From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 4B5E21A1E73 for ; Wed, 26 Oct 2016 16:37:17 -0700 (PDT) Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga101.fm.intel.com with ESMTP; 26 Oct 2016 16:37:16 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,551,1473145200"; d="scan'208";a="184285954" Received: from orsmsx103.amr.corp.intel.com ([10.22.225.130]) by fmsmga004.fm.intel.com with ESMTP; 26 Oct 2016 16:37:16 -0700 Received: from orsmsx111.amr.corp.intel.com (10.22.240.12) by ORSMSX103.amr.corp.intel.com (10.22.225.130) with Microsoft SMTP Server (TLS) id 14.3.248.2; Wed, 26 Oct 2016 16:37:16 -0700 Received: from orsmsx113.amr.corp.intel.com ([169.254.9.50]) by ORSMSX111.amr.corp.intel.com ([10.22.240.12]) with mapi id 14.03.0248.002; Wed, 26 Oct 2016 16:37:15 -0700 From: "Kinney, Michael D" To: "Yao, Jiewen" , "edk2-devel@lists.01.org" , "Kinney, Michael D" CC: "Tian, Feng" , "Gao, Liming" , "Zeng, Star" , "Zhang, Chao B" , "Wei, David" Thread-Topic: [edk2] [PATCH V4 06/10] Vlv2TbltDevicePkg/PlatformBootManager: Add capsule/recovery handling. Thread-Index: AQHSLNXfTrwSGOzZlkmsXHAH4h71xaC7aeoQ Date: Wed, 26 Oct 2016 23:37:15 +0000 Message-ID: References: <1477189992-13152-1-git-send-email-jiewen.yao@intel.com> <1477189992-13152-7-git-send-email-jiewen.yao@intel.com> In-Reply-To: <1477189992-13152-7-git-send-email-jiewen.yao@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ctpclassification: CTP_IC x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiMzU3M2FhZmQtZTdhMi00MGVhLTg0OWQtNDJkZjVhNDZmMzRkIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE1LjkuNi42IiwiVHJ1c3RlZExhYmVsSGFzaCI6IlJEVEVGXC90cFNkWkFacDI2dENvbGh2Qm9VY0N2eTVZVWhHUVVPYzVJcHRVPSJ9 x-originating-ip: [10.22.254.140] MIME-Version: 1.0 Subject: Re: [PATCH V4 06/10] Vlv2TbltDevicePkg/PlatformBootManager: Add capsule/recovery handling. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Oct 2016 23:37:17 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Jiewen, See feedback for QuarkPlatformPkg/PlatformBootManager. The same feedback applies. Mike > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ji= ewen Yao > Sent: Saturday, October 22, 2016 7:33 PM > To: edk2-devel@lists.01.org > Cc: Tian, Feng ; Gao, Liming ;= Zeng, Star > ; Kinney, Michael D ; Zh= ang, Chao B > ; Wei, David > Subject: [edk2] [PATCH V4 06/10] Vlv2TbltDevicePkg/PlatformBootManager: A= dd > capsule/recovery handling. >=20 > 1) Add capsule and recovery boot path handling in platform BDS. > 2) Add check if the platform is using default test key for recovery or up= date. > Produce PcdTestKeyUsed to indicate if there is any > test key used in current BIOS, such as recovery key, > or capsule update key. > Then the generic UI may consume this PCD to show warning information. >=20 > Cc: David Wei > Cc: Feng Tian > Cc: Star Zeng > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Chao Zhang > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Jiewen Yao > Reviewed-by: David Wei > --- > Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c | 181 ++++++= ++++++++------ > Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf | 8 + > 2 files changed, 134 insertions(+), 55 deletions(-) >=20 > diff --git a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c > b/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c > index e1f3524..e4169b3 100644 > --- a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c > +++ b/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c > @@ -1,15 +1,15 @@ > /** @file >=20 > Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved. > - >=20 > - This program and the accompanying materials are licensed and made avai= lable under >=20 > - the terms and conditions of the BSD License that accompanies this dist= ribution. >=20 > - The full text of the license may be found at >=20 > - http://opensource.org/licenses/bsd-license.php. >=20 > - >=20 > - THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, >=20 > - WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR I= MPLIED. >=20 > - >=20 > + > + This program and the accompanying materials are licensed and made avai= lable under > + the terms and conditions of the BSD License that accompanies this dist= ribution. > + The full text of the license may be found at > + http://opensource.org/licenses/bsd-license.php. > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR I= MPLIED. > + >=20 >=20 > Module Name: > @@ -45,6 +45,9 @@ Abstract: > #include > #include >=20 > +#include > +#include > + > EFI_GUID *ConnectDriverTable[] =3D { > &gEfiMmioDeviceProtocolGuid, > &gEfiI2cMasterProtocolGuid, > @@ -1585,7 +1588,7 @@ EFIAPI > PlatformBdsPolicyBehavior ( > IN OUT LIST_ENTRY *DriverOptionList, > IN OUT LIST_ENTRY *BootOptionList, > - IN PROCESS_CAPSULES ProcessCapsules, > + IN PROCESS_CAPSULES BdsProcessCapsules, > IN BASEM_MEMORY_TEST BaseMemoryTest > ) > { > @@ -1594,11 +1597,8 @@ PlatformBdsPolicyBehavior ( > EFI_BOOT_MODE BootMode; > BOOLEAN DeferredImageExist; > UINTN Index; > - CHAR16 CapsuleVarName[36]; > - CHAR16 *TempVarName; > SYSTEM_CONFIGURATION SystemConfiguration; > UINTN VarSize; > - BOOLEAN SetVariableFlag; > PLATFORM_PCI_DEVICE_PATH *EmmcBootDevPath; > EFI_GLOBAL_NVS_AREA_PROTOCOL *GlobalNvsArea; > EFI_HANDLE FvProtocolHandle; > @@ -1612,13 +1612,14 @@ PlatformBdsPolicyBehavior ( > BOOLEAN IsFirstBoot; > UINT16 *BootOrder; > UINTN BootOrderSize; > + ESRT_MANAGEMENT_PROTOCOL *EsrtManagement; >=20 > Timeout =3D PcdGet16 (PcdPlatformBootTimeOut); > if (Timeout > 10 ) { > //we think the Timeout variable is corrupted > Timeout =3D 10; > } > - > + > VarSize =3D sizeof(SYSTEM_CONFIGURATION); > Status =3D gRT->GetVariable( > NORMAL_SETUP_NAME, > @@ -1639,7 +1640,7 @@ PlatformBdsPolicyBehavior ( > &SystemConfiguration > ); > ASSERT_EFI_ERROR (Status); > - } > + } >=20 > // > // Load the driver option as the driver option list > @@ -1652,37 +1653,6 @@ PlatformBdsPolicyBehavior ( > BootMode =3D GetBootModeHob(); >=20 > // > - // Clear all the capsule variables CapsuleUpdateData, CapsuleUpdateDat= a1, > CapsuleUpdateData2... > - // as early as possible which will avoid the next time boot after the = capsule update > - // will still into the capsule loop > - // > - StrCpy (CapsuleVarName, EFI_CAPSULE_VARIABLE_NAME); > - TempVarName =3D CapsuleVarName + StrLen (CapsuleVarName); > - Index =3D 0; > - SetVariableFlag =3D TRUE; > - while (SetVariableFlag) { > - if (Index > 0) { > - UnicodeValueToString (TempVarName, 0, Index, 0); > - } > - Status =3D gRT->SetVariable ( > - CapsuleVarName, > - &gEfiCapsuleVendorGuid, > - EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACC= ESS | > - EFI_VARIABLE_BOOTSERVICE_ACCESS, > - 0, > - (VOID *)NULL > - ); > - if (EFI_ERROR (Status)) { > - // > - // There is no capsule variables, quit > - // > - SetVariableFlag =3D FALSE; > - continue; > - } > - Index++; > - } > - > - // > // No deferred images exist by default > // > DeferredImageExist =3D FALSE; > @@ -1733,6 +1703,11 @@ PlatformBdsPolicyBehavior ( > } > } >=20 > + Status =3D gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VO= ID > **)&EsrtManagement); > + if (EFI_ERROR(Status)) { > + EsrtManagement =3D NULL; > + } > + > switch (BootMode) { >=20 > case BOOT_WITH_MINIMAL_CONFIGURATION: > @@ -1822,13 +1797,18 @@ PlatformBdsPolicyBehavior ( > #ifdef FTPM_ENABLE > TrEEPhysicalPresenceLibProcessRequest(NULL); > #endif > + > + if (EsrtManagement !=3D NULL) { > + EsrtManagement->LockEsrtRepository(); > + } > + > // > // Close boot script and install ready to lock > // > InstallReadyToLock (); >=20 > // > - // Give one chance to enter the setup if we > + // Give one chance to enter the setup if we > // select Gummiboot "Reboot Into Firmware Interface" and Fast Boot i= s enabled. > // > BootIntoFirmwareInterface(); > @@ -1863,6 +1843,10 @@ PlatformBdsPolicyBehavior ( > } > } >=20 > + if (EsrtManagement !=3D NULL) { > + EsrtManagement->LockEsrtRepository(); > + } > + > // > // Close boot script and install ready to lock > // > @@ -1887,6 +1871,16 @@ PlatformBdsPolicyBehavior ( > // > PlatformBdsConnectConsole (gPlatformConsole); > PlatformBdsDiagnostics (EXTENSIVE, FALSE, BaseMemoryTest); > + > + DEBUG((EFI_D_INFO, "ProcessCapsules Before EndOfDxe......\n")); > + ProcessCapsules (); > + DEBUG((EFI_D_INFO, "ProcessCapsules Done\n")); > + > + // > + // Close boot script and install ready to lock > + // > + InstallReadyToLock (); > + > BdsLibConnectAll (); >=20 > // > @@ -1903,12 +1897,13 @@ PlatformBdsPolicyBehavior ( > } > } >=20 > - // > - // Close boot script and install ready to lock > - // > - InstallReadyToLock (); > + if (EsrtManagement !=3D NULL) { > + EsrtManagement->SyncEsrtFmp(); > + } >=20 > - ProcessCapsules (BOOT_ON_FLASH_UPDATE); > + DEBUG((EFI_D_INFO, "ProcessCapsules After ConnectAll......\n")); > + ProcessCapsules(); > + DEBUG((EFI_D_INFO, "ProcessCapsules Done\n")); > break; >=20 > case BOOT_IN_RECOVERY_MODE: > @@ -2012,6 +2007,10 @@ FULL_CONFIGURATION: > #ifdef FTPM_ENABLE > TrEEPhysicalPresenceLibProcessRequest(NULL); > #endif > + > + if (EsrtManagement !=3D NULL) { > + EsrtManagement->SyncEsrtFmp(); > + } > // > // Close boot script and install ready to lock > // > @@ -2029,7 +2028,7 @@ FULL_CONFIGURATION: > PlatformBdsEnterFrontPageWithHotKey (Timeout, FALSE); >=20 > // > - // Give one chance to enter the setup if we > + // Give one chance to enter the setup if we > // select Gummiboot "Reboot Into Firmware Interface" > // > BootIntoFirmwareInterface(); > @@ -2047,7 +2046,7 @@ FULL_CONFIGURATION: > return; > } >=20 > - > + > break; > } >=20 > @@ -2412,6 +2411,12 @@ ShowProgressHotKey ( > EFI_GRAPHICS_OUTPUT_BLT_PIXEL Background; > EFI_GRAPHICS_OUTPUT_BLT_PIXEL Color; > UINT32 GpioValue; > + CHAR16 *TmpStr1; > + CHAR16 *TmpStr2; > + CHAR16 *TmpStr3; > + UINTN TmpStrSize; > + VOID *Buffer; > + UINTN Size; >=20 > if (TimeoutDefault =3D=3D 0) { > return EFI_TIMEOUT; > @@ -2435,10 +2440,76 @@ ShowProgressHotKey ( > SetMem (&Background, sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL), 0x0); > SetMem (&Color, sizeof (EFI_GRAPHICS_OUTPUT_BLT_PIXEL), 0xff); >=20 > + TmpStr2 =3D NULL; > + TmpStr3 =3D NULL; > + > + // > + // Check if the platform is using test key. > + // > + Status =3D GetSectionFromAnyFv( > + PcdGetPtr(PcdEdkiiRsa2048Sha256TestPublicKeyFileGuid), > + EFI_SECTION_RAW, > + 0, > + &Buffer, > + &Size > + ); > + if (!EFI_ERROR(Status)) { > + if ((Size =3D=3D PcdGetSize(PcdRsa2048Sha256PublicKeyBuffer)) && > + (CompareMem(Buffer, PcdGetPtr(PcdRsa2048Sha256PublicKeyBuffer), = Size) =3D=3D 0)) { > + TmpStr2 =3D L"WARNING: Recovery Test Key is used.\r\n"; > + if (DebugAssertEnabled()) { > + DEBUG ((EFI_D_INFO, "\n\nWARNING: Recovery Test Key is used.\n")= ); > + } else { > + SerialPortWrite((UINT8 *)"\n\nWARNING: Recovery Test Key is used= .", > sizeof("\n\nWARNING: Recovery Test Key is used.")); > + } > + PcdSetBoolS(PcdTestKeyUsed, TRUE); > + } > + FreePool(Buffer); > + } > + Status =3D GetSectionFromAnyFv( > + PcdGetPtr(PcdEdkiiPkcs7TestPublicKeyFileGuid), > + EFI_SECTION_RAW, > + 0, > + &Buffer, > + &Size > + ); > + if (!EFI_ERROR(Status)) { > + if ((Size =3D=3D PcdGetSize(PcdPkcs7CertBuffer)) && > + (CompareMem(Buffer, PcdGetPtr(PcdPkcs7CertBuffer), Size) =3D=3D = 0)) { > + TmpStr3 =3D L"WARNING: Capsule Test Key is used.\r\n"; > + if (DebugAssertEnabled()) { > + DEBUG ((EFI_D_INFO, "\n\nWARNING: Capsule Test Key is used.\r\n"= )); > + } else { > + SerialPortWrite((UINT8 *)"\n\nWARNING: Capsule Test Key is used.= ", > sizeof("\n\nWARNING: Capsule Test Key is used.")); > + } > + PcdSetBoolS(PcdTestKeyUsed, TRUE); > + } > + FreePool(Buffer); > + } > + > // > // Clear the progress status bar first > // > - TmpStr =3D L"Start boot option, Press or to enter setup pag= e."; > + TmpStr1 =3D L"Start boot option, Press or to enter setup pa= ge.\r\n"; > + TmpStrSize =3D StrSize(TmpStr1); > + if (TmpStr2 !=3D NULL) { > + TmpStrSize +=3D StrSize(TmpStr2); > + } > + if (TmpStr3 !=3D NULL) { > + TmpStrSize +=3D StrSize(TmpStr3); > + } > + TmpStr =3D AllocatePool (TmpStrSize); > + if (TmpStr =3D=3D NULL) { > + TmpStr =3D TmpStr1; > + } else { > + StrCpyS(TmpStr, TmpStrSize/sizeof(CHAR16), TmpStr1); > + if (TmpStr2 !=3D NULL) { > + StrCatS(TmpStr, TmpStrSize/sizeof(CHAR16), TmpStr2); > + } > + if (TmpStr3 !=3D NULL) { > + StrCatS(TmpStr, TmpStrSize/sizeof(CHAR16), TmpStr3); > + } > + } > PlatformBdsShowProgress (Foreground, Background, TmpStr, Color, 0, 0); >=20 > TimeoutRemain =3D TimeoutDefault; > diff --git a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf > b/Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf > index c64bab9..7748e2d 100644 > --- a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf > +++ b/Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf > @@ -72,6 +72,7 @@ > FileHandleLib > S3BootScriptLib > SerialPortLib > + CapsuleLib >=20 > [Protocols] > gEfiFirmwareVolume2ProtocolGuid > @@ -90,6 +91,7 @@ > gEfiMmioDeviceProtocolGuid > gEfiI2cMasterProtocolGuid > gEfiI2cHostProtocolGuid > + gEsrtManagementProtocolGuid >=20 > [Guids] > gEfiMemoryTypeInformationGuid > @@ -119,3 +121,9 @@ > gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoHorizontalResolution > gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoVerticalResolution > gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdBootState > + gPlatformModuleTokenSpaceGuid.PcdEdkiiRsa2048Sha256TestPublicKeyFileGu= id > + gPlatformModuleTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid > + gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer > + gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer > + gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed > + > -- > 2.7.4.windows.1 >=20 > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel