Universal Payload uses ELF format. As a result, the ELF loading
library has been enhanced to handle more complicated cases. The
Universal Payload library added an abstract layer on top of
ELF lib to make it easer to use by SBL. OsLoader and Stage2 were
modified to work with the new library interfaces.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
In some cases the paging will be enabled after returning from the
thunked function. To ensure the paging table can be reloaded before
switching back to x64 mode, the paging needs to be in disabled
state. This patch ensures the CR0 bit31 paging bit is cleared.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Synced the PrintBootOptions fucntions to print
Pre-OS and extra images.
Fixed bug -> if pre-os or extra images are not enabled
in boot flag and it still output in PrintBootOptions
function
Signed-off-by: Ong Kok Tong <kok.tong.ong@intel.com>
When FV extended header exists, the first FFS pointer returned by
GetFirstFfsFileInFv() might not be 8-byte aligned. This patch
adjusted the pointer accordingly to ensure it is aligned per UEFI
spec.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Boot command may attempt to use an index which
exceeds the max image type. Check if the value
is larger than the max allowed value and return
if there is an error.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
There is a bug when user use boot->idx command in OSL
shell to modify boot option which contained Pre-OS and extra images
(eg. POSC or RTCM etc.)
Current CmdBoot didnt cover for extra images in idx command.
This patch cover for extra images.
Signed-off-by: Ong Kok Tong <kok.tong.ong@intel.com>
IA32 build from VS2019 toolchain has security violation
because Digest value from SHA512_384 is not matching the
value calculated and stored in hashstore during build.
Aligning the stack to 32-byte boundary during SHA_Update
fixes this error.
Signed-off-by: Talamudupula <stalamudupula@gmail.com>
Resolve link error when using UsbInitLib
UsbInitLib invokes UsbDeInitBot() which is defined in UsbBlockIoLib
Signed-off-by: Vincent Chen <vincent.chen@intel.com>
This patch allows to use a mailbox register (DWORD) to support debug
port. If CCA debug is connected, it is possible to access certain
SOC register through BSSB. Then this register can be used for debug
console input/output.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch adds DebugPortLib as a platform extention lib to add new
debug port support. It also adds a generic GpioDebugPortLib to allow
GPIO bit bang to emulate UART TX pin.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This allows to load and execute ELF32 or ELF64 format payloads
regardless of Ia32 or X64 SBL operation modes.
Signed-off-by: Aiden Park <aiden.park@intel.com>
This patch runs basic check during EXT FS initialization
by opening root directory to ensure superblock been
validated.
Signed-off-by: Stanley Chang <stanley.chang@intel.com>
This patch changes the return code of SearchDirectory
to EFI_NOT_FOUND when a file to search cannot be found
Signed-off-by: Stanley Chang <stanley.chang@intel.com>
When the bus master decoding was disabled by default in PCI bus, the
device driver should try to enable it on its own. However, eMMC
driver does not have the enabling code. It caused the eMMC access
failure.
It fixed#1153.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
In the Ext23Lib support for symbolic links was recently enabled
but there was a limitation imposed to use the CFG data boot
option filepath limit of 16 bytes which does not need to be also
be imposed on symbolic link paths. This will allow symbolic link
paths to be up to 260 characters long.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
With recent code change of disabling all PCI bus master
by default, NVMe may not work in some platform (e.g., Qemu).
This patch set/clear bus master during NVMe init/deinit.
Signed-off-by: Stanley Chang <stanley.chang@intel.com>
Some of the boot option file paths used when
booting with OS Loader payload are failing
because the Ext23Lib does not support symbolic
soft links (e.g. ln -s <file> <link>). This
patch adds support for loading the soft link
succesfully.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
On some build environment, NASM will fail to compile Thrun32To64.nasm.
It is because of "BITS 64" usage in WIN32. This patch removed the BITS
64 usage and used opcode prefix instead to resolve this issue.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added thunk support from 32bit to 64bit. It allows SBL
to call 64bit API entry from 32 bit compatible mode. It is useful
when the payload mode is different from SBL mode.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch will enable CLANG toolchain build on Linux and Windows.
Currently CLANG toolchain build still needs Visual Studio to provide
nmake utility in Windows.
To build with CLANG, please add build option "-t clang". It assume
CLANG is installed at default path. It has been tested with SBL
QEMU x86 build.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current MTRR lib assumes the MTRR number is always 10. Instead,
this patch follows the IA manual to get the actual MTRR number
through MTRR capability register.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch fixes the multiple build issues which are observed
when ENABLE_SOURCE_DEBUG config is set to 1.
Signed-off-by: Praveen Hp <praveen.hodagatta.pranesh@intel.com>
It was reported that some platform had MP waking up issue after
switching to using X2APIC library. By comparing the library, found
X2APIC removed 2nd IPI sending in the flow. This 2nd IPI is
required per IA specification. The patch added it back.
Tests have been done and confirmed it fixed the issues seen on
thos platforms.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added X2APIC support. It is to enable the case when
APIC ID is greater than 255. This patch only handle core wakeup
portion. Platform still needs to handle ACPI related changes for
X2APIC.
X2APIC lib is backward compatible with XAPIC lib. So there is no
need to use XAPIC lib anymore.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This will fix invalid PDP/PDE generation with PAE 2MB Pages,
and high bit calculation at PayloadEntry additionally.
Signed-off-by: Aiden Park <aiden.park@intel.com>
In 32 bit SBL, when PCI PMEM64 exists, the OsLoader will hang
during boot in CreateIdentityMappingPageTables(). The function
is inteneded to be used in X64 mode only, and cannot handle
32bit well. So OsLoader should not call it for 32 bit build.
This patch also zeroed the allcated memory to ensure the unused
entries are all 0.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current Execute32BitCode() passes in 64bit arguments into stack.
It should use 32bit arguments instead according to 32bit calling
convention. This patch fixed this issue.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
SBL support to load PreOS and normal OS in a single boot option.
This patch tries to standardize the PreOS support.
The PreOS could be TrustyOS, PreOsChecker or others.
As long as PreOS flag is set in boot option, SBL will load and
boot PreOS before normal OS. If the preOS has specific requirement,
it could be addressed using PreOS image type.
Signed-off-by: Guo Dong <guo.dong@intel.com>
BGRT can be used by bootloader to pass logo to OS. But BGRT can
only support 24bit or 32bit BMP format. If the bootloader uses
other bit format or indexed color format, the image has to be
converted before passing it to BGRT. This patch added support
to convert other BMP image format into 32bit format required by
BGRT.
This has been tested with Windows on Leafhill board. The SBL
logo was dispalyed properly while booting Windows.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
As per TCG spec, if a Tpm2Startup(TPM_SU_STATE) fails during
S3 resume, a host reset should be done.
When BootGuard is enabled, ACM will notify of this failure via Bit46 in
BootGuardBootStatus register.
Signed-off-by: Sachin Agrawal <sachin.agrawal@intel.com>
Since the EXT library we have in OS Loader
supports 2, 3, and 4 it will help to reduce
confusion for users who have noticed that
only 2 and 3 are currently printed.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
This patch enabled ACPI BGRT support. It is used to pass splash
display information from bootloader to payload and OS.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
For UEFI Linux boot, a new parameter was added into BOOT_PARAMS.
This patch added this parameter support so that ACPI base can
be passed directly to kernel.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Since SBL could be built into either x86 or x64 mode, and the payload
can also be x86 or x64 mode. When mixed modes are used, it is required
to switch to proper mode first before calling into payload entrypoint.
This patch added this check to switch to required mode before calling
into payload entry point.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
During X64 enabling, there was a pending task to enable 32bit
MultiBoot support. It is not implemented. This patch added the
support to allow X64 SBL to boot a 32bit MB image through thunking.
As part of this patch, the ThunkLib is separated from the FspApiLib
so that it can be shared by other component.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Currently SBL library has GetDeviceAddr() to get the device
address based on device type and instance. This patch adds
SetDeviceAddr() to update a given device type and address so
that platform could update the device table dynamically.
Signed-off-by: Guo Dong <guo.dong@intel.com>
This patch fixed GCC x64 Crypto boot issue. The issue was related
to the calling convention. "EFIAPI" was missing for several ASM
provided functions.
It also fixed#834.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added SBL python setup script. It can run on either host
or target MicroPython environment. A new PCD PcdEnableSetup is added
to control if Setup feature should be supported by core.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
A device in boot options can have a BAR greater than 4GB depending on PCI
64Mem/PMem resource policy.
This will allow Payload to build a paging table to cover high MMIO area.
Signed-off-by: Aiden Park <aiden.park@intel.com>
The boot command currently does not allow you
to enter the BootFlags value which is needed
for some boot images.
Also fix a small issue in the FsType selection
code block.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
This patch added new DrawFrameBuffer interface. It will draw the
framebuffer from a VGA like text buffer. Payload can use this
to sync its own text buffer onto framebuffer screen. It aslo added
extend ASCII char support so that some table char can be displayed.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added new function to build a full set of the CFGDATA set
from the memory for current platform. It is useful for exporting
current platform CFGDATA for further processing.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added an example on how to build a HelloWorld payload
from separate DSC file.
To build a standalone HelloWorld payload, use the following command:
BuildLoader.py build_dsc -p PayloadPkg\PayloadPkg.dsc
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Linux framebuffer screen_info has been extended to support 64bit
address. This patch added extra fields and set the upper 32 bit
for the framebuffer base.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added the missing general configuration settings for
QEMU platform. It also addressed a build issue due to non-ascii
chars in the IPP file.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch aligns IPP crypto repo sources and headers,
- Update license headers as per IPP crypto
- Naming convention updates
- Partial clean up.
ASM updates will be addressed in next patches.
Signed-off-by: Subash Lakkimsetti <subash.lakkimsetti@intel.com>
This patch moved GetHashToExtend function from BootloaderCommonLib
to SecureBootLib. It is a better place to contain this interface.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Add support for security version check for
config data blob update. SVN is checked
for redundant region which would be updated.
Fixed python errors in CfgDataTool and
GenCapsuleFirmware.
Signed-off-by: Subash Lakkimsetti <subash.lakkimsetti@intel.com>
When a SATA controller has no Ports Implemented
behind it, AHCI mode init returns error even before
allocating buffers for RFis, CommandTable, CommandList.
So, AHCI de-init expects them to be NULL, else any
garbage value for these fields forces the code to do
a FreePool on non-allocated memory.
Signed-off-by: Sai Talamudupula <sai.kiran.talamudupula@intel.com>
LocateComponentEntry is modified to locate only container
entry. Additional checks are required at consumer end
for Container entry and CompEntry.
Signed-off-by: Subash Lakkimsetti <subash.lakkimsetti@intel.com>
The current MulitBoot loading code in SBL did not follow the specification.
The spec stated "The offset in the OS image file at which to start loading
is defined by the offset at which the header was found, minus
(header_addr - load_addr)". However, the current code always copies from
offset 0 of the image file. It caused exception when loading some valid
multiboot image.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Add support for security version check for
container and its components with ones available
in flash for capsule updates.
Signed-off-by: Subash Lakkimsetti <subash.lakkimsetti@intel.com>
The 'fs' shell command initializes media device with media type info,
but it's not able to initialize another controller of same media type.
Therefore, 'fs init' accepts device instance number.
ex) SATA(0), SATA device instance 1, hwpart 2, swpart 3
fs init 0:1 2 3
Signed-off-by: Aiden Park <aiden.park@intel.com>
This patch converted key hash store in SBL image into container
format. In this way unified data structure can be used to
simplify code.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
The unnecessary wbinvd() is removed from the common ResetSystemLib,
and it moves to a platform specific reset routine.
Signed-off-by: Aiden Park <aiden.park@intel.com>
SPI driver is updated to support read linux from
BIOS and PDR region, When boot device SPI is
selected.
Signed-off-by: Mutha <naga.naveen.mutha@intel.com>
This patch fixed OsLoader boot from SD card issue on Intel APL CRB
borads. The SD/eMMC library was updated to follow the proper sequence
for SD card. Also platform code was updated to detect SD card and
apply SD card power using proper GPIO pins.
It fixed#729.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
IA32 UEFI payload uses PE format and X64 UEFI payload uses
PE+ format. So update LitePeCofflib to support both PE and
PE+.
Signed-off-by: Guo Dong <guo.dong@intel.com>
This will fix an unexpected exception when AhciHcPciBase is invalid
or the PCI config space is not enabled.
Signed-off-by: Aiden Park <aiden.park@intel.com>
Current SBL supports container header verification. If the container
signature is BOOT, it will use HASH_USAGE_PUBKEY_OS. Otherwise, it
will use HASH_USAGE_PUBKEY_CONTAINER_DEF. This patch added OEM signed
container support. If a container signature between OEM0 to OEM7 is
found, it will be verified use HASH_USAGE_PUBKEY_OEM(x) where x is 0
to 7. To add an OEM public key hash, it can be done by updating
pub_key_list in GetKeyHashList() in file BoardConfig.py.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Klocwork reports a potential dereferencing of a NULL
pointer. This patch addresses the issue.
Signed-off-by: Sai Talamudupula <sai.kiran.talamudupula@intel.com>
Platform debug mode is extended to PCR[7]
as part of secure boot policy. Updated bit setting
to LoaderPlatformInfo for payloads to consume.
Debug mode is checked in payload.
ArchitecturalMsr.h ported fom EDK2 repo.
Signed-off-by: Subash Lakkimsetti <subash.lakkimsetti@intel.com>
This will allow necessary messages to be printed to consoles.
These macros will redirect debug message to consoles.
CONSOLE_PRINT
CONSOLE_PRINT_UNICODE
These conditional macros will redirect debug message to consoles or
DEBUG(). The PrintLevel is valid only when redirected to DEBUG().
CONSOLE_PRINT_CONDITION
CONSOLE_PRINT_UNICODE_CONDITION
Signed-off-by: Aiden Park <aiden.park@intel.com>
To help debug boot performance, add a MTRR print function.
This function could be invoked multiple times with different
string to know where this MTRR data is printed.
Signed-off-by: Guo Dong <guo.dong@intel.com>
This patch enhances MapMemoryRegion subroutine to
add PDP entries for mapping addresses > 4GiB.
Only 1:1 mapping is provided for Above4Gb addresses.
And linear addresses are mapped to 1GiB pages.
Signed-off-by: Sai Talamudupula <sai.kiran.talamudupula@intel.com>
This issue is seen on a WHL board on X64 build when high 32-bit
BAR does not exist. In that case, MmioRead64 returns (UINT64)(-1).
To avoid this, read high 32-bit BAR only if BAR type is 64-bit
address space.
Signed-off-by: Aiden Park <aiden.park@intel.com>
Current container library cannot be used before memory is initialized
because the structure will only be initialized after memory. This
patch moved the initialization into Stage1A so that the library can be
used much earlier. The containers registered before memory will be
migrated into memory automatically post memory initialization. In this
way it avoids duplicated header authentication.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This will load and execute 64-bit ELF image.
- Load image from ELF program header
- 32-bit ELF on IA32 only. 64-bit ELF on X64 only
- TBD: Relocate ELF
Signed-off-by: Aiden Park <aiden.park@intel.com>
This patch added support for arrow keys on PS2 numeric keypad.
The original code only supports the dedicated arrow keys.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
In Shell FS after media initialization, the de-initialization
should be called to free all allocated memory.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Recent Linux kernel accepts acpi_rsdp=0x.. in kernel command line.
This will make Linux kernel look for ACPI RSDP address in the kernel
commad line first prior to in DMI or F-segment.
Signed-off-by: Aiden Park <aiden.park@intel.com>
FSP could produce a FSP boot performance HOB.
So add the capability to print FSP performance data.
Also add a PcdBootPerformanceMask to enable/disable
boot performance data print.
Signed-off-by: Guo Dong <guo.dong@intel.com>
This patch upgraded the LZ4 from 1.4.0 to 1.7.4. The size will
increase around 300 bytes. Performance is still very similar.
But when trying to use more recent LZ4 version 1.9, noticed
significant performance degration. So keep to 1.7.4 for now.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
If Platform code assigns 64-bit BAR address to XHCI,
get the full 64-bit address to access MMIO space.
Behavior is undefined if building IA32 and assigning
64-bit XHCI resources.
Signed-off-by: Sai Talamudupula <sai.kiran.talamudupula@intel.com>
* Fix XHCI library memory de-allocation issue
This patch added code to XHCI de-initialization funciton to free
all used memory.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
* Enhance USB De-initialization flow
This patch enhanced the USB De-initializaiton flow by trying to
call de-init functions in the full USB driver stack including XHCI,
UsbBus, UsbBot, etc.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>