Current gen_pub_key only supports private key in PEM support. In
many cases, private key might not be available and only public key
is available. This patch enhanced this function to handle both
private and public key in PEM format.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
There are many cases that it is required to print the values of
byte-array for debug. It is not convenient in current SBL python
scripts. This patch added a print_bytes() function in CommonUtility
to provide generic function to print out a byte array object.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch add HeaderLength to indicate the length of Hahs Store
header so that common code can be used to skip the header without
using the sizeof() operator.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current code only counted used hash store size as the whole
buffer size. This is not correct and will cause buffer overflow.
It is required to use the whole hash store buffer size including
the unused space at the end. This patch fixed this.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
HASH_STORE_TABLE is updated and HASH_STORE_DATA is added
to provide info with variable length sizes. Usage bits would
notify for multiple component/key using the same hash.
These data structure would optimize the hash store size
in storage.
PcdHashStoreSize would define the size of Hash store
to allocate in bios bootup.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
HashStoreTable is defined for variable size to support
different hash alg and sizes. This would optimize the
hash store size in storage. Signing hash alg defined in BoardConfig file.
Hash store data is aligned as per the Digest length used.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
Component Hash is passed with TpmExtendHash if available.
Hash Store is getting optimized on storage and this would avoid
setting component hash in hash table. SetComponent Hash API is
removed in bootloaderlib.
Added HashAlg param to TpmExtendHash for future purposes
where TPM PCR bank would be selected based on HashAlg.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
System reset occurs after returning from AsmEnableAvx() in Stage1A.c
because ebx register is used for cpuid, but not restored.
- Save/Restore ebx register
- Move AsmEnableAvx () after init idt and serialport
Signed-off-by: Aiden Park <aiden.park@intel.com>
This patch updated the PayloadId detection logic on APL platform
to make it easy to understand.
The current policy is as below:
- If PayloadId CFGDATA is not AUTO, use whatever provided in CFGDATA.
- If PayloadId CFGDATA is AUTO, and GPIO based PayloadId detection
is enabled, uses GPIO level to determine the actual PayloadId to
use. (HIGH:OsLoader LOW:UEFI)
- If PayloadId CFGDATA is AUTO, and GPIO based PayloadId detection
is disabled, uses default PlatfomrId 0 (OsLoader).
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
The previoius IPP library updates used UpdateSHA256V8 as default for
SHA256. It works on real platform. However, QEMU's default CPU config
does not support SSE3 instructions and will generate exception. This
patch added the UpdateSHA256Compact as default SHA256 function if no
advanced optimization flags are set. The same is applied for SHA512
functions too.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
AVX(G9) and SSE4(W7) is added to IPP crypto lib.
PcdCryptoShaOptEnabled is added to enable optimzations
in IPP SHA256 and SHA384.
Default is set to V8 (SSE3) for SHA256. ENABLE_CRYPTO_SHA_OPT has to
be configured in Platform board config files for optimizations
to be enabled.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
EnableAvx ASM is included as part ExtraLibs.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
This will fully support PatchCheck.py.
- Remove all trailing whitespace
- Convert LF to CRLF by default
- Update EFI_D_* to DEBUG_*
- Re-enable CRLF check in PatchCheck.py
Signed-off-by: Aiden Park <aiden.park@intel.com>
By adding an additional flag for the pre-OS
checker execution flow it is possible to determine
at run time whether to attempt loading/execution
of the pre-OS checker during OS Loader time. From
platform code the decision to attempt to run the
pre-OS checker can be controlled.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
This patch enhanced the CFGDATA script to extract CFGDATA BIN
files from IFWI and further generate DLT using default DSC.
In this way, the default CFGDATA binaries and DLT files are no
longer requried to be provided in the release package in order
to customize the CFGDATA in an existing IFWI image.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
PcdDebugInterfaceFlags and PcdDebugOutputDeviceMask are defined
for debug devices, so removed PcdDebugInterfaceFlags.
Add a new PCD PcdDebugPortNumber to indicate the serial debug
number.
Signed-off-by: Guo Dong <guo.dong@intel.com>
This patch added WMI service in ACPI to provide a unified mechnism
for user to trigger a firmware update flow. New ASL methods are
defined. \DWMI.WQ00 is for read and \DWMI.WS00 is for write.
To use it from Linux (Ubuntu):
- Install acpi-call module
sudo apt install acpi-call-dkms
- Load module
sudo modprobe acpi_call
- Read trigger register value
echo '\DWMI.WQ00 0' | sudo tee /proc/acpi/call
sudo cat /proc/acpi/call
- Write trigger register value
echo '\DWMI.WS00 0 0x12' | sudo tee /proc/acpi/call
To use it in Windows:
- Open a command line window with admin right.
- Run VB script to read / write the trigger register
set Service = GetObject("winmgmts:root/wmi")
set EnumSet = Service.InstancesOf ("AcpiFirmwareCommunication")
for each Instance in EnumSet
Wscript.Echo "Current Val: " & Hex(instance.Command)
instance.Command = 1
instance.Put_()
Wscript.Echo "Set New Val: " & Hex(instance.Command)
next 'instance
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current SBL does not check the FSP Notify API return status. As a
result, if reset is requested, it is ignored by SBL. This patch
added FSP reset request check for FspMemoryInit, FspSiliconInit and
FspNotifyPhase.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
SBL currently set IA Untrust bit in MpInit(). It is too early for
BSP. By doing so, it blocked some register access in FSP notification
APIs. This patch moved the IA Untrust bit set for BSP to the end of
boot flow while keeping it at same location for APs.
It also fixed#466.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current SBL calls ClearFspHob() too early. Since HOB is required
during the whole FSP life cycle. It is better to clear it at the
end after the last call. Otherwise, some previous API call will
potentically encounter issues.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This is a follow-up to the previous WOL commit. The previous
implementation is more LeafHill specific. This patch further
added configuration data to control how wake up signal is mapped
into each PCIE root port. And the ASL code has been adjusted to
utilize that info so that the code can be more generic for all
other platforms.
The current default configuration for PCIE wake signal is aligned
with LeafHill CRB board. For other borads, to enable it properly,
it is required to override the wake signal configuration using DLT.
Test has been done on LeafHill to do WOL with yocto image. It worked
as expected.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added export sub-command support in CfgDataTool.py. It
is useful for users to export external CFGDATA from an exising
BIOS or IFWI binary file.
EX:
python BootloaderCorePkg\Tools\CfgDataTool.py export
-i Outputs\cfl\SlimBootloader.bin -o Temp
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Kernel cmdline data from config.cfg or grub config files were copied
to invalid address.
This is only for traditional linux boot in debug build.
Signed-off-by: Aiden Park <aiden.park@intel.com>
This patch added additional information in the GPIO CFGDATA header
structure so that the full GPIO info can be extracted out later on
by tool. This additional information including GPIO SKIP bit position,
GPIO ID position and length.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current SBL has platform specific GetBuiltInConfigData() implementation
because the internal CFGDATA blob is embedded into Stage1B data section.
Instead, it can be put into Stage1B FV FFS file, and then use a PCD to
get the base. In this way, it can be handled directly in core code and
remove platform specific implementation.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
SerialPortLib sets UART Scratch Register to a known value at the first
initialization to avoid unnecessary re-initialization afterward. But,
one of Windows driver(SIO) re-configures UART Registers while the Scratch
Register is preserved. As a result, SBL skips serial port initialization
after restarting from Windows.
Therefore, force to initialize Serial Port at Stage1A all the time simply.
Signed-off-by: Aiden Park <aiden.park@intel.com>
This patch added extraction support in IfwiUtility tool so that
component in IFWI can be easily extracted into binary file.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
MRC re-init happens in next boot when an warm reset is issued in MRC
fast boot path. DRAM Initialization Scratchpad Bit is one of warm reset
detection logics, but the bit is not updated at fast boot path.
Signed-off-by: Aiden Park <aiden.park@intel.com>
sigining hash type parameter added with command line
args for create, replace and sign component image.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
This provides basic insertion sort API for Linked List. As part of change,
this insertion sort is used for PCI BAR calculation by its alignment
and for shell commands list by its name.
Signed-off-by: Aiden Park <aiden.park@intel.com>
Added hash type to be used in signing process for
GenCapsuleFirmware.
Parameter added: -a alg_hash
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
While trying to boot all boot options, some allocated memory are not
de-allocated properly. To avoid memory leak while booting next boot
options, OsLoader will track all image data and free the unnecessary
memory at failing to boot current boot option.
Tested and verified with
- Traditional linux image on debug build
- IAS type image
- Container type image
- MultiBoot image
- BootSlot (A/B Boot)
- Trusty image
Signed-off-by: Aiden Park <aiden.park@intel.com>
OsBootOption config data provides addendum field to support multiple boot
option config data into a single boot option.
This patch updates a single boot option properly with multiple addendums.
Signed-off-by: Aiden Park <aiden.park@intel.com>
Functionality to Crypto Hash function is guarded with an
PcdIppHashLibSupportedMask.
PcdIppHashLibSupportedMask indicates IPP crypto algo supported
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
hash_type parameter added to build tool API's as required and
current supported hash in tools is for SHA2_256.
Added functionality for retriving RSA private key type.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
There are multiple instances of sorting use case in SBL. For example,
memory map sorting and CPU APIC ID sorting. This patch added a generic
quick sort library to provide common sort API. As part of the change,
the quick sort API will be used for memory map and CPU APIC ID sorting.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch sorts the CPU info entry according to their thread distances.
It is required to list CPU thread with furthest distance first in MADT
so as to better utilize CPU resources.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
SBL depends on flash map to locate all component info. It is
mandatory to keep flash map. HAVE_FLASH_MAP config option should
be removed. This patch removed this config option and the related
PcdFlashMapEnabled PCD.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
UEFIPayload uses SMM dispatch for Physical Presence (Tcg2SMM) SMI.
Updated SMI port usage in asl to trigger SMI registered for
Physical Presence operation
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
GenGpioData.py is a utility that converts
GPIO pin data from one format to other.
The formats currently supported are [h, csv, txt, dsc, dlt].
[h, csv, txt] formats are external to SBL and [dsc, dlt] formats
are known to SBL. So, this tool provides a way to convert one
of the [h, csv, txt] to [dsc, dlt] and vice-versa.
Example usage:
python GenGpioData.py -if GpioInput.csv -of dsc
python GenGpioData.py -if GpioInput.dsc -of txt
Signed-off-by: Sai Talamudupula <sai.kiran.talamudupula@intel.com>
PatchCheck was using 'TRAVIS_COMMIT_RANGE' travis variable to get commit
range, but it lost tracks when doing force push or rebase. There are many
issue reports about this variable.
To avoid potential issue, let's get the range from git command directly
instead of TRAVIS_COMMIT_RANGE variable.
Signed-off-by: Aiden Park <aiden.park@intel.com>
Maurice Ma