From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web09.313.1666734619868833259 for ; Tue, 25 Oct 2022 14:50:20 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=f+Dqlkzj; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: pavamana.hv@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1666734619; x=1698270619; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=OgzXfPDEE6z0K7DcHOodMETRbx9QNzT2JTe9LHWmH7o=; b=f+DqlkzjQ2g/ZfEAul82fYupRsaPoSpaD2UmavSfHUSKoDmQA64Zyrxp 93a4GO1SGdpfhAuMY5QNgeCWGQQXeWaRCml6i5LEWESkBHBC5U9MYO16A vpAMr9u5xLL7skHAJtFyDpzSnGncsqCxG60lbFGU29ezvQ3SnFuq+sA3t BjQqT/r3zJhlOFvwR1ymPMS3UjYqNouRBVPTDcq7Eat0voz/3Qc1t24GQ 2ePOizDu55YEBflDydRxDSJszdlW2tFdWtgrW2IKLRqq/I7AdV2Dx7PFB 3PYme3Qav63+g75BYgRXidJQiDiQJC25/hMy87XWGVpkv3T9fmOmK6UbX Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10511"; a="307795668" X-IronPort-AV: E=Sophos;i="5.95,213,1661842800"; d="scan'208,217";a="307795668" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Oct 2022 14:50:19 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10511"; a="634264686" X-IronPort-AV: E=Sophos;i="5.95,213,1661842800"; d="scan'208,217";a="634264686" Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by fmsmga007.fm.intel.com with ESMTP; 25 Oct 2022 14:50:19 -0700 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Tue, 25 Oct 2022 14:50:18 -0700 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Tue, 25 Oct 2022 14:50:18 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31 via Frontend Transport; Tue, 25 Oct 2022 14:50:18 -0700 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.169) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.31; Tue, 25 Oct 2022 14:50:18 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n5puR7gc18Xdqv2C0c3gFY+si5SGPGN0t5h+Whw+23SbB+hrlh4OPjHvfyjq0eaIvr2TUaX7CPRxQMinvaOFVJRkxnFk+337mjl4qtC6rpzyqbIzlqV/D1Uyau3o+vKdj+J9ikKKFXS0uOJvTnlZXNjE2/TdDSVlrO3Ps5TMUyYfC7chgTSPBJSXAsrMHQFphIDAktvwb+jzJxFUbJr4we3z7EYUTzilXPuqvWuZb1bfw4ZAOplxohMdx5F9pKeMoRbLm2f1QOwEsPZxcEPetq3zINe3d5KZce5FEdkhSOSFkw/dDRMBOBDW0ffpwOQqGHNkuBcth6bhQ+ki9xYfBw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2Hc0hx0BZhcVCWZek+7CwesSHHNBsSwyvoZzTlaSOeE=; b=oQNTA1YpyVfKrFfZDpEi8d960/c5QQOuVoQPUwEgLqoDboJPU2bElrGw2k3sEGX2fqYK1LxDbAkQO5WTGKOqFBpjNSsFBlSk/uIBs/th4tLM67g7a2whzLWinJD3tbu+91L0LsCOoTpKJg8YXuV/J0lO1fsN39aK5V19frpcv7IDRdGhP80fDc2TPWtYuu2uvc4hDbibZ9NYbI7KSxW5E5sSG7zQT2/xb6n6XbGWBU+1kGrwDVOBMoJXNRcGN1E/smuocZKviOf0SVuuHojH6pHXiwv8c1Rwi2ucJBNJv3gB1NcUrOgc5V7AIoSnzNDb1vWDgm5gkj4YAn4kx3MczA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from SJ0PR11MB5631.namprd11.prod.outlook.com (2603:10b6:a03:3ae::14) by DM4PR11MB7350.namprd11.prod.outlook.com (2603:10b6:8:105::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5723.30; Tue, 25 Oct 2022 21:50:14 +0000 Received: from SJ0PR11MB5631.namprd11.prod.outlook.com ([fe80::6cff:e530:e98b:d447]) by SJ0PR11MB5631.namprd11.prod.outlook.com ([fe80::6cff:e530:e98b:d447%9]) with mapi id 15.20.5723.035; Tue, 25 Oct 2022 21:50:13 +0000 From: "Hv, Pavamana" To: "devel@edk2.groups.io" , "Gao, Liming" CC: "Feng, Bob C" , "Holland, Michael" Subject: Re: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support in FitGen.c Thread-Topic: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support in FitGen.c Thread-Index: AQHY5DgiKrE1xDS5Ckee+0QXprKqAa4dzIxwgAHiPLA= Importance: high X-Priority: 1 Date: Tue, 25 Oct 2022 21:50:12 +0000 Message-ID: References: <3bbfe7d39637575ca8942493c7d70df111400f1c.1666228699.git.pavamana.hv@intel.com> In-Reply-To: Accept-Language: en-US X-Mentions: gaoliming@byosoft.com.cn X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.500.17 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SJ0PR11MB5631:EE_|DM4PR11MB7350:EE_ x-ms-office365-filtering-correlation-id: b9d9eb11-c81b-48d2-dd1f-08dab6d2e526 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: NWxxjnCqzFnBDX9QrDZi2uW8ivuP4Xyd23oehQgMwVIc3UwMDYceLRd494vvaTixNvg/x68t9lEc4x0kp+1iUb/nSnK9w+eEbo52DppnlB1o7WLGlESoWLb9Uv4Q+7JyU/YvWDtNCQMfRRclgZwk828SwpjZV7T3W5JmGDKvj6b3sx1tlSNKr2SkkE/Zu0NURtoAnGSiEtvbD97VpaCRvRdj7mYY7dr6CBvuykcmkZmch7xBiCRfyeH4uKqW1Pvhyo/vCu9mUYxWJijTGeeoXScD78PXXuyMQX7af/6M9dy0VTJpHZ9YhyeZkGvHoZrPeNREpQ03Z4vHywbsj8HjwEf2xoDVfePLgglfN+YLCR5WUZSeNEJ4tEzapxs4xOmQ9xrRiBTfA8GRo6oeW+Xt5EigFIvT01C1u811EBWn3SWvBKnUTcbL336shkEiRCzx65m8a23xStnynlTsjsMAVvEfXKbAK1j8m++tjehQnAC4cwpuB3JkD/zwh0+CyPCYRbM8DjkD2K+08OEScglfHhq7z3NhP8bnYpiYBsDHVZpOylgSNaZSPn/mUwETwrQnAi/YG9Q4YdNwdeW2T+lXTCxwttzO9WaaYXn7aR1HWni+FALyLmbxwlejvF4uiWBW2uWDAO/f676WvaPLR8gOCfYRvjs92HSsQn4WiLzObYNgxLa4fMAeqRdIlW2WEpqUXEalmJdkb3PzS4n7x9m/o2ogCVdQIdgxEIo10b+dKH3LuA4aRvIYgFx/Jy8lGrSBAFZWJ4KgEA5dkpiHFtCIb13BZHVgKxTYRssXEwXl+as= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SJ0PR11MB5631.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(346002)(376002)(396003)(366004)(39860400002)(136003)(451199015)(166002)(82960400001)(76116006)(38070700005)(86362001)(33656002)(38100700002)(107886003)(83380400001)(7696005)(55016003)(9686003)(64756008)(66446008)(8676002)(54906003)(66946007)(66476007)(8936002)(316002)(110136005)(122000001)(5660300002)(4326008)(9326002)(6506007)(966005)(41300700001)(2906002)(71200400001)(53546011)(66556008)(26005)(478600001)(186003)(52536014);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?veWAKK06wHniULpBWlfdwRDF8FDzEfqs9yoKjP5Kpt6nkjIPCDXp3+1EUWjf?= =?us-ascii?Q?tLBMIyeqjavl3Azz7mK5KUOOoFNR4/WgLuyhwOaGri0BTEwaJdNrcILKkOoV?= =?us-ascii?Q?JvDipoaQ0vk0FD3hl+TK1tuQp5zQwYqzV4rCtkTadb4zDYSRE9CIi2xJleBC?= =?us-ascii?Q?EYetO0imloVAUPmcmjMv8xCeUmI4JWny9nqaso/BAdOnUoQBPox0I3+6laAk?= =?us-ascii?Q?u5ylAcKvmCG/0zz+zY84sEbvw10lTZYkMse8daOk0m128drhvIHuV1Cv/H/O?= =?us-ascii?Q?TdzMT2Xq55d3VICjuo/WSayyaKBmgscq+CcC/vyjnsAwsqsI2eGA9CJzWfDa?= =?us-ascii?Q?lee3lqwg2dG1hkGDGAncYP9qAkw4s0FaTvbwHTVTgbHW41urjbYtIEj87qls?= =?us-ascii?Q?e0BeAdfXvTUPsA2vxQ0guiQFHZ5WUUjXBHeWy1Bph2ZOb5jD6hs1mjP7tH/3?= =?us-ascii?Q?eXSUSYz5WQjh95UaTUBEk28VSC+rPSJAza1qy6Cn2mNUVJBh9CtusJsfWAjx?= =?us-ascii?Q?w9C4SsQ2WoDM4PY3LBDI74cok7n2Nz1ylfGdskwL3fL7TSz92F6lEU4kvek8?= =?us-ascii?Q?NlFLsGgmGvXXcflAoKTOrm1clGPTkuSJaG5Xqhhc0Kbrt54NlktH9J1mM2ps?= =?us-ascii?Q?ojK5iu4eoLykyW3RxOqRUVkQAN//9lybGsxBWuYMzZf/JKvHMS0KKsylVvIm?= =?us-ascii?Q?83+qY1vD4o2lU+fCml+ryY/n5UP5MSqSVcRa/V0F+k5JJ/4gNV2zOsqplckV?= =?us-ascii?Q?zIcUps2PjsMOLi+vGv72s7J85FbiLNky8SBFF+GNc2xCoscCt8tJIMVG/iCI?= =?us-ascii?Q?GWh0a9F5yW+/ZE78muy38xJikEm4y0IEC5njoPCRWz8++a9qm3cellc/6uP7?= =?us-ascii?Q?wK3PS1cslA6VwsWbqlcW1sWYBCS4LjVa3aW02QVSfqAGAbMTHM2ph4HXFxmV?= =?us-ascii?Q?3op2mAMnriLWDNP6N5qHgbohN+AUTtBgPUR4hDWSVv6rh1nDxx4PBC0pYSMA?= =?us-ascii?Q?pz43i7Ickl6NTPd7AMAqOqFhoL0jVuZ31hZfFqRgiQW2wXRJiradpj//e5IW?= =?us-ascii?Q?54tASCe3ZveytbDbZlvXk7VbgyfHwKPZ/ui94QdUdJHr6I4GGhNPzxzPbGwq?= =?us-ascii?Q?pbU3bV81nDfNW8D/Ld7ORVu9/Z/qrSh6cu3ZxJL5X7TW7uq6IVDBMpQIAMQ7?= =?us-ascii?Q?5XjCg+6HnbUJoOeYCNNY20iALRaF6qj5junvYpF/lHqPpxrpjUJLeFP82ixh?= =?us-ascii?Q?w3Qd45wRtNpy15FGgoTkz3BRAPovom6LtqqiG4idMTIjtcnW00A49b7kWI4H?= =?us-ascii?Q?Kdx9oXojOZOyrIG88ZmCwdFardltGYPorYBnr0LAelRk+yy6DhK9rgB0jiu3?= =?us-ascii?Q?wHuV0eohBwjdnTlKf7vCysEO4iA6dtEgvzcZ/PU2Ii9fqV4rJfidQPY7lsa0?= =?us-ascii?Q?vO34lV/EBlpQwSOvY1xsttO1O4mxS28KeNHCS2z6G7e867gz16JM/qdzZfBo?= =?us-ascii?Q?1975Wo8WliisTpvhC+hrasEWKWUO6+geJiwV0F6vb3jF9HkFNu1KuzxJzqm1?= =?us-ascii?Q?ls6o1GycSvpT58mBx58FVwetvsxwm81i4eCElREj?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ0PR11MB5631.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b9d9eb11-c81b-48d2-dd1f-08dab6d2e526 X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Oct 2022 21:50:12.9950 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: xHkyQP26jEiXIrpU+ToG13SobmfBmlbUq5qRUGyLknDgfvbLGogPsad+JSDWQHDkCGlFttozMhUflA13F7a0Hw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR11MB7350 Return-Path: pavamana.hv@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_SJ0PR11MB5631C51D201D78B1768F9FCEFA319SJ0PR11MB5631namp_" --_000_SJ0PR11MB5631C51D201D78B1768F9FCEFA319SJ0PR11MB5631namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Liming, Any update on this? Please treat this with urgency as we have a release com= ing up and needs this change. -Pavamana From: Hv, Pavamana Sent: Monday, October 24, 2022 10:05 AM To: devel@edk2.groups.io; Gao, Liming Subject: RE: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types supp= ort in FitGen.c @Gao, Liming, Can you please review the patch and let me know if this can be merged? Thanks in advance for your help. Regards, Pavamana -----Original Message----- From: Hv, Pavamana > Sent: Wednesday, October 19, 2022 8:57 PM To: devel@edk2.groups.io Cc: Hv, Pavamana > Subject: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support = in FitGen.c REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4086 This commit adds support for new FIT record type for Vendor Authorized Boot= (VAB) security technology(FIT spec revision 1.4). VAB defines 3 new following types Vendor Authorized Boot Provisioning Table (Type 0x1A) Vendor Authorized Boo= t Image Manifest (Type 0x1B) Vendor Authorized Boot Key Manifest (Type 0x1C= ) The code has been updated to align these binaries on 64 byte boundary and= not to overlap with other regions, similar to Key manifest, Boot Policy ma= nifest and other optional types. Also added macros to define FIT spec Major and Minor version numbers and pr= int the same instead of hardcoded string. Signed-off-by: Pavamana Holavanahalli > --- Silicon/Intel/Tools/FitGen/FitGen.c | 61 +++++++++++++++++++---------- Sil= icon/Intel/Tools/FitGen/FitGen.h | 5 ++- 2 files changed, 44 insertions(+), 22 deletions(-) diff --git a/Silicon/Intel/Tools/FitGen/FitGen.c b/Silicon/Intel/Tools/FitG= en/FitGen.c index 21dfcf1ebb..87123f9922 100644 --- a/Silicon/Intel/Tools/FitGen/FitGen.c +++ b/Silicon/Intel/Tools/FitGen/FitGen.c @@ -234,20 +234,24 @@ typedef struct { #define FLASH_TO_MEMORY(Address, FvBuffer, FvSize) \ (VOI= D *)(UINTN)((UINTN)(FvBuffer) + (UINTN)(FvSize) - (TOP_FLASH_ADDRESS - (UIN= TN)(Address))) -#define FIT_TABLE_TYPE_HEADER 0-#define FIT= _TABLE_TYPE_MICROCODE 1-#define FIT_TABLE_TYPE_STARTUP_ACM = 2-#define FIT_TABLE_TYPE_DIAGNST_ACM 3-#define FIT_TABLE= _TYPE_BIOS_MODULE 7-#define FIT_TABLE_TYPE_TPM_POLICY = 8-#define FIT_TABLE_TYPE_BIOS_POLICY 9-#define FIT_TABLE_TYPE_= TXT_POLICY 10-#define FIT_TABLE_TYPE_KEY_MANIFEST 11-= #define FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST 12-#define FIT_TABLE_TYPE_BIO= S_DATA_AREA 13-#define FIT_TABLE_TYPE_CSE_SECURE_BOOT 16-#de= fine FIT_TABLE_SUBTYPE_FIT_PATCH_MANIFEST 12-#define FIT_TABLE_SUBTYPE_ACM= _MANIFEST 13+#define FIT_TABLE_TYPE_HEADER 0+#d= efine FIT_TABLE_TYPE_MICROCODE 1+#define FIT_TABLE_TYPE_S= TARTUP_ACM 2+#define FIT_TABLE_TYPE_DIAGNST_ACM = 3+#define FIT_TABLE_TYPE_BIOS_MODULE 7+#define FIT_TAB= LE_TYPE_TPM_POLICY 8+#define FIT_TABLE_TYPE_BIOS_POLICY = 9+#define FIT_TABLE_TYPE_TXT_POLICY 10+#defi= ne FIT_TABLE_TYPE_KEY_MANIFEST 11+#define FIT_TABLE_TYPE_BOO= T_POLICY_MANIFEST 12+#define FIT_TABLE_TYPE_BIOS_DATA_AREA = 13+#define FIT_TABLE_TYPE_CSE_SECURE_BOOT 16+#define FIT_TA= BLE_SUBTYPE_FIT_PATCH_MANIFEST 12+#define FIT_TABLE_SUBTYPE_ACM_MANIF= EST 13+#define FIT_TABLE_TYPE_VAB_PROVISION_TABLE 26+#d= efine FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST 27+#define FIT_TABLE_TYPE_= VAB_BOOT_KEY_MANIFEST 28+ // // With OptionalModule Address isn't kn= own until free space has been@@ -322,8 +326,10 @@ Returns: --*/ { printf (- "%s - Tiano IA32/X64 FIT table generation Utility for= FIT spec revision 1.2."" Version %i.%i\n\n",+ "%s - Tiano IA32/X64 FIT = table generation Utility for FIT spec revision %i.%i."" Version %i.%i\n\n",= UTILITY_NAME,+ FIT_SPEC_VERSION_MAJOR,+ FIT_SPEC_VERSION_MINOR, = UTILITY_MAJOR_VERSION, UTILITY_MINOR_VERSION );@@ -1956,7 +1962= ,10 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE= _KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type =3D= =3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.Optio= nalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- (gFi= tTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_B= OOT)) {+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TAB= LE_TYPE_CSE_SECURE_BOOT) ||+ (gFitTableContext.OptionalModule[Index]= .Type =3D=3D FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST= ) ||+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_= TYPE_VAB_BOOT_KEY_MANIFEST)) { // NOTE: It might be virtual address n= ow. Just put a place holder. FitEntryNumber ++; }@@ -2154,8 +2163= ,11 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TY= PE_KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_S= ECURE_BOOT)) {- // Let it 64 byte align+ (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+ = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_= PROVISION_TABLE) ||+ (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST))= {+ // Let it 64 byte align AlignedSize +=3D BIOS_MODULE_A= LIGNMENT; AlignedSize &=3D ~BIOS_MODULE_ALIGNMENT; }@@ -2166,= 8 +2178,11 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TY= PE_KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_S= ECURE_BOOT)) {- // Let it 64 byte align+ (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+ = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_= PROVISION_TABLE) ||+ (gFitTableContext.OptionalModule[Index].Type = =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST))= {+ // Let it 64 byte align OptionalModuleAddress =3D (UIN= T8 *)((UINTN)OptionalModuleAddress & ~BIOS_MODULE_ALIGNMENT); } @@ -2= 201,7 +2216,11 @@ Returns: (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE= _KEY_MANIFEST) || (gFitTableContext.OptionalModule[Index].Type =3D= =3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) || (gFitTableContext.Optio= nalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||- (gFi= tTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_B= OOT)) {+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TAB= LE_TYPE_CSE_SECURE_BOOT) ||+ (gFitTableContext.OptionalModule[Index]= .Type =3D=3D FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+ (gFitTableConte= xt.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST= ) ||+ (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_= TYPE_VAB_BOOT_KEY_MANIFEST)) {+ CheckOverlap (gFitTableContext.Option= alModule[Index].Address, AlignedSize); } }diff --git a/Silicon/Intel/= Tools/FitGen/FitGen.h b/Silicon/Intel/Tools/FitGen/FitGen.h index 80a1423ceb..511ab652ab 100644 --- a/Silicon/Intel/Tools/FitGen/FitGen.h +++ b/Silicon/Intel/Tools/FitGen/FitGen.h @@ -31,9 +31,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent // Utility version information // #define UTILITY_MAJOR_VERSION 0-#define U= TILITY_MINOR_VERSION 66+#define UTILITY_MINOR_VERSION 67 #define UTILITY_DA= TE __DATE__ +#define FIT_SPEC_VERSION_MAJOR 1+#define FIT_SPEC_VER= SION_MINOR 4+ // // The minimum number of arguments accepted from the comma= nd line. //-- 2.26.2.windows.1 --_000_SJ0PR11MB5631C51D201D78B1768F9FCEFA319SJ0PR11MB5631namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Liming,

Any update on this? Please treat this with urgency a= s we have a release coming up and needs this change.

 

-Pavamana

 

From: Hv, Pavamana
Sent: Monday, October 24, 2022 10:05 AM
To: devel@edk2.groups.io; Gao, Liming <gaoliming@byosoft.com.cn&g= t;
Subject: RE: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record typ= es support in FitGen.c

 

@Gao, Liming,<= /o:p>

Can you please review the patch and let me know i= f this can be merged?

Thanks in advance for your help.

Regards,

Pavamana

 

-----Original Message-----
From: Hv, Pavamana <pavamana.hv= @intel.com>
Sent: Wednesday, October 19, 2022 8:57 PM
To: devel@edk2.groups.io
Cc: Hv, Pavamana <pavamana.hv@i= ntel.com>
Subject: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support = in FitGen.c

 

REF: https://bugzilla.tian= ocore.org/show_bug.cgi?id=3D4086

 

This commit adds support for new FIT record type = for Vendor Authorized Boot (VAB) security technology(FIT spec revision 1.4)= .

VAB defines 3 new following types

Vendor Authorized Boot Provisioning Table (Type 0= x1A) Vendor Authorized Boot Image Manifest (Type 0x1B) Vendor Authorized Bo= ot Key Manifest (Type 0x1C) The code has been updated to align these binari= es on 64 byte boundary and not to overlap with other regions, similar to Key manifest, Boot Policy manifest = and other optional types.

 

Also added macros to define FIT spec Major and Mi= nor version numbers and print the same instead of hardcoded string.

 

Signed-off-by: Pavamana Holavanahalli <pavamana.hv@intel.com>

---

Silicon/Intel/Tools/FitGen/FitGen.c | 61 ++++++++= +++++++++++----------  Silicon/Intel/Tools/FitGen/FitGen.h |  5 += +-

2 files changed, 44 insertions(+), 22 deletions(-= )

 

diff --git a/Silicon/Intel/Tools/FitGen/FitGen.c = b/Silicon/Intel/Tools/FitGen/FitGen.c

index 21dfcf1ebb..87123f9922 100644

--- a/Silicon/Intel/Tools/FitGen/FitGen.c

+++ b/Silicon/Intel/Tools/FitGen/FitGen.c

@@ -234,20 +234,24 @@ typedef struct {=

#define FLASH_TO_MEMORY(Address, FvBuffer, FvSize= )  \           =        (VOID *)(UINTN)((UINTN)(FvBuffer) + (U= INTN)(FvSize) - (TOP_FLASH_ADDRESS - (UINTN)(Address))) -#define FIT_TABLE_= TYPE_HEADER          &nbs= p;      0-#define FIT_TABLE_TYPE_MICROCODE &n= bsp;            1-#define FIT_TABLE_TYPE_STARTUP_ACM      &n= bsp;     2-#define FIT_TABLE_TYPE_DIAGNST_ACM &nbs= p;          3-#define FIT_TABL= E_TYPE_BIOS_MODULE         &nb= sp;  7-#define FIT_TABLE_TYPE_TPM_POLICY      = ;       8-#define FIT_TABLE_TYPE_BIOS_PO= LICY            9-#d= efine FIT_TABLE_TYPE_TXT_POLICY       &n= bsp;     10-#define FIT_TABLE_TYPE_KEY_MANIFEST      =      11-#define FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST&nbs= p;  12-#define FIT_TABLE_TYPE_BIOS_DATA_AREA    &n= bsp;    13-#define FIT_TABLE_TYPE_CSE_SECURE_BOOT  = ;      16-#define FIT_TABLE_SUBTYPE_FIT_PATCH_MANI= FEST  12-#define FIT_TABLE_SUBTYPE_ACM_MANIFEST        1= 3+#define FIT_TABLE_TYPE_HEADER       &n= bsp;            = ;  0+#define FIT_TABLE_TYPE_MICROCODE     &nb= sp;            = 1+#define FIT_TABLE_TYPE_STARTUP_ACM      &n= bsp;          2+#define FIT_TA= BLE_TYPE_DIAGNST_ACM         &= nbsp;       3+#define FIT_TABLE_TYPE_BIOS_MODULE        =          7+#define FIT_TABLE_TYPE_T= PM_POLICY           =        8+#define FIT_TABLE_TYPE_BIOS_POLICY&n= bsp;            &nbs= p;   9+#define FIT_TABLE_TYPE_TXT_POLICY   &n= bsp;            = ;  10+#define FIT_TABLE_TYPE_KEY_MANIFEST     = ;           11+#define FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST    &nbs= p;   12+#define FIT_TABLE_TYPE_BIOS_DATA_AREA   &n= bsp;          13+#define FIT_T= ABLE_TYPE_CSE_SECURE_BOOT        &n= bsp;    16+#define FIT_TABLE_SUBTYPE_FIT_PATCH_MANIFEST = ;      12+#define FIT_TABLE_SUBTYPE_ACM_MANIFEST&n= bsp;            13+#define FIT_TABLE_TYPE_VAB_PROVISION_TABLE     = ;    26+#define FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST =     27+#define FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST &nb= sp;     28+  // // With OptionalModule Address isn= 't known until free space has been@@ -322,8 +326,10 @@ Returns:

--*/ {   printf (-    &q= uot;%s - Tiano IA32/X64 FIT table generation Utility for FIT spec revision = 1.2."" Version %i.%i\n\n",+    "%s - Tia= no IA32/X64 FIT table generation Utility for FIT spec revision %i.%i."= " Version %i.%i\n\n",     UTILITY_NAME,+ = ;   FIT_SPEC_VERSION_MAJOR,+    FIT_SPEC_VERSION_MINOR, &n= bsp;   UTILITY_MAJOR_VERSION,     UTILITY_MIN= OR_VERSION     );@@ -1956,7 +1962,10 @@ Returns:

         = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_KEY_MANI= FEST) ||         (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||&n= bsp;        (gFitTableContext.OptionalMo= dule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-     &nb= sp;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYP= E_CSE_SECURE_BOOT)) {+        (gFitTable= Context.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) |= |+        (gFitTableContext.OptionalModu= le[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+    &nbs= p;   (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABL= E_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+      &nbs= p; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_B= OOT_KEY_MANIFEST)) {       // NOTE: It might be virtual address now. Just put a place holder.   &n= bsp;   FitEntryNumber ++;     }@@ -2154,8 +21= 63,11 @@ Returns:

        &= nbsp;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_T= YPE_KEY_MANIFEST) ||         &= nbsp; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BO= OT_POLICY_MANIFEST) ||         = ;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-     &nb= sp;    (gFitTableContext.OptionalModule[Index].Type =3D=3D F= IT_TABLE_TYPE_CSE_SECURE_BOOT)) {-       &nbs= p;// Let it 64 byte align+        &= nbsp; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CS= E_SECURE_BOOT) ||+          (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_PRO= VISION_TABLE) ||+          (gF= itTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IM= AGE_MANIFEST) ||+          (gF= itTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KE= Y_MANIFEST)) {+          // Let it 64 byte= align         AlignedSize +=3D BIO= S_MODULE_ALIGNMENT;         Aligned= Size &=3D ~BIOS_MODULE_ALIGNMENT;       }= @@ -2166,8 +2178,11 @@ Returns:

        &= nbsp;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_T= YPE_KEY_MANIFEST) ||         &= nbsp; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BO= OT_POLICY_MANIFEST) ||         = ;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-     &nb= sp;    (gFitTableContext.OptionalModule[Index].Type =3D=3D F= IT_TABLE_TYPE_CSE_SECURE_BOOT)) {-       = ; // Let it 64 byte align+        &= nbsp; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CS= E_SECURE_BOOT) ||+          (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_PRO= VISION_TABLE) ||+          (gF= itTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_IM= AGE_MANIFEST) ||+          (gF= itTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_BOOT_KE= Y_MANIFEST)) {+          // Let it 64 byte= align         OptionalModuleAddres= s =3D (UINT8 *)((UINTN)OptionalModuleAddress & ~BIOS_MODULE_ALIGNMENT);=        } @@ -2201,7 +2216,11 @@ Returns:=

         = (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_KEY_MANI= FEST) ||         (gFitTableContext.= OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||&n= bsp;        (gFitTableContext.OptionalMo= dule[Index].Type =3D=3D FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-     &nb= sp;  (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYP= E_CSE_SECURE_BOOT)) {+        (gFitTable= Context.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_CSE_SECURE_BOOT) |= |+        (gFitTableContext.OptionalModu= le[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+    &nbs= p;   (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABL= E_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+      &nbs= p; (gFitTableContext.OptionalModule[Index].Type =3D=3D FIT_TABLE_TYPE_VAB_B= OOT_KEY_MANIFEST)) {+       CheckOverlap (gFitTableContext.OptionalModule[Index].Address, AlignedSize);  =    }   }diff --git a/Silicon/Intel/Tools/FitGen/FitGen.= h b/Silicon/Intel/Tools/FitGen/FitGen.h

index 80a1423ceb..511ab652ab 100644

--- a/Silicon/Intel/Tools/FitGen/FitGen.h

+++ b/Silicon/Intel/Tools/FitGen/FitGen.h

@@ -31,9 +31,12 @@ SPDX-License-Identifier: BSD-2= -Clause-Patent

// Utility version information // #define UTILITY= _MAJOR_VERSION 0-#define UTILITY_MINOR_VERSION 66+#define UTILITY_MINOR_VER= SION 67 #define UTILITY_DATE        = ;  __DATE__ +#define FIT_SPEC_VERSION_MAJOR 1+#define FIT_SPEC_VERSION= _MINOR 4+ // // The minimum number of arguments accepted from the command line. /= /--

2.26.2.windows.1

 

--_000_SJ0PR11MB5631C51D201D78B1768F9FCEFA319SJ0PR11MB5631namp_--