Re: [PATCH V9 0/7] Add MicrocodeUpdate support.

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Kinney, Michael D" <michael.d.kinney@intel.com>
To: "Yao, Jiewen" <jiewen.yao@intel.com>,
	"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>,
	"Kinney, Michael D" <michael.d.kinney@intel.com>
Cc: "Tian, Feng" <feng.tian@intel.com>,
	"Zeng, Star" <star.zeng@intel.com>,
	"Gao, Liming" <liming.gao@intel.com>,
	"Zhang, Chao B" <chao.b.zhang@intel.com>,
	"Fan, Jeff" <jeff.fan@intel.com>
Subject: Re: [PATCH V9 0/7] Add MicrocodeUpdate support.
Date: Mon, 7 Nov 2016 22:23:55 +0000	[thread overview]
Message-ID: <E92EE9817A31E24EB0585FDF735412F5648416F9@ORSMSX113.amr.corp.intel.com> (raw)
In-Reply-To: <1478522450-13264-1-git-send-email-jiewen.yao@intel.com>

Jiewen,

Thank you for all the updates through the versions of these patch series.

Series:

Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>

Thanks,

Mike

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Monday, November 7, 2016 4:41 AM
> To: edk2-devel@lists.01.org
> Cc: Tian, Feng <feng.tian@intel.com>; Zeng, Star <star.zeng@intel.com>; Kinney, Michael
> D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>; Fan, Jeff <jeff.fan@intel.com>
> Subject: [PATCH V9 0/7] Add MicrocodeUpdate support.
> 
> ==Below is V9 description==
> 1) SignedCapsulePkg: Add more detail description in EdkiiSystemFmpCapsule.h
> 2) SignedCapsulePkg: Force FileGuid in INI file to be mandatory.
> 3) SignedCapsulePkg: Fix FV alignment issue in RecoveryPeim.
> (Thanks Mike Kinney's great help to narrow down the issue)
> 4) PlatformPkg: Descriptor use sizeof(string) instead of hardcode 16.
> 5) QuarkPkg: Add PayloadFv to be 2nd FV for recovery.
> 6) Vlv2Pkg: Sync to latest codebase and resolve conflict.
> 7) All: Update some NULL pointer check.
> 8) All: Clean up commit message.
> 
> ==Below is V8 description==
> 1) MdeModulePkg/dec:
> set gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid
> to 0 as default.
> 2) SignedCapsulePkg/dec:
> set gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid
> to 0 as default.
> 3) QuarkPlatformPkg: Set CAPSULE_ENABLE/RECOVERY_ENABLE to FALSE as default.
> 4) All: rename EFI_D_INFO => DEBUG_INFO
> 
> ==Below is V7 description==
> 1) MdeModulePkg/MdeModulePkg.dec: refine status code comment.
> 2) UefiCpuPkg: Move Microcode capsule related conent to Feature/capsule dir.
> 3) Vlv2TbltDevicePkg: Add MICOCODE_CAPSULE_ENABLE macro.
> 
> Only series 1, 3, 5 are sent for update review.
> The other series are unchanged.
> 
> ==Below is V6 description==
> 1) MdeModulePkg/CapsuleApp: Fix -D issue.
> 2) MdeModulePkg/DEC: Cleanup Capsule related StatusCode.
> 3) UefiCpuPkg: Remove MicrocodeUpdateApp
> 4) UefiCpuPkg: Add Microcode FMP build sample
> 
> Only series 1 and 3 are sent for update review.
> The other series are unchanged.
> 
> ==Below is V5 description==
> 1) MdeModulePkg/CapsuleApp: Remove [NR]. Add more description.
> 2) MdeModulePkg/DEC: Update StatusCode to OEM region.
> 3) MdeModulePkg/DxeCapsuleLib: Use NULL ProcessCapsules()
> for runtime lib, because it is not needed for runtime.
> 4) MdeModulePkg/FmpAuthenticationLib: Add more description.
> 5) SignedCapsulePkg/DEC: Add data structure description
> for PcdEdkiiSystemFirmwareImageDescriptor.
> 6) SignedCapsulePkg/DEC: Add Pkcs7 and Rsa2048 Key file PCD.
> These 2 PCD are moved from platform pkg to SignedCapsulePkg.
> 7) QuarkPlatformPkg/FDF: Refine order of capsule section.
> 8) Fix typo and coding style issue.
> 
> Below items are defered to other patch series, because
> the tool and library are not ready yet.
> 
> A) MdeModulePkg/DxeCapsuleLib: separate BMP parsing logic
> to another library.
> That is very good suggestion, and we agree it is a right direction.
> I discussed with the owner of image decoder.
> We prefer adding a generic library class to convert
> the image data to GOP BLT buffer. It supports *any* image format,
> not only BMP. The owner of image decoder will drive the new design.
> I filed https://bugzilla.tianocore.org/show_bug.cgi?id=175 to track that.
> I suggest we just keep the current solution as a temp solution and
> migrate to the new one once it is ready later.
> 
> B) PlatformPkg/Bds: Move test key check logic to generic part.
> This is very good suggestion and we are discussing with Tool
> team to add such detection at build time and set a PCD to indicate that.
> The generic code can use this PCD to know if there is a test key.
> I filed https://bugzilla.tianocore.org/show_bug.cgi?id=185 to track that.
> Adding such check in the generic code is very complicated, so current
> temporary solution is to let platform BDS do such check.
> The platform BDS will be cleaned up, once the tool is ready.
> 
> ==Below is V4 description==
> 1) SecurityPkg - Refine AuthenticateFmpImage() API to let caller
> input PublicKeyData and PublicKeyDataLength, instead of PCD.
> The benefit is that then this API can be used for a platform
> which stores PublicKeyData in anywhere other than PCD.
> 2) SecurityPkg - Use OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData)
> for better understanding the code.
> 3) MdeModulePkg - Update CapsuleApp to let it consume
> ShellParameters protocol to get Argc and Argv.
> 4) UefiCpuPkg - Update MicrocodeCapsuleApp to let it consume
> ShellParameters protocol to get Argc and Argv.
> 5) QuarkPlatformPkg - Merge QuarkCapsule.fdf to Quark.fdf.
> 
> ==Below is V3 description==
> 1) We move all EDKII related capsule definition to SignedCapsulePkg.
> MdeModulePkg only contains FmAuthenticationLib and CapsuleApp,
> because they are generic and follow UEFI specification on FMP/ESRT
> and Microsoft platform firmware update document.
> Any capsule implementation can use them.
> 
> Here is full library classes:
> MdeModulePkg:
> 	FmpAuthenticationLib.h: new lib - follow UEFI spec. (*)
> 		Verify FMP signature of FMP Capsule
> 	CapsuleLib.h: new API ¨C ProcessCapsules()
> 		It processes all the capsules. Remove duplicated code in platform BDS.
> UefiCpuPkg:
> 	MicrocodeFlashAccessLib.h: Update Microcode region.
> SignedCapsulePkg:
> 	EdkiiSystemCapsuleLib.h ¨C Library for EDKII system FMP.
> 	IniParsingLib.h ¨C Library for INI file parsing.
> 	PlatformFlashAccessLib.h ¨C Library for write flash.
> 
> 2) We will submit 5 series.
> Series 1: Generic Update (MdeModulePkg/SecurityPkg)
> 	DxeCapsuleLib
> 	FmAuthenticationLib (*)
> 	CapsuleApp (*)
> Series 2: EDKII Capsule (SignedCapsulePkg)
> 	IniParsingLib
> 	EdkiiSystemCapsuleLib
> 	PlatformFlashAccessLib
> 	SystemFirmwareUpdate driver
> 	RecoveryModuleLoadPei driver
> Series 3: Microcode Update (UefiCpuPkg)
> 	MicrocodeFlashAccessLib
> 	MicrocodeUpdate driver.
> Series 4: Quark update
> Series 5: Vlv2 update
> 
> 3) DxeCapsuleLib: Move code that performs authentication and parsing of
> the capsule format into the implementation of the FMP Protocol.
> We move the dispatch FV code from CapsuleLib to SystemFirmwareReport.efi.
> SystemFirmwareReport.efi supports SetImage() to verify and dispatch the
> SystemFirmwareUpdate.efi, then pass thru SetImage() request to
> SystemFirmwareUpdate.efi.
> 
> Now the DxeCapsuleLib is very clean and it does not have any EDKII
> capsule format knowledge.
> 
> 4) DxeCapsuleLib: Fix issue where a reset may be too soon.
> Defer reset to 2nd pass.
> 
> 5) DxeCapsuleLib: Boot mode check is removed.
> Capsule should be populated to system table even boot mode is not BIOS_UPDATE.
> 
> 5) FmAuthenticationLib: Add zero ImageSize check.
> 
> 6) FmAuthenticationLib: Remove Authentication Library Registration.
> Each FMP Producer needs to carry its own auth algoritms(s).
> Now we have FmpAuthenticationLibPkcs7 and FmpAuthenticationLibRsa2048Sha256.
> No registration is needed.
> 
> 7) FmAuthenticationLib: Move MonotonicCount handling after Payload
> We confirmed with USWG to process MonotonicCount after PayLoad.
> 
> ==Below is V2 description==
> The V2 series patch incorporated the feedback for V1.
> 
> There are 3 major updates.
> 1) BDS is update to display a warning message if TEST key
> is used to sign recovery image or capsule image.
> So a production BIOS should always use its own production singing
> key for the capsule image generation. A production BIOS should
> never use test key.
> 2) IniParsingLib is enhanced to do more sanity check for invalid
> input. The detail data format is added in IniParsingLib.h header
> file. If there is any vialation, the OpenInitFile() API will
> return failure.
> 3) The *Bios* keyword is renamed to *SystemFirmware* in any
> header file or c file data structure definition.
> 
> The rest is minor update, such as add help info, clean
> up debug message, coding style.
> 
> ==Below is V1 description==
> This series patch provides sample on how to do signed capsule update
> and recovery in EDKII.
> 
> This series patch is also checked into git@github.com:jyao1/edk2.git.
> 
> The feature includes:
> 1) Define EDKII signed system BIOS capsule format.
> 2) Provide EDKII signed system BIOS update sample.
> 3) Provide EDKII signed recovery sample.
> 4) Provide Microcode update sample for X86 system.
> 5) Update Quark to use new capsule/recovery solution.
> 6) Update Vlv2(MinnowMax) to use new capsule/recovery solution.
> 
> The signed capsule/recovery solution is in MdeModulePkg.
> The capsule in IntelFrameworkModulePkg is deprecated.
> The Microcode update solution is in UefiCpuPkg.
> 
> Cc: Feng Tian <feng.tian@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Cc: Jeff Fan <jeff.fan@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> 
> Jiewen Yao (7):
>   UefiCpuPkg/Include: Add Microcode FMP definition.
>   UefiCpuPkg/Include: Add MicrocodeFlashAccessLib header.
>   UefiCpuPkg/UefiCpuPkg.dec: Add Microcode capsule related definition.
>   UefiCpuPkg/MicrocodeFlashAccessLib: Add NULL MicrocodeFlashAccessLib.
>   UefiCpuPkg/MicrocodeUpdate: Add MicrocodeUpdate component.
>   UefiCpuPkg/MicrocodeUpdate: Add Microcode FMP build sample
>   UefiCpuPkg/UefiCpuPkg.dsc: Add MicrocodeCapsule related component.
> 
> 
> UefiCpuPkg/Feature/Capsule/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibN
> ull.c   |  42 ++
> 
> UefiCpuPkg/Feature/Capsule/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibN
> ull.inf |  40 +
> 
> UefiCpuPkg/Feature/Capsule/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibN
> ull.uni |  21 +
>  UefiCpuPkg/Feature/Capsule/MicrocodeCapsulePdb/MicrocodeCapsulePdb.dsc
> |  32 +
>  UefiCpuPkg/Feature/Capsule/MicrocodeCapsulePdb/MicrocodeCapsulePdb.fdf
> |  32 +
>  UefiCpuPkg/Feature/Capsule/MicrocodeCapsulePdb/Readme.md
> |  20 +
>  UefiCpuPkg/Feature/Capsule/MicrocodeCapsuleTxt/Microcode/Microcode.inf
> |  27 +
>  UefiCpuPkg/Feature/Capsule/MicrocodeCapsuleTxt/MicrocodeCapsuleTxt.dsc
> |  38 +
>  UefiCpuPkg/Feature/Capsule/MicrocodeCapsuleTxt/MicrocodeCapsuleTxt.fdf
> |  32 +
>  UefiCpuPkg/Feature/Capsule/MicrocodeCapsuleTxt/Readme.md
> |  33 +
>  UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeFmp.c
> | 537 ++++++++++++++
>  UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdate.c
> | 784 ++++++++++++++++++++
>  UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdate.h
> | 403 ++++++++++
>  UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf
> |  68 ++
>  UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.uni
> |  21 +
>  UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxeExtra.uni
> |  20 +
>  UefiCpuPkg/Include/Guid/MicrocodeFmp.h
> |  21 +
>  UefiCpuPkg/Include/Library/MicrocodeFlashAccessLib.h
> |  39 +
>  UefiCpuPkg/UefiCpuPkg.dec
> |   7 +
>  UefiCpuPkg/UefiCpuPkg.dsc
> |   2 +
>  20 files changed, 2219 insertions(+)
>  create mode 100644
> UefiCpuPkg/Feature/Capsule/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibN
> ull.c
>  create mode 100644
> UefiCpuPkg/Feature/Capsule/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibN
> ull.inf
>  create mode 100644
> UefiCpuPkg/Feature/Capsule/Library/MicrocodeFlashAccessLibNull/MicrocodeFlashAccessLibN
> ull.uni
>  create mode 100644
> UefiCpuPkg/Feature/Capsule/MicrocodeCapsulePdb/MicrocodeCapsulePdb.dsc
>  create mode 100644
> UefiCpuPkg/Feature/Capsule/MicrocodeCapsulePdb/MicrocodeCapsulePdb.fdf
>  create mode 100644 UefiCpuPkg/Feature/Capsule/MicrocodeCapsulePdb/Readme.md
>  create mode 100644
> UefiCpuPkg/Feature/Capsule/MicrocodeCapsuleTxt/Microcode/Microcode.inf
>  create mode 100644
> UefiCpuPkg/Feature/Capsule/MicrocodeCapsuleTxt/MicrocodeCapsuleTxt.dsc
>  create mode 100644
> UefiCpuPkg/Feature/Capsule/MicrocodeCapsuleTxt/MicrocodeCapsuleTxt.fdf
>  create mode 100644 UefiCpuPkg/Feature/Capsule/MicrocodeCapsuleTxt/Readme.md
>  create mode 100644 UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeFmp.c
>  create mode 100644 UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdate.c
>  create mode 100644 UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdate.h
>  create mode 100644
> UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf
>  create mode 100644
> UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.uni
>  create mode 100644
> UefiCpuPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxeExtra.uni
>  create mode 100644 UefiCpuPkg/Include/Guid/MicrocodeFmp.h
>  create mode 100644 UefiCpuPkg/Include/Library/MicrocodeFlashAccessLib.h
> 
> --
> 2.7.4.windows.1

     prev parent reply	other threads:[~2016-11-07 22:24 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-11-07 12:40 [PATCH V9 0/7] Add MicrocodeUpdate support Jiewen Yao
2016-11-07 12:40 ` [PATCH V9 1/7] UefiCpuPkg/Include: Add Microcode FMP definition Jiewen Yao
2016-11-07 12:40 ` [PATCH V9 2/7] UefiCpuPkg/Include: Add MicrocodeFlashAccessLib header Jiewen Yao
2016-11-07 12:40 ` [PATCH V9 3/7] UefiCpuPkg/UefiCpuPkg.dec: Add Microcode capsule related definition Jiewen Yao
2016-11-07 12:40 ` [PATCH V9 4/7] UefiCpuPkg/MicrocodeFlashAccessLib: Add NULL MicrocodeFlashAccessLib Jiewen Yao
2016-11-07 12:40 ` [PATCH V9 5/7] UefiCpuPkg/MicrocodeUpdate: Add MicrocodeUpdate component Jiewen Yao
2016-11-07 12:40 ` [PATCH V9 6/7] UefiCpuPkg/MicrocodeUpdate: Add Microcode FMP build sample Jiewen Yao
2016-11-07 12:40 ` [PATCH V9 7/7] UefiCpuPkg/UefiCpuPkg.dsc: Add MicrocodeCapsule related component Jiewen Yao
2016-11-07 22:23 ` Kinney, Michael D [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=E92EE9817A31E24EB0585FDF735412F5648416F9@ORSMSX113.amr.corp.intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox