From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:4003:c06::22d; helo=mail-oi0-x22d.google.com; envelope-from=rafaelrodrigues.machado@gmail.com; receiver=edk2-devel@lists.01.org Received: from mail-oi0-x22d.google.com (mail-oi0-x22d.google.com [IPv6:2607:f8b0:4003:c06::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D20B7210C42BA for ; Mon, 30 Jul 2018 04:46:14 -0700 (PDT) Received: by mail-oi0-x22d.google.com with SMTP id n84-v6so20613991oib.9 for ; Mon, 30 Jul 2018 04:46:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=0miMsUfaUu6gWXw7KE8+/uwTyHx89diB/5SUXYZHM18=; b=oQkYJAzVMT6pouSKFe7DKctIiDkaeP98sZ0fG1v3qPiAwk6F7JlFJa1RsxBO3D4qTT Ic1YRkRD4I/uU4gI+jwmuKbsWGXwwhwlnKGkDiOAVKYRQKrXYOwVShOnSTzCayBVABdm anNdMw6HYJa9qha2OURX5D+9LglZIxeVju1aouYJUIuwnfN35k9c4ETemTCoFOQjSbqq 164muAloIU99AVpn7bUUGAGQOLZG7gdGjnKzSQhxWwAxc4DGdMlnJf7yWBNT5Xk+pa4c 76rvdOOTyQBm2hnWk47uzgVA8U8sOhEgUzDFlQWhzFJkuWRnamOzs9U6UIqhsFT5RXyj ZTFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0miMsUfaUu6gWXw7KE8+/uwTyHx89diB/5SUXYZHM18=; b=EojDQ2X6dQQwd0pwnJ6kcrbV6XWzfhYQfHBIIhmDWuknz8wJJar1oyNBaVkzTVwKtX YeNLF0Cfd6qUTjmXC2Fcv3PW9hWTo3dTmMouvZKpmH88rjktClhT4JR6UgE+2dOd9177 sssM8x6f8D1D8CG+XSP99FUgWD2Spxlce3yS5YR00U0wx9Jqd1l5ZyFYrz8Xa1fFvkqH jl/RWYI0A3f3lGbz+2wk0iR41sYJZjXyv58/z+oiVXLA6GfhFcgR04brUzfnHnvv5eYZ DnHpROCbdAvMfaq17S/ZFXfGbPCbK4j+QcrSm9+FQbwexHahvqsou+cGcYPZCbalD21n 5K8A== X-Gm-Message-State: AOUpUlFLEzQEQJhyx1FECh5UlkQEFR1C7QtPzS1zqsMfrd+wb0yy3h8Z 9Nk40VmYEdxrzjtoeKqDOog0EYFAMa+G2BYOY2g= X-Google-Smtp-Source: AAOMgpeWZc5CDzDSfEhQ4CK8x9iCBve5MoX7S8sWHrsth2fLSu/2Tc1dT+WLag+Xa9VS5SeFqDdMjOac2CGC4pcivzE= X-Received: by 2002:aca:fc8e:: with SMTP id a136-v6mr18382477oii.123.1532951173494; Mon, 30 Jul 2018 04:46:13 -0700 (PDT) MIME-Version: 1.0 References: <1B0B175F-9347-4D45-A7B3-799BC9FDFD49@apple.com> In-Reply-To: <1B0B175F-9347-4D45-A7B3-799BC9FDFD49@apple.com> From: Rafael Machado Date: Mon, 30 Jul 2018 08:46:01 -0300 Message-ID: To: Andrew Fish Cc: "edk2-devel@lists.01.org" X-Content-Filtered-By: Mailman/MimeDel 2.1.27 Subject: Re: Question About DxeDriver load process X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jul 2018 11:46:15 -0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Andrew Thanks a lot for the perfectly detailed explanation! Amazing! Thanks and Regards Rafael R. Machado Em sex, 27 de jul de 2018 =C3=A0s 19:14, Andrew Fish escr= eveu: > Rafael, > > Since it is useful to also understand this when you are bringing up a > platform.... > > SEC generally contains the hardware reset vector. SEC hands off to the PE= I > Core. Generally there is some build magic to help SEC find the PEI Core. > Worst case you can walk the BFV (Boot Firmware Volume) and find it. > > SEC hands the PEI Core the EFI_SEC_PEI_HAND_OFF structure. This is how th= e > PEI Core knows about stack, heap, and the location of the BFV to find PEI= Ms > > https://github.com/tianocore/edk2/blob/master/MdePkg/Include/Pi/PiPeiCis.= h#L967 > > The PEI Core has a PPI Notify Callback for > gEfiPeiFirmwareVolumeInfoPpiGuid, and gEfiPeiFirmwareVolumeInfo2PpiGuid = to > discover new FVs. > > https://github.com/tianocore/edk2/blob/master/MdeModulePkg/Core/Pei/FwVol= /FwVol.c#L547 > > PEI Code writes hobs, EFI_HOB_TYPE_FV and EFI_HOB_TYPE_FV3, to help DXE > discover FVs. > > When the DXE Core is started it will call FwVolBlockDriverInit() and all > the EFI_HOB_TYPE_FV, and optionally pick up the authentication status fro= m > EFI_HOB_TYPE_FV3, will get processed. > > https://github.com/tianocore/edk2/blob/master/MdeModulePkg/Core/Dxe/FwVol= Block/FwVolBlock.c#L625 > > via calling ProduceFVBProtocolOnBuffer(). ProduceFVBProtocolOnBuffer() ca= n > also be called gBS->ProcessFirmwareVolume(). > > https://github.com/tianocore/edk2/blob/master/MdeModulePkg/Core/Dxe/FwVol= Block/FwVolBlock.c#L452 > > https://github.com/tianocore/edk2/blob/master/MdeModulePkg/Core/Dxe/FwVol= Block/FwVolBlock.c#L687 > > Loading drivers from the FV is the job of the DXE Dispatcher. The DXE > Dispatcher has protocol notify event on gEfiFirmwareVolume2ProtocolGuid > that will get the executables in the Dispatch list, mDiscoveredList. > > https://github.com/tianocore/edk2/blob/master/MdeModulePkg/Core/Dxe/Dispa= tcher/Dispatcher.c#L1193 > > So adding a gEfiFirmwareVolume2ProtocolGuid driver, or calling > gBS->ProcessFirmwareVolume() is how you would make an FV show up that was > not listed in the HOBs. > > In the DXE Phase security is handle by gBS->LoadImage() and it uses > gEfiSecurity2ArchProtocolGuid and gEfiSecurityArchProtocolGuid to validat= e > the image. This makes sense as a signed EFI PE/COFF image has the signatu= re > in the PE/COFF image, so you have to start the PE/COFF loading process to > verify that signature. gEfiSecurity2ArchProtocolGuid lets you build > security policy based on the location of the driver. > > https://github.com/tianocore/edk2/blob/master/MdeModulePkg/Core/Dxe/Image= /Image.c#L1041 > > When the Dispatcher runs of things to Dispatch it returns and the DXE Cor= e > calls the BDS to process platform Boot Device Selection. > > https://github.com/tianocore/edk2/blob/master/MdeModulePkg/Core/Dxe/DxeMa= in/DxeMain.c#L550 > > After BDS starts the only way to run code from an FV would be to call > gDS->Dispatcher(). Likely you would call gDS->ProcessFirmwareVolume() and > then gDS->Dispatcher(). To speed boot it is not uncommon to have multipl= e > FVs. For example you could have an FV that contained all the setup > resources and only call gDS->ProcessFirmwareVolume() on that FV if the us= er > hit the Setup hot key. > > Thanks, > > Andrew Fish > > PS For x86 (0xFFFFFFF0 reset vector) and any other architectures that hav= e > the reset vector at the end there is a special file name in the FV called > gEfiFirmwareVolumeTopFileGuid that tells the FV creation tools to put tha= t > file at the very end of the FV, so the end of that file would end up at t= he > reset vector location. > > > > On Jul 27, 2018, at 11:12 AM, Rafael Machado < > rafaelrodrigues.machado@gmail.com> wrote: > > > > Hi everyone > > > > I have a question. > > Let's suppose I have a BIOS with several FV regions. Between these FV > there > > is one that is empty. > > > > My question is: > > In case I get this BIOS and inject a dxe driver at this FV. Would it be > > executed, or there are specific FVs that are considered as containers t= o > > executable code avoiding other FVs content to be executed? > > > > In case the answer comes with some code examples from edk2 tree it woul= d > be > > amazing :) > > > > Thanks and Regards > > Rafael > > _______________________________________________ > > edk2-devel mailing list > > edk2-devel@lists.01.org > > https://lists.01.org/mailman/listinfo/edk2-devel > >