
> + SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer
> + SECTION UI = "Pkcs7TestRoot"
> + }
> +!endif
> +
> ################################################################################
> #
> # FV Section
> @@ -650,6 +681,106 @@ INF RuleOverride = TIANOCOMPRESSED
> ShellPkg/Application/Shell/Shell.inf
> INF RuleOverride = TIANOCOMPRESSED PerformancePkg/Dp_App/Dp.inf
> !endif
>
> +!if $(CAPSULE_ENABLE) || $(RECOVERY_ENABLE)
> +
> +[FV.CapsuleDispatchFv]
> +FvAlignment = 16
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> +!if $(CAPSULE_ENABLE)
> +INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf
> +!endif
> +
> +[FV.SystemFirmwareUpdateCargo]
> +FvAlignment = 16
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> +FILE RAW = AF9C9EB2-12AD-4D3E-A4D4-96F6C9966215 { # PcdEdkiiSystemFirmwareFileGuid
> + FD = Quark
> + }
> +
> +FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { #
> gEdkiiSystemFmpCapsuleDriverFvFileGuid
> + FV = CapsuleDispatchFv
> + }
> +
> +FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { #
> gEdkiiSystemFmpCapsuleConfigFileGuid
> +
> QuarkPlatformPkg/Feature/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.
> ini
> + }
> +
Add !endif here. Non need to nest !if.
> +!if $(CAPSULE_ENABLE)
> +[FmpPayload.FmpPayloadSystemFirmwarePkcs7]
> +IMAGE_HEADER_INIT_VERSION = 0x02
> +IMAGE_TYPE_ID = 62af20c0-7016-424a-9bf8-9ccc86584090 #
> PcdSystemFmpCapsuleImageTypeIdGuid
> +IMAGE_INDEX = 0x1
> +HARDWARE_INSTANCE = 0x0
> +MONOTONIC_COUNT = 0x2
> +CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7
> +
> +FV = SystemFirmwareUpdateCargo
> +!endif
> +
Move the following section down with the other RECOVERY_ENABLE section so there
is only one !if (CAPSULE_ENABLE) with 2 sections and one !if (RECOVERY_ENABLE)
with 2 sections,
> +!if $(RECOVERY_ENABLE)
> +[FmpPayload.FmpPayloadSystemFirmwareRsa2048]
> +IMAGE_HEADER_INIT_VERSION = 0x02
> +IMAGE_TYPE_ID = 62af20c0-7016-424a-9bf8-9ccc86584090 #
> PcdSystemFmpCapsuleImageTypeIdGuid
> +IMAGE_INDEX = 0x1
> +HARDWARE_INSTANCE = 0x0
> +MONOTONIC_COUNT = 0x2
> +CERTIFICATE_GUID = A7717414-C616-4977-9420-844712A735BF # RSA2048SHA256
> +
> +FV = SystemFirmwareUpdateCargo
> +!endif
> +
> +!if $(CAPSULE_ENABLE)
> +[Capsule.QuarkFirmwareUpdateCapsuleFmpPkcs7]
> +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a #
> gEfiFmpCapsuleGuid
> +CAPSULE_FLAGS = PersistAcrossReset,InitiateReset
> +CAPSULE_HEADER_SIZE = 0x20
> +CAPSULE_HEADER_INIT_VERSION = 0x1
> +
> +FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7
> +!endif
> +
> +!if $(RECOVERY_ENABLE)
> +[Capsule.QuarkRec]
> +CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a #
> gEfiFmpCapsuleGuid
> +CAPSULE_FLAGS = PersistAcrossReset,InitiateReset
> +CAPSULE_HEADER_SIZE = 0x20
> +CAPSULE_HEADER_INIT_VERSION = 0x1
> +
> +FMP_PAYLOAD = FmpPayloadSystemFirmwareRsa2048
> +!endif
> +
> +!endif
> +
> ################################################################################
> #
> # Rules are use with the [FV] section's module INF type to define
> @@ -771,3 +902,13 @@ INF RuleOverride = TIANOCOMPRESSED PerformancePkg/Dp_App/Dp.inf
> RAW ACPI |.acpi
> RAW ASL |.aml
> }
> +
> +[Rule.Common.PEIM.FMP_IMAGE_DESC]
> + FILE PEIM = $(NAMED_GUID) {
> + RAW BIN |.acpi
> + PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
> + PE32 PE32 Align=4K $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> diff --git a/QuarkPlatformPkg/QuarkMin.dsc b/QuarkPlatformPkg/QuarkMin.dsc
> index 1a4bd30..be85e3f 100644
> --- a/QuarkPlatformPkg/QuarkMin.dsc
> +++ b/QuarkPlatformPkg/QuarkMin.dsc
> @@ -161,6 +161,8 @@
> AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
> !endif
>
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
> +
> #
> # CPU
> #
> @@ -547,10 +549,7 @@
> MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
> MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
> MdeModulePkg/Universal/Variable/EmuRuntimeDxe/EmuVariableRuntimeDxe.inf
> - MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf {
> - <LibraryClasses>
> - CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
> - }
> + MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
> MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
> MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
> PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH V4 1/8] QuarkPlatformPkg/dec: Add test key file guid.
2016-10-23 2:31 ` [PATCH V4 1/8] QuarkPlatformPkg/dec: Add test key file guid Jiewen Yao
@ 2016-10-27 1:27 ` Kinney, Michael D
2016-10-27 1:31 ` Yao, Jiewen
0 siblings, 1 reply; 17+ messages in thread
From: Kinney, Michael D @ 2016-10-27 1:27 UTC (permalink / raw)
To: Yao, Jiewen, edk2-devel@lists.01.org, Kinney, Michael D
Cc: Tian, Feng, Gao, Liming, Zeng, Star, Zhang, Chao B
Jiewen,
Why are these 2 PCDs added to a platform specific DEC file?
The same feedback applies to the Vlv2 platform.
Since we want platform agnostic detection for the use of
test keys, these PCDs should be added to SignedCapsulePkg.
I think the best place to do the check for use of test keys
and set the gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed PCD
is in a module in SignedCapsulePkg that is required to be present
and run every boot before BDS runs when recovery or capsule
support is enabled.
In a previous feedback email I suggested that this test key
check be moved to BdsEntry.c, but that will not work because that
module does not have access to PCDs defined in SignedCapsulePkg.
Best regards,
Mike
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:32 PM
> To: edk2-devel@lists.01.org
> Cc: Tian, Feng <feng.tian@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star
> <star.zeng@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>
> Subject: [edk2] [PATCH V4 1/8] QuarkPlatformPkg/dec: Add test key file guid.
>
> We will add PKCS7 and RSA2048SHA256 test key file to FDF,
> to check if the platform is using default test key,
> or different production key.
>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Kelly Steele <kelly.steele@intel.com>
> Cc: Feng Tian <feng.tian@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> ---
> QuarkPlatformPkg/QuarkPlatformPkg.dec | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/QuarkPlatformPkg/QuarkPlatformPkg.dec
> b/QuarkPlatformPkg/QuarkPlatformPkg.dec
> index f4ab18c..fbd7987 100644
> --- a/QuarkPlatformPkg/QuarkPlatformPkg.dec
> +++ b/QuarkPlatformPkg/QuarkPlatformPkg.dec
> @@ -895,6 +895,9 @@
> gQuarkPlatformTokenSpaceGuid.PcdFlashFvRecoveryBase|0xFFEC0400|UINT32|0xA00002AB
> gQuarkPlatformTokenSpaceGuid.PcdFlashFvRecoverySize|0x0003F000|UINT32|0xA00002AC
>
> + gQuarkPlatformTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid|{0x04, 0xe1,
> 0xfe, 0xc4, 0x57, 0x66, 0x36, 0x49, 0xa6, 0x11, 0x13, 0x8d, 0xbc, 0x2a, 0x76,
> 0xad}|VOID*|0xA0010001
> + gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid|{0xba, 0xf5, 0x93,
> 0xf0, 0x37, 0x6f, 0x16, 0x48, 0x9e, 0x52, 0x91, 0xbe, 0xa0, 0xf7, 0xe0,
> 0xb8}|VOID*|0xA0010002
> +
> [PcdsDynamic, PcdsDynamicEx]
> ## Provides the ability to enable the Fast Boot feature of the BIOS. This
> # enables the system to boot faster but may only enumerate the hardware
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH V4 1/8] QuarkPlatformPkg/dec: Add test key file guid.
2016-10-27 1:27 ` Kinney, Michael D
@ 2016-10-27 1:31 ` Yao, Jiewen
0 siblings, 0 replies; 17+ messages in thread
From: Yao, Jiewen @ 2016-10-27 1:31 UTC (permalink / raw)
To: Kinney, Michael D, edk2-devel@lists.01.org
Cc: Tian, Feng, Gao, Liming, Zeng, Star, Zhang, Chao B
Agree. I will move the 2 PCD to SignedCapsulePkg.
From: Kinney, Michael D
Sent: Thursday, October 27, 2016 9:28 AM
To: Yao, Jiewen <jiewen.yao@intel.com>; edk2-devel@lists.01.org; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Tian, Feng <feng.tian@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star <star.zeng@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [edk2] [PATCH V4 1/8] QuarkPlatformPkg/dec: Add test key file guid.
Jiewen,
Why are these 2 PCDs added to a platform specific DEC file?
The same feedback applies to the Vlv2 platform.
Since we want platform agnostic detection for the use of
test keys, these PCDs should be added to SignedCapsulePkg.
I think the best place to do the check for use of test keys
and set the gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed PCD
is in a module in SignedCapsulePkg that is required to be present
and run every boot before BDS runs when recovery or capsule
support is enabled.
In a previous feedback email I suggested that this test key
check be moved to BdsEntry.c, but that will not work because that
module does not have access to PCDs defined in SignedCapsulePkg.
Best regards,
Mike
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:32 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star
> <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Subject: [edk2] [PATCH V4 1/8] QuarkPlatformPkg/dec: Add test key file guid.
>
> We will add PKCS7 and RSA2048SHA256 test key file to FDF,
> to check if the platform is using default test key,
> or different production key.
>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Kelly Steele <kelly.steele@intel.com<mailto:kelly.steele@intel.com>>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> ---
> QuarkPlatformPkg/QuarkPlatformPkg.dec | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/QuarkPlatformPkg/QuarkPlatformPkg.dec
> b/QuarkPlatformPkg/QuarkPlatformPkg.dec
> index f4ab18c..fbd7987 100644
> --- a/QuarkPlatformPkg/QuarkPlatformPkg.dec
> +++ b/QuarkPlatformPkg/QuarkPlatformPkg.dec
> @@ -895,6 +895,9 @@
> gQuarkPlatformTokenSpaceGuid.PcdFlashFvRecoveryBase|0xFFEC0400|UINT32|0xA00002AB
> gQuarkPlatformTokenSpaceGuid.PcdFlashFvRecoverySize|0x0003F000|UINT32|0xA00002AC
>
> + gQuarkPlatformTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid|{0x04, 0xe1,
> 0xfe, 0xc4, 0x57, 0x66, 0x36, 0x49, 0xa6, 0x11, 0x13, 0x8d, 0xbc, 0x2a, 0x76,
> 0xad}|VOID*|0xA0010001
> + gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid|{0xba, 0xf5, 0x93,
> 0xf0, 0x37, 0x6f, 0x16, 0x48, 0x9e, 0x52, 0x91, 0xbe, 0xa0, 0xf7, 0xe0,
> 0xb8}|VOID*|0xA0010002
> +
> [PcdsDynamic, PcdsDynamicEx]
> ## Provides the ability to enable the Fast Boot feature of the BIOS. This
> # enables the system to boot faster but may only enumerate the hardware
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling.
2016-10-26 23:36 ` Kinney, Michael D
@ 2016-10-27 1:48 ` Yao, Jiewen
2016-10-27 2:14 ` Kinney, Michael D
0 siblings, 1 reply; 17+ messages in thread
From: Yao, Jiewen @ 2016-10-27 1:48 UTC (permalink / raw)
To: Kinney, Michael D, edk2-devel@lists.01.org
Cc: Tian, Feng, Gao, Liming, Zeng, Star, Zhang, Chao B
Yes, Mike. You are right.
We do have plan to make it generic. As we discussed before, we will enhance the tool to detect such info and set a PCD at build time. Then we can include that in the UiApp driver to report such error directly.
The tool is not ready yet. So current platform solution is just a temporary solution.
We do have plan to migrate to the new solution after the tool is ready. Then we can clean up the platform BDS code.
Thank you
Yao Jiewen
From: Kinney, Michael D
Sent: Thursday, October 27, 2016 7:36 AM
To: Yao, Jiewen <jiewen.yao@intel.com>; edk2-devel@lists.01.org; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Tian, Feng <feng.tian@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star <star.zeng@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [edk2] [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling.
Jiewen,
Can the code that checks for the use of a test key be moved into a common BDS lib or module?
Maybe in MdeModulePkg\Universal\BdsDxe\BdsEntry.c right before the call to
PlatformBootManagerAfterConsole()? The logic in BdsEntry.c can do the check and set the
PcdTestKeyUsed PCD and can go a DEBUG() message for the use of a test key.
With the current design, you depend on a platform specific BDS library to include the test
key check, and we want to make sure the check for the use of a test key is always performed.
Also, the test key check against PcdRsa2048Sha256PublicKeyBuffer is incomplete. The DEC file
description of this PCD is as follows:
## Provides one or more SHA 256 Hashes of the RSA 2048 public keys used to verify Recovery and Capsule Update images
# WARNING: The default value is treated as test key. Please do not use default value in the production.
# @Prompt One or more SHA 256 Hashes of RSA 2048 bit public keys used to verify Recovery and Capsule Update images
#
gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0x91, 0x29, 0xc4, 0xbd, 0xea, 0x6d, 0xda, 0xb3, 0xaa, 0x6f, 0x50, 0x16, 0xfc, 0xdb, 0x4b, 0x7e, 0x3c, 0xd6, 0xdc, 0xa4, 0x7a, 0x0e, 0xdd, 0xe6, 0x15, 0x8c, 0x73, 0x96, 0xa2, 0xd4, 0xa6, 0x4d}|VOID*|0x00010013
Since this PCD provides one or more SHA 256 Hashes, the check for the use of a test key needs to get the
Size, determine how many hashes are in this PCD, and compare the test key value against each entry in
this array.
Thanks,
Mike
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:32 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star
> <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Subject: [edk2] [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add
> capsule/recovery handling.
>
> 1) Add capsule and recovery boot path handling in platform BDS.
> 2) Add check if the platform is using default test key for recovery or update.
> Produce PcdTestKeyUsed to indicate if there is any
> test key used in current BIOS, such as recovery key,
> or capsule update key.
> Then the generic UI may consume this PCD to show warning information.
>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Kelly Steele <kelly.steele@intel.com<mailto:kelly.steele@intel.com>>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> ---
> QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c | 131
> +++++++++++++++++++-
> QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h | 9 +-
> QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf | 16 ++-
> 3 files changed, 151 insertions(+), 5 deletions(-)
>
> diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> index 19ff3d0..f327c89 100644
> --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> @@ -2,7 +2,7 @@
> This file include all platform action which can be customized
> by IBV/OEM.
>
> -Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
> This program and the accompanying materials
> are licensed and made available under the terms and conditions of the BSD License
> which accompanies this distribution. The full text of the license may be found at
> @@ -205,6 +205,8 @@ PlatformBootManagerBeforeConsole (
> EFI_INPUT_KEY Enter;
> EFI_INPUT_KEY F2;
> EFI_BOOT_MANAGER_LOAD_OPTION BootOption;
> + ESRT_MANAGEMENT_PROTOCOL *EsrtManagement;
> + EFI_BOOT_MODE BootMode;
> EFI_ACPI_S3_SAVE_PROTOCOL *AcpiS3Save;
> EFI_HANDLE Handle;
> EFI_EVENT EndOfDxeEvent;
> @@ -246,6 +248,40 @@ PlatformBootManagerBeforeConsole (
> //
> PlatformRegisterFvBootOption (&mUefiShellFileGuid, L"UEFI Shell",
> LOAD_OPTION_ACTIVE);
>
> + Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtManagement);
> + if (EFI_ERROR(Status)) {
> + EsrtManagement = NULL;
> + }
> +
> + BootMode = GetBootModeHob();
> + switch (BootMode) {
> + case BOOT_ON_FLASH_UPDATE:
> + DEBUG((EFI_D_INFO, "ProcessCapsules Before EndOfDxe ......\n"));
> + Status = ProcessCapsules ();
> + DEBUG((EFI_D_INFO, "ProcessCapsules %r\n", Status));
> + break;
> + case BOOT_IN_RECOVERY_MODE:
> + break;
> + case BOOT_ASSUMING_NO_CONFIGURATION_CHANGES:
> + case BOOT_WITH_MINIMAL_CONFIGURATION:
> + case BOOT_ON_S4_RESUME:
> + if (EsrtManagement != NULL) {
> + //
> + // Lock ESRT cache repository before EndofDxe if ESRT sync is not needed
> + //
> + EsrtManagement->LockEsrtRepository();
> + }
> + break;
> + default:
> + //
> + // Require to sync ESRT from FMP in a new boot
> + //
> + if (EsrtManagement != NULL) {
> + EsrtManagement->SyncEsrtFmp();
> + }
> + break;
> + }
> +
> //
> // Prepare for S3
> //
> @@ -303,7 +339,64 @@ PlatformBootManagerAfterConsole (
> VOID
> )
> {
> - EFI_STATUS Status;
> + EFI_STATUS Status;
> + EFI_BOOT_MODE BootMode;
> + ESRT_MANAGEMENT_PROTOCOL *EsrtManagement;
> + VOID *Buffer;
> + UINTN Size;
> +
> + Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtManagement);
> + if (EFI_ERROR(Status)) {
> + EsrtManagement = NULL;
> + }
> +
> + BootMode = GetBootModeHob();
> + switch (BootMode) {
> + case BOOT_ON_FLASH_UPDATE:
> + DEBUG((EFI_D_INFO, "Capsule Mode detected\n"));
> + if (FeaturePcdGet(PcdSupportUpdateCapsuleReset)) {
> + EfiBootManagerConnectAll ();
> + EfiBootManagerRefreshAllBootOption ();
> +
> + //
> + // Always sync ESRT Cache from FMP Instances after connect all and before
> capsule process
> + //
> + if (EsrtManagement != NULL) {
> + EsrtManagement->SyncEsrtFmp();
> + }
> +
> + DEBUG((EFI_D_INFO, "ProcessCapsules After ConnectAll ......\n"));
> + Status = ProcessCapsules();
> + DEBUG((EFI_D_INFO, "ProcessCapsules %r\n", Status));
> + }
> + break;
> +
> + case BOOT_IN_RECOVERY_MODE:
> + DEBUG((EFI_D_INFO, "Recovery Mode detected\n"));
> + // Passthrough
> +
> + case BOOT_ASSUMING_NO_CONFIGURATION_CHANGES:
> + case BOOT_WITH_MINIMAL_CONFIGURATION:
> + case BOOT_WITH_FULL_CONFIGURATION:
> + case BOOT_WITH_FULL_CONFIGURATION_PLUS_DIAGNOSTICS:
> + case BOOT_WITH_DEFAULT_SETTINGS:
> + default:
> + EfiBootManagerConnectAll ();
> + EfiBootManagerRefreshAllBootOption ();
> +
> + //
> + // Sync ESRT Cache from FMP Instance on demand after Connect All
> + //
> + if ((BootMode != BOOT_ASSUMING_NO_CONFIGURATION_CHANGES) &&
> + (BootMode != BOOT_WITH_MINIMAL_CONFIGURATION) &&
> + (BootMode != BOOT_ON_S4_RESUME)) {
> + if (EsrtManagement != NULL) {
> + EsrtManagement->SyncEsrtFmp();
> + }
> + }
> +
> + break;
> + }
>
> Print (
> L"\n"
> @@ -313,6 +406,40 @@ PlatformBootManagerAfterConsole (
> );
>
> //
> + // Check if the platform is using test key.
> + //
> + Status = GetSectionFromAnyFv(
> + PcdGetPtr(PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid),
> + EFI_SECTION_RAW,
> + 0,
> + &Buffer,
> + &Size
> + );
> + if (!EFI_ERROR(Status)) {
> + if ((Size == PcdGetSize(PcdRsa2048Sha256PublicKeyBuffer)) &&
> + (CompareMem(Buffer, PcdGetPtr(PcdRsa2048Sha256PublicKeyBuffer), Size) == 0)) {
> + Print(L"WARNING: Recovery Test Key is used.\n");
> + PcdSetBoolS(PcdTestKeyUsed, TRUE);
> + }
> + FreePool(Buffer);
> + }
> + Status = GetSectionFromAnyFv(
> + PcdGetPtr(PcdEdkiiPkcs7TestPublicKeyFileGuid),
> + EFI_SECTION_RAW,
> + 0,
> + &Buffer,
> + &Size
> + );
> + if (!EFI_ERROR(Status)) {
> + if ((Size == PcdGetSize(PcdPkcs7CertBuffer)) &&
> + (CompareMem(Buffer, PcdGetPtr(PcdPkcs7CertBuffer), Size) == 0)) {
> + Print(L"WARNING: Capsule Test Key is used.\n");
> + PcdSetBoolS(PcdTestKeyUsed, TRUE);
> + }
> + FreePool(Buffer);
> + }
> +
> + //
> // Use a DynamicHii type pcd to save the boot status, which is used to
> // control configuration mode, such as FULL/MINIMAL/NO_CHANGES configuration.
> //
> diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> index 7413883..395f78b 100644
> --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> @@ -1,7 +1,7 @@
> /** @file
> Head file for BDS Platform specific code
>
> -Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
> This program and the accompanying materials
> are licensed and made available under the terms and conditions of the BSD License
> which accompanies this distribution. The full text of the license may be found at
> @@ -21,6 +21,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
> IMPLIED.
> #include <Protocol/FirmwareVolume2.h>
> #include <Protocol/AcpiS3Save.h>
> #include <Protocol/DxeSmmReadyToLock.h>
> +#include <Protocol/EsrtManagement.h>
> #include <Guid/DebugAgentGuid.h>
> #include <Guid/EventGroup.h>
> #include <Guid/PcAnsi.h>
> @@ -32,9 +33,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
> IMPLIED.
> #include <Library/DevicePathLib.h>
> #include <Library/MemoryAllocationLib.h>
> #include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> #include <Library/UefiLib.h>
> #include <Library/UefiBootManagerLib.h>
> -
> +#include <Library/PrintLib.h>
> +#include <Library/HobLib.h>
> +#include <Library/CapsuleLib.h>
> +#include <Library/DxeServicesLib.h>
>
> typedef struct {
> EFI_DEVICE_PATH_PROTOCOL *DevicePath;
> diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> index d59f14a..eadf1fe 100644
> --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> @@ -1,7 +1,7 @@
> ## @file
> # Include all platform action which can be customized by IBV/OEM.
> #
> -# Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
> +# Copyright (c) 2012 - 2016, Intel Corporation. All rights reserved.<BR>
> # This program and the accompanying materials
> # are licensed and made available under the terms and conditions of the BSD License
> # which accompanies this distribution. The full text of the license may be found at
> @@ -38,6 +38,8 @@
> IntelFrameworkPkg/IntelFrameworkPkg.dec
> IntelFrameworkModulePkg/IntelFrameworkModulePkg.dec
> SourceLevelDebugPkg/SourceLevelDebugPkg.dec
> + QuarkPlatformPkg/QuarkPlatformPkg.dec
> + SecurityPkg/SecurityPkg.dec
>
> [LibraryClasses]
> BaseLib
> @@ -49,11 +51,16 @@
> UefiBootServicesTableLib
> UefiLib
> UefiBootManagerLib
> + PrintLib
> + HobLib
> + CapsuleLib
> + DxeServicesLib
>
> [Protocols]
> gEfiFirmwareVolume2ProtocolGuid
> gEfiAcpiS3SaveProtocolGuid
> gEfiDxeSmmReadyToLockProtocolGuid
> + gEsrtManagementProtocolGuid
>
> [Guids]
> gEfiPcAnsiGuid
> @@ -70,3 +77,10 @@
> gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits
> gEfiMdePkgTokenSpaceGuid.PcdDefaultTerminalType
> gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdBootState
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSupportUpdateCapsuleReset
> + gQuarkPlatformTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid
> + gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid
> + gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer
> + gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer
> + gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed
> +
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling.
2016-10-27 1:48 ` Yao, Jiewen
@ 2016-10-27 2:14 ` Kinney, Michael D
0 siblings, 0 replies; 17+ messages in thread
From: Kinney, Michael D @ 2016-10-27 2:14 UTC (permalink / raw)
To: Yao, Jiewen, edk2-devel@lists.01.org, Kinney, Michael D
Cc: Tian, Feng, Gao, Liming, Zeng, Star, Zhang, Chao B
Jiewen,
Thanks. That makes sense.
Let's make sure the array is handled correctly in this platform specific solution and the new tool feature.
Mike
From: Yao, Jiewen
Sent: Wednesday, October 26, 2016 6:48 PM
To: Kinney, Michael D <michael.d.kinney@intel.com>; edk2-devel@lists.01.org
Cc: Tian, Feng <feng.tian@intel.com>; Gao, Liming <liming.gao@intel.com>; Zeng, Star <star.zeng@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [edk2] [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling.
Yes, Mike. You are right.
We do have plan to make it generic. As we discussed before, we will enhance the tool to detect such info and set a PCD at build time. Then we can include that in the UiApp driver to report such error directly.
The tool is not ready yet. So current platform solution is just a temporary solution.
We do have plan to migrate to the new solution after the tool is ready. Then we can clean up the platform BDS code.
Thank you
Yao Jiewen
From: Kinney, Michael D
Sent: Thursday, October 27, 2016 7:36 AM
To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Zhang, Chao B <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
Subject: RE: [edk2] [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling.
Jiewen,
Can the code that checks for the use of a test key be moved into a common BDS lib or module?
Maybe in MdeModulePkg\Universal\BdsDxe\BdsEntry.c right before the call to
PlatformBootManagerAfterConsole()? The logic in BdsEntry.c can do the check and set the
PcdTestKeyUsed PCD and can go a DEBUG() message for the use of a test key.
With the current design, you depend on a platform specific BDS library to include the test
key check, and we want to make sure the check for the use of a test key is always performed.
Also, the test key check against PcdRsa2048Sha256PublicKeyBuffer is incomplete. The DEC file
description of this PCD is as follows:
## Provides one or more SHA 256 Hashes of the RSA 2048 public keys used to verify Recovery and Capsule Update images
# WARNING: The default value is treated as test key. Please do not use default value in the production.
# @Prompt One or more SHA 256 Hashes of RSA 2048 bit public keys used to verify Recovery and Capsule Update images
#
gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0x91, 0x29, 0xc4, 0xbd, 0xea, 0x6d, 0xda, 0xb3, 0xaa, 0x6f, 0x50, 0x16, 0xfc, 0xdb, 0x4b, 0x7e, 0x3c, 0xd6, 0xdc, 0xa4, 0x7a, 0x0e, 0xdd, 0xe6, 0x15, 0x8c, 0x73, 0x96, 0xa2, 0xd4, 0xa6, 0x4d}|VOID*|0x00010013
Since this PCD provides one or more SHA 256 Hashes, the check for the use of a test key needs to get the
Size, determine how many hashes are in this PCD, and compare the test key value against each entry in
this array.
Thanks,
Mike
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Jiewen Yao
> Sent: Saturday, October 22, 2016 7:32 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Tian, Feng <feng.tian@intel.com<mailto:feng.tian@intel.com>>; Gao, Liming <liming.gao@intel.com<mailto:liming.gao@intel.com>>; Zeng, Star
> <star.zeng@intel.com<mailto:star.zeng@intel.com>>; Kinney, Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Subject: [edk2] [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add
> capsule/recovery handling.
>
> 1) Add capsule and recovery boot path handling in platform BDS.
> 2) Add check if the platform is using default test key for recovery or update.
> Produce PcdTestKeyUsed to indicate if there is any
> test key used in current BIOS, such as recovery key,
> or capsule update key.
> Then the generic UI may consume this PCD to show warning information.
>
> Cc: Michael D Kinney <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>>
> Cc: Kelly Steele <kelly.steele@intel.com<mailto:kelly.steele@intel.com>>
> Cc: Feng Tian <feng.tian@intel.com<mailto:feng.tian@intel.com>>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Liming Gao <liming.gao@intel.com<mailto:liming.gao@intel.com>>
> Cc: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> ---
> QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c | 131
> +++++++++++++++++++-
> QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h | 9 +-
> QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf | 16 ++-
> 3 files changed, 151 insertions(+), 5 deletions(-)
>
> diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> index 19ff3d0..f327c89 100644
> --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
> @@ -2,7 +2,7 @@
> This file include all platform action which can be customized
> by IBV/OEM.
>
> -Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
> This program and the accompanying materials
> are licensed and made available under the terms and conditions of the BSD License
> which accompanies this distribution. The full text of the license may be found at
> @@ -205,6 +205,8 @@ PlatformBootManagerBeforeConsole (
> EFI_INPUT_KEY Enter;
> EFI_INPUT_KEY F2;
> EFI_BOOT_MANAGER_LOAD_OPTION BootOption;
> + ESRT_MANAGEMENT_PROTOCOL *EsrtManagement;
> + EFI_BOOT_MODE BootMode;
> EFI_ACPI_S3_SAVE_PROTOCOL *AcpiS3Save;
> EFI_HANDLE Handle;
> EFI_EVENT EndOfDxeEvent;
> @@ -246,6 +248,40 @@ PlatformBootManagerBeforeConsole (
> //
> PlatformRegisterFvBootOption (&mUefiShellFileGuid, L"UEFI Shell",
> LOAD_OPTION_ACTIVE);
>
> + Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtManagement);
> + if (EFI_ERROR(Status)) {
> + EsrtManagement = NULL;
> + }
> +
> + BootMode = GetBootModeHob();
> + switch (BootMode) {
> + case BOOT_ON_FLASH_UPDATE:
> + DEBUG((EFI_D_INFO, "ProcessCapsules Before EndOfDxe ......\n"));
> + Status = ProcessCapsules ();
> + DEBUG((EFI_D_INFO, "ProcessCapsules %r\n", Status));
> + break;
> + case BOOT_IN_RECOVERY_MODE:
> + break;
> + case BOOT_ASSUMING_NO_CONFIGURATION_CHANGES:
> + case BOOT_WITH_MINIMAL_CONFIGURATION:
> + case BOOT_ON_S4_RESUME:
> + if (EsrtManagement != NULL) {
> + //
> + // Lock ESRT cache repository before EndofDxe if ESRT sync is not needed
> + //
> + EsrtManagement->LockEsrtRepository();
> + }
> + break;
> + default:
> + //
> + // Require to sync ESRT from FMP in a new boot
> + //
> + if (EsrtManagement != NULL) {
> + EsrtManagement->SyncEsrtFmp();
> + }
> + break;
> + }
> +
> //
> // Prepare for S3
> //
> @@ -303,7 +339,64 @@ PlatformBootManagerAfterConsole (
> VOID
> )
> {
> - EFI_STATUS Status;
> + EFI_STATUS Status;
> + EFI_BOOT_MODE BootMode;
> + ESRT_MANAGEMENT_PROTOCOL *EsrtManagement;
> + VOID *Buffer;
> + UINTN Size;
> +
> + Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID
> **)&EsrtManagement);
> + if (EFI_ERROR(Status)) {
> + EsrtManagement = NULL;
> + }
> +
> + BootMode = GetBootModeHob();
> + switch (BootMode) {
> + case BOOT_ON_FLASH_UPDATE:
> + DEBUG((EFI_D_INFO, "Capsule Mode detected\n"));
> + if (FeaturePcdGet(PcdSupportUpdateCapsuleReset)) {
> + EfiBootManagerConnectAll ();
> + EfiBootManagerRefreshAllBootOption ();
> +
> + //
> + // Always sync ESRT Cache from FMP Instances after connect all and before
> capsule process
> + //
> + if (EsrtManagement != NULL) {
> + EsrtManagement->SyncEsrtFmp();
> + }
> +
> + DEBUG((EFI_D_INFO, "ProcessCapsules After ConnectAll ......\n"));
> + Status = ProcessCapsules();
> + DEBUG((EFI_D_INFO, "ProcessCapsules %r\n", Status));
> + }
> + break;
> +
> + case BOOT_IN_RECOVERY_MODE:
> + DEBUG((EFI_D_INFO, "Recovery Mode detected\n"));
> + // Passthrough
> +
> + case BOOT_ASSUMING_NO_CONFIGURATION_CHANGES:
> + case BOOT_WITH_MINIMAL_CONFIGURATION:
> + case BOOT_WITH_FULL_CONFIGURATION:
> + case BOOT_WITH_FULL_CONFIGURATION_PLUS_DIAGNOSTICS:
> + case BOOT_WITH_DEFAULT_SETTINGS:
> + default:
> + EfiBootManagerConnectAll ();
> + EfiBootManagerRefreshAllBootOption ();
> +
> + //
> + // Sync ESRT Cache from FMP Instance on demand after Connect All
> + //
> + if ((BootMode != BOOT_ASSUMING_NO_CONFIGURATION_CHANGES) &&
> + (BootMode != BOOT_WITH_MINIMAL_CONFIGURATION) &&
> + (BootMode != BOOT_ON_S4_RESUME)) {
> + if (EsrtManagement != NULL) {
> + EsrtManagement->SyncEsrtFmp();
> + }
> + }
> +
> + break;
> + }
>
> Print (
> L"\n"
> @@ -313,6 +406,40 @@ PlatformBootManagerAfterConsole (
> );
>
> //
> + // Check if the platform is using test key.
> + //
> + Status = GetSectionFromAnyFv(
> + PcdGetPtr(PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid),
> + EFI_SECTION_RAW,
> + 0,
> + &Buffer,
> + &Size
> + );
> + if (!EFI_ERROR(Status)) {
> + if ((Size == PcdGetSize(PcdRsa2048Sha256PublicKeyBuffer)) &&
> + (CompareMem(Buffer, PcdGetPtr(PcdRsa2048Sha256PublicKeyBuffer), Size) == 0)) {
> + Print(L"WARNING: Recovery Test Key is used.\n");
> + PcdSetBoolS(PcdTestKeyUsed, TRUE);
> + }
> + FreePool(Buffer);
> + }
> + Status = GetSectionFromAnyFv(
> + PcdGetPtr(PcdEdkiiPkcs7TestPublicKeyFileGuid),
> + EFI_SECTION_RAW,
> + 0,
> + &Buffer,
> + &Size
> + );
> + if (!EFI_ERROR(Status)) {
> + if ((Size == PcdGetSize(PcdPkcs7CertBuffer)) &&
> + (CompareMem(Buffer, PcdGetPtr(PcdPkcs7CertBuffer), Size) == 0)) {
> + Print(L"WARNING: Capsule Test Key is used.\n");
> + PcdSetBoolS(PcdTestKeyUsed, TRUE);
> + }
> + FreePool(Buffer);
> + }
> +
> + //
> // Use a DynamicHii type pcd to save the boot status, which is used to
> // control configuration mode, such as FULL/MINIMAL/NO_CHANGES configuration.
> //
> diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> index 7413883..395f78b 100644
> --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
> @@ -1,7 +1,7 @@
> /** @file
> Head file for BDS Platform specific code
>
> -Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
> This program and the accompanying materials
> are licensed and made available under the terms and conditions of the BSD License
> which accompanies this distribution. The full text of the license may be found at
> @@ -21,6 +21,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
> IMPLIED.
> #include <Protocol/FirmwareVolume2.h>
> #include <Protocol/AcpiS3Save.h>
> #include <Protocol/DxeSmmReadyToLock.h>
> +#include <Protocol/EsrtManagement.h>
> #include <Guid/DebugAgentGuid.h>
> #include <Guid/EventGroup.h>
> #include <Guid/PcAnsi.h>
> @@ -32,9 +33,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
> IMPLIED.
> #include <Library/DevicePathLib.h>
> #include <Library/MemoryAllocationLib.h>
> #include <Library/UefiBootServicesTableLib.h>
> +#include <Library/UefiRuntimeServicesTableLib.h>
> #include <Library/UefiLib.h>
> #include <Library/UefiBootManagerLib.h>
> -
> +#include <Library/PrintLib.h>
> +#include <Library/HobLib.h>
> +#include <Library/CapsuleLib.h>
> +#include <Library/DxeServicesLib.h>
>
> typedef struct {
> EFI_DEVICE_PATH_PROTOCOL *DevicePath;
> diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> index d59f14a..eadf1fe 100644
> --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> @@ -1,7 +1,7 @@
> ## @file
> # Include all platform action which can be customized by IBV/OEM.
> #
> -# Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
> +# Copyright (c) 2012 - 2016, Intel Corporation. All rights reserved.<BR>
> # This program and the accompanying materials
> # are licensed and made available under the terms and conditions of the BSD License
> # which accompanies this distribution. The full text of the license may be found at
> @@ -38,6 +38,8 @@
> IntelFrameworkPkg/IntelFrameworkPkg.dec
> IntelFrameworkModulePkg/IntelFrameworkModulePkg.dec
> SourceLevelDebugPkg/SourceLevelDebugPkg.dec
> + QuarkPlatformPkg/QuarkPlatformPkg.dec
> + SecurityPkg/SecurityPkg.dec
>
> [LibraryClasses]
> BaseLib
> @@ -49,11 +51,16 @@
> UefiBootServicesTableLib
> UefiLib
> UefiBootManagerLib
> + PrintLib
> + HobLib
> + CapsuleLib
> + DxeServicesLib
>
> [Protocols]
> gEfiFirmwareVolume2ProtocolGuid
> gEfiAcpiS3SaveProtocolGuid
> gEfiDxeSmmReadyToLockProtocolGuid
> + gEsrtManagementProtocolGuid
>
> [Guids]
> gEfiPcAnsiGuid
> @@ -70,3 +77,10 @@
> gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits
> gEfiMdePkgTokenSpaceGuid.PcdDefaultTerminalType
> gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdBootState
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSupportUpdateCapsuleReset
> + gQuarkPlatformTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid
> + gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid
> + gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer
> + gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer
> + gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed
> +
> --
> 2.7.4.windows.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 17+ messages in thread
end of thread, other threads:[~2016-10-27 2:14 UTC | newest]
Thread overview: 17+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-10-23 2:31 [PATCH V4 0/8] Add capsule support for Quark Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 1/8] QuarkPlatformPkg/dec: Add test key file guid Jiewen Yao
2016-10-27 1:27 ` Kinney, Michael D
2016-10-27 1:31 ` Yao, Jiewen
2016-10-23 2:31 ` [PATCH V4 2/8] QuarkPlatformPkg/PlatformFlashAccessLib: Add instance for capsule update Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 3/8] QuarkPlatformPkg/SystemFirmwareDescriptor: Add Descriptor " Jiewen Yao
2016-10-27 0:30 ` Kinney, Michael D
2016-10-23 2:31 ` [PATCH V4 4/8] QuarkPlatformPkg/SystemFirmwareUpdateConfig: Add capsule config file Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 5/8] QuarkPlatformPkg/PlatformInit: Remove recovery PPI installation Jiewen Yao
2016-10-23 2:31 ` [PATCH V4 6/8] QuarkPlatformPkg/PlatformBootManager: Add capsule/recovery handling Jiewen Yao
2016-10-26 23:36 ` Kinney, Michael D
2016-10-27 1:48 ` Yao, Jiewen
2016-10-27 2:14 ` Kinney, Michael D
2016-10-23 2:31 ` [PATCH V4 7/8] QuarkPlatformPkg/dsc/fdf: Add capsule/recovery support Jiewen Yao
2016-10-27 0:40 ` Kinney, Michael D
2016-10-27 1:08 ` Yao, Jiewen
2016-10-23 2:31 ` [PATCH V4 8/8] QuarkPlatformPkg/Readme: add capsule/recovery related content Jiewen Yao
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox