Date   

[PATCH V0 0/4] Enable Dynamic ACPI for LS1046AFRWY

Vikas Singh
 

This patch series basically aims to extend the Dynamic ACPI
framework towards NXP's LS1046AFRWY platform.

Refer- https://edk2.groups.io/g/devel/message/71709

The change set in the series is in below order -

(1)Introducing a new platform specific macro "PLAT_SOC_NAME"
This macro will be consumed by Configuration Manager(CM).
Platforms who extends CM services for themselves must notify
their SoC details to CM. Additionally also update the lx2160ardb
platform header with PLAT_SOC_NAME, this will be consumed by CM.

(2)Introduced a function to get SoC's System Version Register(SVR)
This function will fetch SVR for LS1046A SoC based platforms.
In current patch series, this function will be used by LS1046aFrwy.

(3)Extending Configuration Manager (CM) and its services to leverage
the Dynamic ACPI support for NXP's LS1046aFrwy platform.

(4)Introduced an OEM specific firmware acpi table generator
Also add Dsdt.asl as a place holder having only platform's clock
related dsdt properties for now and can accommodate other IP specific
dsdt tables(acpi properties) for LS1046AFRWY in future patch series.

Vikas Singh (4):
Platform/NXP: Add generic log in CM to print SoC version
Silicon/NXP: Add support of SVR handling for LS1046FRWY
Platform/NXP/LS1046aFrwyPkg: Extend Dynamic ACPI support
Platform/NXP/LS1046aFrwyPkg: Add OEM specific DSDT generator

.../ConfigurationManager.c | 10 +-
.../AcpiTablesInclude/Dsdt/Clk.asl | 60 +++++++
.../AcpiTablesInclude/Dsdt/Dsdt.asl | 15 ++
.../AcpiTablesInclude/PlatformAcpiDsdtLib.inf | 39 +++++
.../PlatformAcpiDsdtLib/RawDsdtGenerator.c | 138 +++++++++++++++
.../AcpiTablesInclude/PlatformAcpiLib.h | 23 +++
.../NXP/LS1046aFrwyPkg/Include/Platform.h | 159 ++++++++++++++++++
.../NXP/LS1046aFrwyPkg/LS1046aFrwyPkg.dsc | 29 ++++
.../NXP/LS1046aFrwyPkg/LS1046aFrwyPkg.fdf | 13 ++
Platform/NXP/LX2160aRdbPkg/Include/Platform.h | 5 +-
Silicon/NXP/LS1046A/LS1046A.dsc.inc | 10 ++
Silicon/NXP/LS1046A/Library/SocLib/SocLib.c | 16 ++
12 files changed, 507 insertions(+), 10 deletions(-)
create mode 100644 Platform/NXP/LS1046aFrwyPkg/AcpiTablesInclude/Dsdt/Clk.asl
create mode 100644 Platform/NXP/LS1046aFrwyPkg/AcpiTablesInclude/Dsdt/Dsdt.asl
create mode 100644 Platform/NXP/LS1046aFrwyPkg/AcpiTablesInclude/PlatformAcpiDsdtLib.inf
create mode 100644 Platform/NXP/LS1046aFrwyPkg/AcpiTablesInclude/PlatformAcpiDsdtLib/RawDsdtGenerator.c
create mode 100644 Platform/NXP/LS1046aFrwyPkg/AcpiTablesInclude/PlatformAcpiLib.h
create mode 100644 Platform/NXP/LS1046aFrwyPkg/Include/Platform.h

--
2.25.1


Re: [PATCH v1 0/8] Measured SEV boot with kernel/initrd/cmdline

Ard Biesheuvel
 

On Tue, 1 Jun 2021 at 14:12, Laszlo Ersek <lersek@redhat.com> wrote:
...
- A major complication for hashing all three of: kernel, initrd,
cmdline, is that the *fetching* of this triplet is split between two
places. (Well, it is split between *three* places in fact, but I'm going
to ignore LinuxInitrdDynamicShellCommand for now, because the AmdSevX64
platform sets BUILD_SHELL to FALSE for production.)

The kernel and the initrd are fetched in QemuKernelLoaderFsDxe, but the
command line is fetched in (both) QemuLoadImageLib instances. This
requires that all these modules be littered with hashing as well, which
I find *really bad*. Even if we factor out the actual logic, I strongly
dislike having *just hooks* for hashing in multiple modules.

Now, please refer to efc52d67e157 ("OvmfPkg/QemuKernelLoaderFsDxe: don't
expose kernel command line", 2020-03-05). If we first

(a) reverted that commit, and

(b) modified *both* QemuLoadImageLib instances, to load the kernel
command line from the *synthetic filesystem* (rather than directly from
fw_cfg),

then we could centralize the hashing to just QemuKernelLoaderFsDxe.

Ard -- what's your thought on this?
I don't have any problems with that - I take it this means we can drop
the QemuFwCfgLib dependency from GenericQemuLoadImageLib altogether,
right?


And then, we could eliminate the dynamic callback registration, plus the
separate SevFwCfgVerifier, SevHashFinderLib, and SevQemuLoadImageLib stuff.

We'd only need one new lib class, with *statically linked* hooks for
QemuKernelLoaderFsDxe, and two instances of this new class, a Null one,
and an actual (SEV hash verifier) one. The latter instance would locate
the hash values, calculate the fresh hashes, and perform the
comparisons. Only the AmdSevX64 platform would use the non-Null instance
of this library class.

(NB QemuKernelLoaderFsDxe is used by some ArmVirtPkg platforms, so
resolutions to the Null instance would be required there too.)
This sounds like a good approach to me.




Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ashish Kalra <ashish.kalra@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>

James Bottomley (8):
OvmfPkg/AmdSev/SecretDxe: fix header comment to generic naming
OvmfPkg: PlatformBootManagerLibGrub: Allow executing kernel via fw_cfg
OvmfPkg/AmdSev: add a page to the MEMFD for firmware config hashes
OvmfPkg/QemuKernelLoaderFsDxe: Add ability to verify loaded items
OvmfPkg/AmdSev: Add library to find encrypted hashes for the FwCfg
device
OvmfPkg/AmdSev: Add firmware file plugin to verifier
OvmfPkg: GenericQemuLoadImageLib: Allow verifying fw_cfg command line
OvmfPkg/AmdSev: add SevQemuLoadImageLib

OvmfPkg/OvmfPkg.dec | 10 ++
OvmfPkg/AmdSev/AmdSevX64.dsc | 9 +-
OvmfPkg/AmdSev/AmdSevX64.fdf | 3 +
OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.inf | 30 +++++
OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf | 34 ++++++
OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.inf | 30 +++++
OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf | 2 +
OvmfPkg/ResetVector/ResetVector.inf | 2 +
OvmfPkg/AmdSev/Include/Library/SevHashFinderLib.h | 47 ++++++++
OvmfPkg/Include/Library/QemuFwCfgLib.h | 35 ++++++
OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h | 11 ++
OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.c | 60 ++++++++++
OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c | 126 ++++++++++++++++++++
OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.c | 52 ++++++++
OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 2 +-
OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c | 29 +++++
OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c | 5 +
OvmfPkg/Library/PlatformBootManagerLibGrub/QemuKernel.c | 50 ++++++++
OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c | 31 +++++
OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 20 ++++
OvmfPkg/ResetVector/ResetVector.nasmb | 2 +
21 files changed, 587 insertions(+), 3 deletions(-)
create mode 100644 OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.inf
create mode 100644 OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf
create mode 100644 OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.inf
create mode 100644 OvmfPkg/AmdSev/Include/Library/SevHashFinderLib.h
create mode 100644 OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.c
create mode 100644 OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c
create mode 100644 OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.c
create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/QemuKernel.c


[PATCH v2 6/6] SecurityPkg: Add option to reset secure boot keys.

Grzegorz Bernacki
 

This commit add option which allows reset content of Secure Boot
keys and databases to default variables.

Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com>
---
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf | 1 +
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h | 2 +
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr | 6 +
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c | 154 ++++++++++++++++++++
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigStrings.uni | 4 +
5 files changed, 167 insertions(+)

diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
index 30d9cd8025..bd8d256dde 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
@@ -109,6 +109,7 @@
[Protocols]
gEfiHiiConfigAccessProtocolGuid ## PRODUCES
gEfiDevicePathProtocolGuid ## PRODUCES
+ gEfiHiiPopupProtocolGuid

[Depex]
gEfiHiiConfigRoutingProtocolGuid AND
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h
index 6e54a4b0f2..4ecc25efc3 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h
@@ -54,6 +54,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent

#define KEY_VALUE_FROM_DBX_TO_LIST_FORM 0x100f

+#define KEY_SECURE_BOOT_RESET_TO_DEFAULT 0x1010
+
#define KEY_SECURE_BOOT_OPTION 0x1100
#define KEY_SECURE_BOOT_PK_OPTION 0x1101
#define KEY_SECURE_BOOT_KEK_OPTION 0x1102
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
index fa7e11848c..e4560c592c 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
@@ -69,6 +69,12 @@ formset
endif;
endif;

+ text
+ help = STRING_TOKEN(STR_SECURE_RESET_TO_DEFAULTS_HELP),
+ text = STRING_TOKEN(STR_SECURE_RESET_TO_DEFAULTS),
+ flags = INTERACTIVE,
+ key = KEY_SECURE_BOOT_RESET_TO_DEFAULT;
+
endform;

//
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
index 67e5e594ed..47f281873b 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
@@ -8,6 +8,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
**/

#include "SecureBootConfigImpl.h"
+#include <Protocol/HiiPopup.h>
#include <Library/BaseCryptLib.h>
#include <Library/SecureBootVariableLib.h>

@@ -4154,6 +4155,132 @@ ON_EXIT:
return Status;
}

+/**
+ This function reinitializes Secure Boot variables with default values.
+
+ @retval EFI_SUCCESS Success to update the signature list page
+ @retval others Fail to delete or enroll signature data.
+**/
+
+STATIC EFI_STATUS
+EFIAPI
+KeyEnrollReset (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ UINT8 SetupMode;
+
+ Status = EFI_SUCCESS;
+
+ Status = SetSecureBootMode (CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR(Status)) {
+ return Status;
+ }
+
+ // Clear all the keys and databases
+ Status = DeleteDb ();
+ if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
+ DEBUG ((DEBUG_ERROR, "Fail to clear DB: %r\n", Status));
+ return Status;
+ }
+
+ Status = DeleteDbx ();
+ if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
+ DEBUG ((DEBUG_ERROR, "Fail to clear DBX: %r\n", Status));
+ return Status;
+ }
+
+ Status = DeleteDbt ();
+ if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
+ DEBUG ((DEBUG_ERROR, "Fail to clear DBT: %r\n", Status));
+ return Status;
+ }
+
+ Status = DeleteKEK ();
+ if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
+ DEBUG ((DEBUG_ERROR, "Fail to clear KEK: %r\n", Status));
+ return Status;
+ }
+
+ Status = DeletePlatformKey ();
+ if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
+ DEBUG ((DEBUG_ERROR, "Fail to clear PK: %r\n", Status));
+ return Status;
+ }
+
+ // After PK clear, Setup Mode shall be enabled
+ Status = GetSetupMode (&SetupMode);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Cannot get SetupMode variable: %r\n",
+ Status));
+ return Status;
+ }
+
+ if (SetupMode == USER_MODE) {
+ DEBUG((DEBUG_INFO, "Skipped - USER_MODE\n"));
+ return EFI_SUCCESS;
+ }
+
+ Status = SetSecureBootMode (CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Cannot set CUSTOM_SECURE_BOOT_MODE: %r\n",
+ Status));
+ return EFI_SUCCESS;
+ }
+
+ // Enroll all the keys from default variables
+ Status = EnrollDbFromDefault ();
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Cannot enroll db: %r\n", Status));
+ goto error;
+ }
+
+ Status = EnrollDbxFromDefault ();
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Cannot enroll dbx: %r\n", Status));
+ }
+
+ Status = EnrollDbtFromDefault ();
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Cannot enroll dbt: %r\n", Status));
+ }
+
+ Status = EnrollKEKFromDefault ();
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Cannot enroll KEK: %r\n", Status));
+ goto cleardbs;
+ }
+
+ Status = EnrollPKFromDefault ();
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Cannot enroll PK: %r\n", Status));
+ goto clearKEK;
+ }
+
+ Status = SetSecureBootMode (STANDARD_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Cannot set CustomMode to STANDARD_SECURE_BOOT_MODE\n"
+ "Please do it manually, otherwise system can be easily compromised\n"));
+ }
+
+ return Status;
+
+clearKEK:
+ DeleteKEK ();
+
+cleardbs:
+ DeleteDbt ();
+ DeleteDbx ();
+ DeleteDb ();
+
+error:
+ if (SetSecureBootMode (STANDARD_SECURE_BOOT_MODE) != EFI_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Cannot set mode to Secure: %r\n", Status));
+ }
+ return Status;
+}
+
/**
This function is called to provide results data to the driver.

@@ -4205,6 +4332,8 @@ SecureBootCallback (
SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;
BOOLEAN GetBrowserDataResult;
ENROLL_KEY_ERROR EnrollKeyErrorCode;
+ EFI_HII_POPUP_PROTOCOL *HiiPopup;
+ EFI_HII_POPUP_SELECTION UserSelection;

Status = EFI_SUCCESS;
SecureBootEnable = NULL;
@@ -4755,6 +4884,31 @@ SecureBootCallback (
FreePool (SetupMode);
}
break;
+ case KEY_SECURE_BOOT_RESET_TO_DEFAULT:
+ {
+ Status = gBS->LocateProtocol (&gEfiHiiPopupProtocolGuid, NULL, (VOID **) &HiiPopup);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ Status = HiiPopup->CreatePopup (
+ HiiPopup,
+ EfiHiiPopupStyleInfo,
+ EfiHiiPopupTypeYesNo,
+ Private->HiiHandle,
+ STRING_TOKEN (STR_RESET_TO_DEFAULTS_POPUP),
+ &UserSelection
+ );
+ if (UserSelection == EfiHiiPopupSelectionYes) {
+ Status = KeyEnrollReset ();
+ }
+ //
+ // Update secure boot strings after key reset
+ //
+ if (Status == EFI_SUCCESS) {
+ Status = UpdateSecureBootString (Private);
+ SecureBootExtractConfigFromVariable (Private, IfrNvData);
+ }
+ }
default:
break;
}
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigStrings.uni b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigStrings.uni
index ac783453cc..0d01701de7 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigStrings.uni
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigStrings.uni
@@ -21,6 +21,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#string STR_SECURE_BOOT_PROMPT #language en-US "Attempt Secure Boot"
#string STR_SECURE_BOOT_HELP #language en-US "Enable/Disable the Secure Boot feature after platform reset"

+#string STR_SECURE_RESET_TO_DEFAULTS_HELP #language en-US "Enroll keys with data from default variables"
+#string STR_SECURE_RESET_TO_DEFAULTS #language en-US "Reset Secure Boot Keys"
+#string STR_RESET_TO_DEFAULTS_POPUP #language en-US "Secure Boot Keys & databases will be initialized from defaults.\n Are you sure?"
+
#string STR_SECURE_BOOT_ENROLL_SIGNATURE #language en-US "Enroll Signature"
#string STR_SECURE_BOOT_DELETE_SIGNATURE #language en-US "Delete Signature"
#string STR_SECURE_BOOT_DELETE_LIST_FORM #language en-US "Delete Signature List Form"
--
2.25.1


[PATCH v2 5/6] SecurityPkg: Add new modules to Security package.

Grzegorz Bernacki
 

This commits adds modules related to initialization and
usage of default Secure Boot key variables to SecurityPkg.

Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com>
---
SecurityPkg/SecurityPkg.dec | 14 ++++++++++++++
SecurityPkg/SecurityPkg.dsc | 4 ++++
2 files changed, 18 insertions(+)

diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index 4001650fa2..dad3cae0ba 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -190,6 +190,20 @@
## GUID used to enforce loading order between Tcg2Acpi and Tcg2Smm
gTcg2MmSwSmiRegisteredGuid = { 0x9d4548b9, 0xa48d, 0x4db4, { 0x9a, 0x68, 0x32, 0xc5, 0x13, 0x9e, 0x20, 0x18 } }

+ ## GUID used to specify section with default PK content
+ gDefaultPKFileGuid = { 0x85254ea7, 0x4759, 0x4fc4, { 0x82, 0xd4, 0x5e, 0xed, 0x5f, 0xb0, 0xa4, 0xa0 } }
+
+ ## GUID used to specify section with default KEK content
+ gDefaultKEKFileGuid = { 0x6f64916e, 0x9f7a, 0x4c35, { 0xb9, 0x52, 0xcd, 0x04, 0x1e, 0xfb, 0x05, 0xa3 } }
+
+ ## GUID used to specify section with default db content
+ gDefaultdbFileGuid = { 0xc491d352, 0x7623, 0x4843, { 0xac, 0xcc, 0x27, 0x91, 0xa7, 0x57, 0x44, 0x21 } }
+
+ ## GUID used to specify section with default dbt content
+ gDefaultdbxFileGuid = { 0x5740766a, 0x718e, 0x4dc0, { 0x99, 0x35, 0xc3, 0x6f, 0x7d, 0x3f, 0x88, 0x4f } }
+
+ ## GUID used to specify section with default dbx content
+ gDefaultdbtFileGuid = { 0x36c513ee, 0xa338, 0x4976, { 0xa0, 0xfb, 0x6d, 0xdb, 0xa3, 0xda, 0xfe, 0x87 } }

[Ppis]
## The PPI GUID for that TPM physical presence should be locked.
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 854f250625..e031775ca8 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -259,6 +259,10 @@

[Components.IA32, Components.X64, Components.ARM, Components.AARCH64]
SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
+ SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
+ SecurityPkg/EnrollFromDefaultKeys/EnrollFromDefaultKeys.inf
+ SecurityPkg/VariableAuthenticated/SecureBootDefaultKeys/SecureBootDefaultKeys.inf
+

[Components.IA32, Components.X64, Components.AARCH64]
#
--
2.25.1


[PATCH v2 4/6] SecurityPkg: Add EnrollFromDefaultKeys application.

Grzegorz Bernacki
 

This application allows user to force key enrollment from
Secure Boot default variables.

Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com>
---
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf | 47 +++++++++
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c | 107 ++++++++++++++++++++
2 files changed, 154 insertions(+)
create mode 100644 SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf
create mode 100644 SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c

diff --git a/SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf b/SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf
new file mode 100644
index 0000000000..4d79ca3844
--- /dev/null
+++ b/SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf
@@ -0,0 +1,47 @@
+## @file
+# Enroll PK, KEK, db, dbx from Default variables
+#
+# Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>
+# Copyright (c) 2021, Semihalf All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+[Defines]
+ INF_VERSION = 1.28
+ BASE_NAME = EnrollFromDefaultKeysApp
+ FILE_GUID = 6F18CB2F-1293-4BC1-ABB8-35F84C71812E
+ MODULE_TYPE = UEFI_APPLICATION
+ VERSION_STRING = 0.1
+ ENTRY_POINT = UefiMain
+
+[Sources]
+ EnrollFromDefaultKeysApp.c
+
+[Packages]
+ MdeModulePkg/MdeModulePkg.dec
+ MdePkg/MdePkg.dec
+ SecurityPkg/SecurityPkg.dec
+
+[Guids]
+ gEfiCertPkcs7Guid
+ gEfiCertSha256Guid
+ gEfiCertX509Guid
+ gEfiCustomModeEnableGuid
+ gEfiGlobalVariableGuid
+ gEfiImageSecurityDatabaseGuid
+ gEfiSecureBootEnableDisableGuid
+
+[Protocols]
+ gEfiSmbiosProtocolGuid ## CONSUMES
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ DebugLib
+ MemoryAllocationLib
+ PrintLib
+ UefiApplicationEntryPoint
+ UefiBootServicesTableLib
+ UefiLib
+ UefiRuntimeServicesTableLib
+ SecureBootVariableLib
diff --git a/SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c b/SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c
new file mode 100644
index 0000000000..1907ce1d4e
--- /dev/null
+++ b/SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c
@@ -0,0 +1,107 @@
+/** @file
+ Enroll default PK, KEK, db, dbx.
+
+Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>
+Copyright (c) 2021, Semihalf All rights reserved.<BR>
+
+SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#include <Guid/AuthenticatedVariableFormat.h> // gEfiCustomModeEnableGuid
+#include <Guid/GlobalVariable.h> // EFI_SETUP_MODE_NAME
+#include <Guid/ImageAuthentication.h> // EFI_IMAGE_SECURITY_DATABASE
+#include <Library/BaseLib.h> // GUID_STRING_LENGTH
+#include <Library/BaseMemoryLib.h> // CopyGuid()
+#include <Library/DebugLib.h> // ASSERT()
+#include <Library/MemoryAllocationLib.h> // FreePool()
+#include <Library/PrintLib.h> // AsciiSPrint()
+#include <Library/UefiBootServicesTableLib.h> // gBS
+#include <Library/UefiLib.h> // AsciiPrint()
+#include <Library/UefiRuntimeServicesTableLib.h> // gRT
+#include <Uefi/UefiMultiPhase.h>
+#include <Library/SecureBootVariableLib.h>
+
+#define FAIL(fmt...) AsciiPrint("EnrollFromDefaultKeysApp: " fmt)
+
+/**
+ Entry point function of this shell application.
+**/
+EFI_STATUS
+EFIAPI
+UefiMain (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+ UINT8 SetupMode;
+
+ Status = GetSetupMode (&SetupMode);
+ if (EFI_ERROR (Status)) {
+ FAIL ("Cannot get SetupMode variable: %r\n", Status);
+ return 1;
+ }
+
+ if (SetupMode == USER_MODE) {
+ FAIL ("Skipped - USER_MODE\n");
+ return 1;
+ }
+
+ Status = SetSecureBootMode (CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ FAIL ("Cannot set CUSTOM_SECURE_BOOT_MODE: %r\n", Status);
+ return 1;
+ }
+
+ Status = EnrollDbFromDefault ();
+ if (EFI_ERROR (Status)) {
+ FAIL ("Cannot enroll db: %r\n", Status);
+ goto error;
+ }
+
+ Status = EnrollDbxFromDefault ();
+ if (EFI_ERROR (Status)) {
+ FAIL ("Cannot enroll dbt: %r\n", Status);
+ }
+
+ Status = EnrollDbtFromDefault ();
+ if (EFI_ERROR (Status)) {
+ FAIL ("Cannot enroll dbx: %r\n", Status);
+ }
+
+ Status = EnrollKEKFromDefault ();
+ if (EFI_ERROR (Status)) {
+ FAIL ("Cannot enroll KEK: %r\n", Status);
+ goto cleardbs;
+ }
+
+ Status = EnrollPKFromDefault ();
+ if (EFI_ERROR (Status)) {
+ FAIL ("Cannot enroll PK: %r\n", Status);
+ goto clearKEK;
+ }
+
+ Status = SetSecureBootMode (STANDARD_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ FAIL ("Cannot set CustomMode to STANDARD_SECURE_BOOT_MODE\n"
+ "Please do it manually, otherwise system can be easily compromised\n");
+ }
+ return 0;
+
+clearKEK:
+ DeleteKEK ();
+
+cleardbs:
+ DeleteDbt ();
+ DeleteDbx ();
+ DeleteDb ();
+
+error:
+ Status = SetSecureBootMode (STANDARD_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ FAIL ("Cannot set CustomMode to STANDARD_SECURE_BOOT_MODE\n"
+ "Please do it manually, otherwise system can be easily compromised\n");
+ }
+
+ return 1;
+}
--
2.25.1


[PATCH v2 3/6] SecurityPkg: Add SecureBootDefaultKeysDxe driver

Grzegorz Bernacki
 

This driver initializes default Secure Boot keys and databases
based on keys embedded in flash.

Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com>
---
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf | 46 +++++++++++++
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.c | 69 ++++++++++++++++++++
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.uni | 17 +++++
3 files changed, 132 insertions(+)
create mode 100644 SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf
create mode 100644 SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.c
create mode 100644 SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.uni

diff --git a/SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf b/SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf
new file mode 100644
index 0000000000..27345eab2e
--- /dev/null
+++ b/SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf
@@ -0,0 +1,46 @@
+## @file
+# Initializes Secure Boot default keys
+#
+# Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>
+# Copyright (c) 2021, Semihalf All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = SecureBootDefaultKeysDxe
+ FILE_GUID = C937FCB7-25AC-4376-89A2-4EA8B317DE83
+ MODULE_TYPE = DXE_DRIVER
+ ENTRY_POINT = SecureBootDefaultKeysEntryPoint
+
+#
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+#
+[Sources]
+ SecureBootDefaultKeysDxe.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ SecurityPkg/SecurityPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ MemoryAllocationLib
+ UefiDriverEntryPoint
+ DebugLib
+ SecureBootVariableLib
+
+[Guids]
+ ## SOMETIMES_PRODUCES ## Variable:L"PKDefault"
+ ## SOMETIMES_PRODUCES ## Variable:L"KEKDefault"
+ ## SOMETIMES_PRODUCES ## Variable:L"dbDefault"
+ ## SOMETIMES_PRODUCES ## Variable:L"dbtDefault"
+ ## SOMETIMES_PRODUCES ## Variable:L"dbxDefault"
+ gEfiGlobalVariableGuid
+
+[Depex]
+ gEfiVariableArchProtocolGuid AND
+ gEfiVariableWriteArchProtocolGuid
+
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.c b/SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.c
new file mode 100644
index 0000000000..0928489e15
--- /dev/null
+++ b/SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.c
@@ -0,0 +1,69 @@
+/** @file
+ This driver init default Secure Boot variables
+
+Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>
+Copyright (c) 2021, Semihalf All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+#include <Guid/AuthenticatedVariableFormat.h>
+#include <Guid/ImageAuthentication.h>
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/SecureBootVariableLib.h>
+
+/**
+ The entry point for SecureBootDefaultKeys driver.
+
+ @param[in] ImageHandle The image handle of the driver.
+ @param[in] SystemTable The system table.
+
+ @retval EFI_ALREADY_STARTED The driver already exists in system.
+ @retval EFI_OUT_OF_RESOURCES Fail to execute entry point due to lack of resources.
+ @retval EFI_SUCCESS All the related protocols are installed on the driver.
+ @retval Others Fail to get the SecureBootEnable variable.
+
+**/
+EFI_STATUS
+EFIAPI
+SecureBootDefaultKeysEntryPoint (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ Status = SecureBootInitPKDefault ();
+ if (EFI_ERROR (Status)) {
+ DEBUG((DEBUG_ERROR, "%a: Cannot initialize PKDefault: %r\n", __FUNCTION__, Status));
+ return Status;
+ }
+
+ Status = SecureBootInitKEKDefault ();
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: Cannot initialize KEKDefault: %r\n", __FUNCTION__, Status));
+ return Status;
+ }
+ Status = SecureBootInitdbDefault ();
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbDefault: %r\n", __FUNCTION__, Status));
+ return Status;
+ }
+
+ Status = SecureBootInitdbtDefault ();
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_INFO, "%a: dbtDefault not initialized\n", __FUNCTION__));
+ }
+
+ Status = SecureBootInitdbxDefault ();
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_INFO, "%a: dbxDefault not initialized\n", __FUNCTION__));
+ }
+
+ return Status;
+}
+
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.uni b/SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.uni
new file mode 100644
index 0000000000..30f03aee5d
--- /dev/null
+++ b/SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.uni
@@ -0,0 +1,17 @@
+// /** @file
+// Provides the capability to intialize Secure Boot default variables
+//
+// Module which initializes Secure boot default variables.
+//
+// Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>
+// Copyright (c) 2021, Semihalf All rights reserved.<BR>
+//
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT #language en-US "Module which initializes Secure boot default variables"
+
+#string STR_MODULE_DESCRIPTION #language en-US "This module reads embedded keys and initializes Secure Boot default variables."
+
--
2.25.1


[PATCH v2 1/6] SecurityPkg: Create library for setting Secure Boot variables.

Grzegorz Bernacki
 

This commits add library, which consist functions related
creation/removal Secure Boot variables. Some of the functions
was moved from SecureBootConfigImpl.c file.

Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com>
---
SecurityPkg/SecurityPkg.dsc | 1 +
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf | 79 ++
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf | 1 +
SecurityPkg/Include/Library/SecureBootVariableLib.h | 252 +++++
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c | 979 ++++++++++++++++++++
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c | 189 +---
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni | 16 +
7 files changed, 1329 insertions(+), 188 deletions(-)
create mode 100644 SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
create mode 100644 SecurityPkg/Include/Library/SecureBootVariableLib.h
create mode 100644 SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c
create mode 100644 SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni

diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index bd4b810bce..854f250625 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -70,6 +70,7 @@
RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.inf
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
+ SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf

[LibraryClasses.ARM]
#
diff --git a/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf b/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
new file mode 100644
index 0000000000..84367841d5
--- /dev/null
+++ b/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
@@ -0,0 +1,79 @@
+## @file
+# Provides initialization of Secure Boot keys and databases.
+#
+# Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>
+# Copyright (c) 2021, Semihalf All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = SecureBootVariableLib
+ MODULE_UNI_FILE = SecureBootVariableLib.uni
+ FILE_GUID = D4FFF5CA-6D8E-4DBD-8A4B-7C7CEBD97F6F
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = SecureBootVariableLib|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_APPLICATION
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
+#
+
+[Sources]
+ SecureBootVariableLib.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ SecurityPkg/SecurityPkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ DebugLib
+ MemoryAllocationLib
+ BaseCryptLib
+ DxeServicesLib
+
+[Guids]
+ ## CONSUMES ## Variable:L"SetupMode"
+ ## PRODUCES ## Variable:L"SetupMode"
+ ## CONSUMES ## Variable:L"SecureBoot"
+ ## PRODUCES ## Variable:L"SecureBoot"
+ ## PRODUCES ## Variable:L"PK"
+ ## PRODUCES ## Variable:L"KEK"
+ ## CONSUMES ## Variable:L"PKDefault"
+ ## CONSUMES ## Variable:L"KEKDefault"
+ ## CONSUMES ## Variable:L"dbDefault"
+ ## CONSUMES ## Variable:L"dbxDefault"
+ ## CONSUMES ## Variable:L"dbtDefault"
+ gEfiGlobalVariableGuid
+
+ ## SOMETIMES_CONSUMES ## Variable:L"DB"
+ ## SOMETIMES_CONSUMES ## Variable:L"DBX"
+ ## SOMETIMES_CONSUMES ## Variable:L"DBT"
+ gEfiImageSecurityDatabaseGuid
+
+ ## CONSUMES ## Variable:L"SecureBootEnable"
+ ## PRODUCES ## Variable:L"SecureBootEnable"
+ gEfiSecureBootEnableDisableGuid
+
+ ## CONSUMES ## Variable:L"CustomMode"
+ ## PRODUCES ## Variable:L"CustomMode"
+ gEfiCustomModeEnableGuid
+
+ gEfiCertTypeRsa2048Sha256Guid ## CONSUMES
+ gEfiCertX509Guid ## CONSUMES
+ gEfiCertPkcs7Guid ## CONSUMES
+
+ gDefaultPKFileGuid
+ gDefaultKEKFileGuid
+ gDefaultdbFileGuid
+ gDefaultdbxFileGuid
+ gDefaultdbtFileGuid
+
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
index 573efa6379..30d9cd8025 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
@@ -54,6 +54,7 @@
DevicePathLib
FileExplorerLib
PeCoffLib
+ SecureBootVariableLib

[Guids]
## SOMETIMES_CONSUMES ## Variable:L"CustomMode"
diff --git a/SecurityPkg/Include/Library/SecureBootVariableLib.h b/SecurityPkg/Include/Library/SecureBootVariableLib.h
new file mode 100644
index 0000000000..2961c93a36
--- /dev/null
+++ b/SecurityPkg/Include/Library/SecureBootVariableLib.h
@@ -0,0 +1,252 @@
+/** @file
+ Provides a function to enroll keys based on default values.
+
+Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
+Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>
+Copyright (c) 2021, Semihalf All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __SECURE_BOOT_VARIABLE_LIB_H__
+#define __SECURE_BOOT_VARIABLE_LIB_H__
+
+/**
+
+ Set the platform secure boot mode into "Custom" or "Standard" mode.
+
+ @param[in] SecureBootMode New secure boot mode: STANDARD_SECURE_BOOT_MODE or
+ CUSTOM_SECURE_BOOT_MODE.
+
+ @return EFI_SUCCESS The platform has switched to the special mode successfully.
+ @return other Fail to operate the secure boot mode.
+
+--*/
+EFI_STATUS
+SetSecureBootMode (
+ IN UINT8 SecureBootMode
+);
+
+/**
+ Fetches the value of SetupMode variable.
+
+ @param[out] SetupMode Pointer to UINT8 for SetupMode output
+
+ @retval other Error codes from GetVariable.
+--*/
+BOOLEAN
+EFIAPI
+GetSetupMode (
+ OUT UINT8 *SetupMode
+);
+
+/**
+ Create a time based data payload by concatenating the EFI_VARIABLE_AUTHENTICATION_2
+ descriptor with the input data. NO authentication is required in this function.
+
+ @param[in, out] DataSize On input, the size of Data buffer in bytes.
+ On output, the size of data returned in Data
+ buffer in bytes.
+ @param[in, out] Data On input, Pointer to data buffer to be wrapped or
+ pointer to NULL to wrap an empty payload.
+ On output, Pointer to the new payload date buffer allocated from pool,
+ it's caller's responsibility to free the memory when finish using it.
+
+ @retval EFI_SUCCESS Create time based payload successfully.
+ @retval EFI_OUT_OF_RESOURCES There are not enough memory resources to create time based payload.
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.
+ @retval Others Unexpected error happens.
+
+--*/
+EFI_STATUS
+CreateTimeBasedPayload (
+ IN OUT UINTN *DataSize,
+ IN OUT UINT8 **Data
+);
+
+/**
+ Sets the content of the 'db' variable based on 'dbDefault' variable content.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2(), GetTime() and SetVariable()
+--*/
+EFI_STATUS
+EFIAPI
+EnrollDbFromDefault (
+ VOID
+);
+
+/**
+ Clears the content of the 'db' variable.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2(), GetTime() and SetVariable()
+--*/
+EFI_STATUS
+EFIAPI
+DeleteDb (
+ VOID
+);
+
+/**
+ Sets the content of the 'dbx' variable based on 'dbxDefault' variable content.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2(), GetTime() and SetVariable()
+--*/
+EFI_STATUS
+EFIAPI
+EnrollDbxFromDefault (
+ VOID
+);
+
+/**
+ Clears the content of the 'dbx' variable.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2(), GetTime() and SetVariable()
+--*/
+EFI_STATUS
+EFIAPI
+DeleteDbx (
+ VOID
+);
+
+/**
+ Sets the content of the 'dbt' variable based on 'dbtDefault' variable content.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2(), GetTime() and SetVariable()
+--*/
+EFI_STATUS
+EFIAPI
+EnrollDbtFromDefault (
+ VOID
+);
+
+/**
+ Clears the content of the 'dbt' variable.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2(), GetTime() and SetVariable()
+--*/
+EFI_STATUS
+EFIAPI
+DeleteDbt (
+ VOID
+);
+
+/**
+ Sets the content of the 'KEK' variable based on 'KEKDefault' variable content.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2(), GetTime() and SetVariable()
+--*/
+EFI_STATUS
+EFIAPI
+EnrollKEKFromDefault (
+ VOID
+);
+
+/**
+ Clears the content of the 'KEK' variable.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2(), GetTime() and SetVariable()
+--*/
+EFI_STATUS
+EFIAPI
+DeleteKEK (
+ VOID
+);
+
+/**
+ Sets the content of the 'PK' variable based on 'PKDefault' variable content.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2(), GetTime() and SetVariable()
+--*/
+EFI_STATUS
+EFIAPI
+EnrollPKFromDefault (
+ VOID
+);
+
+/**
+ Clears the content of the 'PK' variable.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2(), GetTime() and SetVariable()
+--*/
+EFI_STATUS
+EFIAPI
+DeletePlatformKey (
+ VOID
+);
+
+/** Initializes PKDefault variable with data from FFS section.
+
+
+ @retval EFI_SUCCESS Variable was initialized successfully.
+ @retval EFI_UNSUPPORTED Variable already exists.
+--*/
+EFI_STATUS
+SecureBootInitPKDefault (
+ IN VOID
+ );
+
+/** Initializes KEKDefault variable with data from FFS section.
+
+
+ @retval EFI_SUCCESS Variable was initialized successfully.
+ @retval EFI_UNSUPPORTED Variable already exists.
+--*/
+EFI_STATUS
+SecureBootInitKEKDefault (
+ IN VOID
+ );
+
+/** Initializes dbDefault variable with data from FFS section.
+
+
+ @retval EFI_SUCCESS Variable was initialized successfully.
+ @retval EFI_UNSUPPORTED Variable already exists.
+--*/
+EFI_STATUS
+SecureBootInitdbDefault (
+ IN VOID
+ );
+
+/** Initializes dbtDefault variable with data from FFS section.
+
+
+ @retval EFI_SUCCESS Variable was initialized successfully.
+ @retval EFI_UNSUPPORTED Variable already exists.
+--*/
+EFI_STATUS
+SecureBootInitdbtDefault (
+ IN VOID
+ );
+
+/** Initializes dbxDefault variable with data from FFS section.
+
+
+ @retval EFI_SUCCESS Variable was initialized successfully.
+ @retval EFI_UNSUPPORTED Variable already exists.
+--*/
+EFI_STATUS
+SecureBootInitdbxDefault (
+ IN VOID
+ );
+#endif
diff --git a/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c b/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c
new file mode 100644
index 0000000000..16bad5530a
--- /dev/null
+++ b/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c
@@ -0,0 +1,979 @@
+/** @file
+ This library provides functions to set/clear Secure Boot
+ keys and databases.
+
+Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
+Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>
+Copyright (c) 2021, Semihalf All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+#include <Guid/GlobalVariable.h>
+#include <Guid/AuthenticatedVariableFormat.h>
+#include <Guid/ImageAuthentication.h>
+#include <Library/BaseCryptLib.h>
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/UefiLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/SecureBootVariableLib.h>
+#include "Library/DxeServicesLib.h"
+
+/** Creates EFI Signature List structure.
+
+ @param[in] Data A pointer to signature data.
+ @param[in] Size Size of signature data.
+ @param[out] SigList Created Signature List.
+
+ @retval EFI_SUCCESS Signature List was created successfully.
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
+--*/
+STATIC
+EFI_STATUS
+CreateSigList (
+ IN VOID *Data,
+ IN UINTN Size,
+ OUT EFI_SIGNATURE_LIST **SigList
+ )
+{
+ UINTN SigListSize;
+ EFI_SIGNATURE_LIST *TmpSigList;
+ EFI_SIGNATURE_DATA *SigData;
+
+ //
+ // Allocate data for Signature Database
+ //
+ SigListSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + Size;
+ TmpSigList = (EFI_SIGNATURE_LIST *) AllocateZeroPool (SigListSize);
+ if (TmpSigList == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ //
+ // Only gEfiCertX509Guid type is supported
+ //
+ TmpSigList->SignatureListSize = (UINT32)SigListSize;
+ TmpSigList->SignatureSize = (UINT32) (sizeof (EFI_SIGNATURE_DATA) - 1 + Size);
+ TmpSigList->SignatureHeaderSize = 0;
+ CopyGuid (&TmpSigList->SignatureType, &gEfiCertX509Guid);
+
+ //
+ // Copy key data
+ //
+ SigData = (EFI_SIGNATURE_DATA *) (TmpSigList + 1);
+ CopyGuid (&SigData->SignatureOwner, &gEfiGlobalVariableGuid);
+ CopyMem (&SigData->SignatureData[0], Data, Size);
+
+ *SigList = TmpSigList;
+
+ return EFI_SUCCESS;
+}
+
+/** Adds new signature list to signature database.
+
+ @param[in] SigLists A pointer to signature database.
+ @param[in] SiglListAppend A signature list to be added.
+ @param[out] *SigListOut Created signature database.
+ @param[out] SigListsSize A size of created signature database.
+
+ @retval EFI_SUCCESS Signature List was added successfully.
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
+--*/
+STATIC
+EFI_STATUS
+ConcatenateSigList (
+ IN EFI_SIGNATURE_LIST *SigLists,
+ IN EFI_SIGNATURE_LIST *SigListAppend,
+ OUT EFI_SIGNATURE_LIST **SigListOut,
+ IN OUT UINTN *SigListsSize
+)
+{
+ EFI_SIGNATURE_LIST *TmpSigList;
+ UINT8 *Offset;
+ UINTN NewSigListsSize;
+
+ NewSigListsSize = *SigListsSize + SigListAppend->SignatureListSize;
+
+ TmpSigList = (EFI_SIGNATURE_LIST *) AllocateZeroPool (NewSigListsSize);
+ if (TmpSigList == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ CopyMem (TmpSigList, SigLists, *SigListsSize);
+
+ Offset = (UINT8 *)TmpSigList;
+ Offset += *SigListsSize;
+ CopyMem ((VOID *)Offset, SigListAppend, SigListAppend->SignatureListSize);
+
+ *SigListsSize = NewSigListsSize;
+ *SigListOut = TmpSigList;
+ return EFI_SUCCESS;
+}
+
+/**
+ Create a EFI Signature List with data fetched from section specified as a argument.
+ Found keys are verified using RsaGetPublicKeyFromX509().
+
+ @param[in] KeyFileGuid A pointer to to the FFS filename GUID
+ @param[out] SigListsSize A pointer to size of signature list
+ @param[out] SigListsOut a pointer to a callee-allocated buffer with signature lists
+
+ @retval EFI_SUCCESS Create time based payload successfully.
+ @retval EFI_NOT_FOUND Section with key has not been found.
+ @retval EFI_INVALID_PARAMETER Embedded key has a wrong format.
+ @retval Others Unexpected error happens.
+
+--*/
+STATIC
+EFI_STATUS
+SecureBootFetchData (
+ IN EFI_GUID *KeyFileGuid,
+ OUT UINTN *SigListsSize,
+ OUT EFI_SIGNATURE_LIST **SigListOut
+)
+{
+ EFI_SIGNATURE_LIST *EfiSig;
+ EFI_SIGNATURE_LIST *TmpEfiSig;
+ EFI_SIGNATURE_LIST *TmpEfiSig2;
+ EFI_STATUS Status;
+ VOID *Buffer;
+ VOID *RsaPubKey;
+ UINTN Size;
+ UINTN KeyIndex;
+
+
+ KeyIndex = 0;
+ EfiSig = NULL;
+ *SigListsSize = 0;
+ while (1) {
+ Status = GetSectionFromAnyFv (
+ KeyFileGuid,
+ EFI_SECTION_RAW,
+ KeyIndex,
+ &Buffer,
+ &Size
+ );
+
+ if (Status == EFI_SUCCESS) {
+ RsaPubKey = NULL;
+ if (RsaGetPublicKeyFromX509 (Buffer, Size, &RsaPubKey) == FALSE) {
+ DEBUG ((DEBUG_ERROR, "%a: Invalid key format: %d\n", __FUNCTION__, KeyIndex));
+ if (EfiSig != NULL) {
+ FreePool(EfiSig);
+ }
+ FreePool(Buffer);
+ return EFI_INVALID_PARAMETER;
+ }
+
+ Status = CreateSigList (Buffer, Size, &TmpEfiSig);
+
+ //
+ // Concatenate lists if more than one section found
+ //
+ if (KeyIndex == 0) {
+ EfiSig = TmpEfiSig;
+ *SigListsSize = TmpEfiSig->SignatureListSize;
+ } else {
+ ConcatenateSigList (EfiSig, TmpEfiSig, &TmpEfiSig2, SigListsSize);
+ FreePool (EfiSig);
+ FreePool (TmpEfiSig);
+ EfiSig = TmpEfiSig2;
+ }
+
+ KeyIndex++;
+ FreePool (Buffer);
+ } if (Status == EFI_NOT_FOUND) {
+ break;
+ }
+ };
+
+ if (KeyIndex == 0) {
+ return EFI_NOT_FOUND;
+ }
+
+ *SigListOut = EfiSig;
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Create a time based data payload by concatenating the EFI_VARIABLE_AUTHENTICATION_2
+ descriptor with the input data. NO authentication is required in this function.
+
+ @param[in, out] DataSize On input, the size of Data buffer in bytes.
+ On output, the size of data returned in Data
+ buffer in bytes.
+ @param[in, out] Data On input, Pointer to data buffer to be wrapped or
+ pointer to NULL to wrap an empty payload.
+ On output, Pointer to the new payload date buffer allocated from pool,
+ it's caller's responsibility to free the memory when finish using it.
+
+ @retval EFI_SUCCESS Create time based payload successfully.
+ @retval EFI_OUT_OF_RESOURCES There are not enough memory resources to create time based payload.
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.
+ @retval Others Unexpected error happens.
+
+--*/
+EFI_STATUS
+CreateTimeBasedPayload (
+ IN OUT UINTN *DataSize,
+ IN OUT UINT8 **Data
+ )
+{
+ EFI_STATUS Status;
+ UINT8 *NewData;
+ UINT8 *Payload;
+ UINTN PayloadSize;
+ EFI_VARIABLE_AUTHENTICATION_2 *DescriptorData;
+ UINTN DescriptorSize;
+ EFI_TIME Time;
+
+ if (Data == NULL || DataSize == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // In Setup mode or Custom mode, the variable does not need to be signed but the
+ // parameters to the SetVariable() call still need to be prepared as authenticated
+ // variable. So we create EFI_VARIABLE_AUTHENTICATED_2 descriptor without certificate
+ // data in it.
+ //
+ Payload = *Data;
+ PayloadSize = *DataSize;
+
+ DescriptorSize = OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
+ NewData = (UINT8*) AllocateZeroPool (DescriptorSize + PayloadSize);
+ if (NewData == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ if ((Payload != NULL) && (PayloadSize != 0)) {
+ CopyMem (NewData + DescriptorSize, Payload, PayloadSize);
+ }
+
+ DescriptorData = (EFI_VARIABLE_AUTHENTICATION_2 *) (NewData);
+
+ ZeroMem (&Time, sizeof (EFI_TIME));
+ Status = gRT->GetTime (&Time, NULL);
+ if (EFI_ERROR (Status)) {
+ FreePool(NewData);
+ return Status;
+ }
+ Time.Pad1 = 0;
+ Time.Nanosecond = 0;
+ Time.TimeZone = 0;
+ Time.Daylight = 0;
+ Time.Pad2 = 0;
+ CopyMem (&DescriptorData->TimeStamp, &Time, sizeof (EFI_TIME));
+
+ DescriptorData->AuthInfo.Hdr.dwLength = OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
+ DescriptorData->AuthInfo.Hdr.wRevision = 0x0200;
+ DescriptorData->AuthInfo.Hdr.wCertificateType = WIN_CERT_TYPE_EFI_GUID;
+ CopyGuid (&DescriptorData->AuthInfo.CertType, &gEfiCertPkcs7Guid);
+
+ if (Payload != NULL) {
+ FreePool(Payload);
+ }
+
+ *DataSize = DescriptorSize + PayloadSize;
+ *Data = NewData;
+ return EFI_SUCCESS;
+}
+
+/**
+ Internal helper function to delete a Variable given its name and GUID, NO authentication
+ required.
+
+ @param[in] VariableName Name of the Variable.
+ @param[in] VendorGuid GUID of the Variable.
+
+ @retval EFI_SUCCESS Variable deleted successfully.
+ @retval Others The driver failed to start the device.
+
+--*/
+EFI_STATUS
+DeleteVariable (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid
+ )
+{
+ EFI_STATUS Status;
+ VOID* Variable;
+ UINT8 *Data;
+ UINTN DataSize;
+ UINT32 Attr;
+
+ GetVariable2 (VariableName, VendorGuid, &Variable, NULL);
+ if (Variable == NULL) {
+ return EFI_SUCCESS;
+ }
+ FreePool (Variable);
+
+ Data = NULL;
+ DataSize = 0;
+ Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS
+ | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
+
+ Status = CreateTimeBasedPayload (&DataSize, &Data);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Fail to create time-based data payload: %r", Status));
+ return Status;
+ }
+
+ Status = gRT->SetVariable (
+ VariableName,
+ VendorGuid,
+ Attr,
+ DataSize,
+ Data
+ );
+ if (Data != NULL) {
+ FreePool (Data);
+ }
+ return Status;
+}
+
+/**
+
+ Set the platform secure boot mode into "Custom" or "Standard" mode.
+
+ @param[in] SecureBootMode New secure boot mode: STANDARD_SECURE_BOOT_MODE or
+ CUSTOM_SECURE_BOOT_MODE.
+
+ @return EFI_SUCCESS The platform has switched to the special mode successfully.
+ @return other Fail to operate the secure boot mode.
+
+--*/
+EFI_STATUS
+SetSecureBootMode (
+ IN UINT8 SecureBootMode
+ )
+{
+ return gRT->SetVariable (
+ EFI_CUSTOM_MODE_NAME,
+ &gEfiCustomModeEnableGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ sizeof (UINT8),
+ &SecureBootMode
+ );
+}
+
+
+/**
+ Enroll a key/certificate based on a default variable.
+
+ @param[in] VariableName The name of the key/database.
+ @param[in] DefaultName The name of the default variable.
+ @param[in] VendorGuid The namespace (ie. vendor GUID) of the variable
+
+
+ @retval EFI_OUT_OF_RESOURCES Out of memory while allocating AuthHeader.
+ @retval EFI_SUCCESS Successful enrollment.
+ @return Error codes from GetTime () and SetVariable ().
+--*/
+STATIC
+EFI_STATUS
+EnrollFromDefault (
+ IN CHAR16 *VariableName,
+ IN CHAR16 *DefaultName,
+ IN EFI_GUID *VendorGuid
+ )
+{
+ VOID *Data;
+ UINTN DataSize;
+ EFI_STATUS Status;
+
+ Status = EFI_SUCCESS;
+
+ DataSize = 0;
+ Status = GetVariable2 (DefaultName, &gEfiGlobalVariableGuid, &Data, &DataSize);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "error: GetVariable (\"%s): %r\n", DefaultName, Status));
+ return Status;
+ }
+
+ CreateTimeBasedPayload (&DataSize, (UINT8 **)&Data);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Fail to create time-based data payload: %r", Status));
+ return Status;
+ }
+
+ //
+ // Allocate memory for auth variable
+ //
+ Status = gRT->SetVariable (
+ VariableName,
+ VendorGuid,
+ (EFI_VARIABLE_NON_VOLATILE |
+ EFI_VARIABLE_BOOTSERVICE_ACCESS |
+ EFI_VARIABLE_RUNTIME_ACCESS |
+ EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS),
+ DataSize,
+ Data
+ );
+
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "error: %a (\"%s\", %g): %r\n", __FUNCTION__, VariableName,
+ VendorGuid, Status));
+ }
+
+ if (Data != NULL) {
+ FreePool (Data);
+ }
+
+ return Status;
+}
+
+/** Initializes PKDefault variable with data from FFS section.
+
+
+ @retval EFI_SUCCESS Variable was initialized successfully.
+ @retval EFI_UNSUPPORTED Variable already exists.
+--*/
+EFI_STATUS
+SecureBootInitPKDefault (
+ IN VOID
+ )
+{
+ EFI_SIGNATURE_LIST *EfiSig;
+ UINTN SigListsSize;
+ EFI_STATUS Status;
+ UINT8 *Data;
+ UINTN DataSize;
+
+ //
+ // Check if variable exists, if so do not change it
+ //
+ Status = GetVariable2 (EFI_PK_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
+ if (Status == EFI_SUCCESS) {
+ DEBUG ((DEBUG_INFO, "Variable %s exists. Old value is preserved\n", EFI_PK_DEFAULT_VARIABLE_NAME));
+ FreePool (Data);
+ return EFI_UNSUPPORTED;
+ }
+
+ if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
+ return Status;
+ }
+
+ //
+ // Variable does not exist, can be initialized
+ //
+ DEBUG ((DEBUG_INFO, "Variable %s does not exist.\n", EFI_PK_DEFAULT_VARIABLE_NAME));
+
+ Status = SecureBootFetchData (&gDefaultPKFileGuid, &SigListsSize, &EfiSig);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_INFO, "Content for %s not found\n", EFI_PK_DEFAULT_VARIABLE_NAME));
+ return Status;
+ }
+
+ Status = gRT->SetVariable (
+ EFI_PK_DEFAULT_VARIABLE_NAME,
+ &gEfiGlobalVariableGuid,
+ EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ SigListsSize,
+ (VOID *)EfiSig
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_INFO, "Failed to set %s\n", EFI_PK_DEFAULT_VARIABLE_NAME));
+ }
+
+ FreePool (EfiSig);
+
+ return Status;
+}
+
+/** Initializes KEKDefault variable with data from FFS section.
+
+
+ @retval EFI_SUCCESS Variable was initialized successfully.
+ @retval EFI_UNSUPPORTED Variable already exists.
+--*/
+EFI_STATUS
+SecureBootInitKEKDefault (
+ IN VOID
+ )
+{
+ EFI_SIGNATURE_LIST *EfiSig;
+ UINTN SigListsSize;
+ EFI_STATUS Status;
+ UINT8 *Data;
+ UINTN DataSize;
+
+ //
+ // Check if variable exists, if so do not change it
+ //
+ Status = GetVariable2 (EFI_KEK_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
+ if (Status == EFI_SUCCESS) {
+ DEBUG ((DEBUG_INFO, "Variable %s exists. Old value is preserved\n", EFI_KEK_DEFAULT_VARIABLE_NAME));
+ FreePool (Data);
+ return EFI_UNSUPPORTED;
+ }
+
+ if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
+ return Status;
+ }
+
+ //
+ // Variable does not exist, can be initialized
+ //
+ DEBUG ((DEBUG_INFO, "Variable %s does not exist.\n", EFI_KEK_DEFAULT_VARIABLE_NAME));
+
+ Status = SecureBootFetchData (&gDefaultKEKFileGuid, &SigListsSize, &EfiSig);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_INFO, "Content for %s not found\n", EFI_KEK_DEFAULT_VARIABLE_NAME));
+ return Status;
+ }
+
+
+ Status = gRT->SetVariable (
+ EFI_KEK_DEFAULT_VARIABLE_NAME,
+ &gEfiGlobalVariableGuid,
+ EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ SigListsSize,
+ (VOID *)EfiSig
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_INFO, "Failed to set %s\n", EFI_KEK_DEFAULT_VARIABLE_NAME));
+ }
+
+ FreePool (EfiSig);
+
+ return Status;
+}
+
+/** Initializes dbDefault variable with data from FFS section.
+
+
+ @retval EFI_SUCCESS Variable was initialized successfully.
+ @retval EFI_UNSUPPORTED Variable already exists.
+--*/
+EFI_STATUS
+SecureBootInitdbDefault (
+ IN VOID
+ )
+{
+ EFI_SIGNATURE_LIST *EfiSig;
+ UINTN SigListsSize;
+ EFI_STATUS Status;
+ UINT8 *Data;
+ UINTN DataSize;
+
+ Status = GetVariable2 (EFI_DB_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
+ if (Status == EFI_SUCCESS) {
+ DEBUG ((DEBUG_INFO, "Variable %s exists. Old value is preserved\n", EFI_DB_DEFAULT_VARIABLE_NAME));
+ FreePool (Data);
+ return EFI_UNSUPPORTED;
+ }
+
+ if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
+ return Status;
+ }
+
+ DEBUG ((DEBUG_INFO, "Variable %s does not exist.\n", EFI_DB_DEFAULT_VARIABLE_NAME));
+
+ Status = SecureBootFetchData (&gDefaultdbFileGuid, &SigListsSize, &EfiSig);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ Status = gRT->SetVariable (
+ EFI_DB_DEFAULT_VARIABLE_NAME,
+ &gEfiGlobalVariableGuid,
+ EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ SigListsSize,
+ (VOID *)EfiSig
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_INFO, "Failed to set %s\n", EFI_DB_DEFAULT_VARIABLE_NAME));
+ }
+
+ FreePool (EfiSig);
+
+ return Status;
+}
+
+/** Initializes dbxDefault variable with data from FFS section.
+
+
+ @retval EFI_SUCCESS Variable was initialized successfully.
+ @retval EFI_UNSUPPORTED Variable already exists.
+--*/
+EFI_STATUS
+SecureBootInitdbxDefault (
+ IN VOID
+ )
+{
+ EFI_SIGNATURE_LIST *EfiSig;
+ UINTN SigListsSize;
+ EFI_STATUS Status;
+ UINT8 *Data;
+ UINTN DataSize;
+
+ //
+ // Check if variable exists, if so do not change it
+ //
+ Status = GetVariable2 (EFI_DBX_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
+ if (Status == EFI_SUCCESS) {
+ DEBUG ((DEBUG_INFO, "Variable %s exists. Old value is preserved\n", EFI_DBX_DEFAULT_VARIABLE_NAME));
+ FreePool (Data);
+ return EFI_UNSUPPORTED;
+ }
+
+ if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
+ return Status;
+ }
+
+ //
+ // Variable does not exist, can be initialized
+ //
+ DEBUG ((DEBUG_INFO, "Variable %s does not exist.\n", EFI_DBX_DEFAULT_VARIABLE_NAME));
+
+ Status = SecureBootFetchData (&gDefaultdbxFileGuid, &SigListsSize, &EfiSig);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_INFO, "Content for %s not found\n", EFI_DBX_DEFAULT_VARIABLE_NAME));
+ return Status;
+ }
+
+ Status = gRT->SetVariable (
+ EFI_DBX_DEFAULT_VARIABLE_NAME,
+ &gEfiGlobalVariableGuid,
+ EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ SigListsSize,
+ (VOID *)EfiSig
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_INFO, "Failed to set %s\n", EFI_DBX_DEFAULT_VARIABLE_NAME));
+ }
+
+ FreePool (EfiSig);
+
+ return Status;
+}
+
+/** Initializes dbtDefault variable with data from FFS section.
+
+
+ @retval EFI_SUCCESS Variable was initialized successfully.
+ @retval EFI_UNSUPPORTED Variable already exists.
+--*/
+EFI_STATUS
+SecureBootInitdbtDefault (
+ IN VOID
+ )
+{
+ EFI_SIGNATURE_LIST *EfiSig;
+ UINTN SigListsSize;
+ EFI_STATUS Status;
+ UINT8 *Data;
+ UINTN DataSize;
+
+ //
+ // Check if variable exists, if so do not change it
+ //
+ Status = GetVariable2 (EFI_DBT_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
+ if (Status == EFI_SUCCESS) {
+ DEBUG ((DEBUG_INFO, "Variable %s exists. Old value is preserved\n", EFI_DBT_DEFAULT_VARIABLE_NAME));
+ FreePool (Data);
+ return EFI_UNSUPPORTED;
+ }
+
+ if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
+ return Status;
+ }
+
+ //
+ // Variable does not exist, can be initialized
+ //
+ DEBUG ((DEBUG_INFO, "Variable %s does not exist.\n", EFI_DBT_DEFAULT_VARIABLE_NAME));
+
+ Status = SecureBootFetchData (&gDefaultdbtFileGuid, &SigListsSize, &EfiSig);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ Status = gRT->SetVariable (
+ EFI_DBT_DEFAULT_VARIABLE_NAME,
+ &gEfiGlobalVariableGuid,
+ EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ SigListsSize,
+ (VOID *)EfiSig
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_INFO, "Failed to set %s\n", EFI_DBT_DEFAULT_VARIABLE_NAME));
+ }
+
+ FreePool (EfiSig);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Fetches the value of SetupMode variable.
+
+ @param[out] SetupMode Pointer to UINT8 for SetupMode output
+
+ @retval other Retval from GetVariable.
+--*/
+BOOLEAN
+EFIAPI
+GetSetupMode (
+ OUT UINT8 *SetupMode
+)
+{
+ UINTN Size;
+ EFI_STATUS Status;
+
+ Size = sizeof (*SetupMode);
+ Status = gRT->GetVariable (
+ EFI_SETUP_MODE_NAME,
+ &gEfiGlobalVariableGuid,
+ NULL,
+ &Size,
+ SetupMode
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Sets the content of the 'db' variable based on 'dbDefault' variable content.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2 (), GetTime () and SetVariable ()
+--*/
+EFI_STATUS
+EFIAPI
+EnrollDbFromDefault (
+ VOID
+)
+{
+ EFI_STATUS Status;
+
+ Status = EnrollFromDefault (
+ EFI_IMAGE_SECURITY_DATABASE,
+ EFI_DB_DEFAULT_VARIABLE_NAME,
+ &gEfiImageSecurityDatabaseGuid
+ );
+
+ return Status;
+}
+
+/**
+ Clears the content of the 'db' variable.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2 (), GetTime () and SetVariable ()
+--*/
+EFI_STATUS
+EFIAPI
+DeleteDb (
+ VOID
+)
+{
+ EFI_STATUS Status;
+
+ Status = DeleteVariable (
+ EFI_IMAGE_SECURITY_DATABASE,
+ &gEfiImageSecurityDatabaseGuid
+ );
+
+ return Status;
+}
+
+/**
+ Sets the content of the 'dbx' variable based on 'dbxDefault' variable content.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2 (), GetTime () and SetVariable ()
+--*/
+EFI_STATUS
+EFIAPI
+EnrollDbxFromDefault (
+ VOID
+)
+{
+ EFI_STATUS Status;
+
+ Status = EnrollFromDefault (
+ EFI_IMAGE_SECURITY_DATABASE1,
+ EFI_DBX_DEFAULT_VARIABLE_NAME,
+ &gEfiImageSecurityDatabaseGuid
+ );
+
+ return Status;
+}
+
+/**
+ Clears the content of the 'dbx' variable.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2 (), GetTime () and SetVariable ()
+--*/
+EFI_STATUS
+EFIAPI
+DeleteDbx (
+ VOID
+)
+{
+ EFI_STATUS Status;
+
+ Status = DeleteVariable (
+ EFI_IMAGE_SECURITY_DATABASE1,
+ &gEfiImageSecurityDatabaseGuid
+ );
+
+ return Status;
+}
+
+/**
+ Sets the content of the 'dbt' variable based on 'dbtDefault' variable content.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2 (), GetTime () and SetVariable ()
+--*/
+EFI_STATUS
+EFIAPI
+EnrollDbtFromDefault (
+ VOID
+)
+{
+ EFI_STATUS Status;
+
+ Status = EnrollFromDefault (
+ EFI_IMAGE_SECURITY_DATABASE2,
+ EFI_DBT_DEFAULT_VARIABLE_NAME,
+ &gEfiImageSecurityDatabaseGuid);
+
+ return Status;
+}
+
+/**
+ Clears the content of the 'dbt' variable.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2 (), GetTime () and SetVariable ()
+--*/
+EFI_STATUS
+EFIAPI
+DeleteDbt (
+ VOID
+)
+{
+ EFI_STATUS Status;
+
+ Status = DeleteVariable (
+ EFI_IMAGE_SECURITY_DATABASE2,
+ &gEfiImageSecurityDatabaseGuid
+ );
+
+ return Status;
+}
+
+/**
+ Sets the content of the 'KEK' variable based on 'KEKDefault' variable content.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2 (), GetTime () and SetVariable ()
+--*/
+EFI_STATUS
+EFIAPI
+EnrollKEKFromDefault (
+ VOID
+)
+{
+ EFI_STATUS Status;
+
+ Status = EnrollFromDefault (
+ EFI_KEY_EXCHANGE_KEY_NAME,
+ EFI_KEK_DEFAULT_VARIABLE_NAME,
+ &gEfiGlobalVariableGuid
+ );
+
+ return Status;
+}
+
+/**
+ Clears the content of the 'KEK' variable.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2 (), GetTime () and SetVariable ()
+--*/
+EFI_STATUS
+EFIAPI
+DeleteKEK (
+ VOID
+)
+{
+ EFI_STATUS Status;
+
+ Status = DeleteVariable (
+ EFI_KEY_EXCHANGE_KEY_NAME,
+ &gEfiGlobalVariableGuid
+ );
+
+ return Status;
+}
+
+/**
+ Sets the content of the 'KEK' variable based on 'KEKDefault' variable content.
+
+ @retval EFI_OUT_OF_RESOURCES If memory allocation for EFI_VARIABLE_AUTHENTICATION_2 fails
+ while VendorGuid is NULL.
+ @retval other Errors from GetVariable2 (), GetTime () and SetVariable ()
+--*/
+EFI_STATUS
+EFIAPI
+EnrollPKFromDefault (
+ VOID
+)
+{
+ EFI_STATUS Status;
+
+ Status = EnrollFromDefault (
+ EFI_PLATFORM_KEY_NAME,
+ EFI_PK_DEFAULT_VARIABLE_NAME,
+ &gEfiGlobalVariableGuid
+ );
+
+ return Status;
+}
+
+/**
+ Remove the PK variable.
+
+ @retval EFI_SUCCESS Delete PK successfully.
+ @retval Others Could not allow to delete PK.
+
+--*/
+EFI_STATUS
+DeletePlatformKey (
+ VOID
+)
+{
+ EFI_STATUS Status;
+
+ Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ Status = DeleteVariable (
+ EFI_PLATFORM_KEY_NAME,
+ &gEfiGlobalVariableGuid
+ );
+ return Status;
+}
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
index e82bfe7757..67e5e594ed 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
@@ -9,6 +9,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent

#include "SecureBootConfigImpl.h"
#include <Library/BaseCryptLib.h>
+#include <Library/SecureBootVariableLib.h>

CHAR16 mSecureBootStorageName[] = L"SECUREBOOT_CONFIGURATION";

@@ -237,168 +238,6 @@ SaveSecureBootVariable (
return Status;
}

-/**
- Create a time based data payload by concatenating the EFI_VARIABLE_AUTHENTICATION_2
- descriptor with the input data. NO authentication is required in this function.
-
- @param[in, out] DataSize On input, the size of Data buffer in bytes.
- On output, the size of data returned in Data
- buffer in bytes.
- @param[in, out] Data On input, Pointer to data buffer to be wrapped or
- pointer to NULL to wrap an empty payload.
- On output, Pointer to the new payload date buffer allocated from pool,
- it's caller's responsibility to free the memory when finish using it.
-
- @retval EFI_SUCCESS Create time based payload successfully.
- @retval EFI_OUT_OF_RESOURCES There are not enough memory resources to create time based payload.
- @retval EFI_INVALID_PARAMETER The parameter is invalid.
- @retval Others Unexpected error happens.
-
-**/
-EFI_STATUS
-CreateTimeBasedPayload (
- IN OUT UINTN *DataSize,
- IN OUT UINT8 **Data
- )
-{
- EFI_STATUS Status;
- UINT8 *NewData;
- UINT8 *Payload;
- UINTN PayloadSize;
- EFI_VARIABLE_AUTHENTICATION_2 *DescriptorData;
- UINTN DescriptorSize;
- EFI_TIME Time;
-
- if (Data == NULL || DataSize == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // In Setup mode or Custom mode, the variable does not need to be signed but the
- // parameters to the SetVariable() call still need to be prepared as authenticated
- // variable. So we create EFI_VARIABLE_AUTHENTICATED_2 descriptor without certificate
- // data in it.
- //
- Payload = *Data;
- PayloadSize = *DataSize;
-
- DescriptorSize = OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
- NewData = (UINT8*) AllocateZeroPool (DescriptorSize + PayloadSize);
- if (NewData == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- if ((Payload != NULL) && (PayloadSize != 0)) {
- CopyMem (NewData + DescriptorSize, Payload, PayloadSize);
- }
-
- DescriptorData = (EFI_VARIABLE_AUTHENTICATION_2 *) (NewData);
-
- ZeroMem (&Time, sizeof (EFI_TIME));
- Status = gRT->GetTime (&Time, NULL);
- if (EFI_ERROR (Status)) {
- FreePool(NewData);
- return Status;
- }
- Time.Pad1 = 0;
- Time.Nanosecond = 0;
- Time.TimeZone = 0;
- Time.Daylight = 0;
- Time.Pad2 = 0;
- CopyMem (&DescriptorData->TimeStamp, &Time, sizeof (EFI_TIME));
-
- DescriptorData->AuthInfo.Hdr.dwLength = OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
- DescriptorData->AuthInfo.Hdr.wRevision = 0x0200;
- DescriptorData->AuthInfo.Hdr.wCertificateType = WIN_CERT_TYPE_EFI_GUID;
- CopyGuid (&DescriptorData->AuthInfo.CertType, &gEfiCertPkcs7Guid);
-
- if (Payload != NULL) {
- FreePool(Payload);
- }
-
- *DataSize = DescriptorSize + PayloadSize;
- *Data = NewData;
- return EFI_SUCCESS;
-}
-
-/**
- Internal helper function to delete a Variable given its name and GUID, NO authentication
- required.
-
- @param[in] VariableName Name of the Variable.
- @param[in] VendorGuid GUID of the Variable.
-
- @retval EFI_SUCCESS Variable deleted successfully.
- @retval Others The driver failed to start the device.
-
-**/
-EFI_STATUS
-DeleteVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid
- )
-{
- EFI_STATUS Status;
- VOID* Variable;
- UINT8 *Data;
- UINTN DataSize;
- UINT32 Attr;
-
- GetVariable2 (VariableName, VendorGuid, &Variable, NULL);
- if (Variable == NULL) {
- return EFI_SUCCESS;
- }
- FreePool (Variable);
-
- Data = NULL;
- DataSize = 0;
- Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS
- | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
-
- Status = CreateTimeBasedPayload (&DataSize, &Data);
- if (EFI_ERROR (Status)) {
- DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", Status));
- return Status;
- }
-
- Status = gRT->SetVariable (
- VariableName,
- VendorGuid,
- Attr,
- DataSize,
- Data
- );
- if (Data != NULL) {
- FreePool (Data);
- }
- return Status;
-}
-
-/**
-
- Set the platform secure boot mode into "Custom" or "Standard" mode.
-
- @param[in] SecureBootMode New secure boot mode: STANDARD_SECURE_BOOT_MODE or
- CUSTOM_SECURE_BOOT_MODE.
-
- @return EFI_SUCCESS The platform has switched to the special mode successfully.
- @return other Fail to operate the secure boot mode.
-
-**/
-EFI_STATUS
-SetSecureBootMode (
- IN UINT8 SecureBootMode
- )
-{
- return gRT->SetVariable (
- EFI_CUSTOM_MODE_NAME,
- &gEfiCustomModeEnableGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- sizeof (UINT8),
- &SecureBootMode
- );
-}
-
/**
This code checks if the encode type and key strength of X.509
certificate is qualified.
@@ -646,32 +485,6 @@ ON_EXIT:
return Status;
}

-/**
- Remove the PK variable.
-
- @retval EFI_SUCCESS Delete PK successfully.
- @retval Others Could not allow to delete PK.
-
-**/
-EFI_STATUS
-DeletePlatformKey (
- VOID
-)
-{
- EFI_STATUS Status;
-
- Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- Status = DeleteVariable (
- EFI_PLATFORM_KEY_NAME,
- &gEfiGlobalVariableGuid
- );
- return Status;
-}
-
/**
Enroll a new KEK item from public key storing file (*.pbk).

diff --git a/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni b/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni
new file mode 100644
index 0000000000..2c51e4db53
--- /dev/null
+++ b/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni
@@ -0,0 +1,16 @@
+// /** @file
+//
+// Provides initialization of Secure Boot keys and databases.
+//
+// Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>
+// Copyright (c) 2021, Semihalf All rights reserved.<BR>
+//
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT #language en-US "Provides function to initialize PK, KEK and databases based on default variables."
+
+#string STR_MODULE_DESCRIPTION #language en-US "Provides function to initialize PK, KEK and databases based on default variables."
+
--
2.25.1


[PATCH v2 2/6] SecurityPkg: Create include file for default key content.

Grzegorz Bernacki
 

This commits add file which can be included by platform Flash
Description File. It allows to specify certificate files, which
will be embedded into binary file. The content of these files
can be used to initialize Secure Boot default keys and databases.

Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com>
---
SecurityPkg/SecureBootDefaultKeys.fdf.inc | 62 ++++++++++++++++++++
1 file changed, 62 insertions(+)
create mode 100644 SecurityPkg/SecureBootDefaultKeys.fdf.inc

diff --git a/SecurityPkg/SecureBootDefaultKeys.fdf.inc b/SecurityPkg/SecureBootDefaultKeys.fdf.inc
new file mode 100644
index 0000000000..056586b204
--- /dev/null
+++ b/SecurityPkg/SecureBootDefaultKeys.fdf.inc
@@ -0,0 +1,62 @@
+
+!if $(DEFAULT_KEYS) == TRUE
+ FILE FREEFORM = 85254ea7-4759-4fc4-82d4-5eed5fb0a4a0 {
+ !ifdef $(PK_DEFAULT_FILE)
+ SECTION RAW = $(PK_DEFAULT_FILE)
+ !endif
+ SECTION UI = "PK Default"
+ }
+
+ FILE FREEFORM = 6f64916e-9f7a-4c35-b952-cd041efb05a3 {
+ !ifdef $(KEK_DEFAULT_FILE1)
+ SECTION RAW = $(KEK_DEFAULT_FILE1)
+ !endif
+ !ifdef $(KEK_DEFAULT_FILE2)
+ SECTION RAW = $(KEK_DEFAULT_FILE2)
+ !endif
+ !ifdef $(KEK_DEFAULT_FILE3)
+ SECTION RAW = $(KEK_DEFAULT_FILE3)
+ !endif
+ SECTION UI = "KEK Default"
+ }
+
+ FILE FREEFORM = c491d352-7623-4843-accc-2791a7574421 {
+ !ifdef $(DB_DEFAULT_FILE1)
+ SECTION RAW = $(DB_DEFAULT_FILE1)
+ !endif
+ !ifdef $(DB_DEFAULT_FILE2)
+ SECTION RAW = $(DB_DEFAULT_FILE2)
+ !endif
+ !ifdef $(DB_DEFAULT_FILE3)
+ SECTION RAW = $(DB_DEFAULT_FILE3)
+ !endif
+ SECTION UI = "DB Default"
+ }
+
+ FILE FREEFORM = 36c513ee-a338-4976-a0fb-6ddba3dafe87 {
+ !ifdef $(DBT_DEFAULT_FILE1)
+ SECTION RAW = $(DBT_DEFAULT_FILE1)
+ !endif
+ !ifdef $(DBT_DEFAULT_FILE2)
+ SECTION RAW = $(DBT_DEFAULT_FILE2)
+ !endif
+ !ifdef $(DBT_DEFAULT_FILE3)
+ SECTION RAW = $(DBT_DEFAULT_FILE3)
+ !endif
+ SECTION UI = "DBT Default"
+ }
+
+ FILE FREEFORM = 5740766a-718e-4dc0-9935-c36f7d3f884f {
+ !ifdef $(DBX_DEFAULT_FILE1)
+ SECTION RAW = $(DBX_DEFAULT_FILE1)
+ !endif
+ !ifdef $(DBX_DEFAULT_FILE2)
+ SECTION RAW = $(DBX_DEFAULT_FILE2)
+ !endif
+ !ifdef $(DBX_DEFAULT_FILE3)
+ SECTION RAW = $(DBX_DEFAULT_FILE3)
+ !endif
+ SECTION UI = "DBX Default"
+ }
+
+!endif
--
2.25.1


[edk2-platforms PATCH v2] Platform/RaspberryPi: Enable default Secure Boot variables initialization

Grzegorz Bernacki
 

This commit allows to initialize Secure Boot default key
and databases from data embedded in firmware binary.

Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com>
---
Platform/RaspberryPi/RPi4/RPi4.dsc | 5 ++++-
Platform/RaspberryPi/RPi4/RPi4.fdf | 2 ++
2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/Platform/RaspberryPi/RPi4/RPi4.dsc b/Platform/RaspberryPi/RPi4/RPi4.dsc
index d8c6fdd4bd..1fb4df0b81 100644
--- a/Platform/RaspberryPi/RPi4/RPi4.dsc
+++ b/Platform/RaspberryPi/RPi4/RPi4.dsc
@@ -164,7 +164,7 @@
!if $(SECURE_BOOT_ENABLE) == TRUE
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
-
+ SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
# re-use the UserPhysicalPresent() dummy implementation from the ovmf tree
PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
!else
@@ -217,6 +217,7 @@
MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
HiiLib|MdeModulePkg/Library/UefiHiiLib/UefiHiiLib.inf
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
+ ShellCEntryLib|ShellPkg/Library/UefiShellCEntryLib/UefiShellCEntryLib.inf
FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf

[LibraryClasses.common.UEFI_DRIVER]
@@ -612,6 +613,8 @@
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
}
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
+ SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf
+ SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf
!else
MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
!endif
diff --git a/Platform/RaspberryPi/RPi4/RPi4.fdf b/Platform/RaspberryPi/RPi4/RPi4.fdf
index 1e13909a57..0e43d24c7a 100644
--- a/Platform/RaspberryPi/RPi4/RPi4.fdf
+++ b/Platform/RaspberryPi/RPi4/RPi4.fdf
@@ -189,7 +189,9 @@ READ_LOCK_STATUS = TRUE
INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
!if $(SECURE_BOOT_ENABLE) == TRUE
+!include SecurityPkg/SecureBootDefaultKeys.fdf.inc
INF SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
+ INF SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf
!endif
INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
INF EmbeddedPkg/ResetRuntimeDxe/ResetRuntimeDxe.inf
--
2.25.1


[PATCH v2 0/6] Secure Boot default keys

Grzegorz Bernacki
 

This patchset adds support for initialization of default
Secure Boot variables based on keys content embedded in
flash binary. This feature is active only if Secure Boot
is enabled and DEFAULT_KEY is defined. The patchset
consist also application to enroll keys from default
variables and secure boot menu change to allow user
to reset key content to default values.
Discussion on design can be found at:
https://edk2.groups.io/g/rfc/topic/82139806#600

I also added patch for RPi4 which enables this feature for
that platform.

Changes since v1:
- change names:
SecBootVariableLib => SecureBootVariableLib
SecBootDefaultKeysDxe => SecureBootDefaultKeysDxe
SecEnrollDefaultKeysApp => EnrollFromDefaultKeysApp
- change name of function CheckSetupMode to GetSetupMode
- remove ShellPkg dependecy from EnrollFromDefaultKeysApp
- rebase to master

Grzegorz Bernacki (6):
[edk2]
SecurityPkg: Create library for setting Secure Boot variables.
SecurityPkg: Create include file for default key content.
SecurityPkg: Add SecureBootDefaultKeysDxe driver
SecurityPkg: Add EnrollFromDefaultKeys application.
SecurityPkg: Add new modules to Security package.
SecurityPkg: Add option to reset secure boot keys.
[edk2-platform]
Platform/RaspberryPi: Enable default Secure Boot variables initialization

SecurityPkg/SecurityPkg.dec | 14 +
SecurityPkg/SecurityPkg.dsc | 5 +
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf | 47 +
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf | 79 ++
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf | 2 +
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf | 46 +
SecurityPkg/Include/Library/SecureBootVariableLib.h | 252 +++++
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h | 2 +
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr | 6 +
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c | 107 +++
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c | 979 ++++++++++++++++++++
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c | 343 ++++---
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.c | 69 ++
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni | 16 +
SecurityPkg/SecureBootDefaultKeys.fdf.inc | 62 ++
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigStrings.uni | 4 +
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.uni | 17 +
17 files changed, 1862 insertions(+), 188 deletions(-)
create mode 100644 SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf
create mode 100644 SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
create mode 100644 SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf
create mode 100644 SecurityPkg/Include/Library/SecureBootVariableLib.h
create mode 100644 SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c
create mode 100644 SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c
create mode 100644 SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.c
create mode 100644 SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni
create mode 100644 SecurityPkg/SecureBootDefaultKeys.fdf.inc
create mode 100644 SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.uni

--
2.25.1


Re: [PATCH] OvmfPkg: Fix typo in README

Laszlo Ersek
 

On 05/29/21 23:34, KAAIRA GUPTA wrote:
Fix typographical error in the README by correcting the 'an' mistyped as
'and'.

Signed-off-by: Kaaira Gupta <kaaira7319@gmail.com>
---
OvmfPkg/README | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/README b/OvmfPkg/README
index 70f0c41526..8655de3eab 100644
--- a/OvmfPkg/README
+++ b/OvmfPkg/README
@@ -60,7 +60,7 @@ https://github.com/tianocore/tianocore.github.io/wiki/How%20to%20build%20OVMF
=== RUNNING OVMF on QEMU ===

* QEMU 0.12.2 or later is required.
-* Be sure to use qemu-system-x86_64, if you are using and X64 firmware.
+* Be sure to use qemu-system-x86_64, if you are using an X64 firmware.
(qemu-system-x86_64 works for the IA32 firmware as well, of course.)
* Use OVMF for QEMU firmware (3 options available)
- Option 1: QEMU 1.6 or newer; Use QEMU -pflash parameter
This patch is valid, but it will conflict with:

[edk2-devel] [PATCH 05/43] OvmfPkg/README: bump minimum QEMU version to 1.7.1, machine types to 1.7

https://edk2.groups.io/g/devel/message/75674
https://listman.redhat.com/archives/edk2-devel-archive/2021-May/msg00967.html
http://mid.mail-archive.com/20210526201446.12554-6-lersek@redhat.com

(And that patch was posted earlier than this patch.)

Please add yourself to the CC list on
<https://bugzilla.tianocore.org/show_bug.cgi?id=2122>, and when you see
that its status changes to RESOLVED|FIXED (implying that the
above-mentioned patch has been merged, as a part of its containing
series), then please rebase this patch, and repost it.

Thanks,
Laszlo


Re: [PATCH] Add missing EFIAPI to VirtioMmioSetQueueAddress

Laszlo Ersek
 

Hi Gerd,

On 05/28/21 16:16, Gerd Hoffmann wrote:
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDevice.h | 1 +
OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDeviceFunctions.c | 1 +
2 files changed, 2 insertions(+)
Thanks for the patch!

(1) Please write a non-empty commit message body. For example, "This
error was found while compiling VirtioMmioDeviceLib for X64 with the
GCC5 toolchain, where EFIAPI makes a difference."

(I had to verify that the actual protocol member function type,
VIRTIO_SET_QUEUE_ADDRESS [OvmfPkg/Include/Protocol/VirtioDevice.h], did
spell out EFIAPI.)

(2) The patch contains some CRLF issues; please consider running
"BaseTools/Scripts/SetupGit.py" in your clone. Two things could be
missing in particular:

- the "8bit" (or even "base64") value for "sendemail.transferEncoding",
- the "cr-at-eol" value for "core.whitespace".

Thanks!
Laszlo


diff --git a/OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDevice.h b/OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDevice.h
index 785876c75f82..ab53b90d51c9 100644
--- a/OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDevice.h
+++ b/OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDevice.h
@@ -107,6 +107,7 @@ VirtioMmioSetQueueSel (
);



EFI_STATUS

+EFIAPI

VirtioMmioSetQueueAddress (

IN VIRTIO_DEVICE_PROTOCOL *This,

IN VRING *Ring,

diff --git a/OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDeviceFunctions.c b/OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDeviceFunctions.c
index 454f008827be..b0d75fb1dd24 100644
--- a/OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDeviceFunctions.c
+++ b/OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDeviceFunctions.c
@@ -173,6 +173,7 @@ VirtioMmioSetQueueSel (
}



EFI_STATUS

+EFIAPI

VirtioMmioSetQueueAddress (

IN VIRTIO_DEVICE_PROTOCOL *This,

IN VRING *Ring,


Re: [PATCH v1] OvmfPkg: Add build options for 8MB and 16MB X64 OVMF images

Laszlo Ersek
 

On 05/28/21 15:33, Brian J. Johnson wrote:
On 5/27/21 5:12 AM, Laszlo Ersek wrote:
On 05/26/21 19:08, Devon Bautista wrote:
Currently, the largest volume size for building OVMF images is 4MB. With
the growth of the Linuxboot project, maintainers have had to maintain a
fork containing this patch which allows larger image sizes in order for
Linuxboot developers/users to have enough space to experiment with
and test including their own Linux kernel in the DXE section of OVMF
firmware. Testing using OVMF is valuable since it allows testing in QEMU
and thus does not require any hardware to do so.

This patch allows specifying '-D FD_SIZE_8MB' or '-D FD_SIZE_16MB' to
the OVMF build script in order to add the ability to build 8MB or 16MB
x86_64 (X64) OVMF images, respectively.

Signed-off-by: Devon Bautista <dbautista@newmexicoconsortium.org>
---
  OvmfPkg/OvmfPkgDefines.fdf.inc | 34 ++++++++++++++++++++++++++++++++++
  OvmfPkg/OvmfPkgX64.dsc         | 10 +++++++++-
  OvmfPkg/VarStore.fdf.inc       | 16 ++++++++--------
  3 files changed, 51 insertions(+), 9 deletions(-)
(4) Dumping a bunch of magic numbers on reviewers is unhelpful. I'll
need to sit down with a calculator and go through the patch with a
magnifying glass. Please support that work by creating a commit message
(summary table) similar to the one in commit b24fca05751f ("OvmfPkg:
introduce 4MB flash image (mainly) for Windows HCK", 2017-05-05).
I've found it very helpful to create a spreadsheet to calculate the
offsets based on the region sizes, and add it to the tree.  It can also
calculate the related PCDs, if any.  That makes it a lot easier to
verify the numbers, and to make changes in the future.
This sounds really nice -- I'd appreciate such a spreadsheet in the
OvmfPkg directory tree somewhere. My concern is that most (all?)
spreadsheet formats are compressed archives one way or another (ZIP
archives of multiple files, or gzipped XML files, or some such), and
such formats are not nice to track in git. I'd like a (structured)
plaintext representation of the spreadsheet to live in edk2 git. Same as
we prefer plaintext SVG files for graphics / diagrams in edk2, to my
knowledge.

Thanks!
Laszlo


Re: [PATCH v1 0/8] Measured SEV boot with kernel/initrd/cmdline

Laszlo Ersek
 

Ard,

I'll have a specific question for you below; please feel free to jump
forward (search for your name). Thanks.

Dov, my comments below:

On 05/25/21 07:31, Dov Murik wrote:
Booting with SEV prevented the loading of kernel, initrd, and kernel
command-line via QEMU fw_cfg interface because they arrive from the VMM
which is untrusted in SEV.

However, in some cases the kernel, initrd, and cmdline are not secret
but should not be modified by the host. In such a case, we want to
verify inside the trusted VM that the kernel, initrd, and cmdline are
indeed the ones expected by the Guest Owner, and only if that is the
case go on and boot them up (removing the need for grub inside OVMF in
that mode).

This patch series declares a new page in MEMFD which will contain the
hashes of these three blobs (kernel, initrd, cmdline), each under its
own GUID entry. This tables of hashes is populated by QEMU before
launch, and encrypted as part of the initial VM memory; this makes sure
theses hashes are part of the SEV measurement (which has to be approved
by the Guest Owner for secret injection, for example). Note that this
requires a new QEMU patch which will be submitted soon.

OVMF parses the table of hashes populated by QEMU (patch 5), and as it
reads the fw_cfg blobs from QEMU, it will verify each one against the
expected hash (kernel and initrd verifiers are introduced in patch 6,
and command-line verifier is introduced in patches 7+8). This is all
done inside the trusted VM context. If all the hashes are correct, boot
of the kernel is allowed to continue.

Any attempt by QEMU to modify the kernel, initrd, cmdline (including
dropping one of them), or to modify the OVMF code that verifies those
hashes, will cause the initial SEV measurement to change and therefore
will be detectable by the Guest Owner during launch before secret
injection.
Please catch the error in my reasoning below.

The goal is for the guest firmware to ensure the authenticity
(integrity) of kernel, initrd, cmdline.

This is not really different from a normal Secure Boot setup, where the
guest firmware verifies the kernel image (presented as a UEFI
application, i.e. with the UEFI stub). It is up to the kernel to verify
the integrity of the initrd. The command line is not particularly
verified (as far as I know?), but if that's a problem, it should be
solved even for bare metal Secure Boot use cases. (Because, if the
"root" user is compromised on a running Linux system, they can modify
the kernel params for next boot in the grub config.)

The AmdSevX64 platform uses a unified firmware image (executable +
varstore are presented as one blob, no separate CODE and VARS). There is
one pflash chip, and the initial guest-owner-side measurement covers the
whole blob, including the varstore.

This suggests that the guest owner could boot the unified firmware image
in a trusted guest environment first, and use UEFI-level tools to enroll
various SB certificates. Then this modified image would be deployed
every time to the untrusted cloud.

The AmdSevX64 platform could adopt a PlatformBootManagerLib instance
where the TryRunningQemuKernel() call is reinstated, backed by the usual
QemuLoadImageLib class APIs QemuLoadKernelImage() and
QemuStartKernelImage().

edk2 offers two QemuLoadImageLib instances, GenericQemuLoadImageLib and
X86QemuLoadImageLib. The former strictly enforces SB verification. That
was in fact a *problem* for the traditional OvmfPkg platforms; please
refer to commit 82808b422617 ("Revert "OvmfPkg: use generic QEMU image
loader for secure boot enabled ..."", 2020-06-16). But the same rigor
seems just right here, for the AmdSevX64 platform.

Where I see a gap in all this myself -- and of course there could be
plenty other gaps that I just don't see -- is the varstore's protection
from the hypervisor, once the guest is up and running. Can we discuss
that perhaps?

If necessary, we could perhaps rework the AmdSevX64 platform to drop the
pflash-backed variable driver stack, and use in-RAM (memory-only)
variable emulation. Actual persistence / non-volatility of UEFI
variables may not really be relevant for the remotely attested platform,
but keeping all the variables in RAM would subject the varstore to
memory encryption / protection. And perhaps we could integrate the
enrollment of SB certificates into the *code* part of the firmware, with
gRT->SetVariable() calls. (Normally this would be absolutely horrible,
but for the remotely attested platform, anything goes.)

I simply dislike adding brand new code for a use case which at least
*appears* to significantly overlap with that of Secure Boot. Secure Boot
is about image verification, and it's rooted in tamper-resistant storage
of certificates and/or image hashes. If we can figure out "tamper
resistant" in the current context, we could perhaps reuse much of the
existent SB infrastructure.

----*----

Considering the particular approach in this set:

- To reiterate Brijesh's point, I feel a new MEMFD page is wasteful. If
we really need the MEMFD approach, I'd *really* like us to extend one of
the existent structures. If necessary, introduce a new GUID, for a table
that contains both previously injected data, and the new data. If all
that's impossible or too awkward, please document why.

- Modifying the QemuFwCfgLib class for this purpose is inappropriate.
Even if we do our own home-brewed verifier, none of it must go into
QemuFwCfgLib class. QemuFwCfgLib is for transport.

[Ard, please see this one question:]

- A major complication for hashing all three of: kernel, initrd,
cmdline, is that the *fetching* of this triplet is split between two
places. (Well, it is split between *three* places in fact, but I'm going
to ignore LinuxInitrdDynamicShellCommand for now, because the AmdSevX64
platform sets BUILD_SHELL to FALSE for production.)

The kernel and the initrd are fetched in QemuKernelLoaderFsDxe, but the
command line is fetched in (both) QemuLoadImageLib instances. This
requires that all these modules be littered with hashing as well, which
I find *really bad*. Even if we factor out the actual logic, I strongly
dislike having *just hooks* for hashing in multiple modules.

Now, please refer to efc52d67e157 ("OvmfPkg/QemuKernelLoaderFsDxe: don't
expose kernel command line", 2020-03-05). If we first

(a) reverted that commit, and

(b) modified *both* QemuLoadImageLib instances, to load the kernel
command line from the *synthetic filesystem* (rather than directly from
fw_cfg),

then we could centralize the hashing to just QemuKernelLoaderFsDxe.

Ard -- what's your thought on this?


And then, we could eliminate the dynamic callback registration, plus the
separate SevFwCfgVerifier, SevHashFinderLib, and SevQemuLoadImageLib stuff.

We'd only need one new lib class, with *statically linked* hooks for
QemuKernelLoaderFsDxe, and two instances of this new class, a Null one,
and an actual (SEV hash verifier) one. The latter instance would locate
the hash values, calculate the fresh hashes, and perform the
comparisons. Only the AmdSevX64 platform would use the non-Null instance
of this library class.

(NB QemuKernelLoaderFsDxe is used by some ArmVirtPkg platforms, so
resolutions to the Null instance would be required there too.)

Thanks
Laszlo




Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ashish Kalra <ashish.kalra@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>

James Bottomley (8):
OvmfPkg/AmdSev/SecretDxe: fix header comment to generic naming
OvmfPkg: PlatformBootManagerLibGrub: Allow executing kernel via fw_cfg
OvmfPkg/AmdSev: add a page to the MEMFD for firmware config hashes
OvmfPkg/QemuKernelLoaderFsDxe: Add ability to verify loaded items
OvmfPkg/AmdSev: Add library to find encrypted hashes for the FwCfg
device
OvmfPkg/AmdSev: Add firmware file plugin to verifier
OvmfPkg: GenericQemuLoadImageLib: Allow verifying fw_cfg command line
OvmfPkg/AmdSev: add SevQemuLoadImageLib

OvmfPkg/OvmfPkg.dec | 10 ++
OvmfPkg/AmdSev/AmdSevX64.dsc | 9 +-
OvmfPkg/AmdSev/AmdSevX64.fdf | 3 +
OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.inf | 30 +++++
OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf | 34 ++++++
OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.inf | 30 +++++
OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf | 2 +
OvmfPkg/ResetVector/ResetVector.inf | 2 +
OvmfPkg/AmdSev/Include/Library/SevHashFinderLib.h | 47 ++++++++
OvmfPkg/Include/Library/QemuFwCfgLib.h | 35 ++++++
OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h | 11 ++
OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.c | 60 ++++++++++
OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c | 126 ++++++++++++++++++++
OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.c | 52 ++++++++
OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 2 +-
OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c | 29 +++++
OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c | 5 +
OvmfPkg/Library/PlatformBootManagerLibGrub/QemuKernel.c | 50 ++++++++
OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.c | 31 +++++
OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 20 ++++
OvmfPkg/ResetVector/ResetVector.nasmb | 2 +
21 files changed, 587 insertions(+), 3 deletions(-)
create mode 100644 OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.inf
create mode 100644 OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.inf
create mode 100644 OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.inf
create mode 100644 OvmfPkg/AmdSev/Include/Library/SevHashFinderLib.h
create mode 100644 OvmfPkg/AmdSev/Library/SevFwCfgVerifier/SevFwCfgVerifier.c
create mode 100644 OvmfPkg/AmdSev/Library/SevHashFinderLib/SevHashFinderLib.c
create mode 100644 OvmfPkg/AmdSev/Library/SevQemuLoadImageLib/SevQemuLoadImageLib.c
create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/QemuKernel.c


Re: GSOC 2021 EXT4 driver Project

Michael Brown
 

On 28/05/2021 18:16, Pedro Falcato wrote:
2) Although I'd love to avoid journaling, which is a matter I'm not too familiar with, I'm not entirely sure what simplifications may be done because for one,
what happens if the power cuts during a write? It's unclear to me how a FW filesystem driver might work on a damaged filesystem like that, since it's not at all similar to an OS,
which usually can do some sort of 'fsck' invocation to repair a filesystem before it's mounted. Is the firmware essentially unable to boot to those partitions until
someone gets a recovery drive of some sort that has a 'fsck' on it? I hope the FAT32 code has some answers for me, but I haven't had the time to go look at it that closely just yet.
It might be that the chance of this happening is minimal, but that doesn't sit right with me.
I don't know the internals of Ext4 journalling well enough to comment in detail, but my guess is that you are likely to find that some aspects are required for correctness but some aspects are required only for fast write performance with multiple concurrent processes (which is completely irrelevant for boot firmware).

Also, one question: Does firmware code need the usual synchronization primitives (only spinlocks in this case, I would assume) or is it just assumed that it's a single threaded
environment? I know UEFI doesn't have threads but there are places in code that use things like EFI_MP_SERVICES, can the APs never touch certain code (like filesystem code, for example)?
UEFI is fundamentally single-process, single-threaded, and based on polling rather than interrupts. It is _almost_ a clean design in which code never needs to worry about locking or other forms of synchronization.

Unfortunately this design is compromised by the existence of UEFI timers. There is no way to hook in a useful hardware interrupt (e.g. for a NIC received packet), but there are timer interrupts that will fire at unpredictable times and can result in arbitrary callbacks being invoked.

This introduces a requirement for some kind of synchronization, which UEFI handles via RaiseTPL()/RestoreTPL(). You can use RaiseTPL() to effectively disable timer interrupts and thereby guarantee that your code will not be reentered.

There is essentially no formal specification of what code should be allowed to run at each TPL, so your only viable option is to dig through existing EDK2 implementations to infer the de facto requirements.

Michael


Re: [PATCH v2 1/1] UefiCpuPkg/CpuCommonFeaturesLib: Update processor location info

Laszlo Ersek
 

On 06/01/21 09:24, Daoxiang wrote:
From: Daoxiang Li <daoxiang.li@intel.com>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3424

Processor location information check needs to updated
When Core 0 is disabled

Signed-off-by: Daoxiang Li <daoxiang.li@intel.com>
CC: Eric Dong <eric.dong@intel.com>
CC: Ray Ni <ray.ni@intel.com>
CC: Laszlo Ersek <lersek@redhat.com>
CC: Rahul Kumar <rahul1.kumar@intel.com>
---
UefiCpuPkg/Library/CpuCommonFeaturesLib/C1e.c | 4 ++--
UefiCpuPkg/Library/CpuCommonFeaturesLib/MachineCheck.c | 4 ++--
UefiCpuPkg/Library/CpuCommonFeaturesLib/Ppin.c | 6 +++---
3 files changed, 7 insertions(+), 7 deletions(-)
I defer this to Eric, Ray, and Rahul.

Thanks
Laszlo


diff --git a/UefiCpuPkg/Library/CpuCommonFeaturesLib/C1e.c b/UefiCpuPkg/Library/CpuCommonFeaturesLib/C1e.c
index e6e5db75917c..c867802f0bb0 100644
--- a/UefiCpuPkg/Library/CpuCommonFeaturesLib/C1e.c
+++ b/UefiCpuPkg/Library/CpuCommonFeaturesLib/C1e.c
@@ -63,9 +63,9 @@ C1eInitialize (
{
//
// The scope of C1EEnable bit in the MSR_NEHALEM_POWER_CTL is Package, only program
- // MSR_FEATURE_CONFIG for thread 0 core 0 in each package.
+ // MSR_FEATURE_CONFIG once for each package.
//
- if ((CpuInfo->ProcessorInfo.Location.Thread != 0) || (CpuInfo->ProcessorInfo.Location.Core != 0)) {
+ if ((CpuInfo->First.Thread == 0) || (CpuInfo->First.Core == 0)) {
return RETURN_SUCCESS;
}

diff --git a/UefiCpuPkg/Library/CpuCommonFeaturesLib/MachineCheck.c b/UefiCpuPkg/Library/CpuCommonFeaturesLib/MachineCheck.c
index bb5d983d1f4b..a3a2861cee5b 100644
--- a/UefiCpuPkg/Library/CpuCommonFeaturesLib/MachineCheck.c
+++ b/UefiCpuPkg/Library/CpuCommonFeaturesLib/MachineCheck.c
@@ -152,10 +152,10 @@ McaInitialize (

//
// The scope of MSR_IA32_MC*_CTL/MSR_IA32_MC*_STATUS is package for below processor type, only program
- // MSR_IA32_MC*_CTL/MSR_IA32_MC*_STATUS for thread 0 core 0 in each package.
+ // MSR_IA32_MC*_CTL/MSR_IA32_MC*_STATUS once for each package.
//
if (IS_NEHALEM_PROCESSOR (CpuInfo->DisplayFamily, CpuInfo->DisplayModel)) {
- if ((CpuInfo->ProcessorInfo.Location.Thread != 0) || (CpuInfo->ProcessorInfo.Location.Core != 0)) {
+ if ((CpuInfo->First.Thread == 0) || (CpuInfo->First.Core == 0)) {
return RETURN_SUCCESS;
}
}
diff --git a/UefiCpuPkg/Library/CpuCommonFeaturesLib/Ppin.c b/UefiCpuPkg/Library/CpuCommonFeaturesLib/Ppin.c
index 8450c7ea3eaf..3c4c1bc706ba 100644
--- a/UefiCpuPkg/Library/CpuCommonFeaturesLib/Ppin.c
+++ b/UefiCpuPkg/Library/CpuCommonFeaturesLib/Ppin.c
@@ -130,10 +130,10 @@ PpinInitialize (
// Support function already check the processor which support PPIN feature, so this function not need
// to check the processor again.
//
- // The scope of the MSR_IVY_BRIDGE_PPIN_CTL is package level, only program MSR_IVY_BRIDGE_PPIN_CTL for
- // thread 0 core 0 in each package.
+ // The scope of the MSR_IVY_BRIDGE_PPIN_CTL is package level, only program MSR_IVY_BRIDGE_PPIN_CTL
+ // once for each package.
//
- if ((CpuInfo->ProcessorInfo.Location.Thread != 0) || (CpuInfo->ProcessorInfo.Location.Core != 0)) {
+ if ((CpuInfo->First.Thread == 0) || (CpuInfo->First.Core == 0)) {
return RETURN_SUCCESS;
}


Re: 回复: 回复: [edk2-devel] [PATCH v1 1/1] Add MemoryFence implementation for RiscV64

Laszlo Ersek
 

On 06/01/21 02:56, gaoliming wrote:
Seemly, Edk2\ArmVirtPkg\Library\QemuFwCfgLib\QemuFwCfgLib.inf is not arch
specific library. It can also be used in RISCV64.



Ard and Laszlo:

If ArmVirtPkg\Library\QemuFwCfgLib is arch generic, can it be moved from
ArmVirtPkg into OvmfPkg?
ArmVirtPkg/Library/QemuFwCfgLib is a QemuFwCfgLib instance that is
currently only used by the ArmVirtQemu and ArmVirtQemuKernel platforms.

It depends on the FDT_CLIENT_PROTOCOL, from "ArmVirtPkg/ArmVirtPkg.dec"
and "ArmVirtPkg/Include/Protocol/FdtClient.h", to locate the fw_cfg
device. The protocol is ArmVirtPkg specific. Due to the protocol depex,
the library is also DXE_DRIVER and UEFI_DRIVER only.

The library uses the MMIO data registers of the fw_cfg device by
default; if the DMA interface is supported, then it uses the DMA
interface. In both cases, some registers are accessed with 64-bit
accesses if MDE_CPU_AARCH64 is defined, and with 32-bit accesses otherwise.

I don't see how RISCV could reuse this library verbatim.

The linked patch at
<https://github.com/riscv/riscv-edk2/commit/8c7960ef860c65f2646912c3dccbb308a>
is a no-go; the MDE_CPU_RISCV64 macro has no place in an ArmVirtPkg library.

The library can be moved to the new directory

OvmfPkg/Library/DxeQemuFwCfgLibFdtMmio

(note the rename in the last pathname component), but it needs to be
done in multiple steps. The FDT protocol GUID and structure definition
has to be moved at first, separately from the library, and every move
operation (i.e., each one of the protocol move and the library muve)
must be implemented with *at least* three steps -- copy the original to
OvmfPkg (updating BASE_NAME at once), update DSC references under
ArmVirtPkg, remove the original under ArmVirtPkg. Only then can you add
customizations.

Regarding the processor type macros, I believe Mike recently introduced
ISA-independent macros, for expressing 64-bit vs. 32-bit. I'm not
exactly sure about the details, but I think we now have a macro under
MdePkg that says "64-bit processor" without having to state AARCH64 or
RISCV64.

Thanks
Laszlo





Thanks

Liming

发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Daniel Schaefer
发送时间: 2021年5月21日 20:46
收件人: devel@edk2.groups.io; gaoliming@byosoft.com.cn
抄送: Chang, Abner (HPS SW/FW Technologist) <abner.chang@hpe.com>; 'Michael
D Kinney' <michael.d.kinney@intel.com>; 'Zhiguang Liu'
<zhiguang.liu@intel.com>; 'Leif Lindholm' <leif@nuviainc.com>
主题: Re: 回复: [edk2-devel] [PATCH v1 1/1] Add MemoryFence implementation
for RiscV64



It's not required to go into that tag.

We need two more patches that we haven't submitted yet to boot on Qemu.



Would it be okay if we used a library from ArmVirtPkg for RISCV64?

See:
https://github.com/riscv/riscv-edk2/commit/8c7960ef860c65f2646912c3dccbb308a
98e0cc3

Or does it have to be moved to some other place first?

_____

From: devel@edk2.groups.io <mailto:devel@edk2.groups.io>
<devel@edk2.groups.io <mailto:devel@edk2.groups.io> > on behalf of gaoliming
<gaoliming@byosoft.com.cn <mailto:gaoliming@byosoft.com.cn> >
Sent: Friday, May 21, 2021 14:35
To: devel@edk2.groups.io <mailto:devel@edk2.groups.io>
<devel@edk2.groups.io <mailto:devel@edk2.groups.io> >; Schaefer, Daniel
<daniel.schaefer@hpe.com <mailto:daniel.schaefer@hpe.com> >
Cc: Chang, Abner (HPS SW/FW Technologist) <abner.chang@hpe.com
<mailto:abner.chang@hpe.com> >; 'Michael D Kinney'
<michael.d.kinney@intel.com <mailto:michael.d.kinney@intel.com> >; 'Zhiguang
Liu' <zhiguang.liu@intel.com <mailto:zhiguang.liu@intel.com> >; 'Leif
Lindholm' <leif@nuviainc.com <mailto:leif@nuviainc.com> >
Subject: 回复: 回复: [edk2-devel] [PATCH v1 1/1] Add MemoryFence
implementation for RiscV64



Daniel:

Thanks for your information. Acked-by: Liming Gao <gaoliming@byosoft.com.cn
<mailto:gaoliming@byosoft.com.cn> >



And, do you request to merge this patch for edk2 stable tag 202105?



Thanks

Liming

发件人: devel@edk2.groups.io <mailto:devel@edk2.groups.io>
<devel@edk2.groups.io <mailto:devel@edk2.groups.io> > 代表 Daniel Schaefer
发送时间: 2021年5月21日 13:27
收件人: devel@edk2.groups.io <mailto:devel@edk2.groups.io> ;
gaoliming@byosoft.com.cn <mailto:gaoliming@byosoft.com.cn>
抄送: Chang, Abner (HPS SW/FW Technologist) <abner.chang@hpe.com
<mailto:abner.chang@hpe.com> >; 'Michael D Kinney'
<michael.d.kinney@intel.com <mailto:michael.d.kinney@intel.com> >; 'Zhiguang
Liu' <zhiguang.liu@intel.com <mailto:zhiguang.liu@intel.com> >; 'Leif
Lindholm' <leif@nuviainc.com <mailto:leif@nuviainc.com> >
主题: Re: 回复: [edk2-devel] [PATCH v1 1/1] Add MemoryFence implementation
for RiscV64



Great!



It is verified I can boot Linux from a virtio ESP using this patch on QEMU
virt machine.

See:
https://github.com/riscv/riscv-edk2-platforms/runs/2618819010?check_suite_fo
cus=true



Thanks,

Daniel

_____

From: devel@edk2.groups.io <mailto:devel@edk2.groups.io>
<devel@edk2.groups.io <mailto:devel@edk2.groups.io> > on behalf of gaoliming
<gaoliming@byosoft.com.cn <mailto:gaoliming@byosoft.com.cn> >
Sent: Friday, May 21, 2021 13:14
To: devel@edk2.groups.io <mailto:devel@edk2.groups.io>
<devel@edk2.groups.io <mailto:devel@edk2.groups.io> >; Schaefer, Daniel
<daniel.schaefer@hpe.com <mailto:daniel.schaefer@hpe.com> >
Cc: Chang, Abner (HPS SW/FW Technologist) <abner.chang@hpe.com
<mailto:abner.chang@hpe.com> >; 'Michael D Kinney'
<michael.d.kinney@intel.com <mailto:michael.d.kinney@intel.com> >; 'Zhiguang
Liu' <zhiguang.liu@intel.com <mailto:zhiguang.liu@intel.com> >; 'Leif
Lindholm' <leif@nuviainc.com <mailto:leif@nuviainc.com> >
Subject: 回复: 回复: [edk2-devel] [PATCH v1 1/1] Add MemoryFence
implementation for RiscV64



Daniel:
Now, it is clear to me. So, I suggest to merge this change when it is
verified on generic RISC-V QEMU virt machine. Is it OK?

Thanks
Liming
-----邮件原件-----
发件人: devel@edk2.groups.io <mailto:devel@edk2.groups.io>
<devel@edk2.groups.io <mailto:devel@edk2.groups.io> > 代表 Daniel
Schaefer
发送时间: 2021年5月18日 10:35
收件人: devel@edk2.groups.io <mailto:devel@edk2.groups.io> ;
gaoliming@byosoft.com.cn <mailto:gaoliming@byosoft.com.cn>
抄送: 'Abner Chang' <abner.chang@hpe.com <mailto:abner.chang@hpe.com> >;
'Michael D Kinney'
<michael.d.kinney@intel.com <mailto:michael.d.kinney@intel.com> >;
'Zhiguang Liu' <zhiguang.liu@intel.com <mailto:zhiguang.liu@intel.com> >;
'Leif
Lindholm' <leif@nuviainc.com <mailto:leif@nuviainc.com> >
主题: Re: 回复: [edk2-devel] [PATCH v1 1/1] Add MemoryFence
implementation for RiscV64

On 5/18/21 9:04 AM, gaoliming wrote:
Daniel:
Seemly, this API is missing in BaseLib for RiscV64 arch. How do you
detect
this issue?
What do you mean it's missing?
Yes MemoryFence() for RiscV64 is missing currently, that's why I'm adding
it
here.

Maybe you mean that it's not currently used? That's also true.
I'm enabling the generic QEMU virt machine (like OVMF or ArmVirtPkg) for
RISC-V.
At least QemuFwCfgLib and VirtioLib need it.
That's why I have the need to add this implementation now.

Does that clear it up?

Thanks
Liming
-----邮件原件-----
发件人: devel@edk2.groups.io <mailto:devel@edk2.groups.io>
<devel@edk2.groups.io <mailto:devel@edk2.groups.io> > 代表 Daniel
Schaefer
发送时间: 2021年5月16日 2:13
收件人: devel@edk2.groups.io <mailto:devel@edk2.groups.io>
抄送: Abner Chang <abner.chang@hpe.com <mailto:abner.chang@hpe.com> >;
Michael D Kinney
<michael.d.kinney@intel.com <mailto:michael.d.kinney@intel.com> >;
Liming Gao <gaoliming@byosoft.com.cn <mailto:gaoliming@byosoft.com.cn> >;
Zhiguang Liu <zhiguang.liu@intel.com <mailto:zhiguang.liu@intel.com> >;
Leif Lindholm
<leif@nuviainc.com <mailto:leif@nuviainc.com> >
主题: [edk2-devel] [PATCH v1 1/1] Add MemoryFence implementation for
RiscV64

Cc: Abner Chang <abner.chang@hpe.com <mailto:abner.chang@hpe.com> >
Cc: Michael D Kinney <michael.d.kinney@intel.com
<mailto:michael.d.kinney@intel.com> >
Cc: Liming Gao <gaoliming@byosoft.com.cn <mailto:gaoliming@byosoft.com.
cn> >
Cc: Zhiguang Liu <zhiguang.liu@intel.com
<mailto:zhiguang.liu@intel.com> >
Cc: Leif Lindholm <leif@nuviainc.com <mailto:leif@nuviainc.com> >
Signed-off-by: Daniel Schaefer <daniel.schaefer@hpe.com <mailto:daniel.
schaefer@hpe.com> >
---
MdePkg/Library/BaseLib/BaseLib.inf | 1 +
MdePkg/Library/BaseLib/RiscV64/MemoryFence.S | 33
++++++++++++++++++++
2 files changed, 34 insertions(+)

diff --git a/MdePkg/Library/BaseLib/BaseLib.inf
b/MdePkg/Library/BaseLib/BaseLib.inf
index b76f3af380ea..b7ab5f632366 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -399,6 +399,7 @@
RiscV64/DisableInterrupts.c


RiscV64/EnableInterrupts.c


RiscV64/CpuPause.c


+ RiscV64/MemoryFence.S | GCC


RiscV64/RiscVSetJumpLongJump.S | GCC


RiscV64/RiscVCpuBreakpoint.S | GCC


RiscV64/RiscVCpuPause.S | GCC


diff --git a/MdePkg/Library/BaseLib/RiscV64/MemoryFence.S
b/MdePkg/Library/BaseLib/RiscV64/MemoryFence.S
new file mode 100644
index 000000000000..283df9356a9a
--- /dev/null
+++ b/MdePkg/Library/BaseLib/RiscV64/MemoryFence.S
@@ -0,0 +1,33 @@
+##-------------------------------------------------------------------------
-----


+#


+# MemoryFence() for RiscV64


+


+# Copyright (c) 2021, Hewlett Packard Enterprise Development. All
rights
reserved.


+#


+# SPDX-License-Identifier: BSD-2-Clause-Patent


+#


+##-------------------------------------------------------------------------
-----


+


+.text


+.p2align 2


+


+ASM_GLOBAL ASM_PFX(MemoryFence)


+


+


+#/**


+# Used to serialize load and store operations.


+#


+# All loads and stores that proceed calls to this function are
guaranteed to
be


+# globally visible when this function returns.


+#


+#**/


+#VOID


+#EFIAPI


+#MemoryFence (


+# VOID


+# );


+#


+ASM_PFX(MemoryFence):


+ // Fence on all memory and I/O


+ fence


+ ret


--
2.30.1






















Re: [PATCH v2 4/5] ArmVirtPkg: Introduce Cloud Hypervisor to edk2 family

Jianyong Wu
 

Hi Sami,

-----Original Message-----
From: Sami Mujawar <Sami.Mujawar@arm.com>
Sent: Saturday, May 29, 2021 3:44 PM
To: Jianyong Wu <Jianyong.Wu@arm.com>; devel@edk2.groups.io;
lersek@redhat.com; ardb+tianocore@kernel.org
Cc: hao.a.wu@intel.com; Justin He <Justin.He@arm.com>; Leif Lindholm
<leif@nuviainc.com>; nd <nd@arm.com>
Subject: Re: [PATCH v2 4/5] ArmVirtPkg: Introduce Cloud Hypervisor to edk2
family

Hi Jianyon,

Please find my response inline marked [SAMI].

Regards,

Sami Mujawar

On 27/05/2021 07:19 AM, Jianyong Wu wrote:
Hi Sami,

-----Original Message-----
From: Sami Mujawar <Sami.Mujawar@arm.com>
Sent: Wednesday, May 19, 2021 4:27 AM
To: Jianyong Wu <Jianyong.Wu@arm.com>; devel@edk2.groups.io;
lersek@redhat.com; ardb+tianocore@kernel.org
Cc: hao.a.wu@intel.com; Justin He <Justin.He@arm.com>; Leif Lindholm
<leif@nuviainc.com>; nd <nd@arm.com>
Subject: Re: [PATCH v2 4/5] ArmVirtPkg: Introduce Cloud Hypervisor to
edk2 family

Hi Jianyon,

Thank you for this patch.

Please find my response inline marked [SAMI].

Regards,

Sami Mujawar


On 17/05/2021 07:50 AM, Jianyong Wu wrote:
Cloud Hypervisor is kvm based VMM and is implemented in rust. Just
like other VMMs it need UEFI support to let ACPI work. That's why
Cloud Hypervisor is introduced here.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc:
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
---
ArmVirtPkg/ArmVirtCloudHv.dsc | 455
++++++++++++++++++++++++
ArmVirtPkg/ArmVirtCloudHv.fdf | 292 +++++++++++++++
ArmVirtPkg/ArmVirtCloudHvFvMain.fdf.inc | 169 +++++++++
3 files changed, 916 insertions(+)
create mode 100644 ArmVirtPkg/ArmVirtCloudHv.dsc
create mode 100644 ArmVirtPkg/ArmVirtCloudHv.fdf
create mode 100644 ArmVirtPkg/ArmVirtCloudHvFvMain.fdf.inc

diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc
b/ArmVirtPkg/ArmVirtCloudHv.dsc new file mode 100644 index
000000000000..bf1f8c5a75ae
--- /dev/null
+++ b/ArmVirtPkg/ArmVirtCloudHv.dsc
@@ -0,0 +1,455 @@
+#
+# Copyright (c) 2011-2015, ARM Limited. All rights reserved.
+# Copyright (c) 2014, Linaro Limited. All rights reserved.
+# Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent # #
+
+#########################################################
############
+###########
+#
+# Defines Section - statements that will be processed to create a
Makefile.
+#
+#########################################################
############
+###########
+[Defines]
+ PLATFORM_NAME = ArmVirtCloudHv
+ PLATFORM_GUID = DFFED32B-DFFE-D32B-DFFE-
D32BDFFED32B
+ PLATFORM_VERSION = 0.1
+ DSC_SPECIFICATION = 0x00010005
+ OUTPUT_DIRECTORY = Build/ArmVirtCloudHv-$(ARCH)
+ SUPPORTED_ARCHITECTURES = AARCH64|ARM
+ BUILD_TARGETS = DEBUG|RELEASE|NOOPT
+ SKUID_IDENTIFIER = DEFAULT
+ FLASH_DEFINITION = ArmVirtPkg/ArmVirtCloudHv.fdf
+
+ #
+ # Defines for default states. These can be changed on the command
line.
+ # -D FLAG=VALUE
+ #
+ DEFINE TTY_TERMINAL = FALSE
+ DEFINE SECURE_BOOT_ENABLE = FALSE
+ DEFINE TPM2_ENABLE = FALSE
+ DEFINE TPM2_CONFIG_ENABLE = FALSE
+
+!include ArmVirtPkg/ArmVirt.dsc.inc
+
+[LibraryClasses.common]
+ ArmLib|ArmPkg/Library/ArmLib/ArmBaseLib.inf
+ ArmMmuLib|ArmPkg/Library/ArmMmuLib/ArmMmuBaseLib.inf
+
+ # Virtio Support
+ VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
+
+
VirtioMmioDeviceLib|OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDe
+ viceLib.inf
+
QemuFwCfgLib|ArmVirtPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf
+
+
QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/BaseQemuFwCfgS3Li
bNull
+ .inf
+
QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/
Qe
+ muFwCfgSimpleParserLib.inf
+
QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/Generic
Qemu
+ LoadImageLib.inf
[SAMI] Does Cloud Hypervisor support Qemu-FwCfg? If not, then are the
above 4 libraries needed?
Hi Sami, I think CloudHv doesn't dependent on qemu-fwcfg, so I have tried
to remove the dependencies. But I find it difficult to do that.
Some implicit codes depend on qemu-cfg that I can't do workaround. E.g.

In OvmfPkg/Library/PciHostBridgeUtilityLib/PciHostBridgeUtilityLib.c
"
Status = QemuFwCfgFindFile ("etc/extra-pci-roots", &FwCfgItem,
&FwCfgSize);
if (EFI_ERROR (Status) || FwCfgSize != sizeof ExtraRootBridges) {
ExtraRootBridges = 0;
} else {
QemuFwCfgSelectItem (FwCfgItem);
QemuFwCfgReadBytes (FwCfgSize, &ExtraRootBridges); "
I don't know how to do with it. So, I keep it here.
Maybe I need your help if these dependencies should be removed.
[SAMI] I am working on a patch series that adds ACPI and PCI support for
Kvmtool firmware. So, I may just have the patch you need. The patch is an
instance of PciHostBridgeUtilityLib without the FwCfg and I think it should
work for Choud Hypervisor too.
If you can try the attached patch and let me know if it works; I will reword the
patch so that it is common for both Kvmtool and Cloud Hypervisor and post it
to the mailing list.
Please let me know if you face any issues.
[/SAMI]
I try your patch and it works! Now I can throw qemuFwCfg lib out of my patch.
I will rebase my patch on the common Pci lib after you rework on it.

Thanks
Jianyong Wu

+
+
+
ArmPlatformLib|ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatform
+ LibNull.inf
+
+ TimerLib|ArmPkg/Library/ArmArchTimerLib/ArmArchTimerLib.inf
+
+
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.
+ inf BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
+
+
PlatformBootManagerLib|ArmVirtPkg/Library/PlatformBootManagerLib/Pla
+ tformBootManagerLib.inf
[SAMI] The above instance of PlatformBootManagerLibhas a dependency
on Qemu-FwCfg, right?
+
+
PlatformBmPrintScLib|OvmfPkg/Library/PlatformBmPrintScLib/PlatformBm
+ PrintScLib.inf
+
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/Custo
+ mizedDisplayLib.inf
+
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBuffer
+ BltLib.inf
+
QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrder
Lib.i
+ nf
[SAMI] Qemu-FwCfg dependency?
Sure

+
+ FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerL
+ FileExplorerLib|ib
+ .inf
+ PciPcdProducerLib|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPc
+ PciPcdProducerLib|dP
+ roducerLib.inf
+
PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibP
+ ci.inf
+ PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHost
+ PciHostBridgeLib|Br
+ idgeLib.inf
+ PciHostBridgeUtilityLib|OvmfPkg/Library/PciHostBridgeUtilityLib/Pc
+ PciHostBridgeUtilityLib|iH
+ ostBridgeUtilityLib.inf
+
+!if $(TPM2_ENABLE) == TRUE
+
+Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2Command
Lib.inf
+
+Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/
D
+xeTcg2PhysicalPresenceLib.inf
[SAMI] Is this supported by Cloud Hypervisor?
No, should be removed.

+
+TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeT
pmMeas
+urementLib.inf
+!else
+
+TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/T
pmMeasu
+rementLibNull.inf
+!endif
+
+!include MdePkg/MdeLibs.dsc.inc
+
+[LibraryClasses.common.PEIM]
+
+ArmVirtMemInfoLib|ArmVirtPkg/Library/CloudHvVirtMemInfoLib/CloudHv
Vir
+tMemInfoPeiLib.inf
+
+!if $(TPM2_ENABLE) == TRUE
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+
+ResetSystemLib|MdeModulePkg/Library/PeiResetSystemLib/PeiResetSyst
emL
+ib.inf
+
+Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibD
Tpm
+.inf
+!endif
+
+[LibraryClasses.common.DXE_DRIVER]
+
+ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/D
xeRe
+portStatusCodeLib.inf
+
+!if $(TPM2_ENABLE) == TRUE
+
+Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg
2
+.inf
+!endif
+
+[LibraryClasses.common.UEFI_DRIVER]
+ UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf
+
+[BuildOptions]
+!include NetworkPkg/NetworkBuildOptions.dsc.inc
+
+#########################################################
############
+###########
+#
+# Pcd Section - list of all EDK II PCD Entries defined by this
+Platform #
+#########################################################
############
+###########
+
+[PcdsFeatureFlag.common]
+
gUefiOvmfPkgTokenSpaceGuid.PcdQemuBootOrderPciTranslation|TRUE
+
gUefiOvmfPkgTokenSpaceGuid.PcdQemuBootOrderMmioTranslation|TRUE
+
+ ## If TRUE, Graphics Output Protocol will be installed on virtual
+ handle
created by ConsplitterDxe.
+ # It could be set FALSE to save size.
+ gEfiMdeModulePkgTokenSpaceGuid.PcdConOutGopSupport|TRUE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdConOutUgaSupport|FALSE
+
+
gEfiMdeModulePkgTokenSpaceGuid.PcdTurnOffUsbLegacySupport|TRUE
+
+ gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)
+
+[PcdsFixedAtBuild.common]
+!if $(ARCH) == AARCH64
+ gArmTokenSpaceGuid.PcdVFPEnabled|1
+!endif
+
+ gArmPlatformTokenSpaceGuid.PcdCPUCoresStackBase|0x4007c000
+
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
+ gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize|0x4000
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
+
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800
+
+ # Rsdp base address in Cloud Hypervisor
+
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiRsdpBaseAddress|0x40200000
+
+
+gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase|0x40
0000
+0
+
+gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0x400
00
+!if $(NETWORK_TLS_ENABLE) == TRUE
+ #
+ # The cumulative and individual VOLATILE variable size limits
+should be set
+ # high enough for accommodating several and/or large CA certificates.
+ #
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x80000
+
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize|0x40000
+!endif
+
+ # Size of the region used by UEFI in permanent memory (Reserved
+ 64MB)
+
gArmPlatformTokenSpaceGuid.PcdSystemMemoryUefiRegionSize|0x040000
00
+
+ #
+ # ARM PrimeCell
+ #
+
+ ## PL011 - Serial Terminal
+ gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate|38400
+
+ ## Default Terminal Type
+ ## 0-PCANSI, 1-VT100, 2-VT00+, 3-UTF8, 4-TTYTERM !if
+$(TTY_TERMINAL) == TRUE
+ gEfiMdePkgTokenSpaceGuid.PcdDefaultTerminalType|4
+ # Set terminal type to TtyTerm, the value encoded is
+EFI_TTY_TERM_GUID
+ gArmVirtTokenSpaceGuid.PcdTerminalTypeGuidBuffer|{0x80, 0x6d,
0x91,
+0x7d, 0xb1, 0x5b, 0x8c, 0x45, 0xa4, 0x8f, 0xe2, 0x5f, 0xdd, 0x51,
+0xef, 0x94} !else
+ gEfiMdePkgTokenSpaceGuid.PcdDefaultTerminalType|1
+!endif
+
+ # System Memory Base -- fixed at 0x4000_0000
+ gArmTokenSpaceGuid.PcdSystemMemoryBase|0x40000000
+
+ # initial location of the device tree blob passed by Cloud
+ Hypervisor -- base of DRAM
+
gArmVirtTokenSpaceGuid.PcdDeviceTreeInitialBaseAddress|0x40000000
+
+
+
+
gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationC
hange
+ |FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{
+ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a,
+ 0xb6, 0xf4, 0x66, 0x23, 0x31 }
+
+ #
+ # The maximum physical I/O addressability of the processor, set
+ with # BuildCpuHob().
+ #
+ gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16
+
+ #
+ # Enable the non-executable DXE stack. (This gets set up by
+ DxeIpl) #
gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE
+
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ # override the default values from SecurityPkg to ensure images
+from all sources are verified in secure boot
+
+gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x
0
+4
+
+gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0
+x
+04
+
+gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPoli
c
+y|0x04
+!endif
+
+ gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|3
+ gEfiShellPkgTokenSpaceGuid.PcdShellFileOperationSize|0x20000
+
+[PcdsFixedAtBuild.AARCH64]
+ # Clearing BIT0 in this PCD prevents installing a 32-bit SMBIOS
+entry point,
+ # if the entry point version is >= 3.0. AARCH64 OSes cannot
+assume the
+ # presence of the 32-bit entry point anyway (because many AARCH64
+systems
+ # don't have 32-bit addressable physical RAM), and the additional
+allocations
+ # below 4 GB needlessly fragment the memory map. So expose the
+64-bit entry
+ # point only, for entry point versions >= 3.0.
+
gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosEntryPointProvideMethod|0
x2
+
+[PcdsDynamicDefault.common]
+ gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut|3
+
+ ## If TRUE, OvmfPkg/AcpiPlatformDxe will not wait for PCI #
+ enumeration to complete before installing ACPI tables.
+
gEfiMdeModulePkgTokenSpaceGuid.PcdPciDisableBusEnumeration|TRUE
+
+ # System Memory Size -- 1 MB initially, actual size will be
+ fetched from DT
+ gArmTokenSpaceGuid.PcdSystemMemorySize|0x00100000
+
+
gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvModeEnable|TRUE
+
+ gArmTokenSpaceGuid.PcdArmArchTimerSecIntrNum|0x0
+ gArmTokenSpaceGuid.PcdArmArchTimerIntrNum|0x0
+ gArmTokenSpaceGuid.PcdArmArchTimerVirtIntrNum|0x0
+ gArmTokenSpaceGuid.PcdArmArchTimerHypIntrNum|0x0
+
+ #
+ # ARM General Interrupt Controller #
+ gArmTokenSpaceGuid.PcdGicDistributorBase|0x0
+ gArmTokenSpaceGuid.PcdGicRedistributorsBase|0x0
+ gArmTokenSpaceGuid.PcdGicInterruptInterfaceBase|0x0
+
+ ## PL031 RealTimeClock
+ gArmPlatformTokenSpaceGuid.PcdPL031RtcBase|0x0
+
+ # set PcdPciExpressBaseAddress to MAX_UINT64, which signifies
+ that this # PCD and PcdPciDisableBusEnumeration above have not
+ been assigned yet
+
gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|0xFFFFFFFFFFFFFF
FF
+
+ gArmTokenSpaceGuid.PcdPciIoTranslation|0
+# gArmTokenSpaceGuid.PcdPciIoTranslation|0x50000000
[SAMI] Remove commented code.
Yeah

+
+ #
+ # TPM2 support
+ #
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x0
+!if $(TPM2_ENABLE) == TRUE
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00,
+0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+0x00, 0x00, 0x00}
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0
+!endif
+
+[PcdsDynamicHii]
+
+gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVaria
ble
+Guid|0x0|FALSE|NV,BS
+
+!if $(TPM2_CONFIG_ENABLE) == TRUE
+
+gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"T
+C
+G2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
+
+gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"
|gTc
+g2ConfigFormSetGuid|0x8|3|NV,BS
+!endif
+
+#########################################################
############
+###########
+#
+# Components Section - list of all EDK II Modules needed by this
+Platform #
+#########################################################
############
+###########
+[Components.common]
+ #
+ # PEI Phase modules
+ #
+ ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf
+ MdeModulePkg/Core/Pei/PeiMain.inf
+ MdeModulePkg/Universal/PCD/Pei/Pcd.inf {
+ <LibraryClasses>
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+ }
+ ArmPlatformPkg/PlatformPei/PlatformPeim.inf
+ ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
+ ArmPkg/Drivers/CpuPei/CpuPei.inf
+
+ MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
+
+!if $(TPM2_ENABLE) == TRUE
+ MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf {
+ <LibraryClasses>
+
+ResetSystemLib|ArmVirtPkg/Library/ArmVirtPsciResetSystemPeiLib/ArmVi
r
+tPsciResetSystemPeiLib.inf
+ }
+ OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
+ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
+ <LibraryClasses>
+
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypto
HashLib|R
outerPei.inf
+
NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.
NULL|in
f
+
NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.
NULL|in
f
+
NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.
NULL|in
f
+
+NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
+ }
+!endif
+
+ MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf {
+ <LibraryClasses>
+
+
NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDec
ompre
+ ssLib.inf
+ }
+
+ #
+ # DXE
+ #
+ MdeModulePkg/Core/Dxe/DxeMain.inf {
+ <LibraryClasses>
+
NULL|MdeModulePkg/Library/DxeCrc32GuidedSectionExtractLib/DxeCrc32G
uidedSectionExtractLib.inf
+
+
DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.i
+ DevicePathLib|nf
+ }
+ MdeModulePkg/Universal/PCD/Dxe/Pcd.inf {
+ <LibraryClasses>
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+ }
+
+ #
+ # Architectural Protocols
+ #
+ ArmPkg/Drivers/CpuDxe/CpuDxe.inf
+ MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
+
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf {
+ <LibraryClasses>
+
NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
+ # don't use unaligned CopyMem () on the UEFI varstore NOR
+ flash
region
+
BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
+ }
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
+ <LibraryClasses>
+
+NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificati
+NULL|on
+Lib.inf
+!if $(TPM2_ENABLE) == TRUE
+
+NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBo
otLib.
+inf
+!endif
+ }
+
+SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConf
i
+gDxe.inf
+ OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.inf
+!else
+ MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
+!endif
+
MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
+
+MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.i
n
+f
+
+MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCou
nterRun
+timeDxe.inf
+
+MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntime
Dxe.in
+f
+
EmbeddedPkg/RealTimeClockRuntimeDxe/RealTimeClockRuntimeDxe.inf
{
+ <LibraryClasses>
+
+NULL|ArmVirtPkg/Library/ArmVirtPL031FdtClientLib/ArmVirtPL031FdtClie
+NULL|n
+tLib.inf
+ }
+ EmbeddedPkg/MetronomeDxe/MetronomeDxe.inf
+
+
MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
+
MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf
+
+
MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleD
xe
+ .inf MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
+ MdeModulePkg/Universal/SerialDxe/SerialDxe.inf
+
+ MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
+
+ ArmPkg/Drivers/ArmGic/ArmGicDxe.inf
+ ArmPkg/Drivers/TimerDxe/TimerDxe.inf {
+ <LibraryClasses>
+
+
NULL|ArmVirtPkg/Library/ArmVirtTimerFdtClientLib/ArmVirtTimerFdtCl
+ NULL|ie
+ ntLib.inf
+ }
+ MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
+
+ #
+ # Status Code Routing
+ #
+
+
MdeModulePkg/Universal/ReportStatusCodeRouter/RuntimeDxe/ReportSt
atu
+ sCodeRouterRuntimeDxe.inf
+
+ #
+ # Platform Driver
+ #
+ ArmVirtPkg/VirtioFdtDxe/VirtioFdtDxe.inf
+ ArmVirtPkg/FdtClientDxe/FdtClientDxe.inf
+ ArmVirtPkg/HighMemDxe/HighMemDxe.inf
+ OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
+ OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
+ OvmfPkg/VirtioNetDxe/VirtioNet.inf
+ OvmfPkg/VirtioRngDxe/VirtioRng.inf
+
+ #
+ # FAT filesystem + GPT/MBR partitioning + UDF filesystem +
+ virtio-fs # MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf
+ MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
+
+
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.i
+ nf
+ FatPkg/EnhancedFatDxe/Fat.inf
+ MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
+ OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
+
+ #
+ # Bds
+ #
+ MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf {
+ <LibraryClasses>
+
DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+ }
+ MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
+ MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
+
+
MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManager
Dxe
+ .inf MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
+ MdeModulePkg/Logo/LogoDxe.inf
+ MdeModulePkg/Application/UiApp/UiApp.inf {
+ <LibraryClasses>
+
NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
+
NULL|MdeModulePkg/Library/BootManagerUiLib/BootManagerUiLib.inf
+
+
NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMainte
nanc
+ eManagerUiLib.inf
+ }
+ OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
[SAMI] Qemu-FwCfg dependency?
Yeah

+
+ #
+ # SCSI Bus and Disk Driver
+ #
+ MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
+ MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
+
+ #
+ # PCI support
+ #
+ ArmPkg/Drivers/ArmPciCpuIo2Dxe/ArmPciCpuIo2Dxe.inf {
+ <LibraryClasses>
+
+ NULL|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPcdProducerLib.
+ NULL|in
+ f
+ }
+ MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf
+ MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf {
+ <LibraryClasses>
+
+ NULL|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPcdProducerLib.
+ NULL|in
+ f
+ }
+ OvmfPkg/PciHotPlugInitDxe/PciHotPlugInit.inf
+ OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
+ OvmfPkg/Virtio10Dxe/Virtio10.inf
+
+ #
+ # TPM2 support
+ #
+!if $(TPM2_ENABLE) == TRUE
+ SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
+ <LibraryClasses>
+
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCrypto
HashLib|R
outerDxe.inf
+
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibR
outerDxe.inf
+
NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
+
NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.
NULL|in
f
+
NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.
NULL|in
f
+
NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.
NULL|in
f
+
+NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
+ }
+!if $(TPM2_CONFIG_ENABLE) == TRUE
+ SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
+!endif
+
+ #
+ # ACPI Support
+ #
+ ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf
+[Components.AARCH64]
+
+MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGrap
hics
+ResourceTableDxe.inf
+ ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpiPlatformDxe.inf {
+ <LibraryClasses>
+
+NULL|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPcdProducerLib.in
+NULL|f
+ }
diff --git a/ArmVirtPkg/ArmVirtCloudHv.fdf
b/ArmVirtPkg/ArmVirtCloudHv.fdf new file mode 100644 index
000000000000..3619a09ba8c5
--- /dev/null
+++ b/ArmVirtPkg/ArmVirtCloudHv.fdf
@@ -0,0 +1,292 @@
+#
+# Copyright (c) 2011-2015, ARM Limited. All rights reserved.
+# Copyright (c) 2014, Linaro Limited. All rights reserved.
+# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent #
+
+#########################################################
############
+###########
+#
+# FD Section
+# The [FD] Section is made up of the definition statements and a #
+description of what goes into the Flash Device Image. Each FD
+section # defines one flash "device" image. A flash device image
+may be one of # the following: Removable media bootable image (like
+a boot floppy # image,) an Option ROM image (that would be "flashed"
+into an add-in # card,) a System "Flash" image (that would be
+burned into a system's # flash) or an Update ("Capsule") image that
+will be used to update and # existing system flash.
+#
+#########################################################
############
+###########
+
+[Defines]
+!if $(FD_SIZE_IN_MB) == 2
+ DEFINE FVMAIN_COMPACT_SIZE = 0x1ff000 !endif !if
+$(FD_SIZE_IN_MB) == 3
+ DEFINE FVMAIN_COMPACT_SIZE = 0x2ff000 !endif
+
+[FD.CLOUDHV_EFI]
+BaseAddress = 0x00000000|gArmTokenSpaceGuid.PcdFdBaseAddress
#
cloud-hypervisor assigns 0 - 0x8000000 for a BootROM
+Size = $(FD_SIZE)|gArmTokenSpaceGuid.PcdFdSize # The size
in
bytes of the FLASH Device
+ErasePolarity = 1
+
+# This one is tricky, it must be: BlockSize * NumBlocks = Size
+BlockSize = 0x00001000
+NumBlocks = $(FD_NUM_BLOCKS)
+
+#########################################################
############
+###########
+#
+# Following are lists of FD Region layout which correspond to the
+locations of different # images within the flash device.
+#
+# Regions must be defined in ascending order and may not overlap.
+#
+# A Layout Region start with a eight digit hex offset (leading "0x"
+required) followed by # the pipe "|" character, followed by the
+size of the region, also in hex with the leading # "0x" characters. Like:
+# Offset|Size
+# PcdOffsetCName|PcdSizeCName
+# RegionType <FV, DATA, or FILE>
+#
+#########################################################
############
+###########
+
+#
+# UEFI has trouble dealing with FVs that reside at physical address 0x0.
+# So instead, put a hardcoded 'jump to 0x1000' at offset 0x0, and
+put the # real FV at offset 0x1000 #
+0x00000000|0x00001000
+DATA = {
+!if $(ARCH) == AARCH64
+ 0x00, 0x04, 0x00, 0x14 # 'b 0x1000' in AArch64 ASM
+!else
+ 0xfe, 0x03, 0x00, 0xea # 'b 0x1000' in AArch32 ASM
+!endif
+}
+
+0x00001000|$(FVMAIN_COMPACT_SIZE)
+gArmTokenSpaceGuid.PcdFvBaseAddress|gArmTokenSpaceGuid.PcdFvSize
+FV = FVMAIN_COMPACT
+
+!include VarStore.fdf.inc
+
+#########################################################
############
+###########
+#
+# FV Section
+#
+# [FV] section is used to define what components or modules are
+placed within a flash # device file. This section also defines
+order the components and modules are positioned # within the image.
+The [FV] section consists of define statements, set statements and
+# module
statements.
+#
+#########################################################
############
+###########
+
+#!include ArmVirtCloudHvFvMain.fdf.inc
+
+
+
+[FV.FvMain]
+FvNameGuid = 2A88A00E-E267-C8BF-0E80-AE1BD504ED90
+BlockSize = 0x40
+NumBlocks = 0 # This FV gets compressed so make it just big
enough
+FvAlignment = 16 # FV alignment and FV attributes setting.
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+ INF MdeModulePkg/Core/Dxe/DxeMain.inf INF
+ MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
+ INF ArmVirtPkg/VirtioFdtDxe/VirtioFdtDxe.inf
+ INF ArmVirtPkg/FdtClientDxe/FdtClientDxe.inf
+ INF ArmVirtPkg/HighMemDxe/HighMemDxe.inf
+
+ #
+ # PI DXE Drivers producing Architectural Protocols (EFI Services)
+ # INF ArmPkg/Drivers/CpuDxe/CpuDxe.inf INF
+ MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
+ INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
+ INF
MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
+ INF
+MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.i
n
+f
+ INF
+MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ INF
+SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConf
i
+gDxe.inf
+!endif
+ INF
+MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCou
nterRun
+timeDxe.inf
+ INF
+MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntime
Dxe.in
+f
+ INF
EmbeddedPkg/RealTimeClockRuntimeDxe/RealTimeClockRuntimeDxe.inf
+ INF EmbeddedPkg/MetronomeDxe/MetronomeDxe.inf
+ INF MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
+
+ #
+ # Multiple Console IO support
+ #
+ INF
+
MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
+ INF
+
MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf
+ INF
+
MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleD
xe
+ .inf INF
MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
+ INF MdeModulePkg/Universal/SerialDxe/SerialDxe.inf
+
+ INF ArmPkg/Drivers/ArmGic/ArmGicDxe.inf
+ INF ArmPkg/Drivers/TimerDxe/TimerDxe.inf
+ INF
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
+
+ #
+ # FAT filesystem + GPT/MBR partitioning + UDF filesystem +
+ virtio-fs # INF
+ MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf
+ INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
+ INF FatPkg/EnhancedFatDxe/Fat.inf INF
+
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.i
+ nf INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
+ INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
+
+ #
+ # Status Code Routing
+ #
+ INF
+
MdeModulePkg/Universal/ReportStatusCodeRouter/RuntimeDxe/ReportSt
atu
+ sCodeRouterRuntimeDxe.inf
+
+ #
+ # Platform Driver
+ #
+ INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
+ INF OvmfPkg/VirtioNetDxe/VirtioNet.inf
+ INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
+ INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
+
+ #
+ # UEFI application (Shell Embedded Boot Loader) # INF
+ ShellPkg/Application/Shell/Shell.inf
+ INF
+
ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.
inf
+ INF
+
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand
.inf
+ INF
+
OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellComma
n
+ d.inf
+
+ #
+ # Bds
+ #
+ INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
+ INF
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
+ INF
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
+ INF
+
MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManager
Dxe
+ .inf INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
+ INF MdeModulePkg/Application/UiApp/UiApp.inf
+ INF OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
[SAMI] Qemu-FwCfg dependency? Also check at other places in the fdf
and fdf.inc file.
Yeah, it's a tough work for me.

+
+ #
+ # SCSI Bus and Disk Driver
+ #
+ INF MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
+ INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
+
+ #
+ # ACPI Support
+ #
+ INF
ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf
+!if $(ARCH) == AARCH64
+ INF MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
+ INF
+MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGrap
hics
+ResourceTableDxe.inf
+ INF
ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpiPlatformDxe.inf
+
+ #
+ # EBC support
+ #
+ INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
+!endif
+
+ #
+ # PCI support
+ #
+ INF ArmPkg/Drivers/ArmPciCpuIo2Dxe/ArmPciCpuIo2Dxe.inf
+ INF MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf
+ INF MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf
+ INF OvmfPkg/PciHotPlugInitDxe/PciHotPlugInit.inf
+ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
+ INF OvmfPkg/Virtio10Dxe/Virtio10.inf
+
+ #
+ # TPM2 support
+ #
+!if $(TPM2_ENABLE) == TRUE
+ INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+!if $(TPM2_CONFIG_ENABLE) == TRUE
+ INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
+!endif
+
+ #
+ # TianoCore logo (splash screen)
+ #
+ INF MdeModulePkg/Logo/LogoDxe.inf
+
+ #
+ # Ramdisk support
+ #
+ INF MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
+
+
+
+
+
+
+
+
+
+
+
+
[SAMI] Remove empty lines.
Oh, it's my bad.

Thanks
Jianyong

+[FV.FVMAIN_COMPACT]
+FvAlignment = 16
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+ INF ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf
+ INF MdeModulePkg/Core/Pei/PeiMain.inf INF
+ ArmPlatformPkg/PlatformPei/PlatformPeim.inf
+ INF ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf
+ INF ArmPkg/Drivers/CpuPei/CpuPei.inf INF
+ MdeModulePkg/Universal/PCD/Pei/Pcd.inf
+ INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf
+ INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
+
+!if $(TPM2_ENABLE) == TRUE
+ INF MdeModulePkg/Universal/ResetSystemPei/ResetSystemPei.inf
+ INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
+ INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
+!endif
+
+ FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
+ SECTION GUIDED EE4E5898-3914-4259-9D6E-DC7BD79403CF
PROCESSING_REQUIRED = TRUE {
+ SECTION FV_IMAGE = FVMAIN
+ }
+ }
+
+!include ArmVirtRules.fdf.inc
diff --git a/ArmVirtPkg/ArmVirtCloudHvFvMain.fdf.inc
b/ArmVirtPkg/ArmVirtCloudHvFvMain.fdf.inc
new file mode 100644
index 000000000000..51041e889ef4
--- /dev/null
+++ b/ArmVirtPkg/ArmVirtCloudHvFvMain.fdf.inc
@@ -0,0 +1,169 @@
+#
+# Copyright (c) 2011-2015, ARM Limited. All rights reserved.
+# Copyright (c) 2014-2016, Linaro Limited. All rights reserved.
+# Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent #
+
+#########################################################
############
+###########
+#
+# FV Section
+#
+# [FV] section is used to define what components or modules are
+placed within a flash # device file. This section also defines
+order the components and modules are positioned # within the image.
+The [FV] section consists of define statements, set statements and
+# module
statements.
+#
+#########################################################
############
+###########
+
+[FV.FvMain]
+FvNameGuid = 2A88A00E-E267-C8BF-0E80-AE1BD504ED90
+BlockSize = 0x40
+NumBlocks = 0 # This FV gets compressed so make it just big
enough
+FvAlignment = 16 # FV alignment and FV attributes setting.
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+ INF MdeModulePkg/Core/Dxe/DxeMain.inf INF
+ MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
+ INF ArmVirtPkg/VirtioFdtDxe/VirtioFdtDxe.inf
+ INF ArmVirtPkg/FdtClientDxe/FdtClientDxe.inf
+ INF ArmVirtPkg/HighMemDxe/HighMemDxe.inf
+
+ #
+ # PI DXE Drivers producing Architectural Protocols (EFI Services)
+ # INF ArmPkg/Drivers/CpuDxe/CpuDxe.inf INF
+ MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
+ INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
+ INF
MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
+ INF
+MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.i
n
+f
+ INF
+MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ INF
+SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConf
i
+gDxe.inf
+!endif
+ INF
+MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCou
nterRun
+timeDxe.inf
+ INF
+MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntime
Dxe.in
+f
+ INF
EmbeddedPkg/RealTimeClockRuntimeDxe/RealTimeClockRuntimeDxe.inf
+ INF EmbeddedPkg/MetronomeDxe/MetronomeDxe.inf
+ INF MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
+
+ #
+ # Multiple Console IO support
+ #
+ INF
+
MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
+ INF
+
MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf
+ INF
+
MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleD
xe
+ .inf INF
MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
+ INF MdeModulePkg/Universal/SerialDxe/SerialDxe.inf
+
+ INF ArmPkg/Drivers/ArmGic/ArmGicDxe.inf
+ INF ArmPkg/Drivers/TimerDxe/TimerDxe.inf
+ INF
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
+
+ #
+ # FAT filesystem + GPT/MBR partitioning + UDF filesystem +
+ virtio-fs # INF
+ MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf
+ INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
+ INF FatPkg/EnhancedFatDxe/Fat.inf INF
+
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.i
+ nf INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
+ INF OvmfPkg/VirtioFsDxe/VirtioFsDxe.inf
+
+ #
+ # Status Code Routing
+ #
+ INF
+
MdeModulePkg/Universal/ReportStatusCodeRouter/RuntimeDxe/ReportSt
atu
+ sCodeRouterRuntimeDxe.inf
+
+ #
+ # Platform Driver
+ #
+ INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
+ INF OvmfPkg/VirtioNetDxe/VirtioNet.inf
+ INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
+ INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
+
+ #
+ # UEFI application (Shell Embedded Boot Loader) # INF
+ ShellPkg/Application/Shell/Shell.inf
+ INF
+
ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.
inf
+ INF
+
ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand
.inf
+ INF
+
OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellComma
n
+ d.inf
+
+ #
+ # Bds
+ #
+ INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
+ INF
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
+ INF
MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
+ INF
+
MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManager
Dxe
+ .inf INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
+ INF MdeModulePkg/Application/UiApp/UiApp.inf
+ INF OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
+
+ #
+ # SCSI Bus and Disk Driver
+ #
+ INF MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
+ INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
+
+ #
+ # ACPI Support
+ #
+ INF
ArmVirtPkg/CloudHvPlatformHasAcpiDtDxe/CloudHvHasAcpiDtDxe.inf
+!if $(ARCH) == AARCH64
+ INF MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
+ INF
+MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGrap
hics
+ResourceTableDxe.inf
+ INF
ArmVirtPkg/CloudHvAcpiPlatformDxe/CloudHvAcpiPlatformDxe.inf
+
+ #
+ # EBC support
+ #
+ INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
+!endif
+
+ #
+ # PCI support
+ #
+ INF ArmPkg/Drivers/ArmPciCpuIo2Dxe/ArmPciCpuIo2Dxe.inf
+ INF MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf
+ INF MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf
+ INF OvmfPkg/PciHotPlugInitDxe/PciHotPlugInit.inf
+ INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
+ INF OvmfPkg/Virtio10Dxe/Virtio10.inf
+
+ #
+ # TPM2 support
+ #
+!if $(TPM2_ENABLE) == TRUE
+ INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+!if $(TPM2_CONFIG_ENABLE) == TRUE
+ INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
+!endif
+
+ #
+ # TianoCore logo (splash screen)
+ #
+ INF MdeModulePkg/Logo/LogoDxe.inf
+
+ #
+ # Ramdisk support
+ #
+ INF MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf


Re: [PATCH 00/43] OvmfPkg: remove Xen support from OvmfPkg*.dsc, in favor of OvmfXen.dsc

Laszlo Ersek
 

On 05/31/21 17:06, Philippe Mathieu-Daudé wrote:
On 5/27/21 10:55 AM, Laszlo Ersek wrote:
On 05/27/21 09:34, Ard Biesheuvel wrote:
On Wed, 26 May 2021 at 22:15, Laszlo Ersek <lersek@redhat.com> wrote:

Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=2122
Repo: https://pagure.io/lersek/edk2.git
Branch: xen_split_bz_2122

This patch set removes dynamic Xen enlightenment from the following
platforms:

OvmfPkg/OvmfPkgIa32.dsc
OvmfPkg/OvmfPkgIa32X64.dsc
OvmfPkg/OvmfPkgX64.dsc

In Xen guests, the following platform should be used:

OvmfPkg/OvmfXen.dsc
For the series,

Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Thank you, Ard!

I hope the large patch count (with the small patch bodies and the
not-so-short commit messages) didn't get on your nerves! I really did
make an effort to find a good balance. E.g. in the "clean up and sort
#includes & INF files" patches.
I certainly prefer a long series of little patches (so I can stop /
resume the review) rather than a short one of big patches which
burn my review cycle quicker.

This one in particular made a complex refactor easy to review,
thanks!
Thank you, Phil!
Laszlo


Phil.


Cancelled Event: TianoCore Bug Triage - APAC / NAMO - Tuesday, June 1, 2021 #cal-cancelled

devel@edk2.groups.io Calendar <noreply@...>
 

Cancelled: TianoCore Bug Triage - APAC / NAMO

This event has been cancelled.

When:
Tuesday, June 1, 2021
6:30pm to 7:30pm
(UTC-07:00) America/Los Angeles

Where:
https://teams.microsoft.com/l/meetup-join/19%3ameeting_OTUyZTg2NjgtNDhlNS00ODVlLTllYTUtYzg1OTNjNjdiZjFh%40thread.v2/0?context=%7b%22Tid%22%3a%2246c98d88-e344-4ed4-8496-4ed7712e255d%22%2c%22Oid%22%3a%22b286b53a-1218-4db3-bfc9-3d4c5aa7669e%22%7d

Organizer: Liming Gao gaoliming@...

Description:

TianoCore Bug Triage - APAC / NAMO

Hosted by Liming Gao

 

________________________________________________________________________________

Microsoft Teams meeting

Join on your computer or mobile app

Click here to join the meeting

Join with a video conferencing device

teams@...

Video Conference ID: 116 062 094 0

Alternate VTC dialing instructions

Or call in (audio only)

+1 916-245-6934,,77463821#   United States, Sacramento

Phone Conference ID: 774 638 21#

Find a local number | Reset PIN

Learn More | Meeting options

9801 - 9820 of 85635