From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web11.6012.1589428012283334358 for ; Wed, 13 May 2020 20:46:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=gKpOsf+d; spf=pass (domain: intel.com, ip: 134.134.136.24, mailfrom: chao.b.zhang@intel.com) IronPort-SDR: pAfX4K7QnXfOtADJRkDCLrCyMQYo8OItm6gbX3odwmg7g/deFw1WL0LFSGq80sY8PzDn6y5DBd 9/22ulR4GAKA== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga007.jf.intel.com ([10.7.209.58]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 May 2020 20:46:51 -0700 IronPort-SDR: AJbBF6y63S06pgnJc8D6MG8mEW+Ol06FhwL74oicEmOjdjX/tEIe1EaBUA0FK69YfnjExaxpC8 9EELPLqRlSXw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,390,1583222400"; d="scan'208";a="251488554" Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by orsmga007.jf.intel.com with ESMTP; 13 May 2020 20:46:51 -0700 Received: from fmsmsx603.amr.corp.intel.com (10.18.126.83) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.439.0; Wed, 13 May 2020 20:46:47 -0700 Received: from fmsmsx605.amr.corp.intel.com (10.18.126.85) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Wed, 13 May 2020 20:46:46 -0700 Received: from FMSEDG002.ED.cps.intel.com (10.1.192.134) by fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5 via Frontend Transport; Wed, 13 May 2020 20:46:46 -0700 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (104.47.56.168) by edgegateway.intel.com (192.55.55.69) with Microsoft SMTP Server (TLS) id 14.3.439.0; Wed, 13 May 2020 20:46:46 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ISYAi/i0zJcwj1PkAkYRo6tbAuC3jvnOsNXR8TLBUDjqRueOeuLZQfa2gASnQK6T8cl3aNVn0yEDzR27L7076jlsII64hA3bxeTBoqZOrNsodxfZzCNWSiDoNUoKXwU7vU239WgpcPV8K8CmaqvlEvA5/YZEfkjUMt41Hnvv1d/J2dK0dS6rFyRH7YleAeLn2Hk+C074Xml9z5bgltXzRKkuE+ZelcqJ5sZqnQczp6bz54znwXI7NEyZTyuQDttcxNzxKAnaA6RSHlle9ddkJsqw9kLJzWHEjQnhr+7A2f5EhynDRl9z0PeN5XclKqrUM/6VTqXpnSbQ0bR5VR+FQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=u+4sa2E1lmnaOyIMEeiCUsaBFJuI/2DzU/iG1uuN8qg=; b=HeOJAf8b+WLLFn9CGAtbAEFDMl0Qx+4IvehHNSEraTtcLZe6FL8zv0oei0cFKjL1xki+A+7HtVbqXUJEHyrOwPdG0kqOi74on8Vm4WNzPS4yHx4fXxzSAq/4p6Ca/4YQ42tEn6M1pRlJ2A69arhFHqIrueJhoYjRNXqBOtdn+KE1PPuEts6t8oJGInPANz3fZEEM7hNgr+i2jVz36Pz4py9bZMSK2EDmdFLVMjCjV75Kxga2qmQiPBOmHj5UGzKeU2USsx952/yUc8492gSGPPiSITd8GHUOMSUhtrd5kVO8aDzYC3gzV+uY4TGBmJlWKSCv49EZbmgdliaac0uPcA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=u+4sa2E1lmnaOyIMEeiCUsaBFJuI/2DzU/iG1uuN8qg=; b=gKpOsf+dYlvTpQX0luQGbrm42luPU5cnMVxRfqgL9VdmrYANGc3NjW1A2QKm4s64SXAOHoOsE/0i18H3olS3/TYrtxPk/M/fF3aFX4OF2Gw900TXZTaGzsEv70R9KHOUq+b6/b6kepsTbOOMpBHFbNF4BY4exubrkrdVpgtyolM= Received: from DM6PR11MB3867.namprd11.prod.outlook.com (2603:10b6:5:4::27) by DM6PR11MB3642.namprd11.prod.outlook.com (2603:10b6:5:138::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.20; Thu, 14 May 2020 03:46:44 +0000 Received: from DM6PR11MB3867.namprd11.prod.outlook.com ([fe80::e04a:fc62:849a:c2f5]) by DM6PR11MB3867.namprd11.prod.outlook.com ([fe80::e04a:fc62:849a:c2f5%5]) with mapi id 15.20.2979.033; Thu, 14 May 2020 03:46:44 +0000 From: "Zhang, Chao B" To: Oleksiy Yakovlev , "devel@edk2.groups.io" CC: "Gao, Liming" , "Kinney, Michael D" , "Wang, Jian J" , "Wu, Hao A" , "Yao, Jiewen" , "Felixp@ami.com" Subject: Re: [PATCH V6 6/6] SignedCapsulePkg: Add FMP Capsule Image Header extension Thread-Topic: [PATCH V6 6/6] SignedCapsulePkg: Add FMP Capsule Image Header extension Thread-Index: AQHWKXedMJX6tKJbCk+qd0fgghPt7Kim8Tpw Date: Thu, 14 May 2020 03:46:44 +0000 Message-ID: References: <20200513223947.56560-1-oleksiyy@ami.com> <20200513223947.56560-7-oleksiyy@ami.com> In-Reply-To: <20200513223947.56560-7-oleksiyy@ami.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.2.0.6 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: ami.com; dkim=none (message not signed) header.d=none;ami.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [101.224.23.205] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 24fa9452-5cef-4751-1390-08d7f7b96be2 x-ms-traffictypediagnostic: DM6PR11MB3642: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:1122; x-forefront-prvs: 040359335D x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: upl5DbOfQJo1gzJDD8S57dMJsL9BTzeGil+KXsOHlMj26J2h7VQ/y1yEvk/EnKDHeTJs2/Obirkm2NwjCoby9qxFdkmWZUWTMRXz4fCuZ0aVpt7VGR5ysPnIuWmTswn7Uylfpy49W2nKWNBbd4Y0molbwIyRxs+eNAgNuVtfG/9yBNmHBNRtgLz9buK2Gc6+p5UkcubgHqpIaoGtsAR6JLxJp0x8D333rvwmUjft5Zu7Zg5GpgqyWVyCO6DeAeghDlwhQlGlpBvRLepQhUznC7m32oK9IjBr5VADhqXWbHU62apSaqLAE1znz4m3DK+gk6oyMypbNJQX2FveBrh7QUA4Ni/9W2wSzcSYHlQseO0Yfiz9O2kvyvHOZsvcDil07EKnz6oZgEtTc7dWRhSLTci7K+zBAQ70Jkly3SR4v8WvcfIerJtACfNtMHuJOJEL x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR11MB3867.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(396003)(39860400002)(136003)(366004)(346002)(376002)(71200400001)(55016002)(54906003)(4326008)(9686003)(478600001)(7696005)(6506007)(53546011)(8936002)(26005)(52536014)(33656002)(110136005)(2906002)(76116006)(86362001)(5660300002)(186003)(66446008)(66946007)(66556008)(8676002)(316002)(64756008)(66476007);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: npfVtbZPoC4t/afJ4jJFfvUEUNmzee5Mi2mIOV4GO3GeCg4FRe6ydAke1eHO4D166fYT9MW+XjLphOCGT4L2y76nOSSAvkIzDmLGo9F/AVjMOY/hetyVAJETjrqL/HqJ+bI+UCA0NnbOxlYekchu0gVebhMz8PU6uDR8saFVUMZV1XJ+JySncMCMRDv2GqgnuwL7qcWTAA4A8CdiiqxlLqO4I3hDC5smAl/4gETpGf/FYtmfGmsg/bGjSr1tj02Wiv1fpudjS0YpEk+VrblBGWgHjyQbVsCsz+VA3dLxMfK/6HX9pFJBP0mBRgyQu9sFv/yjstW+2wW4ylKufh3KajZnjfOIbbQ5JdFjNCAUV/n8ibUrI70IJ56n5s2Ud8hWFIdpv+p7bzue9+I6JXqHwVqtxKTrUjskqVxWLapYoyPrdXXMU5c18Br2VImQHn9GOmkozw7uiHk452s8a3/icdu1jlaxZnMxcLIK6uzb4dzKDc/o1w6uE2hB9k2BdbLe MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: 24fa9452-5cef-4751-1390-08d7f7b96be2 X-MS-Exchange-CrossTenant-originalarrivaltime: 14 May 2020 03:46:44.4164 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: k1CE/SlTjI3QzSpcVhAwmmMsGZQDm3zswRMKjMcNwqj5+DwPp8COsX5j3FB6cGqmEIea2+7X3pwaZ3E05kAUIw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3642 Return-Path: chao.b.zhang@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Yakov: Please add comment for V1 and V2 check. With that change reviewed-by: Ch= ao Zhang -----Original Message----- From: Oleksiy Yakovlev =20 Sent: Thursday, May 14, 2020 6:40 AM To: devel@edk2.groups.io Cc: Gao, Liming ; Kinney, Michael D ; Wang, Jian J ; Wu, Hao A ; Yao, Jiewen ; Zhang, Chao B ; Felixp@ami.com; oleksiyy@ami.com Subject: [PATCH V6 6/6] SignedCapsulePkg: Add FMP Capsule Image Header exte= nsion Add bitmask to structure which gives a binary-inspectable mechanism to dete= rmine if a capsule contains an authentication section or depex section. (UEFI 2.8 errata a, mantis 2026) Signed-off-by: Oleksiy Yakovlev Reviewed-by: Wei6 Xu --- .../RecoveryModuleLoadPei/RecoveryModuleLoadPei.c | 14 ++++++++++= ---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModul= eLoadPei.c b/SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModul= eLoadPei.c index 53b821c..307060b 100644 --- a/SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoadPe= i.c +++ b/SignedCapsulePkg/Universal/RecoveryModuleLoadPei/RecoveryModuleLoa +++ dPei.c @@ -328,10 +328,11 @@ ValidateFmpCapsule ( DEBUG((DEBUG_ERROR, "ImageHeader->Version(0x%x) Unknown\n", ImageHea= der->Version)); return EFI_INVALID_PARAMETER; } - if (ImageHeader->Version < EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADE= R_INIT_VERSION) { + if (ImageHeader->Version =3D=3D 1) { FmpImageHeaderSize =3D OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMA= GE_HEADER, UpdateHardwareInstance); + } else { + FmpImageHeaderSize =3D=20 + OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER,=20 + ImageCapsuleSupport); } - // No overflow if (FmpImageSize !=3D (UINT64)FmpImageHeaderSize + (UINT64)ImageHeader= ->UpdateImageSize + (UINT64)ImageHeader->UpdateVendorCodeSize) { DEBUG((DEBUG_ERROR, "FmpImageSize(0x%lx) mismatch, UpdateImageSize(0= x%x) UpdateVendorCodeSize(0x%x)\n", FmpImageSize, ImageHeader->UpdateImageS= ize, ImageHeader->UpdateVendorCodeSize)); @@ -639,9 +640,14 @@ ProcessFmpCapsuleImage ( } else { // // If the EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER is version 1,= only match ImageTypeId. - // Header should exclude UpdateHardwareInstance field + // Header should exclude UpdateHardwareInstance field. + // If version is 2 Header should exclude ImageCapsuleSupport field. // - Image =3D (UINT8 *)ImageHeader + OFFSET_OF(EFI_FIRMWARE_MANAGEMENT_C= APSULE_IMAGE_HEADER, UpdateHardwareInstance); + if (ImageHeader->Version =3D=3D 1) { + Image =3D (UINT8 *)ImageHeader + OFFSET_OF(EFI_FIRMWARE_MANAGEMENT= _CAPSULE_IMAGE_HEADER, UpdateHardwareInstance); + } else { + Image =3D (UINT8 *)ImageHeader + OFFSET_OF(EFI_FIRMWARE_MANAGEMENT= _CAPSULE_IMAGE_HEADER, ImageCapsuleSupport); + } } =20 Status =3D ProcessRecoveryImage (Image, ImageHeader->UpdateImageSize); -- 2.9.0.windows.1 Please consider the environment before printing this email. The information contained in this message may be confidential and proprieta= ry to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephon= e at 770-246-8600, and then delete or destroy all copies of the transmissio= n.