From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web11.642.1666631102109261073 for ; Mon, 24 Oct 2022 10:05:02 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=EGxSL1co; spf=pass (domain: intel.com, ip: 192.55.52.136, mailfrom: pavamana.hv@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1666631102; x=1698167102; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=CaRtCxsG3FpPzOEiK8HkWb3zO1zgq5qLjJNwDBCTFYg=; b=EGxSL1co1qmNVX2rs0UI43pn1D+FUu0B63LEPxf0NqiT44gif/iTtrpE IGQRa1oj6trrsNHH4NvLghvawvWa4YbO9X3Nv6DNRG37kdSuA6YNzH1v6 3QEaNBadufy17PDkmG4HgkwcZAHMSc/SIxulQ87UtkBsbYoMqxh8IHlDR 2P9DbBAc3JjZNQX4VjCwXLCnZA809Km7uXf4o/Nog2gxyMqHfW+jnn01b +G6icjzUGFrg15E7PnCGc3keSus6mLE7Qb9sbt7CA0lFxpA9YKOSuGUBk Y195/UyJ92ZqnAIwYIFelYFog69JM9673OXsc01gRCqH7mmWQ074PLO// A==; X-IronPort-AV: E=McAfee;i="6500,9779,10510"; a="287193307" X-IronPort-AV: E=Sophos;i="5.95,209,1661842800"; d="scan'208,217";a="287193307" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Oct 2022 10:04:51 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10510"; a="700233446" X-IronPort-AV: E=Sophos;i="5.95,209,1661842800"; d="scan'208,217";a="700233446" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by fmsmga004.fm.intel.com with ESMTP; 24 Oct 2022 10:04:51 -0700 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 24 Oct 2022 10:04:50 -0700 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 24 Oct 2022 10:04:50 -0700 Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31 via Frontend Transport; Mon, 24 Oct 2022 10:04:50 -0700 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.41) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.31; Mon, 24 Oct 2022 10:04:50 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZUGk6iomm7XD92lwe6vesOXAdvnvQDIMta5fy671YPITnhSUU423MBJXPueNQ/m2OCVdKikl74JqSfd3NNJ6MvB6KSp1LSLEL94h+xh7VKDfrBxYR9XeBNFmCSK1y4SeCNxXf/MfNQDYmzW9032cUdrLBPEWhq/xuqxD78+wcuarPigA9Ntb6hr5cDkJWW6T4uB932nWtEM6f1FS8pzZpyzf/5RrLyc/6fI1gZ/fR5LSexRjsqBI9uIlU7rcDLjbJZv4yQS87SY20/Uw79rUFO7yDzxaT9vfOuDqwta8UEe9ql32yA8+CGJvL1nyduGVuQJZ/ecN16r7wUL2Vuorqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2Yv5gjx8EA76moLXFexSYS2eUE2tk8gelqsgb+DocJ0=; b=RI4R9Eg/A9MNwXMIA9CDwNh6n+YXd3lBRrzRyX2eV7fwN3ZQvMAdriOTaM7R4/ME0VL9tm9Jc3PhnjHEi4FGK0vonVTBSYVjhr1qWZuQG1jde+xZAdNSrvMKfoYulnwJcLD3vlagAgJ/e5CpNQ8OA1S0A202UhC1nHfG6WNDQvOJoj+9ASeo66IeyH/EQyo519TCJ7Vxa/kIeJ6YOi9zkFYS2m7SSvmVLbGjqRNUwUdSHh1O/xQDRXkBiRX0uOPz0da2DlppVO7MZjRJW2dDwzUa09F7ij3gXGPyZKnK9Rj4T69mgcoiJZzMWNMbSKwjknXyaXRuHsdkN/6B2DSeng== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from SJ0PR11MB5631.namprd11.prod.outlook.com (2603:10b6:a03:3ae::14) by MW5PR11MB5881.namprd11.prod.outlook.com (2603:10b6:303:19d::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.26; Mon, 24 Oct 2022 17:04:47 +0000 Received: from SJ0PR11MB5631.namprd11.prod.outlook.com ([fe80::6cff:e530:e98b:d447]) by SJ0PR11MB5631.namprd11.prod.outlook.com ([fe80::6cff:e530:e98b:d447%9]) with mapi id 15.20.5723.035; Mon, 24 Oct 2022 17:04:47 +0000 From: "Hv, Pavamana" To: "devel@edk2.groups.io" , "Gao, Liming" Subject: Re: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support in FitGen.c Thread-Topic: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support in FitGen.c Thread-Index: AQHY5DgiKrE1xDS5Ckee+0QXprKqAa4dzIxw Date: Mon, 24 Oct 2022 17:04:47 +0000 Message-ID: References: <3bbfe7d39637575ca8942493c7d70df111400f1c.1666228699.git.pavamana.hv@intel.com> In-Reply-To: <3bbfe7d39637575ca8942493c7d70df111400f1c.1666228699.git.pavamana.hv@intel.com> Accept-Language: en-US X-Mentions: gaoliming@byosoft.com.cn X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.500.17 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SJ0PR11MB5631:EE_|MW5PR11MB5881:EE_ x-ms-office365-filtering-correlation-id: 9ce885c4-d441-4303-4430-08dab5e1db30 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 8YI0rXDxKer9btpemCxCkzp3EUd+zYMFH61hl8rxvqJBf6cBGjzCY0gRmQvOCiRRFjREWmapbgtR2us7L5C4y/eQnkpvC3EWEhhlfPgr8Cm9YLZ5JxG/bRxN7Zray3T9wYiZbfP3vZThtQdH5QBz1vIP1EH96gvmAg9GRXTRg5y2TDcFgTUeJrk3pl5jK6hhpOYWHQKrc+fvLzxG5tpzrH87B0FCmU9rF6GMVMkgpNgNenPizUYMmQn94F+x1g+EYq/tphFAgXmKn/xgWkxmc0Do3H24AliyErWy6izbgWgD3f8rs6rjHiMnCyaxAniRGc1FTQ+OEeDQAaws5zPOyaySi5p7GTvGp9aY0IHV4rjBfbwqBBKBJzKFv4NaFOlSKE3N+qj9ebJs9iSxEXKs20vzcoM1eyc/hdXnG4qT9Ykkxmfj6/P6q5S5BqOaOmEhFfqFc0oBXKToKb43iOSPwX6jay61oFioPr2Fog9Wii6epVGaNWO8atIJhas+meiGPSUlwScDTq1pZqdNovZEoPmEDS4mGyjCF61v5+/+seRGz6fWShHIJXSoKEWUGXqEguFqTLEcZU99kO3ULhvQ4fbuIHSxkElA2JIPWtnWBwpLh68QdXhRybqivvZeVhSDRt+DIkXGXoqfEkGF9fmWW/6KAg7nldOaMxca2DrUnq2qk0M/m6foe9KO+Nl1+VlC+MlRrxce5v0iX5Ymf13bTjnPAF/sb+jcXUE2nXz/Vwn7P+rPPrTtV0i7omqTe8Kw4EmoQAXokLWZmAm8n4c9wBdwFbVt9aPQBonw22e+aGA= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SJ0PR11MB5631.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(396003)(346002)(136003)(376002)(39860400002)(366004)(451199015)(66476007)(66446008)(66556008)(64756008)(66946007)(8676002)(76116006)(8936002)(2906002)(86362001)(41300700001)(316002)(110136005)(5660300002)(33656002)(55016003)(52536014)(82960400001)(38100700002)(186003)(122000001)(83380400001)(478600001)(966005)(7696005)(6506007)(71200400001)(166002)(53546011)(38070700005)(9686003)(26005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?Y97ufyTMA1TP1fhy3w3XQPXLrZ//w3+hMH+R/pgfbdtRzahukCOjKqQPID2S?= =?us-ascii?Q?9ol0nx4F+gdAH5bgC+iGvyIKcACNbfcF6OOgpO2I8MhW/QYNLuqdbX2dmFk1?= =?us-ascii?Q?pGCcOXCtcMCBEIHAS2eRzdSFUtog76InCqDY9pUXTvHXlpiXN5n1OeYOC3JC?= =?us-ascii?Q?Sblbr9stc2FZORjjHzGjK7gy8s8VWrpK9qlu+Qd0QjyykFEmunJWg99dBoU3?= =?us-ascii?Q?SmV2jgCxA4unWLrI47aDBTNeVwI8xp2j+wa7qzIzfTS0wQ522L9W7QAA1Utd?= =?us-ascii?Q?81QOs9FEbE9ZCd0aiscrX7CPryg8M1htb3dQZHEcsPpKMpxEpNt0eKAVCQSK?= =?us-ascii?Q?KdRjhVusXGbxz1mObqbVnW8wiuK2k0INTU+vHXH9IvyIAF4IhaHmMEEPR2JZ?= =?us-ascii?Q?h7/+LrrPI1aho+ntd3FKQjCO5+gVXItmvNhgaJgOiVSVaoUAQKLftlB7tYv5?= =?us-ascii?Q?FEoxo45+R/idPQl8k7bhDCxtMMCwsCU6/NqaBq8OjtCa00dJsqDltxMe5gSM?= =?us-ascii?Q?eRmgMISa+mGaecQt4wIyfCU2oo9Cdk56mW2zMXrLX3ZXu/X7uC6gEs9hnBv7?= =?us-ascii?Q?KjPqJohPzpj+NXc+yzz1/eFG4v8/roWYUUviNvlPjPnzNtEZwQU4MJhHr7+e?= =?us-ascii?Q?IsCB1/vb1g5/y+CZ9hH1GXgvDa2b9lLmpMV7xd3WCxx8ONAUWy2ENAg6t2sw?= =?us-ascii?Q?4c8NtBDjhGgOWLBhDo2+3xSqS7r3HJQ97k/Dq3wdtY9YzD/jZeqYbnWK6Dr9?= =?us-ascii?Q?Ilh+/hPW0vGMJeDtoi9oTpoMqFtSFi5/QruW2aB+M7JpFIBG9JRY0cjIQYws?= =?us-ascii?Q?+sEbAHJc/pX4MGdHy/VfJLJipf+Jk9ZtAOMUOHawYO27Lo7e4uWXqw84DTrX?= =?us-ascii?Q?SSVsh+WxFfGIhmEreWKkU79Mfb+zQSQDI2eFHrCw8OAvpU5hHwmgCNpz2Bp7?= =?us-ascii?Q?JVXuSH/qfklZGN4O5iELXpFpW5VVOtzf4u9uPAtInuS4U+SeVlueUfxv2Lre?= =?us-ascii?Q?yKJe3DNfN95yMjS2lrOdDPap/whUK+dajtQIwedIoqa0KciAL0uNy0mnJL2/?= =?us-ascii?Q?yV3E5ry8K568aYnXtlPwtpH3ZvEtdXWzyDGepyS30vaxon9sOvoJ90xPvniK?= =?us-ascii?Q?LeUoGtmpoO0mRmCjAwc/Nf2mzwSqTV8y50R4yCRbn9ZnzS+6PlVKld74IW6a?= =?us-ascii?Q?0yfk77f9mWXIJK2chvlpfcSNCyJzGLXhS3Z4U0v5DqGmAL3cb+J/goXVD9rE?= =?us-ascii?Q?SjHlRhShK+spL4ag6eU/L4PGUYoGQsxgMIQtBB0CfCPRIZxVKYyRmCA8HDdh?= =?us-ascii?Q?f/moDY6fpCqMSmjNrSYuW+gj3sQ7arEcbrXutYb2jWzXoHFIMgKaNZGWzCBA?= =?us-ascii?Q?mls6atDAriQIfIjjQ3EuSVkB0jjwwAuaf2+HIEotS79B0ncfyJ+52CWYf9gz?= =?us-ascii?Q?2mfee5Rg7Lz93PrxYMDkdZMTR61SzWIoahq1uj/p1vzn25uTu9DpjEg/A3tL?= =?us-ascii?Q?diy6+VGQxJlJPha4V5JMuVhcOFrSJ7E+8KTwcizK/2FtUGdU4aYZiMDlhs7r?= =?us-ascii?Q?a23jzgzJngWkCPUHjq8I/5wEia80PEdbW/7NIsQU?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ0PR11MB5631.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9ce885c4-d441-4303-4430-08dab5e1db30 X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Oct 2022 17:04:47.5364 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: n1sJXCpNPDIQ0mHX6slMsyWykGIVEdbvRPth9HHWEZRkDjJzbVYhRnbX7pzMbzVlhE5D0vp/hf1W3rcMjbrUGw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW5PR11MB5881 Return-Path: pavamana.hv@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_SJ0PR11MB563167A50F3FBBF22765583EFA2E9SJ0PR11MB5631namp_" --_000_SJ0PR11MB563167A50F3FBBF22765583EFA2E9SJ0PR11MB5631namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable @Gao, Liming, Can you please review the patch and let me know if this can be merged? Thanks in advance for your help. Regards, Pavamana -----Original Message----- From: Hv, Pavamana Sent: Wednesday, October 19, 2022 8:57 PM To: devel@edk2.groups.io Cc: Hv, Pavamana Subject: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support = in FitGen.c REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4086 This commit adds support for new FIT record type for Vendor Authorized Boot= (VAB) security technology(FIT spec revision 1.4). VAB defines 3 new following types Vendor Authorized Boot Provisioning Table (Type 0x1A) Vendor Authorized Boo= t Image Manifest (Type 0x1B) Vendor Authorized Boot Key Manifest (Type 0x1C= ) The code has been updated to align these binaries on 64 byte boundary and= not to overlap with other regions, similar to Key manifest, Boot Policy ma= nifest and other optional types. Also added macros to define FIT spec Major and Minor version numbers and pr= int the same instead of hardcoded string. Signed-off-by: Pavamana Holavanahalli > --- Silicon/Intel/Tools/FitGen/FitGen.c | 61 +++++++++++++++++++---------- Sil= icon/Intel/Tools/FitGen/FitGen.h | 5 ++- 2 files changed, 44 insertions(+), 22 deletions(-) diff --git a/Silicon/Intel/Tools/FitGen/FitGen.c b/Silicon/Intel/Tools/FitG= en/FitGen.c index 21dfcf1ebb..87123f9922 100644 --- a/Silicon/Intel/Tools/FitGen/FitGen.c +++ b/Silicon/Intel/Tools/FitGen/FitGen.c @@ -234,20 +234,24 @@ typedef struct { #define FLASH_TO_MEMORY(Address, FvBuffer, FvSize) \ (VOI= D *)(UINTN)((UINTN)(FvBuffer) + (UINTN)(FvSize) - (TOP_FLASH_ADDRESS - (UIN= TN)(Address))) -#define FIT_TABLE_TYPE_HEADER 0-#define FIT= _TABLE_TYPE_MICROCODE 1-#define FIT_TABLE_TYPE_STARTUP_ACM = 2-#define FIT_TABLE_TYPE_DIAGNST_ACM 3-#define FIT_TABLE= _TYPE_BIOS_MODULE 7-#define FIT_TABLE_TYPE_TPM_POLICY = 8-#define FIT_TABLE_TYPE_BIOS_POLICY 9-#define FIT_TABLE_TYPE_= TXT_POLICY 10-#define FIT_TABLE_TYPE_KEY_MANIFEST 11-= #define FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST 12-#define FIT_TABLE_TYPE_BIO= S_DATA_AREA 13-#define FIT_TABLE_TYPE_CSE_SECURE_BOOT 16-#de= fine FIT_TABLE_SUBTYPE_FIT_PATCH_MANIFEST 12-#define FIT_TABLE_SUBTYPE_ACM= _MANIFEST 13+#define FIT_TABLE_TYPE_HEADER 0+#d= efine FIT_TABLE_TYPE_MICROCODE 1+#define FIT_TABLE_TYPE_S= TARTUP_ACM 2+#define FIT_TABLE_TYPE_DIAGNST_ACM = 3+#define FIT_TABLE_TYPE_BIOS_MODULE 7+#define FIT_TAB= LE_TYPE_TPM_POLICY 8+#define FIT_TABLE_TYPE_BIOS_POLICY = 9+#define FIT_TABLE_TYPE_TXT_POLICY 10+#defi= ne FIT_TABLE_TYPE_KEY_MANIFEST 11+#define FIT_TABLE_TYPE_BOO= T_POLICY_MANIFEST 12+#define FIT_TABLE_TYPE_BIOS_DATA_AREA = 13+#define FIT_TABLE_TYPE_CSE_SECURE_BOOT 16+#define FIT_TA= BLE_SUBTYPE_FIT_PATCH_MANIFEST 12+#define FIT_TABLE_SUBTYPE_ACM_MANIF= EST 13+#define FIT_TABLE_TYPE_VAB_PROVISION_TABLE 26+#d= efine FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST 27+#define FIT_TABLE_TYPE_= VAB_BOOT_KEY_MANIFEST 28+ // // With OptionalModule Address isn't kn= own until free space has been@@ -322,8 +326,10 @@ Returns: --*/ { printf (- "%s - Tiano IA32/X64 FIT table generation Utility for= FIT spec revision 1.2."" Version %i.%i\n\n",+ "%s - Tiano IA32/X64 FIT = table generation Utility for FIT spec revision %i.%i."" Version %i.%i\n\n",= UTILITY_NAME,+ FIT_SPEC_VERSION_MAJOR,+ FIT_SPEC_VERSION_MINOR, = UTILITY_MAJOR_VERSION, UTILITY_MINOR_VERSION );@@ -1956,7 +1962= ,10 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE= _KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type =3D= =3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.Optio= nalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- (gFi= tTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_B= OOT)) {+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TAB= LE_TYPE_CSE_SECURE_BOOT) ||+ (gFitTableContext.OptionalModule[Index]= .Type =3D=3D FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST= ) ||+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_= TYPE_VAB_BOOT_KEY_MANIFEST)) { // NOTE: It might be virtual address n= ow. Just put a place holder. FitEntryNumber ++; }@@ -2154,8 +2163= ,11 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TY= PE_KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_S= ECURE_BOOT)) {- // Let it 64 byte align+ (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+ = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_= PROVISION_TABLE) ||+ (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST))= {+ // Let it 64 byte align AlignedSize +=3D BIOS_MODULE_A= LIGNMENT; AlignedSize &=3D ~BIOS_MODULE_ALIGNMENT; }@@ -2166,= 8 +2178,11 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TY= PE_KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_S= ECURE_BOOT)) {- // Let it 64 byte align+ (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+ = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_= PROVISION_TABLE) ||+ (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST))= {+ // Let it 64 byte align OptionalModuleAddress =3D (UIN= T8 *)((UINTN)OptionalModuleAddress & ~BIOS_MODULE_ALIGNMENT); } @@ -2= 201,7 +2216,11 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE= _KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type =3D= =3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.Optio= nalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- (gFi= tTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_B= OOT)) {+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TAB= LE_TYPE_CSE_SECURE_BOOT) ||+ (gFitTableContext.OptionalModule[Index]= .Type =3D=3D FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST= ) ||+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_= TYPE_VAB_BOOT_KEY_MANIFEST)) {+ CheckOverlap (gFitTableContext.Option= alModule[Index].Address, AlignedSize); } }diff --git a/Silicon/Intel/= Tools/FitGen/FitGen.h b/Silicon/Intel/Tools/FitGen/FitGen.h index 80a1423ceb..511ab652ab 100644 --- a/Silicon/Intel/Tools/FitGen/FitGen.h +++ b/Silicon/Intel/Tools/FitGen/FitGen.h @@ -31,9 +31,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent // Utility version information // #define UTILITY_MAJOR_VERSION 0-#define U= TILITY_MINOR_VERSION 66+#define UTILITY_MINOR_VERSION 67 #define UTILITY_DA= TE __DATE__ +#define FIT_SPEC_VERSION_MAJOR 1+#define FIT_SPEC_VER= SION_MINOR 4+ // // The minimum number of arguments accepted from the comma= nd line. //-- 2.26.2.windows.1 --_000_SJ0PR11MB563167A50F3FBBF22765583EFA2E9SJ0PR11MB5631namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

@Gao, Liming,<= /o:p>

Can you please review the patch and let me know i= f this can be merged?

Thanks in advance for your help.

Regards,

Pavamana

 

-----Original Message-----
From: Hv, Pavamana <pavamana.hv@intel.com>
Sent: Wednesday, October 19, 2022 8:57 PM
To: devel@edk2.groups.io
Cc: Hv, Pavamana <pavamana.hv@intel.com>
Subject: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support = in FitGen.c

 

REF: https://bugzilla.tian= ocore.org/show_bug.cgi?id=3D4086

 

This commit adds support for new FIT record type = for Vendor Authorized Boot (VAB) security technology(FIT spec revision 1.4)= .

VAB defines 3 new following types

Vendor Authorized Boot Provisioning Table (Type 0= x1A) Vendor Authorized Boot Image Manifest (Type 0x1B) Vendor Authorized Bo= ot Key Manifest (Type 0x1C) The code has been updated to align these binari= es on 64 byte boundary and not to overlap with other regions, similar to Key manifest, Boot Policy manifest = and other optional types.

 

Also added macros to define FIT spec Major and Mi= nor version numbers and print the same instead of hardcoded string.

 

Signed-off-by: Pavamana Holavanahalli <pavamana.hv@intel.com>

---

Silicon/Intel/Tools/FitGen/FitGen.c | 61 ++++++++= +++++++++++----------  Silicon/Intel/Tools/FitGen/FitGen.h |  5 += +-

2 files changed, 44 insertions(+), 22 deletions(-= )

 

diff --git a/Silicon/Intel/Tools/FitGen/FitGen.c = b/Silicon/Intel/Tools/FitGen/FitGen.c

index 21dfcf1ebb..87123f9922 100644

--- a/Silicon/Intel/Tools/FitGen/FitGen.c

+++ b/Silicon/Intel/Tools/FitGen/FitGen.c

@@ -234,20 +234,24 @@ typedef struct {=

#define FLASH_TO_MEMORY(Address, FvBuffer, FvSize= )  \           =        (VOID *)(UINTN)((UINTN)(FvBuffer) + (U= INTN)(FvSize) - (TOP_FLASH_ADDRESS - (UINTN)(Address))) -#define FIT_TABLE_= TYPE_HEADER          &nbs= p;      0-#define FIT_TABLE_TYPE_MICROCODE &n= bsp;            1-#define FIT_TABLE_TYPE_STARTUP_ACM      &n= bsp;     2-#define FIT_TABLE_TYPE_DIAGNST_ACM &nbs= p;          3-#define FIT_TABL= E_TYPE_BIOS_MODULE         &nb= sp;  7-#define FIT_TABLE_TYPE_TPM_POLICY      = ;       8-#define FIT_TABLE_TYPE_BIOS_PO= LICY            9-#d= efine FIT_TABLE_TYPE_TXT_POLICY       &n= bsp;     10-#define FIT_TABLE_TYPE_KEY_MANIFEST      =      11-#define FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST&nbs= p;  12-#define FIT_TABLE_TYPE_BIOS_DATA_AREA    &n= bsp;    13-#define FIT_TABLE_TYPE_CSE_SECURE_BOOT  = ;      16-#define FIT_TABLE_SUBTYPE_FIT_PATCH_MANI= FEST  12-#define FIT_TABLE_SUBTYPE_ACM_MANIFEST        1= 3+#define FIT_TABLE_TYPE_HEADER       &n= bsp;            = ;  0+#define FIT_TABLE_TYPE_MICROCODE     &nb= sp;            = 1+#define FIT_TABLE_TYPE_STARTUP_ACM      &n= bsp;          2+#define FIT_TA= BLE_TYPE_DIAGNST_ACM         &= nbsp;       3+#define FIT_TABLE_TYPE_BIOS_MODULE        =          7+#define FIT_TABLE_TYPE_T= PM_POLICY           =        8+#define FIT_TABLE_TYPE_BIOS_POLICY&n= bsp;            &nbs= p;   9+#define FIT_TABLE_TYPE_TXT_POLICY   &n= bsp;            = ;  10+#define FIT_TABLE_TYPE_KEY_MANIFEST     = ;           11+#define FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST    &nbs= p;   12+#define FIT_TABLE_TYPE_BIOS_DATA_AREA   &n= bsp;          13+#define FIT_T= ABLE_TYPE_CSE_SECURE_BOOT        &n= bsp;    16+#define FIT_TABLE_SUBTYPE_FIT_PATCH_MANIFEST = ;      12+#define FIT_TABLE_SUBTYPE_ACM_MANIFEST&n= bsp;            13+#define FIT_TABLE_TYPE_VAB_PROVISION_TABLE     = ;    26+#define FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST =     27+#define FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST &nb= sp;     28+  // // With OptionalModule Address isn= 't known until free space has been@@ -322,8 +326,10 @@ Returns:

--*/ {   printf (-    &q= uot;%s - Tiano IA32/X64 FIT table generation Utility for FIT spec revision = 1.2."" Version %i.%i\n\n",+    "%s - Tia= no IA32/X64 FIT table generation Utility for FIT spec revision %i.%i."= " Version %i.%i\n\n",     UTILITY_NAME,+ = ;   FIT_SPEC_VERSION_MAJOR,+    FIT_SPEC_VERSION_MINOR, &n= bsp;   UTILITY_MAJOR_VERSION,     UTILITY_MIN= OR_VERSION     );@@ -1956,7 +1962,10 @@ Returns:

         = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_KEY_MANI= FEST) ||         (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||&n= bsp;        (gFitTableContext.OptionalMo= dule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-     &nb= sp;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYP= E_CSE_SECURE_BOOT)) {+        (gFitTable= Context.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) |= |+        (gFitTableContext.OptionalModu= le[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+    &nbs= p;   (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABL= E_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+      &nbs= p; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_B= OOT_KEY_MANIFEST)) {       // NOTE: It might be virtual address now. Just put a place holder.   &n= bsp;   FitEntryNumber ++;     }@@ -2154,8 +21= 63,11 @@ Returns:

        &= nbsp;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_T= YPE_KEY_MANIFEST) ||         &= nbsp; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BO= OT_POLICY_MANIFEST) ||         = ;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-     &nb= sp;    (gFitTableContext.OptionalModule[Index].Type =3D=3D F= IT_TABLE_TYPE_CSE_SECURE_BOOT)) {-       &nbs= p;// Let it 64 byte align+        &= nbsp; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CS= E_SECURE_BOOT) ||+          (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_PRO= VISION_TABLE) ||+          (gF= itTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IM= AGE_MANIFEST) ||+          (gF= itTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KE= Y_MANIFEST)) {+          // Let it 64 byte= align         AlignedSize +=3D BIO= S_MODULE_ALIGNMENT;         Aligned= Size &=3D ~BIOS_MODULE_ALIGNMENT;       }= @@ -2166,8 +2178,11 @@ Returns:

        &= nbsp;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_T= YPE_KEY_MANIFEST) ||         &= nbsp; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BO= OT_POLICY_MANIFEST) ||         = ;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-     &nb= sp;    (gFitTableContext.OptionalModule[Index].Type =3D=3D F= IT_TABLE_TYPE_CSE_SECURE_BOOT)) {-       = ; // Let it 64 byte align+        &= nbsp; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CS= E_SECURE_BOOT) ||+          (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_PRO= VISION_TABLE) ||+          (gF= itTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IM= AGE_MANIFEST) ||+          (gF= itTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KE= Y_MANIFEST)) {+          // Let it 64 byte= align         OptionalModuleAddres= s =3D (UINT8 *)((UINTN)OptionalModuleAddress & ~BIOS_MODULE_ALIGNMENT);=        } @@ -2201,7 +2216,11 @@ Returns:=

         = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_KEY_MANI= FEST) ||         (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||&n= bsp;        (gFitTableContext.OptionalMo= dule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-     &nb= sp;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYP= E_CSE_SECURE_BOOT)) {+        (gFitTable= Context.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) |= |+        (gFitTableContext.OptionalModu= le[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+    &nbs= p;   (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABL= E_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+      &nbs= p; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_B= OOT_KEY_MANIFEST)) {+       CheckOverlap (gFitTableContext.OptionalModule[Index].Address, AlignedSize);  =    }   }diff --git a/Silicon/Intel/Tools/FitGen/FitGen.= h b/Silicon/Intel/Tools/FitGen/FitGen.h

index 80a1423ceb..511ab652ab 100644

--- a/Silicon/Intel/Tools/FitGen/FitGen.h

+++ b/Silicon/Intel/Tools/FitGen/FitGen.h

@@ -31,9 +31,12 @@ SPDX-License-Identifier: BSD-2= -Clause-Patent

// Utility version information // #define UTILITY= _MAJOR_VERSION 0-#define UTILITY_MINOR_VERSION 66+#define UTILITY_MINOR_VER= SION 67 #define UTILITY_DATE        = ;  __DATE__ +#define FIT_SPEC_VERSION_MAJOR 1+#define FIT_SPEC_VERSION= _MINOR 4+ // // The minimum number of arguments accepted from the command line. /= /--

2.26.2.windows.1

 

--_000_SJ0PR11MB563167A50F3FBBF22765583EFA2E9SJ0PR11MB5631namp_--