In ConfigEditor, when open DSC files, many files will show up. It
is expected to only open the CfgDataDef.dsc. This patch changed
the file match pattern to only list *Def.dsc file. In this way,
user will not make mistake to open some include DSC file.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch allows payload ID selection toggling using GPIO. When
the payload ID is set to "AUTO" in CFGDATA, the actual payload ID
will be updated according to current GPIO level. If the GPIO is low,
the payload ID will be set to 0 to boot OsLoader/FwUpdate payload.
If the GPIO is high, the payload ID will be set to 'UEFI' to boot
UEFI payload.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
When SBL calls board notification ReadyToBoot and EndOfFirmware in
Stage2, OsLoader will assert on APL platform. It was caused by NULL
pointer access in ClearFspHob(). This patch added NULL pointer check
before zeroing out memory. It fixed#197.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
When determining which extent node to fetch
the filesystem block address from for a file's
data we should count from block 0 of the file
and when we enter into a non-zero extent node
we need to subtract the starting block number
from the file block number we are looking for
so that we don't skip over any blocks.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
The previous implementation has a little confusion in license header.
To avoid further annoying, simply re-implement ElfLib.
- 32bits, little-endian, executable elf only supported
- elf32.h/elf_common.h from BaseTools/Source/C/GenFw
- LoadElfImage() interface changed
Signed-off-by: Aiden Park <aiden.park@intel.com>
The current EXT2/3 library does not support EXT4 partition
reading namely due to a limitation with handling extents
instead of block maps within an I_node's I_block data.
There is a todo currently to support 48-bit logical block
addressing, the code currently does not support reading
larger than 32-bit addresses; throw an ASSERT if upper
16-bits are non-zero.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
Previous commit 4061d47f30 missed one
condition while handling the board notification calls. For built-in
payload such as OsLoader and FwUpdate, it will issue notifications
from payload through SBL platform services. So for these payloads,
board notification should not be called in SBL Stage2. This patch
fixed this.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Current SBL does not call board ReadyToBoot & EndOfFirmware phases
in Stage on normal boot flow. Current open source UEFI payload does not
do it either. It caused some security concerns. The patch enforced
these notification calls on normal boot flow in SBL for all payloads
except for those that can handle board and FSP notification on its own.
It fixed#191.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Change DEBUG_ERROR to DEBUG_INFO for reporting UpdateFspmSgxConfig() and
UpdateFspsSgxConfig() return statuses since failing to update FSP
variables for Intel(R) SGX is not necessarily due to an error.
Signed-off-by: Iyer, Naveen <naveen.iyer@intel.com>
Necessary FSP header files(ex. Fsp*Upd.h) will be copied from FSP
release repo. Additionally, cfl target for WHL/CFL platforms will
verify minimum FSP version like apl target.
Signed-off-by: Aiden Park <aiden.park@intel.com>
On WHL, if using Boot Guard profile 0, booting from BP1 will be
significantly slower than BP0. It is because some code region in BP1
is not covered by MTRR cache settings. This patch adjusted MTRR
settings during PostTempRamInit notification to cover full flash
code region if Boot Guard profile 0 is used.
It fixed#188.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch utilizes information from FspBin.inf to checkout specific
tag from FSP repo and copy files to SBL source tree.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
In current FAT lib, the file path matching code will just compare
the 1st N chars and ignored the remaining. The end of the string
should be checked to ensure exact matching. As part of this fix,
the GRUB config parsing library needs to be updated since the file
name length field is one less than expected.
It fixed#183.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Synced up MdePkg, IntelFsp2Pkg and BaseTools to EDK2 stable tag
edk2-stable201905.
There are several changes for MdePkg and BaseTools.
MdePkg:
- Support light print to reduce SBL size
MdePkg\Library\BasePrintLib\PrintLibInternal.c
MdePkg\Include\Library\DebugLib.h
- TCG TPM2 spec changes and remove dependencies
MdePkg\Include\IndustryStandard\UefiTcgPlatform.h
MdePkg\Include\IndustryStandard\Tpm2Acpi.h
- Use old NVM protocol file
MdePkg\Include\Protocol\NvmExpressPassthru.h
- Removed unused files
BaseTools:
- Added LZ4 support
- Removed unused files
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Cleaned up SpiFlashLib in APL platform, and move it into
BootloaderCommonPkg, so that other platform could reuse
this SpiFlashLib
Signed-off-by: Guo Dong <guo.dong@intel.com>
Add ACPI_ENABLED() to align with MEASURED_BOOT_ENABLED().
Update MEASURED_BOOT_ENABLED() by checking PcdMeasuredBootEnabled
firstly.
Update PlatformFeaturesInit () in stage1b to fix potential inconsistent.
Update other code for changes above.
Signed-off-by: Guo Dong <guo.dong@intel.com>
Common MM_PCI_ADDRESS() provided PCI device BDF to PCIE MMIO base address.
So remove MmPciAddress() and MmPciBase () defined in platform and update
code to use MM_PCI_ADDRESS().
Add TO_PCI_LIB_ADDRESS() in common library.
Signed-off-by: Guo Dong <guo.dong@intel.com>
Currently when providing a filepath with sub-directories
the EXT2/3 library is not able to locate the file. The
code for traversing sub-directories is already present
but was not enabled. This change enables this support.
Ex: 'boot/iasimage.bin'
Signed-off-by: James Gutbub <james.gutbub@intel.com>
FileSystemLib provides generic interfaces to access file system and
its files as a abstraction of FatLib/ExtLib.
- Added CloseFileSystem
If there are opened files in a specific filesystem, those files
will be de-allocated in CloseFileSystem.
- Added OpenFile/GetFileSize/ReadFile/CloseFile
The ReadFile() does not allocate any memory for the file content.
The caller of OpenFile() MUST allocate necessary memory before
calling ReadFile().
Signed-off-by: Aiden Park <aiden.park@intel.com>
This patch will add support for updating multiple firmwares
using a single capsule image.
Following modifications are made for existing firmware update flow
1) Gather and validate capsule image
2) State Machine will be set to capsule processing state.
3) Signature of the capsule image is now stored in reserved region
During each reboot until the end of firmware update, stored signature
will be compared against the capsule image signature to make sure
capsule image is not modified until the end of firmware update.
4) Process Capsule image to gather firmware images
5) Each Firmware image information will be stored in reserved region
using FW_UPDATE_COMP_STATUS. Update pending will be marked to
update pending state indicating that this image is not processed.
6) Firmware update will use the reserved region comp structures starting
with the first image with update pending state, update the comp update
pending field to processing and applies the image. After the update, pending
field will be updated to Done and updates the status of the update in the
component structure and moves on to next image found.
7) After all the component structure in the reserved region updating pending
field are set to Done. Firmware update mode is exited.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
This patch will update GenCapsuleFirmware.py tool to package
multiple firmware update images into single capsule.
Example:
python GenCapsuleFirmware.py -p BIOS pld1.bin -p <GUID> pld2.bin
-p CSME Pld3.bin -p CSMD Pld4.bin -o img.bin -k TestSigningPrivateKey.pem
The following are the changes made
1) Capsule header format is changed to align with
EFI_FIRMWARE_MANAGEMENT_CAPSULE_HEADER
2) Each firmware image in the capsule will have
EFI_FIRMWARE_MANAGEMENT_CAPSULE_IMAGE_HEADER
3) BIOS, CSME, CSME Update Driver (CSMD) and CFGData payloads
can be passed to the tool using their names as suggested in
example.
4) Unknown payloads can also be passed to the tool with associated
guid as input.
Signed-off-by: Raghava Gudla <raghava.gudla@intel.com>
The FindPartitions() allocates memory for PART_BLOCK_DEVICE instance.
This allocated memory needs to be de-allocated if no more necessary
to avoid memory leak.
TBD: Current partition info needs to be cleared before going to next
boot option.
Signed-off-by: Aiden Park <aiden.park@intel.com>
- CMD23(SET_BLOCK_COUNT) is for only MMC.
- CMD17(READ_SINGLE_BLOCK) must be used when reading a single block
with SD card
Signed-off-by: Aiden Park <aiden.park@intel.com>
On APL the last 256KB flash address space (4GB-256KB to 4GB) is
remapped to CSME SRAM read-only region. During stitching due to space
limitation, if a component gets pushed into this region, then direct
memory mapped access might not work since it will be decoded by CSME.
To access components within this region, SPI command based interfaces
has to be used instead of memory mapped interface.
This patch added warning message when this condition is detected in
the stitching process.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Firmware update with latest code broke on APL platform.
This patch fixed#162 by:
- Corrected the HECI command response flag check
- Always read FWU state machine using SPI command instead memory map
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Set SPI flash EISS and LE for UEFI payload in EndOfStages().
Some clean up on UPDs and create a common function for security check.
Set SMM_FLAGS_4KB_COMMUNICATION flag
Signed-off-by: Guo Dong <guo.dong@intel.com>
This patch fixed some minor debug message print issue. It also added
some more debug prints to help identify potentical issue in firmware
update flow.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
Some platform might need do some platform specific init
on all the threads. So add a MP hook using a PCD.
Np impact for the platform that doesn't need this hook.
This patch also enable InSMM bit for APL.
Signed-off-by: Guo Dong <guo.dong@intel.com>
Copying the MdePkg BaseMemoryLibSse2 library into
SBL for faster CopyMem and other routines to improve
boot performance every where except for Stage1A &
Stage1B due to 'movntdq' usage limitation in earlier
stages. Remove all of the X64 files since SBL is compiled
as 32-bit. Also patch PCI enumeration code to perform
manual memory copying (using SSE2 CopyMem gives some
issue as tested on APL).
The BaseMemoryLibSse2 folder was copied from EDK2
GitHub based on the following commit ID:
9344f0921518309295da89c221d10cbead8531aa
Signed-off-by: James Gutbub <james.gutbub@intel.com>
It might be useful for the pre-OS payload/checker
to have a handle to the HOB list data for additional
support or data checking that the HOB list contains.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
Current implementation of splashing a BMP image to the
display requires the allocation of a temporary buffer
to store the BMP image into a GOP Blt friendly format
that can then be used to splash the image to the display.
Instead of using a buffer for the whole image we can
allocate a smaller buffer to splash one line at a time
since splashing is already performed one line at a time.
Also fix a small print message regarding frame buffer
format.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
Current GRUB config parser can only handle UNIX EOL style. For DOS
EOL style config file, an extra '\r' will be left at the line end
which might cause failure for initrd file loading due to incorrect
file name string. This patch enhanced the GRUB config file parser
to handle both UNIX and DOS EOL style.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
To ensure ConfigEditor can handle the configuration data type properly,
the default value needs to be valid. For string type configuration item,
the value should start with single quote. The APL default values for OS
image name is set to number 0 instead of '' to indicate empty string.
This patch corrected this and fixed#151.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
For the pre-OS payload/checker pass in a parameter
that contains additional information for heap space,
heap address, and additional CPU registers that may
need to be set before the pre-OS payload/checker
passes control to the OS.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
An issue was reported on APL that MRC will start to do full training
after 119 boot cycles. APL MRC training data contains two parts. One
part will not change, and the other part will change for every boot.
To avoid frequently erasing flash, a rolling method was applied to
save this data into different slot for each boot. When all slots are
full, the whole block will be reclaimed. However, some boundary
condition was not handled properly which caused the NVS data cannot
be located when the slot is close to the end of the block.
This patch addressed this issue by:
- Force the max slot number to be 8 aligned so that the map is always
at byte boundary (1 bit for 1 slot in the slot map).
- When all slots are marked with 0 (all slots are full), set default
slot to be the last slot so that the last slot will be used to get
the MRC NVS data.
It fixed#146.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added the additional existence check for payload binary.
If the file does not exist, it will error out. Also if the binary
is already under build FV folder, skip the unnecessary copy.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
This patch added some additional error message print during the
boot media initializtion and file loading. It makes it easier to
identify issues in case of failure.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
For SATA boot option, the hardware partition is mapped into AHCI
port. Current implementation requires a specific AHCI port in order
to boot from that hard drive. This patch added support to boot
from the first detected AHCI port when the hardware partition is
set to 0xFF.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>
The GCC build is failing due to recent check-in for OS Loader FV
building. GCC5 is throwing an error that the required fv size
of 0x37718 is exceeding the set fv size of 0x37000. Bump up the FV
size to address this issue.
Signed-off-by: James Gutbub <james.gutbub@intel.com>
Some OSes may require a pre-OS checker executable
to run before actually jumping to the OS. Add
support for this pre-OS checker loading & execution
as part of the OS Loader payload when it is compiled
as an FV and when ENABLE_PRE_OS_CHECKER option is
enabled in BoardConfig.py (per the following command):
SblBuild.py build <plat> -p OsLoader.Fv:LLDR:Lz4
The pre-OS checker entry point takes in a single
parameter which provides the CPU boot state that
should be loaded once jumping into the OS for the
pre-OS checker to launch after it finishes execution
(e.g. pre-OS checker does not return to Slim Bootloader).
Signed-off-by: James Gutbub <james.gutbub@intel.com>
When specify a payload file in the build command line, the current
searching folder is: PayloadPkg/PayloadBins, Platform/$(PlatformBoardPkg)
/Binaries. This patch added another searching folder in the Build FV
if the payload file cannot be found in the listed folders above. This
is useful when the payload image itself is generated from the build
process.
Signed-off-by: Maurice Ma <maurice.ma@intel.com>