This patch allows OsLoader to handle all Boot Options without restarting.
Currently, OsLoader restarts to handle next Boot Option from the beginning.
This behavior does not preserve allocated memories from Payload heap,
so it makes hardware/software states hard to be maintained.
Signed-off-by: Aiden Park <aiden.park@intel.com>
Split PreOsChecker in a separate file and add minimum APIs
- IsPreOsCheckerLoaded ()
- LoadPreOsChecker ()
- StartPreOsChecker ()
Token space has been changed for PcdPreOsCheckerEnabled
- gPlatformModuleTokenSpaceGuid to gPlatformCommonLibTokenSpaceGuid
- Include/Excluded PreOsChecker according to FeaturePcd
Signed-off-by: Aiden Park <aiden.park@intel.com>
After trying out all boot options, if it still fails to boot,
current SBL code will do CpuHalt(). A better approach is to boot
into Shell and reset the current boot option to 0. In this way,
it allows user to try boot option again after modifying boot
option parameters. However, for release build, it does not change
the original behavior. System will still halt in this condition.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added csme wrapper driver for csme update library.
following functionality is added in this patch
1. Boardconfig PCD option ENABLE_CSME_UPDATE is added to
enable/disable csme update support
2. Boardconfig PCD option BUILD_CSME_UPDATE_DRIVER is added
to enable/disable building csme update driver
3. If BUILD_CSME_UPDATE_DRIVER is 1, user need to create
library that inludes csme update library
this newly created library will get linked to csme update
wrapper driver providing csme update driver
4. By default ENABLE_CSME_UPDATE is set to 0
5. Revision control for input and output data structure to
update driver is not implemented and will be avaiable
in further patches.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
This patch added basic deinit support in the media DevInit() interface.
It uses a special DevDeinit phase to inform the media driver to do
device de-initialization. This de-initialization flow will be called
before OsLoader restarting and OS booting.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current SBL code assumes the image to load on raw partition follows
IAS format. Since container format is added recently, the code should
support both. This patch added support for container format as well.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added call to deinitialize USB in the following places:
- Before OsLoader restarting to run itself
- Before OsLoader transfer control to OS
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Container type can be input from command line
from a list of [NORMAL, CLASSIC, MULTIBOOT] while
generating a container using GenContainer.py.
Setting default as NORMAL.
Revert varnames of out dir and key dir for commands
other than create container, as this is breaking stitch.
Signed-off-by: Sai Talamudupula <sai.kiran.talamudupula@intel.com>
Add support to load the boot image from container.
Container must be signed using the same private key
as the key used to sign IAS (i.e. IAS_PRIVATE_KEY).
Signed-off-by: Sai Talamudupula <sai.kiran.talamudupula@intel.com>
Current code will try to append a NULL char at the end of the
config file buffer to ensure the string is terminated properly.
However, it did that without considering the buffer size. The
current config buffer could have been fully used and no more
space is available to append an extra NULL char. If this happens,
during the pool de-allocation, the assertion will be seen due to
buffer overflow. This patch increased the config buffer size by 1
to ensure it will have space to append string terminator.
It fixed#319.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Klocwork scanning reported several issues in the
PayloadPkg and Platform code folders, this commit
aims to resolve all of the issues currently being
reported in these folders.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
This patch fixed a logic bug in firmware update library when
de-allocating memory in error handling flow. It fixed#275.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Since we may want to perform FW update on
pre-OS checker/payload binaries separately
from the OS Loader payload we will search
for pre-OS checker/payload in the container
entries instead of adding it into the OS
Loader FD.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
This patch splitted LoadBzImage() into two functions. One is just
for kernel loading. The other one UpdateLinuxBootParams() is for
Linux boot parameter updates. It is required to do so because when
kernel loading in Stage2 is enabled the loading occurs before all
HOBs are finalized. The Linux boot parameters depend on HOBs to fill
correct information, such as frame buffer. With this patch, the boot
parameters can be updated at the very end.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
OsLoader has the capability to boot a Linux kernel. However, to support
LinuxBoot type of payload, it is required to load kernel in Stage2. This
patch abstracts the standard Linux loading logic into common LinuxLib
class so that it can be linked in Stage2 or Payload such as OsLoader.
A new PcdLinuxPayloadEnabled is introduced to control if this feature
should be enabled or not.
To boot a Linux kernel from Stage2, it is required to put the command
line file and kernel image into the EPAYLOAD container during the build.
And the PayloadId CFGDATA needs to be set to 'LINX'.
For example:
python BuildLoader.py build qemu
-p OsLoader.efi::Lz4;vmlinuz:LINX:Dummy;cmdline.txt:CMDL:Dummy
vmlinuz and cmdkube.txt need to be copied to PayloadPkg/PayloadBins
folder. If kernel size cannot fit into EPAYLOAD, EPAYLOAD_SIZE in
BoardConfig.py needs to be adjusted accordingly.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
The current implementation used a huge array to represent boot options in
a single CFGDATA tag. With this approach, when a different board needs
to modify a single field, the whole array needs to be duplicated in the
CFGDATA. It is not efficient. A better approach is to break the options
into individual boot option CFGDATA tag. It will reduce the overall CFGDATA
in general. This patch implemented this mechanism. A library interface
FillBootOptionListFromCfgData() is provided to convert the CFGDATA into
the required OS_BOOT_OPTION_LIST.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
OsLoader shall allow Linux kernel to boot without initrd. But
current code returns an error if initrd is not provided. This
patch added extra logic to return success if initrd cannot be
found.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Mender is an A/B partitioning scheme
for Linux OSes. Adding initial support
for specifying the root partition label
that should be used. Later on the root
partition label should be acquired based
on the value of the env files stored in
the EFI/FAT32 partition of the boot media.
Also fix misspellings.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
This patch added a ContainerLib to support load and location a
component from a specified container. It copies the component
from flash to memory, authenticate it, and then decompress it if
required. It can also be used to support load component from flash
map in SBL stage2 or payload, such as payload or e-payload.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
There may be additional cmd line params specified
by a platform that needs to be added without
updating the IAS image cmd line data. These
optional additional cmd line params can be included
via CFG data, Shell command, etc., and applied
by setting the mAppendCmdLineParams pointer.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
When loading a Linux kernel we should not
limit the size of the kernel being loaded
to 15MB but we should verify that the kernel
will not overwrite the payload which can
some times be located in low memory where
the kernel is being loaded.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
The previous implementation has a little confusion in license header.
To avoid further annoying, simply re-implement ElfLib.
- 32bits, little-endian, executable elf only supported
- elf32.h/elf_common.h from BaseTools/Source/C/GenFw
- LoadElfImage() interface changed
Signed-off-by: Aiden Park <aiden.park@intel.com>
In current FAT lib, the file path matching code will just compare
the 1st N chars and ignored the remaining. The end of the string
should be checked to ensure exact matching. As part of this fix,
the GRUB config parsing library needs to be updated since the file
name length field is one less than expected.
It fixed#183.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
FileSystemLib provides generic interfaces to access file system and
its files as a abstraction of FatLib/ExtLib.
- Added CloseFileSystem
If there are opened files in a specific filesystem, those files
will be de-allocated in CloseFileSystem.
- Added OpenFile/GetFileSize/ReadFile/CloseFile
The ReadFile() does not allocate any memory for the file content.
The caller of OpenFile() MUST allocate necessary memory before
calling ReadFile().
Signed-off-by: Aiden Park <aiden.park@intel.com>
This patch will add support for updating multiple firmwares
using a single capsule image.
Following modifications are made for existing firmware update flow
1) Gather and validate capsule image
2) State Machine will be set to capsule processing state.
3) Signature of the capsule image is now stored in reserved region
During each reboot until the end of firmware update, stored signature
will be compared against the capsule image signature to make sure
capsule image is not modified until the end of firmware update.
4) Process Capsule image to gather firmware images
5) Each Firmware image information will be stored in reserved region
using FW_UPDATE_COMP_STATUS. Update pending will be marked to
update pending state indicating that this image is not processed.
6) Firmware update will use the reserved region comp structures starting
with the first image with update pending state, update the comp update
pending field to processing and applies the image. After the update, pending
field will be updated to Done and updates the status of the update in the
component structure and moves on to next image found.
7) After all the component structure in the reserved region updating pending
field are set to Done. Firmware update mode is exited.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
The FindPartitions() allocates memory for PART_BLOCK_DEVICE instance.
This allocated memory needs to be de-allocated if no more necessary
to avoid memory leak.
TBD: Current partition info needs to be cleared before going to next
boot option.
Signed-off-by: Aiden Park <aiden.park@intel.com>
Firmware update with latest code broke on APL platform.
This patch fixed#162 by:
- Corrected the HECI command response flag check
- Always read FWU state machine using SPI command instead memory map
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch fixed some minor debug message print issue. It also added
some more debug prints to help identify potentical issue in firmware
update flow.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
It might be useful for the pre-OS payload/checker
to have a handle to the HOB list data for additional
support or data checking that the HOB list contains.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
Current GRUB config parser can only handle UNIX EOL style. For DOS
EOL style config file, an extra '\r' will be left at the line end
which might cause failure for initrd file loading due to incorrect
file name string. This patch enhanced the GRUB config file parser
to handle both UNIX and DOS EOL style.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
For the pre-OS payload/checker pass in a parameter
that contains additional information for heap space,
heap address, and additional CPU registers that may
need to be set before the pre-OS payload/checker
passes control to the OS.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
This patch added some additional error message print during the
boot media initializtion and file loading. It makes it easier to
identify issues in case of failure.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Some OSes may require a pre-OS checker executable
to run before actually jumping to the OS. Add
support for this pre-OS checker loading & execution
as part of the OS Loader payload when it is compiled
as an FV and when ENABLE_PRE_OS_CHECKER option is
enabled in BoardConfig.py (per the following command):
SblBuild.py build <plat> -p OsLoader.Fv:LLDR:Lz4
The pre-OS checker entry point takes in a single
parameter which provides the CPU boot state that
should be loaded once jumping into the OS for the
pre-OS checker to launch after it finishes execution
(e.g. pre-OS checker does not return to Slim Bootloader).
Signed-off-by: James Gutbub <james.gutbub@intel.com>
Removing the HOB defined by SBL to use generic HOBs from EDK2.
Update GraphicsLib for above HOB change.
Update osloader and multibootLib for hob change.
update APL and Qemu platform for hob change.
Signed-off-by: Guo Dong <guo.dong@intel.com>
This patch added support for FWST ACPI table. This table
contains generic address structure which has pointer to the
EFI System Resource Table.
ESRT table for now supports only system firmware. This table
will provide the operating system and tools knowledge of what
is the last attempt status and version of the system firmare
update.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
This patch enabled DISABLE_NEW_DEPRECATED_INTERFACES build option by
default so that the deprecated APIs cannot be used in SBL source tree.
It is to enhance the coding for security.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Since grub.cfg is already supported in SBL. It makes sense to support
the similar syntax in config.cfg. This patch enabled config.cfg to
follow grub.cfg format to provide multiple boot options. The old
config.cfg format will still be supported. This patch also added
support for single/double quote around boot menu entry name.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added a simple parser for grub.cfg to make it easy to boot
Ubuntu ISO image using OsLoader payload. Without it, it is required to
copy vmlinuz/initrd to root directory and create a config.cfg to list
the kernel boot command line in order to boot the ISO image. This patch
makes it possible to boot the original Ubuntu ISO (16.04 or 18.04)
directly. It provides better user experience for people who wants to
try out SBL.
Please note, same as before, when verified boot is enabled, only debug
build will support this feature. Release build will disable this feature
due to security concern, please use IAS image boot mechnism instead.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
LOADER_GLOBAL_DATA.LdrFeatures is updated in early stages and
subsequent stages could use these flags.
LOADER_PLATFORM_INFO.LdrFeatures is used to for feature updates
and this need to be checked by loader and payloads.
LOADER_PLATFORM_INFO.HwState for Hw supported features as
Boot guard profiles.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
This is a feature implementation to enabled chained payloads loading
for UEFI. Current SBL boot flow requires UEFI payload to be built in
flash in order to boot UEFI payload. However, for convenience, if
somebody just wants to try UEFI payload, it is better to allow them to
chain-loading the UEFI payload from media devices such as USB, SATA, etc,
and then boot to UEFI payload directly. This patch enabled this feature.
The new supported boot flow is: SBL->OsLoader->UefiPayload->OS. The
same applies to other ELF/PE32 based other payloads.
To do this the UEFI payload needs to be packed into IAS image using
iasimage script. The command line is as below:
python iasimage.py create -d TestSigningIasPrivateKey.pem UefiPld.fd
-o iasimage.bin -i 0x30000
Please use the latest iasimage script from
http://github.com/intel/iasimage
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch updates firmware update code to get capsule location
information from configuration data instead of searching in all the
available boot media.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
There are 'uninitialized' errors and size exceed error in PAYLOAD
with old gcc versions. This change has been verified with gcc-4.8,
gcc-5, gcc-7 and gcc-8 on Ubuntu 18.04 LTS.
Signed-off-by: Aiden Park <aiden.park@intel.com>
Current code refers hash store as "key store". It is confusing
since there is no key stored in the image at all. Instead, the
public key hash is stored. The patch renames the KeyStore
to HashStore.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
In order to support ELF format payload in Stage2, ElfLib is separated
from MultibootLib.
Additionally,
- Load ONLY Executable/Loadable segments
- Keep LoadElfSymtab function for future use
- Mark ELF syms flag as 'not supported' in MultibootInfo
Change-Id: Iec1ca6770ffeff9222b71327216cc6176ea1e925
Signed-off-by: Aiden Park <aiden.park@intel.com>