In Python 3 built-in function next() is used to get the next
result from an iterator. next method causes post build failure.
Fixed an issue in GenContainer for byte array comparison.
Signed-off-by: Subash Lakkimsetti <subash.lakkimsetti@intel.com>
This patch will run version check only for SBL update and will
skip for all other components.
Version check for all other components will be added in future
patches.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
This patch introduces support for RSA3K and SHA384 signing
And verifications support to Slimbootloader. Component hash
verification is done using PcdCompSignHashAlg.
To enable RSA3072 and SHA384,
- Signing hash algorithm SIGN_HASH_TYPE should be set to SHA2_384
- RSA3K private keys should be configured in platform board configs.
- Set IPP_CRYPTO_ALG_MASK to include SHA2_384
- Enable required IPP_CRYPTO_OPTIMIZATION_MASK
- Default siging hash type is set to SHA2_256. Use hash type option
while using the tools as Gencontainer, CfgDataTool in standalone
mode.
Signed-off-by: Subash Lakkimsetti <subash.lakkimsetti@intel.com>
CSME driver is not a component rather it is a driver to
update CSME binary, so it is not required to update status
of the driver to FWST ACPI table.
As part of the above change, gCsmeFWUDriverImageFileGuid is
moved from PayloadPkg.dec to bootloadercommonpkg.dec
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
CSME update is working only from primary partition, added
code to check the current boot partition and if booting from
back up partition, switch to primary partition.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
Soemtimes when JTAG based debug is not available, it might be easier
to have Shell access in earlier stage to check lots of platform
settings. Today it is impossible because full Shell has lots of other
dependencies which might not satisfy in early stage. This patch added
a PCD PcdMiniShellEnabled to build a mini Shell with very few
dependencies. This mini Shell can be used in early debug phase for SBL.
To use it, add the following to override the PCD for a specific stage
in BootloaderCorePkg.dsc.
EX:
$(PLATFORM_PACKAGE)/Stage1B/Stage1B.inf {
<PcdsFeatureFlag>
gPlatformCommonLibTokenSpaceGuid.PcdMiniShellEnabled | TRUE
...
}
Then include ShellLib.h in stage C code and add ShellLib in related
stage INF file. If adding it into Stage1A, it needs to be after the
Stage1A banner print out.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch removed global variable usages in ShellLib. It is
required when running Shell in early stage from flash. In this
case global variable is read-only. All memory should be allocated
from stack or heap.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Configuration data blob is supported only from Bios region.
Removing CfgData in PDR as its no longer getting used.
Updated to copy signed data structure length for max supported.
Max supported is for RSA3072 size.
Signed-off-by: Subash Lakkimsetti <subash.lakkimsetti@intel.com>
This patch did some of the following clean up:
- Rename *_HOB to *_PARAM for Stage1A/Stage1B/Stage2.
This is to avoid confusion between real HOB and the parameter
data block passed through stages.
- Rename BistVal to CpuBist.
This is to make it more clear.
- Add BUF_INFO definition.
BUF_INFO will be used as a general structure.
- Remove CarBase/Top in Stage1B HOB
They are not used at all.
- Clean memory allocation in Stage1A
Restructured the buffer allocations for Stage1A global
data so that it is easier to read and maintain.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
If dumping address not aligned at 16 boundary, the current Shell
will print the aligned address in the dump. It makes sense for
a memory block display, but it is a little bit confusing for single
memory address display. This patch fixed this issue by printing the
exact address when the display count is 1.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Add a common SmbusLib support for Intel PCH
Define PLT_MEDIUM_MISC_TYPE in device table for
devices that are not for OS boot.
Signed-off-by: Guo Dong <guo.dong@intel.com>
This patch does the following
1) Enable triggering firmware update from OS
2) When firmware update mode is given control, state machine
is set to capsule processing and firmware update platform
specific trigger is cleared. State machine will be used
hereafter to track firmware update
3) Created CheckStateMachine method in BoardSupportLib.c to
check state machine to see if firmware update is in progress
and set boot mode to firmware update.
4) Removed CMOS way of triggering firmware update and wrote code
to use Over-Clocking WDT Scratchpad (OC_WDT_SCRATCH) bits for
triggering firmware update
5) Update shell fwupdate command to use OC_WDT_SCRATCH bits.
6) Removed extra reset during sbl firmware update
7) Removed reset after updating configuration data update
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
Hash and RSA signing parameters were hardcoded in
Crypto wrappers and secure boot libraries. This patch
address support for multiple hash and key sizes.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
When firmware updated is not enabled, it will not build firmware update
payload, so there is hash for FWUPDATE.hash.
Update the build tool only require it when firmware update is enabled.
Signed-off-by: Guo Dong <guo.dong@intel.com>
This issue happens under two conditions
1. Unicode language environment in Windows
2. A python calls 'BaseTools/toolsetup.bat'
(In EDKII, edksetup.bat directly in Windows command shell)
- 'BuildLoader.py' calls 'BaseTools/toolsetup.bat' in a subprocess
- 'BaseTools/toolsetup.bat' calls 'nmake cleanall'
- 'cleanall' target runs 'python NmakeSubdirs.py' directly
- 'NmakeSubdirs.py' creates multi-threads
- The threads create another subprocesses
But, one of multi-threads is on deadlock when python handles stdout and
stderr in a subprocess pipe only if the output includes unicode chars.
Therefore, only stderr will be handled in the pipe same as a single
thread call.
Signed-off-by: Aiden Park <aiden.park@intel.com>
GIT allows only UNIX format in .patch file. Otherwise, git am or apply
will report 'fatal: git apply: bad git-diff - expected /dev/null'.
But, PatchCheck blocks non-CRLF changes in commit. It's mutual exclusive.
Therefore, skip CRLF check in git .patch files.
Signed-off-by: Aiden Park <aiden.park@intel.com>
This patch reimplemented function to get the key type by reusing the
existing gen_pub_key() function. It also cleaned some code format to
make it easier to read.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch removed duplicated RSA signing implemention in
CfgDataTool script and used the common one in CommonUtility.
It also removed PrintByteArray(), and use common print_bytes()
instead.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current SBL hash store has many limitations:
- Only support fixed hash size
- Only support 1:1 public key and usage mapping
- Only support build time key enrollment
This patch addressed this issue by introducing:
- Add a updatable KEYH component to hold extra key hash
- Allow append new hash entries from KEYH
- Use variable length entry for hash
- Introduce "Usage" bit mask for a key usage
This will allow using a single key to sign multiple components, or
using multiple keys to sign a single component. The built-in hash
store will only contain hash for STAGE1B, STAGE2, PAYLOAD,
PAYLOAD_FWU and MASTER public key hash. Master key hash will be used
to verify the KEYH component loaded at runtime in Stage1B. Once KEYH
is loaded, it will be appended into global hash store. The combined
hash store will be used to verify other components on the boot flow.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch add pubkey and signature header updates to storage.
Data reversal for hash computation is not being performed.
Only RSA2048 and SHA256 changes were updated with this patch.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
This patch implements pubKey and signature updates done
in storage. Added info as sigining types, signing algo,
key sizes which could be used in secureboot and crypto
libraries.
Information from IASImage is transformed to updated
crypto and secure boot implementation. Only RSA2048 and sha256
support is updated as IAS image supports only this combination.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
This patch moved some library APIs into BootloaderCommonLib, including
GetComponentInfo() and GetComponentHash().
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current gen_pub_key only supports private key in PEM support. In
many cases, private key might not be available and only public key
is available. This patch enhanced this function to handle both
private and public key in PEM format.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
There are many cases that it is required to print the values of
byte-array for debug. It is not convenient in current SBL python
scripts. This patch added a print_bytes() function in CommonUtility
to provide generic function to print out a byte array object.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch add HeaderLength to indicate the length of Hahs Store
header so that common code can be used to skip the header without
using the sizeof() operator.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current code only counted used hash store size as the whole
buffer size. This is not correct and will cause buffer overflow.
It is required to use the whole hash store buffer size including
the unused space at the end. This patch fixed this.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
HASH_STORE_TABLE is updated and HASH_STORE_DATA is added
to provide info with variable length sizes. Usage bits would
notify for multiple component/key using the same hash.
These data structure would optimize the hash store size
in storage.
PcdHashStoreSize would define the size of Hash store
to allocate in bios bootup.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
HashStoreTable is defined for variable size to support
different hash alg and sizes. This would optimize the
hash store size in storage. Signing hash alg defined in BoardConfig file.
Hash store data is aligned as per the Digest length used.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
Component Hash is passed with TpmExtendHash if available.
Hash Store is getting optimized on storage and this would avoid
setting component hash in hash table. SetComponent Hash API is
removed in bootloaderlib.
Added HashAlg param to TpmExtendHash for future purposes
where TPM PCR bank would be selected based on HashAlg.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
System reset occurs after returning from AsmEnableAvx() in Stage1A.c
because ebx register is used for cpuid, but not restored.
- Save/Restore ebx register
- Move AsmEnableAvx () after init idt and serialport
Signed-off-by: Aiden Park <aiden.park@intel.com>
This patch updated the PayloadId detection logic on APL platform
to make it easy to understand.
The current policy is as below:
- If PayloadId CFGDATA is not AUTO, use whatever provided in CFGDATA.
- If PayloadId CFGDATA is AUTO, and GPIO based PayloadId detection
is enabled, uses GPIO level to determine the actual PayloadId to
use. (HIGH:OsLoader LOW:UEFI)
- If PayloadId CFGDATA is AUTO, and GPIO based PayloadId detection
is disabled, uses default PlatfomrId 0 (OsLoader).
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
The previoius IPP library updates used UpdateSHA256V8 as default for
SHA256. It works on real platform. However, QEMU's default CPU config
does not support SSE3 instructions and will generate exception. This
patch added the UpdateSHA256Compact as default SHA256 function if no
advanced optimization flags are set. The same is applied for SHA512
functions too.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
AVX(G9) and SSE4(W7) is added to IPP crypto lib.
PcdCryptoShaOptEnabled is added to enable optimzations
in IPP SHA256 and SHA384.
Default is set to V8 (SSE3) for SHA256. ENABLE_CRYPTO_SHA_OPT has to
be configured in Platform board config files for optimizations
to be enabled.
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
EnableAvx ASM is included as part ExtraLibs.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Signed-off-by: Subash Lakkimsetti <subashx.lakkimsetti@intel.com>
This will fully support PatchCheck.py.
- Remove all trailing whitespace
- Convert LF to CRLF by default
- Update EFI_D_* to DEBUG_*
- Re-enable CRLF check in PatchCheck.py
Signed-off-by: Aiden Park <aiden.park@intel.com>
By adding an additional flag for the pre-OS
checker execution flow it is possible to determine
at run time whether to attempt loading/execution
of the pre-OS checker during OS Loader time. From
platform code the decision to attempt to run the
pre-OS checker can be controlled.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
This patch enhanced the CFGDATA script to extract CFGDATA BIN
files from IFWI and further generate DLT using default DSC.
In this way, the default CFGDATA binaries and DLT files are no
longer requried to be provided in the release package in order
to customize the CFGDATA in an existing IFWI image.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
PcdDebugInterfaceFlags and PcdDebugOutputDeviceMask are defined
for debug devices, so removed PcdDebugInterfaceFlags.
Add a new PCD PcdDebugPortNumber to indicate the serial debug
number.
Signed-off-by: Guo Dong <guo.dong@intel.com>
This patch added WMI service in ACPI to provide a unified mechnism
for user to trigger a firmware update flow. New ASL methods are
defined. \DWMI.WQ00 is for read and \DWMI.WS00 is for write.
To use it from Linux (Ubuntu):
- Install acpi-call module
sudo apt install acpi-call-dkms
- Load module
sudo modprobe acpi_call
- Read trigger register value
echo '\DWMI.WQ00 0' | sudo tee /proc/acpi/call
sudo cat /proc/acpi/call
- Write trigger register value
echo '\DWMI.WS00 0 0x12' | sudo tee /proc/acpi/call
To use it in Windows:
- Open a command line window with admin right.
- Run VB script to read / write the trigger register
set Service = GetObject("winmgmts:root/wmi")
set EnumSet = Service.InstancesOf ("AcpiFirmwareCommunication")
for each Instance in EnumSet
Wscript.Echo "Current Val: " & Hex(instance.Command)
instance.Command = 1
instance.Put_()
Wscript.Echo "Set New Val: " & Hex(instance.Command)
next 'instance
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current SBL does not check the FSP Notify API return status. As a
result, if reset is requested, it is ignored by SBL. This patch
added FSP reset request check for FspMemoryInit, FspSiliconInit and
FspNotifyPhase.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
SBL currently set IA Untrust bit in MpInit(). It is too early for
BSP. By doing so, it blocked some register access in FSP notification
APIs. This patch moved the IA Untrust bit set for BSP to the end of
boot flow while keeping it at same location for APs.
It also fixed#466.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current SBL calls ClearFspHob() too early. Since HOB is required
during the whole FSP life cycle. It is better to clear it at the
end after the last call. Otherwise, some previous API call will
potentically encounter issues.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This is a follow-up to the previous WOL commit. The previous
implementation is more LeafHill specific. This patch further
added configuration data to control how wake up signal is mapped
into each PCIE root port. And the ASL code has been adjusted to
utilize that info so that the code can be more generic for all
other platforms.
The current default configuration for PCIE wake signal is aligned
with LeafHill CRB board. For other borads, to enable it properly,
it is required to override the wake signal configuration using DLT.
Test has been done on LeafHill to do WOL with yocto image. It worked
as expected.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added export sub-command support in CfgDataTool.py. It
is useful for users to export external CFGDATA from an exising
BIOS or IFWI binary file.
EX:
python BootloaderCorePkg\Tools\CfgDataTool.py export
-i Outputs\cfl\SlimBootloader.bin -o Temp
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Kernel cmdline data from config.cfg or grub config files were copied
to invalid address.
This is only for traditional linux boot in debug build.
Signed-off-by: Aiden Park <aiden.park@intel.com>