Date   

Re: [PATCH RFC v3 03/22] OvmfPkg/MemEncryptSevLib: extend the workarea to include SNP enabled field

Brijesh Singh
 

Hi Laszlo,


On 6/7/21 6:20 AM, Laszlo Ersek via groups.io wrote:
On 06/04/21 16:15, Laszlo Ersek wrote:
On 05/27/21 01:10, Brijesh Singh wrote:
BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&;data=04%7C01%7Cbrijesh.singh%40amd.com%7C4b1c71cc4cef4dd250f608d929a640cb%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637586616293720447%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Wulen9mRG3lzBHDOwrwP6%2BnV6F95LgnsgDxuEadi9Ng%3D&reserved=0

Extend the workarea to include the SEV-SNP enabled fields. This will be set
when SEV-SNP is active in the guest VM.

Cc: James Bottomley <jejb@...>
Cc: Min Xu <min.m.xu@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Laszlo Ersek <lersek@...>
Cc: Erdem Aktas <erdemaktas@...>
Signed-off-by: Brijesh Singh <brijesh.singh@...>
---
OvmfPkg/PlatformPei/PlatformPei.inf | 1 +
OvmfPkg/Include/Library/MemEncryptSevLib.h | 3 ++-
OvmfPkg/PlatformPei/AmdSev.c | 26 ++++++++++++++++++++++
OvmfPkg/ResetVector/Ia32/PageTables64.asm | 12 ++++++++++
OvmfPkg/ResetVector/ResetVector.nasmb | 1 +
5 files changed, 42 insertions(+), 1 deletion(-)
(1) Please split this in two patches -- the PlatformPei changes should
be a separate patch. And, I think those should come second, the
ResetVector + header file change should come first.

diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
index 6ef77ba7bb21..bc1dcac48343 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -110,6 +110,7 @@ [Pcd]
gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber
gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize
gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled
+ gUefiCpuPkgTokenSpaceGuid.PcdSevSnpIsEnabled

[FixedPcd]
gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress
diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
index 2425d8ba0a36..24507de55c5d 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -49,7 +49,8 @@ typedef struct {
//
typedef struct _SEC_SEV_ES_WORK_AREA {
UINT8 SevEsEnabled;
- UINT8 Reserved1[7];
+ UINT8 SevSnpEnabled;
+ UINT8 Reserved2[6];

UINT64 RandomData;

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index a8bf610022ba..67b78fd5fa36 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -22,6 +22,27 @@

#include "Platform.h"

+/**
+
+ Initialize SEV-SNP support if running as an SEV-SNP guest.
+
+ **/
+STATIC
+VOID
+AmdSevSnpInitialize (
+ VOID
+ )
+{
+ RETURN_STATUS PcdStatus;
+
+ if (!MemEncryptSevSnpIsEnabled ()) {
+ return;
+ }
+
+ PcdStatus = PcdSetBoolS (PcdSevSnpIsEnabled, TRUE);
+ ASSERT_RETURN_ERROR (PcdStatus);
+}
+
/**

Initialize SEV-ES support if running as an SEV-ES guest.
@@ -209,4 +230,9 @@ AmdSevInitialize (
// Check and perform SEV-ES initialization if required.
//
AmdSevEsInitialize ();
+
+ //
+ // Check and perform SEV-SNP initialization if required.
+ //
+ AmdSevSnpInitialize ();
}
diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
index 5fae8986d9da..6838cdeec9c3 100644
--- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
+++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
@@ -81,6 +81,11 @@ CheckSevFeatures:
; the MSR check below will set the first byte of the workarea to one.
mov byte[SEV_ES_WORK_AREA], 0

+ ; Set the SevSnpEnabled field in workarea to zero to communicate to the SEC
+ ; phase that SEV-SNP is not enabled. If SEV-SNP is enabled, this function
+ ; will set it to 1.
+ mov byte[SEV_ES_WORK_AREA_SNP], 0
+
;
; Set up exception handlers to check for SEV-ES
; Load temporary RAM stack based on PCDs (see SevEsIdtVmmComm for
@@ -136,6 +141,13 @@ CheckSevFeatures:
; phase that SEV-ES is enabled.
mov byte[SEV_ES_WORK_AREA], 1

+ bt eax, 2
+ jnc GetSevEncBit
+
+ ; Set the second byte of the workarea to one to communicate to the SEC
+ ; phase that the SEV-SNP is enabled
+ mov byte[SEV_ES_WORK_AREA_SNP], 1
+
GetSevEncBit:
; Get pte bit position to enable memory encryption
; CPUID Fn8000_001F[EBX] - Bits 5:0
(2) Please mention in the commit message (of the ResetVector patch),
and/or a comment here in the code, that SEV-SNP is never enabled if
SEV-ES is disabled.

Section "15.34.10 SEV_STATUS MSR" in the APM (doc#24593 v3.37) does not
spell out this dependency.

Furthermore, the mSevStatus / mSevEsStatus / mSevSnpStatus variable
assignments in patch#2 do not form a "dependency cascade" like the one
seen here in the reset vector code.

While "SEV-ES depends on SEV" seems obvious to me (and so the related,
existent jumps in the assembly code are not surprising), the statement
"SEV-SNP depends on SEV-ES" is not *that* obvious to me. Thus a comment
would be welcome.

For *both* patches split out of this one:

Reviewed-by: Laszlo Ersek <lersek@...>
(3) Actually, no.

This patch should be reduced to the following files only:

- OvmfPkg/PlatformPei/AmdSev.c
- OvmfPkg/PlatformPei/PlatformPei.inf

and the following changes should be dropped completely:

- OvmfPkg/Include/Library/MemEncryptSevLib.h
- OvmfPkg/ResetVector/Ia32/PageTables64.asm
- OvmfPkg/ResetVector/ResetVector.nasmb

Specifically, the "SEC_SEV_ES_WORK_AREA.SevSnpEnabled" field should
never be introduced.

The reason is apparent only from patch #10 -- "OvmfPkg/PlatformPei:
register GHCB gpa for the SEV-SNP guest".

The core idea is that in patch#10, in the SEC module, you can implement
SevSnpIsEnabled() by just reading MSR_SEV_STATUS, and checking the SNP
bit. Namely, while the SevSnpIsEnabled() call is made in
SevEsProtocolCheck(), i.e., before exception handling is set up in the
SEC module -- and so you indeed cannot call CPUID --, you don't *have*
to call CPUID at that call site. Where you call SevSnpIsEnabled() in
SevEsProtocolCheck(), you already know that SEV-ES is enabled, so it's
safe to just read the exact same SEV status MSR that the SEV-ES status
comes from in the first place, without any CPUID safety check.
We must check the SNP Enabled inside the assembly code for the page
invalidate functions, and I decided to cache the value. A similar
SNP-enabled check is required in SEC phase before the
ProcessLibraryConstrctorList() is called. There are two options on how
we can go about doing the SNP enabled check inside the SEC phase
1. Call the SEV_STATUS MSR after reading the
SEC_SEV_ES_WORK_AREA.SevEnabled. As you said, we need to be sure that ES
is enabled before calling the SEV_STATUS MSR.
2. SEV_STATUS MSR is read in Reset vector for the SNP enabled check
purpose. Extend the SevEsWorkArea to cache the state.

 I chose #2 because it avoids checking for ES enabled before checking
the SNP enabled. I understand that in the current code path, SNP check
is called inside the SevEsProtocolCheck() -- ES is already enabled, and
its safe to call SEV_STATUS MSR. What if we need to check for the SNP
state outside the ES-specific code block in the future? Then we will
need to extend the SevEsWorkArea. So I went ahead with option #2. I have
no problem reverting to option #1 and simplify the patch. I hope you
understand that sometimes it's difficult to foresee which option will be
preferred by the community, so I, as a contributor, can do one thing
and, based on the feedback, change the course.

Thanks

(

General request: please be explicit in the commit messages about the
data flow between modules, and why you are doing what you are doing.
Arriving at the above analysis took me 3+ hours this morning, when --
while reviewing patch#4 -- I took issue with the proliferation of the
new fields in SEC_SEV_ES_WORK_AREA. SEC_SEV_ES_WORK_AREA is *not* a
convenience dump. We should restrict its use as much as possible.

I double-checked how SEC_SEV_ES_WORK_AREA had evolved historically:


* SEC_SEV_ES_WORK_AREA.SevEsEnabled:

1 43c3df78460d OvmfPkg: Reserve a page in memory for the SEV-ES usage
2 0731236fc108 OvmfPkg/PlatformPei: Reserve SEV-ES work area if S3 is supported
3 8a2732186a53 OvmfPkg/ResetVector: Add support for a 32-bit SEV check
4 13e5492bfdf3 OvmfPkg/Sec: Add #VC exception handling for Sec phase

The "SEC_SEV_ES_WORK_AREA.SevEsEnabled" field is important for the
following reason:

- in an SEV-ES guest, just learning about SEV requires exception
handling; thus, the Reset Vector sets up exception handling
*unconditionally*,

- in SEC, we deal with exception handling regardless of SEV-ES, but
*how* we do that is conditional on SEV-ES.

This means that caching the SEV-ES presence from the Reset Vector to
SEC makes a lot of sense. Given that in the Reset Vector we have
unconditional exception handling, and then in SEC we have a cached
result, we are allowed to only have conditional exception handling in
SEC.


* SEC_SEV_ES_WORK_AREA.RandomData, SEC_SEV_ES_WORK_AREA.EncryptionMask:

1 7cb96c47a94e OvmfPkg/ResetVector: Validate the encryption bit position for SEV/SEV-ES
2 bd0c1c8e225b OvmfPkg/ResetVector: Perform a simple SEV-ES sanity check
3 3b32be7e7192 OvmfPkg/ResetVector: Save the encryption mask at boot time
4 b97dc4b92ba1 OvmfPkg/MemEncryptSevLib: Add an interface to retrieve the encryption mask

The "RandomData" and "EncryptionMask" fields in the
SEC_SEV_ES_WORK_AREA structure seem justified because they implement
some serious work (which must be done as early as possible, i.e., in
the Reset Vector), *and* caching the result of that work for the rest
of the firmware saves significant complexity (and the result is
security-related even).

"SEC_SEV_ES_WORK_AREA.SevSnpEnabled" is unlike any of these three
fields.

)

Thanks
Laszlo

diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb
index 5fbacaed5f9d..1971557b1c00 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -73,6 +73,7 @@
%define GHCB_BASE (FixedPcdGet32 (PcdOvmfSecGhcbBase))
%define GHCB_SIZE (FixedPcdGet32 (PcdOvmfSecGhcbSize))
%define SEV_ES_WORK_AREA (FixedPcdGet32 (PcdSevEsWorkAreaBase))
+ %define SEV_ES_WORK_AREA_SNP (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 1)
%define SEV_ES_WORK_AREA_RDRAND (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 8)
%define SEV_ES_WORK_AREA_ENC_MASK (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 16)
%define SEV_ES_VC_TOP_OF_STACK (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase) + FixedPcdGet32 (PcdOvmfSecPeiTempRamSize))







Re: [PATCH RFC v3 05/22] OvmfPkg: reserve Secrets page in MEMFD

Laszlo Ersek
 

On 06/07/21 14:26, Laszlo Ersek wrote:
On 05/27/21 01:11, Brijesh Singh wrote:
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275

When AMD SEV is enabled in the guest VM, a hypervisor need to insert a
secrets page.
For pure SEV?


When SEV-SNP is enabled, the secrets page contains the VM platform
communication keys. The guest BIOS and OS can use this key to communicate
with the SEV firmware to get attesation report. See the SEV-SNP firmware
spec for more details for the content of the secrets page.

When SEV and SEV-ES is enabled, the secrets page contains the information
provided by the guest owner after the attestation. See the SEV
LAUNCH_SECRET command for more details.

Cc: James Bottomley <jejb@...>
Cc: Min Xu <min.m.xu@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Laszlo Ersek <lersek@...>
Cc: Erdem Aktas <erdemaktas@...>
Signed-off-by: Brijesh Singh <brijesh.singh@...>
---
OvmfPkg/OvmfPkgX64.dsc | 2 ++
OvmfPkg/OvmfPkgX64.fdf | 5 +++++
OvmfPkg/AmdSev/SecretPei/SecretPei.inf | 1 +
OvmfPkg/AmdSev/SecretPei/SecretPei.c | 15 ++++++++++++++-
4 files changed, 22 insertions(+), 1 deletion(-)
How is all of the above related to the "OvmfPkg/OvmfPkgX64.dsc"
platform, where remote attestation is not a goal?

What you describe makes sense to me, but only for the remote-attested
"OvmfPkg/AmdSev/AmdSevX64.dsc" platform. (Which already includes
SecretPei and SecretDxe, and sets the necessary PCDs.)

Then, even if we limit this patch only to the "OvmfPkg/AmdSev/SecretPei"
module, the commit message does not explain sufficiently why the secrets
page must be reserved for good. The "SEV-SNP firmware spec" reference is
vague at best; I'm permanently lost between the dozen PDF files I have
downloaded locally from the AMD website. Please include a specific
document number, revision number, and chapter/section identifier.

Honestly I'm getting a *rushed* vibe on this whole series. Why is that?

Assume that I'm dumb. You won't be far from the truth. Then hold my hand
through all this?
Here's the v2 discussion:

- http://mid.mail-archive.com/9804ecb5-8afd-c56e-4982-d1a6ebad3de8@redhat.com
- https://edk2.groups.io/g/devel/message/74797
- https://listman.redhat.com/archives/edk2-devel-archive/2021-May/msg00112.html

That discussion refers to a different use case, raised by Dov. That use
case might justify reserving the area even for plain SEV. It's out of
scope for now, AIUI.

(

And even for that separate use case, James showed down-thread that *not*
reserving the page forever in the firmware is more flexible.

- http://mid.mail-archive.com/aed7d3490fe6edee74440ed8e4cd5364fb2ba4af.camel@linux.ibm.com
- https://edk2.groups.io/g/devel/message/74801
- https://listman.redhat.com/archives/edk2-devel-archive/2021-May/msg00116.html

)

AFAICT, the only effect of the v2 sub-thread on the patch has been that
we now use the Reserved memory type rather than AcpiNVS (when SEV-SNP is
in use). I have two comments on that:

- It's good that we're not mixing in the other use case raised by Dov
(i.e., enabling the guest-kernel to read secrets from the injected
page even under plain SEV).

- It's still unclear to me why the reservation needs to be permanent
under SEV-SNP.

Thanks
Laszlo


diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 999738dc39cd..ea08e1fabc65 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -716,6 +716,7 @@ [Components]
OvmfPkg/SmmAccess/SmmAccessPei.inf
!endif
UefiCpuPkg/CpuMpPei/CpuMpPei.inf
+ OvmfPkg/AmdSev/SecretPei/SecretPei.inf

!if $(TPM_ENABLE) == TRUE
OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
@@ -966,6 +967,7 @@ [Components]
OvmfPkg/PlatformDxe/Platform.inf
OvmfPkg/AmdSevDxe/AmdSevDxe.inf
OvmfPkg/IoMmuDxe/IoMmuDxe.inf
+ OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf

!if $(SMM_REQUIRE) == TRUE
OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index d6be798fcadd..9126b8eb5014 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -88,6 +88,9 @@ [FD.MEMFD]
0x00C000|0x001000
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize

+0x00D000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
+
0x010000|0x010000
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize

@@ -179,6 +182,7 @@ [FV.PEIFV]
INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
!endif
+INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf

################################################################################

@@ -314,6 +318,7 @@ [FV.DXEFV]
INF ShellPkg/Application/Shell/Shell.inf

INF MdeModulePkg/Logo/LogoDxe.inf
+INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf

#
# Network modules
diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.inf b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
index 08be156c4bc0..9265f8adee12 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
@@ -26,6 +26,7 @@ [LibraryClasses]
HobLib
PeimEntryPoint
PcdLib
+ MemEncryptSevLib

[FixedPcd]
gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
index ad491515dd5d..51eb094555aa 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -7,6 +7,7 @@
#include <PiPei.h>
#include <Library/HobLib.h>
#include <Library/PcdLib.h>
+#include <Library/MemEncryptSevLib.h>

EFI_STATUS
EFIAPI
@@ -15,10 +16,22 @@ InitializeSecretPei (
IN CONST EFI_PEI_SERVICES **PeiServices
)
{
+ UINTN Type;
+
+ //
+ // The location of the secret page should be marked reserved so that guest OS
+ // does not treated as a system RAM.
+ //
+ if (MemEncryptSevSnpIsEnabled ()) {
+ Type = EfiReservedMemoryType;
+ } else {
+ Type = EfiBootServicesData;
+ }
+
BuildMemoryAllocationHob (
PcdGet32 (PcdSevLaunchSecretBase),
PcdGet32 (PcdSevLaunchSecretSize),
- EfiBootServicesData
+ Type
);

return EFI_SUCCESS;


Re: [PATCH RFC v3 05/22] OvmfPkg: reserve Secrets page in MEMFD

Laszlo Ersek
 

On 05/27/21 01:11, Brijesh Singh wrote:
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275

When AMD SEV is enabled in the guest VM, a hypervisor need to insert a
secrets page.
For pure SEV?


When SEV-SNP is enabled, the secrets page contains the VM platform
communication keys. The guest BIOS and OS can use this key to communicate
with the SEV firmware to get attesation report. See the SEV-SNP firmware
spec for more details for the content of the secrets page.

When SEV and SEV-ES is enabled, the secrets page contains the information
provided by the guest owner after the attestation. See the SEV
LAUNCH_SECRET command for more details.

Cc: James Bottomley <jejb@...>
Cc: Min Xu <min.m.xu@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Laszlo Ersek <lersek@...>
Cc: Erdem Aktas <erdemaktas@...>
Signed-off-by: Brijesh Singh <brijesh.singh@...>
---
OvmfPkg/OvmfPkgX64.dsc | 2 ++
OvmfPkg/OvmfPkgX64.fdf | 5 +++++
OvmfPkg/AmdSev/SecretPei/SecretPei.inf | 1 +
OvmfPkg/AmdSev/SecretPei/SecretPei.c | 15 ++++++++++++++-
4 files changed, 22 insertions(+), 1 deletion(-)
How is all of the above related to the "OvmfPkg/OvmfPkgX64.dsc"
platform, where remote attestation is not a goal?

What you describe makes sense to me, but only for the remote-attested
"OvmfPkg/AmdSev/AmdSevX64.dsc" platform. (Which already includes
SecretPei and SecretDxe, and sets the necessary PCDs.)

Then, even if we limit this patch only to the "OvmfPkg/AmdSev/SecretPei"
module, the commit message does not explain sufficiently why the secrets
page must be reserved for good. The "SEV-SNP firmware spec" reference is
vague at best; I'm permanently lost between the dozen PDF files I have
downloaded locally from the AMD website. Please include a specific
document number, revision number, and chapter/section identifier.

Honestly I'm getting a *rushed* vibe on this whole series. Why is that?

Assume that I'm dumb. You won't be far from the truth. Then hold my hand
through all this?

Laszlo



diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 999738dc39cd..ea08e1fabc65 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -716,6 +716,7 @@ [Components]
OvmfPkg/SmmAccess/SmmAccessPei.inf
!endif
UefiCpuPkg/CpuMpPei/CpuMpPei.inf
+ OvmfPkg/AmdSev/SecretPei/SecretPei.inf

!if $(TPM_ENABLE) == TRUE
OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf
@@ -966,6 +967,7 @@ [Components]
OvmfPkg/PlatformDxe/Platform.inf
OvmfPkg/AmdSevDxe/AmdSevDxe.inf
OvmfPkg/IoMmuDxe/IoMmuDxe.inf
+ OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf

!if $(SMM_REQUIRE) == TRUE
OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index d6be798fcadd..9126b8eb5014 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -88,6 +88,9 @@ [FD.MEMFD]
0x00C000|0x001000
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize

+0x00D000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
+
0x010000|0x010000
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize

@@ -179,6 +182,7 @@ [FV.PEIFV]
INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
!endif
+INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf

################################################################################

@@ -314,6 +318,7 @@ [FV.DXEFV]
INF ShellPkg/Application/Shell/Shell.inf

INF MdeModulePkg/Logo/LogoDxe.inf
+INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf

#
# Network modules
diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.inf b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
index 08be156c4bc0..9265f8adee12 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
@@ -26,6 +26,7 @@ [LibraryClasses]
HobLib
PeimEntryPoint
PcdLib
+ MemEncryptSevLib

[FixedPcd]
gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
index ad491515dd5d..51eb094555aa 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -7,6 +7,7 @@
#include <PiPei.h>
#include <Library/HobLib.h>
#include <Library/PcdLib.h>
+#include <Library/MemEncryptSevLib.h>

EFI_STATUS
EFIAPI
@@ -15,10 +16,22 @@ InitializeSecretPei (
IN CONST EFI_PEI_SERVICES **PeiServices
)
{
+ UINTN Type;
+
+ //
+ // The location of the secret page should be marked reserved so that guest OS
+ // does not treated as a system RAM.
+ //
+ if (MemEncryptSevSnpIsEnabled ()) {
+ Type = EfiReservedMemoryType;
+ } else {
+ Type = EfiBootServicesData;
+ }
+
BuildMemoryAllocationHob (
PcdGet32 (PcdSevLaunchSecretBase),
PcdGet32 (PcdSevLaunchSecretSize),
- EfiBootServicesData
+ Type
);

return EFI_SUCCESS;


Re: [RESEND PATCH RFC v3 00/22] Add AMD Secure Nested Paging (SEV-SNP) support

Laszlo Ersek
 

On 06/04/21 15:09, Laszlo Ersek wrote:
On 06/04/21 13:50, Brijesh Singh wrote:
The main issue is I typed wrong branch name in the cover letter. The
branch name should be "sev-snp-rfc-3" and not "sev-snp-rfc-2". I
apologies for it :(. Ray asked the branch name and I replied him with
the correct branch.
Hmmm... indeed, but that discussion happened off-list, namely under the
original posting of this v3 RFC set that did not reach the list. And now
I was working with my list folder.

https://github.com/AMDESE/ovmf/tree/sev-snp-rfc-3

This branch was based on commit 5531fd48ded1271b8775725355ab83994e4bc77c
from the upstream. 
Right, this branch indeed averts problem (2); it is in sync with the
posted series. Thanks!

Problem (1) stays the same -- git-rebase reports the same issue as
git-am above, for patch#21. So, I'm going to review this version on the
list, but I'll skip patch#21 (or perhaps I'll attempt to make useful
comments there too, if I can).
I re-reviewed patch #3 today, and reviewed patch #4 as well.

Because the data flow was not explained in advance, regarding the
"SevSnpEnabled" and "HypervisorFeatures" fields, I wasted a huge amount
of time reviewing ResetVector details that ultimately proved irrelevant.

Additionally, I've found that several patches modify multiple modules in
one step, typically ResetVector and PlatformPei. Honestly, this is
inexplicable to me, given the edk2 coding style. The edk2 style permits
multi-module patches only in the most exceptional cases. In a typical
producer/consumer setup, the producer module patch comes first, the
consumer module patch comes second. Breaking this edk2 rule is very
detrimental to my efficiency as a reviewer.

Either way, I'm done reviewing RFCv3; primarily because tomorrow and the
day after I have some time-sensitive work to do, and afterwards, I'm
going to disapper for a good while, to salvage the shreds of my brain
that I've been left with, after the last two weeks.

In the meantime, assuming no other reviewer wishes to comment RFCv3,
please rework this series carefully -- even if it has "RFC" status,
that's not a license to break edk2 coding style, structure patches
incorrectly, diverge from spec-dictated constants, omit detailed
explanations in commit messages (data flow!), duplicate code (assembly
code!) mindlessly, and so on.

Thanks
Laszlo


Re: [PATCH RFC v3 04/22] OvmfPkg/MemEncryptSevLib: extend Es Workarea to include hv features

Laszlo Ersek
 

Hi Brijesh,

On 05/27/21 01:11, Brijesh Singh wrote:
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275

The GHCB Version 2 introduces advertisement of features that are supported
by the hypervisor. The features value is saved in the SevEs workarea. Save
the value in the PCD for the later use.

Cc: James Bottomley <jejb@...>
Cc: Min Xu <min.m.xu@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Laszlo Ersek <lersek@...>
Cc: Erdem Aktas <erdemaktas@...>
Signed-off-by: Brijesh Singh <brijesh.singh@...>
---
OvmfPkg/PlatformPei/PlatformPei.inf | 1 +
OvmfPkg/Include/Library/MemEncryptSevLib.h | 2 +
OvmfPkg/PlatformPei/AmdSev.c | 26 +++++
OvmfPkg/ResetVector/Ia32/PageTables64.asm | 122 +++++++++++++++++++++
OvmfPkg/ResetVector/ResetVector.nasmb | 1 +
5 files changed, 152 insertions(+)
(1) Please split this patch: the PlatformPei changes should be in the second patch.


diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
index bc1dcac48343..3256ccfe88d8 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -111,6 +111,7 @@ [Pcd]
gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize
gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled
gUefiCpuPkgTokenSpaceGuid.PcdSevSnpIsEnabled
+ gUefiCpuPkgTokenSpaceGuid.PcdGhcbHypervisorFeatures

[FixedPcd]
gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress
diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
index 24507de55c5d..dd1c97d4a9a3 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -55,6 +55,8 @@ typedef struct _SEC_SEV_ES_WORK_AREA {
UINT64 RandomData;

UINT64 EncryptionMask;
+
+ UINT64 HypervisorFeatures;
} SEC_SEV_ES_WORK_AREA;

//
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index 67b78fd5fa36..81e40e0889aa 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -43,6 +43,27 @@ AmdSevSnpInitialize (
ASSERT_RETURN_ERROR (PcdStatus);
}

+/**
+
+ Function to set the PcdHypervisorFeatures.
+**/
+STATIC
+VOID
+AmdSevHypervisorFeatures (
+ VOID
+ )
+{
+ SEC_SEV_ES_WORK_AREA *SevEsWorkArea;
+ RETURN_STATUS PcdStatus;
+
+ SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAreaBase);
+
+ PcdStatus = PcdSet64S (PcdGhcbHypervisorFeatures, SevEsWorkArea->HypervisorFeatures);
+ ASSERT_RETURN_ERROR (PcdStatus);
+
+ DEBUG ((DEBUG_INFO, "GHCB Hypervisor Features=0x%Lx\n", SevEsWorkArea->HypervisorFeatures));
(2) Overlong line.

Please avoid basic mistakes like this, even in an RFC series.


+}
+
/**

Initialize SEV-ES support if running as an SEV-ES guest.
@@ -73,6 +94,11 @@ AmdSevEsInitialize (
PcdStatus = PcdSetBoolS (PcdSevEsIsEnabled, TRUE);
ASSERT_RETURN_ERROR (PcdStatus);

+ //
+ // Set the hypervisor features PCD.
+ //
+ AmdSevHypervisorFeatures ();
+
//
// Allocate GHCB and per-CPU variable pages.
// Since the pages must survive across the UEFI to OS transition
diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
index 6838cdeec9c3..75e63d2a0561 100644
--- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
+++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
@@ -62,6 +62,16 @@ BITS 32
%define GHCB_CPUID_REGISTER_SHIFT 30
%define CPUID_INSN_LEN 2

+; GHCB SEV Information MSR protocol
+%define GHCB_SEV_INFORMATION_REQUEST 2
+%define GHCB_SEV_INFORMATION_RESPONSE 1
(3) These macro names do not match the ones in "MdePkg/Include/Register/Amd/Fam17Msr.h" (GHCB_INFO_SEV_INFO_GET, GHCB_INFO_SEV_INFO, respectively).

They don't *have* to match, technically speaking, but one goal of using macros for magic numbers is so we can grep the source for them. The macros just below (for values 128 and 129) do match the header file.


+
+; GHCB Hypervisor features MSR protocol
+%define GHCB_HYPERVISOR_FEATURES_REQUEST 128
+%define GHCB_HYPERVISOR_FEATURES_RESPONSE 129
+
+; GHCB request to terminate protocol values
+%define GHCB_GENERAL_TERMINATE_REQUEST 255
(4) Not only does this macro name not match the one in the header file (which is GHCB_INFO_TERMINATE_REQUEST), even the value is wrong. The header file has

#define GHCB_INFO_TERMINATE_REQUEST 256

and I checked the GHCBv2 spec too; there is no operation defined with opcode 255.



; Check if Secure Encrypted Virtualization (SEV) features are enabled.
;
@@ -86,6 +96,13 @@ CheckSevFeatures:
; will set it to 1.
mov byte[SEV_ES_WORK_AREA_SNP], 0

+ ; Set the Hypervisor features field in the workarea to zero to communicate
+ ; to the hypervisor features to the SEC phase. The hypervisor feature is
+ ; filled during the call to CheckHypervisorFeatures.
+ mov eax, 0
+ mov dword[SEV_ES_WORK_AREA_HYPERVISOR_FEATURES], eax
+ mov dword[SEV_ES_WORK_AREA_HYPERVISOR_FEATURES + 4], eax
+
;
; Set up exception handlers to check for SEV-ES
; Load temporary RAM stack based on PCDs (see SevEsIdtVmmComm for
@@ -225,6 +242,106 @@ IsSevEsEnabled:
SevEsDisabled:
OneTimeCallRet IsSevEsEnabled

+; The version 2 of GHCB specification added the support to query the hypervisor features.
+; If the GHCB version is >=2 then read the hypervisor features.
+;
+; Modified: EAX, EBX, ECX, EDX
+;
+CheckHypervisorFeatures:
(5) Arguably this label name should contain "Sev".


+ ; Get the SEV Information
+ ; Setup GHCB MSR
+ ; GHCB_MSR[11:0] = SEV information request
+ ;
+ mov edx, 0
+ mov eax, GHCB_SEV_INFORMATION_REQUEST
+ mov ecx, 0xc0010130
+ wrmsr
+
+ ;
+ ; Issue VMGEXIT - NASM doesn't support the vmmcall instruction in 32-bit
+ ; mode, so work around this by temporarily switching to 64-bit mode.
+ ;
+BITS 64
+ rep vmmcall
+BITS 32
+
+ ;
+ ; SEV Information Response GHCB MSR
+ ; GHCB_MSR[63:48] = Maximum protocol version
+ ; GHCB_MSR[47:32] = Minimum protocol version
+ ; GHCB_MSR[11:0] = SEV information response
+ ;
+ mov ecx, 0xc0010130
+ rdmsr
+ and eax, 0xfff
+ cmp eax, GHCB_SEV_INFORMATION_RESPONSE
+ jnz TerminateSevGuestLaunch
(6) Before modifying the ResetVector module like this, please insert a refactoring patch as follows:

- A new SEV-specific assembly include file should be introduced. The majority of the "OvmfPkg/ResetVector/Ia32/PageTables64.asm" file now deals with SEV aspects, but the file-top comment still says "Sets the CR3 register for 64-bit paging". It's high time that we move SEV stuff to a file with a name that references SEV.

- We now have five (5) invocations of the GHCB MSR protocol in this file, and every one of them open-codes the same setup, the same 0xc0010130 MSR constant, the same retval check logic with possible guest termination, the same "rep vmmcall" workaround for the 32-bit limitation of NASM, and so on. this file is now borderline unreadable. At the minimum, please introduce a function-like NASM macro with two arguments (= the request & response opcodes), and extract as much as possible.



+ shr edx, 16
+ cmp edx, 2
+ jl CheckHypervisorFeaturesDone
+
+ ; Get the hypervisor features
+ ; Setup GHCB MSR
+ ; GHCB_MSR[11:0] = Hypervisor features request
+ ;
+ mov edx, 0
+ mov eax, GHCB_HYPERVISOR_FEATURES_REQUEST
+ mov ecx, 0xc0010130
+ wrmsr
+
+ ;
+ ; Issue VMGEXIT - NASM doesn't support the vmmcall instruction in 32-bit
+ ; mode, so work around this by temporarily switching to 64-bit mode.
+ ;
+BITS 64
+ rep vmmcall
+BITS 32
+
+ ;
+ ; Hypervisor features reponse
+ ; GHCB_MSR[63:12] = Features bitmap
+ ; GHCB_MSR[11:0] = Hypervisor features response
+ ;
+ mov ecx, 0xc0010130
+ rdmsr
+ mov ebx, eax
+ and eax, 0xfff
+ cmp eax, GHCB_HYPERVISOR_FEATURES_RESPONSE
+ jnz TerminateSevGuestLaunch
+
+ shr ebx, 12
+ mov dword[SEV_ES_WORK_AREA_HYPERVISOR_FEATURES], ebx
+ mov dword[SEV_ES_WORK_AREA_HYPERVISOR_FEATURES + 4], edx
(7) According to the spec, the FEATURES bitmap is a contiguous bitmap of 52 bits. The way the EDX:EAX qword is shifted right by 12 bits above is incorrect. The EAX half is shifted OK (through EBX), but the EDX half is not shifted down by 12 bits at all, it is simply stored to the most significant dword of the "HypervisorFeatures" field. This basically inserts a 12 bit wide gap in the FEATURES bitmap.


+
+ jmp CheckHypervisorFeaturesDone
+TerminateSevGuestLaunch:
+ ;
+ ; Setup GHCB MSR
+ ; GHCB_MSR[23:16] = 0
+ ; GHCB_MSR[15:12] = 0
+ ; GHCB_MSR[11:0] = Terminate Request
+ ;
+ mov edx, 0
+ mov eax, GHCB_GENERAL_TERMINATE_REQUEST
(8) The "MdePkg/Include/Register/Amd/Fam17Msr.h" header file introduces GHCB_TERMINATE_GHCB, GHCB_TERMINATE_GHCB_GENERAL, GHCB_TERMINATE_GHCB_PROTOCOL. Can we use some of those here (with a separate, but matching, NASM macro of course)? See SevEsProtocolFailure() in "OvmfPkg/Sec/SecMain.c".


+ mov ecx, 0xc0010130
+ wrmsr
+
+ ;
+ ; Issue VMGEXIT - NASM doesn't support the vmmcall instruction in 32-bit
+ ; mode, so work around this by temporarily switching to 64-bit mode.
+ ;
+BITS 64
+ rep vmmcall
+BITS 32
+
+TerminateSevGuestLaunchHlt:
+ cli
+ hlt
+ jmp TerminateSevGuestLaunchHlt
+
+CheckHypervisorFeaturesDone:
+ OneTimeCallRet CheckHypervisorFeatures
+
;
; Modified: EAX, EBX, ECX, EDX
;
@@ -328,6 +445,11 @@ clearGhcbMemoryLoop:
mov dword[ecx * 4 + GHCB_BASE - 4], eax
loop clearGhcbMemoryLoop

+ ;
+ ; It is SEV-ES guest, query the Hypervisor features
+ ;
+ OneTimeCall CheckHypervisorFeatures
+
SetCr3:
;
; Set CR3 now that the paging structures are available
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb
index 1971557b1c00..5beba3ecb290 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -76,6 +76,7 @@
%define SEV_ES_WORK_AREA_SNP (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 1)
%define SEV_ES_WORK_AREA_RDRAND (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 8)
%define SEV_ES_WORK_AREA_ENC_MASK (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 16)
+ %define SEV_ES_WORK_AREA_HYPERVISOR_FEATURES (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 24)
%define SEV_ES_VC_TOP_OF_STACK (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase) + FixedPcdGet32 (PcdOvmfSecPeiTempRamSize))
%include "Ia32/Flat32ToFlat64.asm"
%include "Ia32/PageTables64.asm"
(9) And, I'm arriving at the following assertion only now unfortunately, after spending about 4 hours on reviewing this patch, and the history of SEC_SEV_ES_WORK_AREA.

I assert that the "SEC_SEV_ES_WORK_AREA.HypervisorFeatures" field should not exist. The only read site is here, in "OvmfPkg/PlatformPei".

Instead, we should have a new MemEncryptSevLib function that outputs the FEATURES bitmask. It should be similar to MemEncryptSevGetEncryptionMask(), but it should return a RETURN_STATUS, and produce the FEATURES bitmask through an output parameter.

The SEC instance of the function should return RETURN_UNSUPPORTED.

The PEI instance should use the GHCB MSR protocol, with the help of the AsmCpuId(), AsmWriteMsr64(), AsmReadMsr64() and AsmVmgExit() BaseLib functions.

The DXE instance should read back the PCD.

And so the OvmfPkg/ResetVector hunks should be dropped from this patch.

Thanks,
Laszlo


Re: VirtIO sound device in qemu?

Michael Brown
 

On 07/06/2021 05:41, Ethin Probst wrote:
For my audio output protocol (I wonder if we should abbreviate it as
AOP?) I need to get access to VirtIO devices in PCIe configuration
space. However, I can't seem to find a way of telling QEMU to use this
device for audio output. Is there something I missed, or something
that does support this?
Do you mean that you can't find a way to get QEMU to create a Virtio audio device visible to the guest, or that you can't find a way to get QEMU to connect this Virtio device to the host-side audio output?

Michael


Re: [edk2-platforms PATCH 1/1] Readme.md: Refer users to the Arm GNU-A Downloads page for toolchains

Sami Mujawar
 

Pushed as 6e92566d2e61..7bf73ecc3c47

Thanks.

Regards,

Sami Mujawar


On 03/06/2021 11:34 AM, Leif Lindholm wrote:
Reviewed-by: Leif Lindholm <leif@...>


Re: [PATCH RFC v3 03/22] OvmfPkg/MemEncryptSevLib: extend the workarea to include SNP enabled field

Laszlo Ersek
 

On 06/04/21 16:15, Laszlo Ersek wrote:
On 05/27/21 01:10, Brijesh Singh wrote:
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275

Extend the workarea to include the SEV-SNP enabled fields. This will be set
when SEV-SNP is active in the guest VM.

Cc: James Bottomley <jejb@...>
Cc: Min Xu <min.m.xu@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Laszlo Ersek <lersek@...>
Cc: Erdem Aktas <erdemaktas@...>
Signed-off-by: Brijesh Singh <brijesh.singh@...>
---
OvmfPkg/PlatformPei/PlatformPei.inf | 1 +
OvmfPkg/Include/Library/MemEncryptSevLib.h | 3 ++-
OvmfPkg/PlatformPei/AmdSev.c | 26 ++++++++++++++++++++++
OvmfPkg/ResetVector/Ia32/PageTables64.asm | 12 ++++++++++
OvmfPkg/ResetVector/ResetVector.nasmb | 1 +
5 files changed, 42 insertions(+), 1 deletion(-)
(1) Please split this in two patches -- the PlatformPei changes should
be a separate patch. And, I think those should come second, the
ResetVector + header file change should come first.


diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
index 6ef77ba7bb21..bc1dcac48343 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -110,6 +110,7 @@ [Pcd]
gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber
gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize
gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled
+ gUefiCpuPkgTokenSpaceGuid.PcdSevSnpIsEnabled

[FixedPcd]
gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress
diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
index 2425d8ba0a36..24507de55c5d 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -49,7 +49,8 @@ typedef struct {
//
typedef struct _SEC_SEV_ES_WORK_AREA {
UINT8 SevEsEnabled;
- UINT8 Reserved1[7];
+ UINT8 SevSnpEnabled;
+ UINT8 Reserved2[6];

UINT64 RandomData;

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index a8bf610022ba..67b78fd5fa36 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -22,6 +22,27 @@

#include "Platform.h"

+/**
+
+ Initialize SEV-SNP support if running as an SEV-SNP guest.
+
+ **/
+STATIC
+VOID
+AmdSevSnpInitialize (
+ VOID
+ )
+{
+ RETURN_STATUS PcdStatus;
+
+ if (!MemEncryptSevSnpIsEnabled ()) {
+ return;
+ }
+
+ PcdStatus = PcdSetBoolS (PcdSevSnpIsEnabled, TRUE);
+ ASSERT_RETURN_ERROR (PcdStatus);
+}
+
/**

Initialize SEV-ES support if running as an SEV-ES guest.
@@ -209,4 +230,9 @@ AmdSevInitialize (
// Check and perform SEV-ES initialization if required.
//
AmdSevEsInitialize ();
+
+ //
+ // Check and perform SEV-SNP initialization if required.
+ //
+ AmdSevSnpInitialize ();
}
diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
index 5fae8986d9da..6838cdeec9c3 100644
--- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
+++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
@@ -81,6 +81,11 @@ CheckSevFeatures:
; the MSR check below will set the first byte of the workarea to one.
mov byte[SEV_ES_WORK_AREA], 0

+ ; Set the SevSnpEnabled field in workarea to zero to communicate to the SEC
+ ; phase that SEV-SNP is not enabled. If SEV-SNP is enabled, this function
+ ; will set it to 1.
+ mov byte[SEV_ES_WORK_AREA_SNP], 0
+
;
; Set up exception handlers to check for SEV-ES
; Load temporary RAM stack based on PCDs (see SevEsIdtVmmComm for
@@ -136,6 +141,13 @@ CheckSevFeatures:
; phase that SEV-ES is enabled.
mov byte[SEV_ES_WORK_AREA], 1

+ bt eax, 2
+ jnc GetSevEncBit
+
+ ; Set the second byte of the workarea to one to communicate to the SEC
+ ; phase that the SEV-SNP is enabled
+ mov byte[SEV_ES_WORK_AREA_SNP], 1
+
GetSevEncBit:
; Get pte bit position to enable memory encryption
; CPUID Fn8000_001F[EBX] - Bits 5:0
(2) Please mention in the commit message (of the ResetVector patch),
and/or a comment here in the code, that SEV-SNP is never enabled if
SEV-ES is disabled.

Section "15.34.10 SEV_STATUS MSR" in the APM (doc#24593 v3.37) does not
spell out this dependency.

Furthermore, the mSevStatus / mSevEsStatus / mSevSnpStatus variable
assignments in patch#2 do not form a "dependency cascade" like the one
seen here in the reset vector code.

While "SEV-ES depends on SEV" seems obvious to me (and so the related,
existent jumps in the assembly code are not surprising), the statement
"SEV-SNP depends on SEV-ES" is not *that* obvious to me. Thus a comment
would be welcome.

For *both* patches split out of this one:

Reviewed-by: Laszlo Ersek <lersek@...>
(3) Actually, no.

This patch should be reduced to the following files only:

- OvmfPkg/PlatformPei/AmdSev.c
- OvmfPkg/PlatformPei/PlatformPei.inf

and the following changes should be dropped completely:

- OvmfPkg/Include/Library/MemEncryptSevLib.h
- OvmfPkg/ResetVector/Ia32/PageTables64.asm
- OvmfPkg/ResetVector/ResetVector.nasmb

Specifically, the "SEC_SEV_ES_WORK_AREA.SevSnpEnabled" field should
never be introduced.

The reason is apparent only from patch #10 -- "OvmfPkg/PlatformPei:
register GHCB gpa for the SEV-SNP guest".

The core idea is that in patch#10, in the SEC module, you can implement
SevSnpIsEnabled() by just reading MSR_SEV_STATUS, and checking the SNP
bit. Namely, while the SevSnpIsEnabled() call is made in
SevEsProtocolCheck(), i.e., before exception handling is set up in the
SEC module -- and so you indeed cannot call CPUID --, you don't *have*
to call CPUID at that call site. Where you call SevSnpIsEnabled() in
SevEsProtocolCheck(), you already know that SEV-ES is enabled, so it's
safe to just read the exact same SEV status MSR that the SEV-ES status
comes from in the first place, without any CPUID safety check.

(

General request: please be explicit in the commit messages about the
data flow between modules, and why you are doing what you are doing.
Arriving at the above analysis took me 3+ hours this morning, when --
while reviewing patch#4 -- I took issue with the proliferation of the
new fields in SEC_SEV_ES_WORK_AREA. SEC_SEV_ES_WORK_AREA is *not* a
convenience dump. We should restrict its use as much as possible.

I double-checked how SEC_SEV_ES_WORK_AREA had evolved historically:


* SEC_SEV_ES_WORK_AREA.SevEsEnabled:

1 43c3df78460d OvmfPkg: Reserve a page in memory for the SEV-ES usage
2 0731236fc108 OvmfPkg/PlatformPei: Reserve SEV-ES work area if S3 is supported
3 8a2732186a53 OvmfPkg/ResetVector: Add support for a 32-bit SEV check
4 13e5492bfdf3 OvmfPkg/Sec: Add #VC exception handling for Sec phase

The "SEC_SEV_ES_WORK_AREA.SevEsEnabled" field is important for the
following reason:

- in an SEV-ES guest, just learning about SEV requires exception
handling; thus, the Reset Vector sets up exception handling
*unconditionally*,

- in SEC, we deal with exception handling regardless of SEV-ES, but
*how* we do that is conditional on SEV-ES.

This means that caching the SEV-ES presence from the Reset Vector to
SEC makes a lot of sense. Given that in the Reset Vector we have
unconditional exception handling, and then in SEC we have a cached
result, we are allowed to only have conditional exception handling in
SEC.


* SEC_SEV_ES_WORK_AREA.RandomData, SEC_SEV_ES_WORK_AREA.EncryptionMask:

1 7cb96c47a94e OvmfPkg/ResetVector: Validate the encryption bit position for SEV/SEV-ES
2 bd0c1c8e225b OvmfPkg/ResetVector: Perform a simple SEV-ES sanity check
3 3b32be7e7192 OvmfPkg/ResetVector: Save the encryption mask at boot time
4 b97dc4b92ba1 OvmfPkg/MemEncryptSevLib: Add an interface to retrieve the encryption mask

The "RandomData" and "EncryptionMask" fields in the
SEC_SEV_ES_WORK_AREA structure seem justified because they implement
some serious work (which must be done as early as possible, i.e., in
the Reset Vector), *and* caching the result of that work for the rest
of the firmware saves significant complexity (and the result is
security-related even).

"SEC_SEV_ES_WORK_AREA.SevSnpEnabled" is unlike any of these three
fields.

)

Thanks
Laszlo

diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb
index 5fbacaed5f9d..1971557b1c00 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -73,6 +73,7 @@
%define GHCB_BASE (FixedPcdGet32 (PcdOvmfSecGhcbBase))
%define GHCB_SIZE (FixedPcdGet32 (PcdOvmfSecGhcbSize))
%define SEV_ES_WORK_AREA (FixedPcdGet32 (PcdSevEsWorkAreaBase))
+ %define SEV_ES_WORK_AREA_SNP (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 1)
%define SEV_ES_WORK_AREA_RDRAND (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 8)
%define SEV_ES_WORK_AREA_ENC_MASK (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 16)
%define SEV_ES_VC_TOP_OF_STACK (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase) + FixedPcdGet32 (PcdOvmfSecPeiTempRamSize))





Re: [PATCH] Platform/ARM/Morello: Correct the private resources in PPTT

Chris Jones
 

Hi Chandni,

I have built and verified this patch and it looks good to me.

Reviewed-by: Chris Jones <christopher.jones@arm.com>


Thanks,
Chris


Re: [PATCH v2 1/3] MdeModulePkg/UniversalPayload: Add definition for extra info in payload

Ni, Ray
 

Hao, Can you give a R-b for this patch and the other one that changes PeiCore?


Re: [PATCH v3 2/2] Platform/RaspberryPi: Enable Bluetooth and UART in Windows OS

Sunny Wang
 

Thanks for all the valuable comments, Mario. I learned a lot from your comments.

I just sent v4 for addressing your comments.

 

By the way, for samples/MinComm at develop · ms-iot/samples (github.com)

  1. I successfully build it. However, when I ran MinComm.exe on RPi4, I saw the “vcruntime140.dll was not found” error message, and couldn’t fix it by installing the latest Microsoft Visual C++ Redistributable (vc_redist.arm64.exe) from https://support.microsoft.com/en-us/topic/the-latest-supported-visual-c-downloads-2647da03-1eea-4433-9aff-95f26a218cc0.
  2. Just a suggestion. I think it would be good to upload the precompiled binary somewhere.  

 


Best Regards,

Sunny Wang

From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Mario Balanica via groups.io
Sent: Tuesday, June 1, 2021 12:36 AM
To: Sunny Wang <Sunny.Wang@...>
Cc: devel@edk2.groups.io; Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>; Sami Mujawar <Sami.Mujawar@...>; Jeremy Linton <Jeremy.Linton@...>; Pete Batard <pete@...>; Ard Biesheuvel <ardb+tianocore@...>
Subject: Re: [edk2-devel] [PATCH v3 2/2] Platform/RaspberryPi: Enable Bluetooth and UART in Windows OS

 

edit: "GpioPinSet (31, 0);" should be "GpioPinSet (31, FALSE);" and maybe add the "fake the CTS signal as we don't support HW flow control yet" comment too.

 

When this patch gets merged, I'll add my Bluetooth changes to raspberrypi/windows-drivers: Windows IOT drivers (github.com) and submit another patch here to enable hardware flow control.

 

--Mario

 

În lun., 31 mai 2021 la 18:56, Mario Bălănică <mariobalanica02@...> a scris:

If there is no COM port for PL011 UART, how can I check PL011 UART’s functionality? How can I use a telnet tool like PuTTY to send messages from RPi4 to my laptop? 

 

You can use: samples/MinComm at develop · ms-iot/samples (github.com) (let me know if you need a precompiled binary)

 

As for why I mux both UARTs to the BT chip, I was trying to address your comment “This always assumes that PL011 is used for Bluetooth”. Apparently, it didn’t address your comment. No matter whether I add “PinFunction (Exclusive, PullDown, BCM_ALT5, "\\_SB.GDV0.GPI0", 0, ResourceConsumer, , ) { 32, 33 }” or not, the Bluetooth has NOT worked when I configure PL011 UART as the primary serial console. Bluetooth only works when I configure Mini UART as the Primary serial console. I also confirmed that this problem also exists with RPi4 Release FW 1.26 + edk2-platforms-raspberrypi-pl011-bth-noflow.diff in https://github.com/worproject/RPi-Bluetooth-Testing/. Do you have any idea to make the Bluetooth work with configuring PL011 UART as the primary serial console?

 

Bluetooth doesn't really work with the mini UART driver at the moment. The chip stalls after a few transfers, as far as I remember. Haven't looked much into it.

 

By the way, it is good to know the loading sequence. Do you know where I can quickly find this information without using WinDbg?

 

I'm not aware of any way to see the driver loading order without WinDbg. Also, verbose mode must be enabled before boot: View Verbose Output - Windows drivers | Microsoft Docs

 

You could also test if Bluetooth will break by uninstalling / re-installing the mini UART driver while the system is running, then try to scan for nearby BT devices.

 

1.  What is the connection between GPIO 128 and Bluetooth (BT_ON)? Why did we add this line in the beginning? I just removed it by your request and according to the change in worproject/RPi-Bluetooth-Testing/, but I’m still worried about if we did this for some other purposes.  

 

That is a leftover from the MS-IOT tables. It tries to toggle BT_ON from the GPIO expander (I2C) through RPIQ (mailbox), but the driver has no knowledge of it. And since the firmware blob turns on Bluetooth by default, the line is completely useless.

 

We may want to have something like this in the future, for power management of the BT chip (will require some driver changes too).

 

2.  Why do we need to configure GPIO 32 and 33? Is the Bluetooth using GPIO 32 and 33? Or Is Windows OS checking GPIO 32 and 33 for Bluetooth? Where can I find the information?

 

Yes, the Bluetooth chip is available on pins 32, 33 (TX / RX). Also 30, 31 for hardware flow control (CTS / RTS). More info can be found in the BCM2711 datasheet (5.3. Alternative Function Assignments)

 

3.  As for your comment about GPIO 31, I was confused, so I didn’t update anything for addressing this comment. My understanding was that It is intended to override the BCM_ALT2’s default setting from PullLow to PullNone to fack the CTS signal. If we change it to PullLow, it will be used for HW flow control, which is unwanted, isn’t it? What did you want me to change? Could you directly paste the code change you wanted here for my reference?

 

The BCM_ALT2 thing is a dirty hack. Pin 31 must be held LOW so that we can talk to the BT chip without flow control. It seems this can't be described with PinFunction, so I've relied on the default value of ALT2 for pin 31 (which turns out to be always LOW). 

 

My proposal is to move the pin muxing stuff in ConfigDxe, like this:

 

STATIC VOID

ApplyVariables (

  VOID

  )

{

...

 

  if (FanOnGpio) {

    DEBUG ((DEBUG_INFO, "Fan enabled on GPIO %d\n", FanOnGpio));

    GpioPinFuncSet (FanOnGpio, GPIO_FSEL_OUTPUT);

  }

 

  /*

   * Bluetooth pin muxing

   */   

  GpioPinFuncSet (31, GPIO_FSEL_OUTPUT);

  GpioPinSet (31, 0);

 

  if ((PcdGet32 (PcdUartInUse) == PL011_UART_IN_USE)) {  

    GpioPinFuncSet (32, GPIO_FSEL_ALT3);

    GpioPinFuncSet (33, GPIO_FSEL_ALT3);

  } else {

    GpioPinFuncSet (32, GPIO_FSEL_ALT5);

    GpioPinFuncSet (33, GPIO_FSEL_ALT5);

  }

}

 

--Mario

 

În lun., 31 mai 2021 la 16:26, Sunny Wang <Sunny.Wang@...> a scris:

Hi Mario,

 

Thanks for checking this.

Yeah, the problem is NO COM port for PL011 UART in Windows IOT’s device manager, so I thought it doesn’t work. If there is no COM port for PL011 UART, how can I check PL011 UART’s functionality? How can I use a telnet tool like PuTTY to send messages from RPi4 to my laptop? How to use SerCx2? Is there a guideline for using PL011 UART on RPi4 with Windows IoT?

 

As for why I mux both UARTs to the BT chip, I was trying to address your comment “This always assumes that PL011 is used for Bluetooth”. Apparently, it didn’t address your comment. No matter whether I add “PinFunction (Exclusive, PullDown, BCM_ALT5, "\\_SB.GDV0.GPI0", 0, ResourceConsumer, , ) { 32, 33 }” or not, the Bluetooth has NOT worked when I configure PL011 UART as the primary serial console. Bluetooth only works when I configure Mini UART as the Primary serial console. I also confirmed that this problem also exists with RPi4 Release FW 1.26 + edk2-platforms-raspberrypi-pl011-bth-noflow.diff in https://github.com/worproject/RPi-Bluetooth-Testing/. Do you have any idea to make the Bluetooth work with configuring PL011 UART as the primary serial console? By the way, it is good to know the loading sequence. Do you know where I can quickly find this information without using WinDbg?

 

 

Actually, the original code change (Patch 2/2) is the patch (edk2-platforms-raspberrypi-pl011-bth-noflow.diff) on  https://github.com/worproject/RPi-Bluetooth-Testing/. I’m not familiar with Windows drivers’ behavior, so I had no idea about why we need to change them and couldn’t find more information about the changes’ background either. It looks like you know the details. Could you share with me more information about the background of these changes? At least, I have some questions below:

1.  What is the connection between GPIO 128 and Bluetooth (BT_ON)? Why did we add this line in the beginning? I just removed it by your request and according to the change in worproject/RPi-Bluetooth-Testing/, but I’m still worried about if we did this for some other purposes.  

2.  Why do we need to configure GPIO 32 and 33? Is the Bluetooth using GPIO 32 and 33? Or Is Windows OS checking GPIO 32 and 33 for Bluetooth? Where can I find the information?

3.  As for your comment about GPIO 31, I was confused, so I didn’t update anything for addressing this comment. My understanding was that It is intended to override the BCM_ALT2’s default setting from PullLow to PullNone to fack the CTS signal. If we change it to PullLow, it will be used for HW flow control, which is unwanted, isn’t it? What did you want me to change? Could you directly paste the code change you wanted here for my reference?

 

Moreover, for the changes you want, could you also paste the code change?


Best Regards,

Sunny Wang

 

From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Mario Balanica via groups.io
Sent: Monday, May 31, 2021 8:41 PM
To: Sunny Wang <Sunny.Wang@...>
Cc: devel@edk2.groups.io; Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>; Sami Mujawar <Sami.Mujawar@...>; Jeremy Linton <Jeremy.Linton@...>; Pete Batard <pete@...>; Ard Biesheuvel <ardb+tianocore@...>
Subject: Re: [edk2-devel] [PATCH v3 2/2] Platform/RaspberryPi: Enable Bluetooth and UART in Windows OS

 

Hi Sunny,

 

What issues are you seeing with the PL011 UART in Windows? Last time I checked, it worked fine, and the fact that Bluetooth works also confirms this.

It won't show up as a COM port (like mini UART does) as it's built using SerCx2.

 

@@ -30,6 +30,12 @@ Device (URT0)
   {
     MEMORY32FIXED (ReadWrite, 0, BCM2836_PL011_UART_LENGTH, RMEM)
     Interrupt (ResourceConsumer, Level, ActiveHigh, Exclusive) { BCM2836_PL011_UART_INTERRUPT }
+
+    PinFunction (Exclusive, PullDown, BCM_ALT3, "\\_SB.GDV0.GPI0", 0, ResourceConsumer, , ) { 32, 33 }
+

 

@@ -79,6 +85,11 @@ Device (URTM)
     // from muxing the pins away.

     // PinFunction (Exclusive, PullDown, BCM_ALT5, "\\_SB.GPI0", 0, ResourceConsumer, , ) { 14, 15 }
+    PinFunction (Exclusive, PullDown, BCM_ALT5, "\\_SB.GDV0.GPI0", 0, ResourceConsumer, , ) { 32, 33 }
+

 

What is the reason for trying to mux both UARTs to the BT chip? If PL011 is used for Bluetooth and the mini UART driver loads after it, wouldn't it mux away the pins and break Bluetooth?

 

 

 

 

În lun., 31 mai 2021 la 11:23, Sunny Wang <Sunny.Wang@...> a scris:

This change is based on edk2-platforms-raspberrypi-pl011-bth-noflow.diff
in https://github.com/worproject/RPi-Bluetooth-Testing/ for enabling
Bluetooth and serial port (Mini UART) in Windows IOT.

Note that PL011 UART still doesn't work with Windows 10 IOT with this
change, but PL011 UART works fine with VMware ESXi-Arm Fling v1.3.
Therefore, there should be no issue with PL011 UART related changes,
and we will still need a Windows expert to take a further look in the
future. Making PL011 UART work properly with Windows 10 IOT may require
additional changes to Windows driver or firmware's ACPI table.

Testing Done:
  - Successfully booted Windows Windows 10 IOT (20279.1) on SD (made by WOR) with
    the RPi-Windows-Drivers release ver 0.5 downloaded from
    https://github.com/worproject/RPi-Windows-Drivers/releases
    and checked that both Bluetooth and serial port (Mini UART) can
    work fine.
  - Successfully booted VMware ESXi-Arm Fling v1.3 with only serial
    console connection (PL011 UART).

Cc: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@...>
Cc: Sami Mujawar <sami.mujawar@...>
Cc: Jeremy Linton <jeremy.linton@...>
Cc: Pete Batard <pete@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Mario Bălănică <mariobalanica02@...>
Signed-off-by: Sunny Wang <sunny.wang@...>
---
 Platform/RaspberryPi/AcpiTables/Uart.asl | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/Platform/RaspberryPi/AcpiTables/Uart.asl b/Platform/RaspberryPi/AcpiTables/Uart.asl
index bac9d791eb..cb99086d39 100644
--- a/Platform/RaspberryPi/AcpiTables/Uart.asl
+++ b/Platform/RaspberryPi/AcpiTables/Uart.asl
@@ -30,6 +30,12 @@ Device (URT0)
   {
     MEMORY32FIXED (ReadWrite, 0, BCM2836_PL011_UART_LENGTH, RMEM)
     Interrupt (ResourceConsumer, Level, ActiveHigh, Exclusive) { BCM2836_PL011_UART_INTERRUPT }
+
+    PinFunction (Exclusive, PullDown, BCM_ALT3, "\\_SB.GDV0.GPI0", 0, ResourceConsumer, , ) { 32, 33 }
+
+    // fake the CTS signal as we don't support HW flow control yet
+    // BCM_ALT2 is set as output (low) by default
+    PinFunction (Exclusive, PullNone, BCM_ALT2, "\\_SB.GDV0.GPI0", 0, ResourceConsumer, , ) { 31 }
   })
   Method (_CRS, 0x0, Serialized)
   {
@@ -79,6 +85,11 @@ Device (URTM)
     // from muxing the pins away.

     // PinFunction (Exclusive, PullDown, BCM_ALT5, "\\_SB.GPI0", 0, ResourceConsumer, , ) { 14, 15 }
+    PinFunction (Exclusive, PullDown, BCM_ALT5, "\\_SB.GDV0.GPI0", 0, ResourceConsumer, , ) { 32, 33 }
+
+    // fake the CTS signal as we don't support HW flow control yet
+    // BCM_ALT2 is set as output (low) by default
+    PinFunction (Exclusive, PullNone, BCM_ALT2, "\\_SB.GDV0.GPI0", 0, ResourceConsumer, , ) { 31 }
   })
   Method (_CRS, 0x0, Serialized)
   {
@@ -143,10 +154,6 @@ Device(BTH0)
       UAR0,          // DescriptorName: creates name
                     //   for offset of resource descriptor
     )                // Vendor data
-    //
-    // RPIQ connection for BT_ON/OFF
-    //
-    GpioIO (Shared, PullUp, 0, 0, IoRestrictionNone, "\\_SB.GDV0.RPIQ", 0, ResourceConsumer, , ) { 128 }
   })

   //
@@ -190,10 +197,6 @@ Device(BTH0)
       UARM,          // DescriptorName: creates name
                     //   for offset of resource descriptor
     )                // Vendor data
-    //
-    // RPIQ connection for BT_ON/OFF
-    //
-    GpioIO (Shared, PullUp, 0, 0, IoRestrictionNone, "\\_SB.GDV0.RPIQ", 0, ResourceConsumer, , ) { 128 }
   })

   Method (_CRS, 0x0, Serialized)
--
2.31.0.windows.1

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


[PATCH v4 3/3] Platform/RaspberryPi: Enable Bluetooth and UART in Windows OS

Sunny Wang
 

This change is based on edk2-platforms-raspberrypi-pl011-bth-noflow.diff
in https://github.com/worproject/RPi-Bluetooth-Testing/ with the
modifications and additional changes below for enabling Bluetooth
and serial port (Mini UART) in Windows IOT.
- Remove RPIQ connection for BT_ON/OFF in Uart.asl because it is
useless. The firmware already turns on the Bluetooth by default.
- Move the GPIO pin muxing stuff from Uart.asl to ConfigDxe driver.

Testing Done:
- Successfully booted Windows Windows 10 IOT (20279.1) on SD (made by
WOR) with the RPi-Windows-Drivers release ver 0.5 downloaded from
https://github.com/worproject/RPi-Windows-Drivers/releases
and checked that both Bluetooth and serial port (Mini UART) can
work fine.
- Successfully booted VMware ESXi-Arm Fling v1.3 with only serial
console connection (PL011 UART).

Cc: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@...>
Cc: Sami Mujawar <sami.mujawar@...>
Cc: Jeremy Linton <jeremy.linton@...>
Cc: Pete Batard <pete@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Mario Bălănică <mariobalanica02@...>
Signed-off-by: Sunny Wang <sunny.wang@...>
---
Platform/RaspberryPi/AcpiTables/Uart.asl | 16 --------------
.../RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c | 22 +++++++++++++++++++
2 files changed, 22 insertions(+), 16 deletions(-)

diff --git a/Platform/RaspberryPi/AcpiTables/Uart.asl b/Platform/RaspberryPi/AcpiTables/Uart.asl
index bac9d791eb..167f94e889 100644
--- a/Platform/RaspberryPi/AcpiTables/Uart.asl
+++ b/Platform/RaspberryPi/AcpiTables/Uart.asl
@@ -71,14 +71,6 @@ Device (URTM)
MEMORY32FIXED (ReadWrite, 0, BCM2836_MINI_UART_LENGTH, RMEM)
Interrupt(ResourceConsumer, Level, ActiveHigh, Shared) { BCM2836_MINI_UART_INTERRUPT }

- // NTRAID#MSFT-7141401-2016/04/7-jordanrh - disable UART muxing
- // until a proper solution can be created for the dmap conflict.
- // When muxing is enabled, must consider DBG2 table conflict.
- // The alternate function resource needs to be reserved when
- // the kernel debugger is enabled to prevent another client
- // from muxing the pins away.
-
- // PinFunction (Exclusive, PullDown, BCM_ALT5, "\\_SB.GPI0", 0, ResourceConsumer, , ) { 14, 15 }
})
Method (_CRS, 0x0, Serialized)
{
@@ -143,10 +135,6 @@ Device(BTH0)
UAR0, // DescriptorName: creates name
// for offset of resource descriptor
) // Vendor data
- //
- // RPIQ connection for BT_ON/OFF
- //
- GpioIO (Shared, PullUp, 0, 0, IoRestrictionNone, "\\_SB.GDV0.RPIQ", 0, ResourceConsumer, , ) { 128 }
})

//
@@ -190,10 +178,6 @@ Device(BTH0)
UARM, // DescriptorName: creates name
// for offset of resource descriptor
) // Vendor data
- //
- // RPIQ connection for BT_ON/OFF
- //
- GpioIO (Shared, PullUp, 0, 0, IoRestrictionNone, "\\_SB.GDV0.RPIQ", 0, ResourceConsumer, , ) { 128 }
})

Method (_CRS, 0x0, Serialized)
diff --git a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
index d6efb59793..cf9880bd20 100644
--- a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
+++ b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
@@ -618,6 +618,28 @@ ApplyVariables (
DEBUG ((DEBUG_INFO, "Fan enabled on GPIO %d\n", FanOnGpio));
GpioPinFuncSet (FanOnGpio, GPIO_FSEL_OUTPUT);
}
+
+ //
+ // Fake the CTS signal as we don't support HW flow control yet.
+ // Pin 31 must be held LOW so that we can talk to the BT chip
+ // without flow control
+ //
+ GpioPinFuncSet (31, GPIO_FSEL_OUTPUT);
+ GpioPinConfigure (31, CLEAR_GPIO);
+
+ //
+ // Bluetooth pin muxing
+ //
+ if ((PcdGet32 (PcdUartInUse) == PL011_UART_IN_USE)) {
+ DEBUG ((DEBUG_INFO, "Enable Bluetooth over MiniUART\n"));
+ GpioPinFuncSet (32, GPIO_FSEL_ALT5);
+ GpioPinFuncSet (33, GPIO_FSEL_ALT5);
+ } else {
+ DEBUG ((DEBUG_INFO, "Enable Bluetooth over PL011 UART\n"));
+ GpioPinFuncSet (32, GPIO_FSEL_ALT3);
+ GpioPinFuncSet (33, GPIO_FSEL_ALT3);
+ }
+
}


--
2.31.0.windows.1


[PATCH v4 2/3] Silicon/Broadcom/Bcm283x: Clean up GpioPinSet function

Sunny Wang
 

Make the changes below for making it clearer.
- Rename GpioPinSet() to GpioPinConfigure()
- Rename parameter Val to Config and change its type to BOOLEAN

Cc: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@...>
Cc: Sami Mujawar <sami.mujawar@...>
Cc: Jeremy Linton <jeremy.linton@...>
Cc: Pete Batard <pete@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Mario Bălănică <mariobalanica02@...>
Signed-off-by: Sunny Wang <sunny.wang@...>
---
Silicon/Broadcom/Bcm283x/Include/Library/GpioLib.h | 10 +++++++---
Silicon/Broadcom/Bcm283x/Library/GpioLib/GpioLib.c | 9 +++++----
2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/Silicon/Broadcom/Bcm283x/Include/Library/GpioLib.h b/Silicon/Broadcom/Bcm283x/Include/Library/GpioLib.h
index 75c2c8be51..1f7d2204e0 100644
--- a/Silicon/Broadcom/Bcm283x/Include/Library/GpioLib.h
+++ b/Silicon/Broadcom/Bcm283x/Include/Library/GpioLib.h
@@ -3,6 +3,7 @@
* GPIO manipulation.
*
* Copyright (c) 2018, Andrei Warkentin <andrey.warkentin@...>
+ * Copyright (c) 2021, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-2-Clause-Patent
*
@@ -13,6 +14,9 @@

#include <IndustryStandard/Bcm2836Gpio.h>

+#define CLEAR_GPIO 0
+#define SET_GPIO 1
+
VOID
GpioPinFuncSet (
IN UINTN Pin,
@@ -25,9 +29,9 @@ GpioPinFuncGet (
);

VOID
-GpioPinSet (
- IN UINTN Pin,
- IN UINTN Val
+GpioPinConfigure (
+ IN UINTN Pin,
+ IN BOOLEAN Config
);

UINTN
diff --git a/Silicon/Broadcom/Bcm283x/Library/GpioLib/GpioLib.c b/Silicon/Broadcom/Bcm283x/Library/GpioLib/GpioLib.c
index a4b4af59eb..eaf53e5369 100644
--- a/Silicon/Broadcom/Bcm283x/Library/GpioLib/GpioLib.c
+++ b/Silicon/Broadcom/Bcm283x/Library/GpioLib/GpioLib.c
@@ -4,6 +4,7 @@
*
* Copyright (c) 2020, Pete Batard <pete@...>
* Copyright (c) 2018, Andrei Warkentin <andrey.warkentin@...>
+ * Copyright (c) 2021, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-2-Clause-Patent
*
@@ -85,9 +86,9 @@ GpioPinFuncGet (
}

VOID
-GpioPinSet (
- IN UINTN Pin,
- IN UINTN Val
+GpioPinConfigure (
+ IN UINTN Pin,
+ IN BOOLEAN Config
)
{
EFI_PHYSICAL_ADDRESS Reg;
@@ -102,7 +103,7 @@ GpioPinSet (
//
// Different base addresses are used for clear and set
//
- Reg = (Val == 0) ? GPIO_GPCLR0 : GPIO_GPSET0;
+ Reg = (Config == CLEAR_GPIO) ? GPIO_GPCLR0 : GPIO_GPSET0;
Reg += RegIndex * sizeof (UINT32);
MmioWrite32 (Reg, 1 << SelIndex);
}
--
2.31.0.windows.1


[PATCH v4 1/3] Platform/RaspberryPi: Dynamically build UARTs info in ACPI

Sunny Wang
 

Changes:
1. Add code to ConfigDxe driver and AcpiTables module to dynamically
build either Mini UART or PL011 UART info in ACPI. This also fixes
the issue discussed in https://github.com/pftf/RPi4/issues/118.
2. Cleanup by moving duplicate Debug Port 2 table related defines and
structures to a newly created header file (RpiDebugPort2Table.h).

Testing Done:
- Booted to UEFI shell and use acpiview command to check the result of
the different UART settings in config.txt (enabling either Mini UART
or PL011) and SPCR, DBG2 tables and device BTH0 are dynamically
changed as expected.

Cc: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@...>
Cc: Sami Mujawar <sami.mujawar@...>
Cc: Jeremy Linton <jeremy.linton@...>
Cc: Pete Batard <pete@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Mario Bălănică <mariobalanica02@...>
Signed-off-by: Sunny Wang <sunny.wang@...>
---
.../RaspberryPi/AcpiTables/AcpiTables.inf | 8 +-
.../RaspberryPi/AcpiTables/Dbg2MiniUart.aslc | 81 +++++++++
.../AcpiTables/{Dbg2.aslc => Dbg2Pl011.aslc} | 30 +---
.../RaspberryPi/AcpiTables/SpcrMiniUart.aslc | 91 ++++++++++
.../AcpiTables/{Spcr.aslc => SpcrPl011.aslc} | 10 +-
Platform/RaspberryPi/AcpiTables/Uart.asl | 155 +++++++++++++-----
.../RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c | 48 +++++-
.../Drivers/ConfigDxe/ConfigDxe.inf | 1 +
.../IndustryStandard/RpiDebugPort2Table.h | 33 ++++
Platform/RaspberryPi/Include/UartSelection.h | 20 +++
Platform/RaspberryPi/RPi3/RPi3.dsc | 8 +
Platform/RaspberryPi/RPi4/RPi4.dsc | 8 +
Platform/RaspberryPi/RaspberryPi.dec | 1 +
13 files changed, 410 insertions(+), 84 deletions(-)
create mode 100644 Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc
rename Platform/RaspberryPi/AcpiTables/{Dbg2.aslc => Dbg2Pl011.aslc} (72%)
create mode 100644 Platform/RaspberryPi/AcpiTables/SpcrMiniUart.aslc
rename Platform/RaspberryPi/AcpiTables/{Spcr.aslc => SpcrPl011.aslc} (87%)
create mode 100644 Platform/RaspberryPi/Include/IndustryStandard/RpiDebugPort2Table.h
create mode 100644 Platform/RaspberryPi/Include/UartSelection.h

diff --git a/Platform/RaspberryPi/AcpiTables/AcpiTables.inf b/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
index d3363a76a1..1ddc9ca5fe 100644
--- a/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
+++ b/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
@@ -2,7 +2,7 @@
#
# ACPI table data and ASL sources required to boot the platform.
#
-# Copyright (c) 2019, ARM Limited. All rights reserved.
+# Copyright (c) 2019-2021, ARM Limited. All rights reserved.
# Copyright (c) 2017, Andrey Warkentin <andrey.warkentin@...>
# Copyright (c) Microsoft Corporation. All rights reserved.
#
@@ -28,12 +28,14 @@
Emmc.asl
Madt.aslc
Fadt.aslc
- Dbg2.aslc
+ Dbg2MiniUart.aslc
+ Dbg2Pl011.aslc
Gtdt.aslc
Iort.aslc
Dsdt.asl
Csrt.aslc
- Spcr.aslc
+ SpcrMiniUart.aslc
+ SpcrPl011.aslc
Pptt.aslc
SsdtThermal.asl

diff --git a/Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc b/Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc
new file mode 100644
index 0000000000..be7d96c179
--- /dev/null
+++ b/Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc
@@ -0,0 +1,81 @@
+/** @file
+ *
+ * Debug Port Table (DBG2)
+ *
+ * Copyright (c) 2019, Pete Batard <pete@...>
+ * Copyright (c) 2012-2021, ARM Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-2-Clause-Patent
+ *
+ **/
+
+#include <IndustryStandard/Acpi.h>
+#include <IndustryStandard/Bcm2836.h>
+#include <IndustryStandard/RpiDebugPort2Table.h>
+#include <Library/AcpiLib.h>
+#include <Library/PcdLib.h>
+
+#include "AcpiTables.h"
+
+#pragma pack(1)
+
+#define RPI_UART_INTERFACE_TYPE EFI_ACPI_DBG2_PORT_SUBTYPE_SERIAL_BCM2835_UART
+#define RPI_UART_BASE_ADDRESS BCM2836_MINI_UART_BASE_ADDRESS
+#define RPI_UART_LENGTH BCM2836_MINI_UART_LENGTH
+//
+// RPI_UART_STR should match the value used Uart.asl
+//
+#define RPI_UART_STR { '\\', '_', 'S', 'B', '.', 'G', 'D', 'V', '0', '.', 'U', 'R', 'T', 'M', 0x00 }
+
+#define DBG2_DEBUG_PORT_DDI(NumReg, SubType, UartBase, UartAddrLen, UartNameStr) { \
+ { \
+ EFI_ACPI_DBG2_DEBUG_DEVICE_INFORMATION_STRUCT_REVISION, /* UINT8 Revision */ \
+ sizeof (DBG2_DEBUG_DEVICE_INFORMATION), /* UINT16 Length */ \
+ NumReg, /* UINT8 NumberofGenericAddressRegisters */ \
+ RPI_DBG2_NAMESPACESTRING_FIELD_SIZE, /* UINT16 NameSpaceStringLength */ \
+ OFFSET_OF (DBG2_DEBUG_DEVICE_INFORMATION, NameSpaceString), /* UINT16 NameSpaceStringOffset */ \
+ 0, /* UINT16 OemDataLength */ \
+ 0, /* UINT16 OemDataOffset */ \
+ EFI_ACPI_DBG2_PORT_TYPE_SERIAL, /* UINT16 Port Type */ \
+ SubType, /* UINT16 Port Subtype */ \
+ {EFI_ACPI_RESERVED_BYTE, EFI_ACPI_RESERVED_BYTE}, /* UINT8 Reserved[2] */ \
+ OFFSET_OF (DBG2_DEBUG_DEVICE_INFORMATION, BaseAddressRegister), /* UINT16 BaseAddressRegister Offset */ \
+ OFFSET_OF (DBG2_DEBUG_DEVICE_INFORMATION, AddressSize) /* UINT16 AddressSize Offset */ \
+ }, \
+ ARM_GAS32 (UartBase), /* EFI_ACPI_6_3_GENERIC_ADDRESS_STRUCTURE BaseAddressRegister */ \
+ UartAddrLen, /* UINT32 AddressSize */ \
+ UartNameStr /* UINT8 NameSpaceString[MAX_DBG2_NAME_LEN] */ \
+ }
+
+
+STATIC DBG2_TABLE Dbg2 = {
+ {
+ ACPI_HEADER (
+ EFI_ACPI_6_3_DEBUG_PORT_2_TABLE_SIGNATURE,
+ DBG2_TABLE,
+ EFI_ACPI_DBG2_DEBUG_DEVICE_INFORMATION_STRUCT_REVISION
+ ),
+ OFFSET_OF (DBG2_TABLE, Dbg2DeviceInfo),
+ RPI_DBG2_NUM_DEBUG_PORTS /* UINT32 NumberDbgDeviceInfo */
+ },
+ {
+ /*
+ * Kernel Debug Port
+ */
+ DBG2_DEBUG_PORT_DDI (
+ RPI_DBG2_NUMBER_OF_GENERIC_ADDRESS_REGISTERS,
+ RPI_UART_INTERFACE_TYPE,
+ RPI_UART_BASE_ADDRESS,
+ RPI_UART_LENGTH,
+ RPI_UART_STR
+ ),
+ }
+};
+
+#pragma pack()
+
+//
+// Reference the table being generated to prevent the optimizer from removing
+// the data structure from the executable
+//
+VOID* CONST ReferenceAcpiTable = &Dbg2;
diff --git a/Platform/RaspberryPi/AcpiTables/Dbg2.aslc b/Platform/RaspberryPi/AcpiTables/Dbg2Pl011.aslc
similarity index 72%
rename from Platform/RaspberryPi/AcpiTables/Dbg2.aslc
rename to Platform/RaspberryPi/AcpiTables/Dbg2Pl011.aslc
index e3f2adae7e..e07869b027 100644
--- a/Platform/RaspberryPi/AcpiTables/Dbg2.aslc
+++ b/Platform/RaspberryPi/AcpiTables/Dbg2Pl011.aslc
@@ -3,7 +3,7 @@
* Debug Port Table (DBG2)
*
* Copyright (c) 2019, Pete Batard <pete@...>
- * Copyright (c) 2012-2020, ARM Limited. All rights reserved.
+ * Copyright (c) 2012-2021, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-2-Clause-Patent
*
@@ -11,7 +11,7 @@

#include <IndustryStandard/Acpi.h>
#include <IndustryStandard/Bcm2836.h>
-#include <IndustryStandard/DebugPort2Table.h>
+#include <IndustryStandard/RpiDebugPort2Table.h>
#include <Library/AcpiLib.h>
#include <Library/PcdLib.h>

@@ -19,37 +19,13 @@

#pragma pack(1)

-#define RPI_DBG2_NUM_DEBUG_PORTS 1
-#define RPI_DBG2_NUMBER_OF_GENERIC_ADDRESS_REGISTERS 1
-#define RPI_DBG2_NAMESPACESTRING_FIELD_SIZE 15
-
-#if (RPI_MODEL == 4)
#define RPI_UART_INTERFACE_TYPE EFI_ACPI_DBG2_PORT_SUBTYPE_SERIAL_ARM_PL011_UART
#define RPI_UART_BASE_ADDRESS BCM2836_PL011_UART_BASE_ADDRESS
#define RPI_UART_LENGTH BCM2836_PL011_UART_LENGTH
-#define RPI_UART_STR { '\\', '_', 'S', 'B', '.', 'G', 'D', 'V', '0', '.', 'U', 'R', 'T', '0', 0x00 }
-#else
-#define RPI_UART_INTERFACE_TYPE EFI_ACPI_DBG2_PORT_SUBTYPE_SERIAL_BCM2835_UART
-#define RPI_UART_BASE_ADDRESS BCM2836_MINI_UART_BASE_ADDRESS
-#define RPI_UART_LENGTH BCM2836_MINI_UART_LENGTH
//
// RPI_UART_STR should match the value used Uart.asl
//
-#define RPI_UART_STR { '\\', '_', 'S', 'B', '.', 'G', 'D', 'V', '0', '.', 'U', 'R', 'T', 'M', 0x00 }
-#endif
-
-typedef struct {
- EFI_ACPI_DBG2_DEBUG_DEVICE_INFORMATION_STRUCT Dbg2Device;
- EFI_ACPI_6_3_GENERIC_ADDRESS_STRUCTURE BaseAddressRegister;
- UINT32 AddressSize;
- UINT8 NameSpaceString[RPI_DBG2_NAMESPACESTRING_FIELD_SIZE];
-} DBG2_DEBUG_DEVICE_INFORMATION;
-
-typedef struct {
- EFI_ACPI_DEBUG_PORT_2_DESCRIPTION_TABLE Description;
- DBG2_DEBUG_DEVICE_INFORMATION Dbg2DeviceInfo[RPI_DBG2_NUM_DEBUG_PORTS];
-} DBG2_TABLE;
-
+#define RPI_UART_STR { '\\', '_', 'S', 'B', '.', 'G', 'D', 'V', '0', '.', 'U', 'R', 'T', '0', 0x00 }

#define DBG2_DEBUG_PORT_DDI(NumReg, SubType, UartBase, UartAddrLen, UartNameStr) { \
{ \
diff --git a/Platform/RaspberryPi/AcpiTables/SpcrMiniUart.aslc b/Platform/RaspberryPi/AcpiTables/SpcrMiniUart.aslc
new file mode 100644
index 0000000000..2f638c61a5
--- /dev/null
+++ b/Platform/RaspberryPi/AcpiTables/SpcrMiniUart.aslc
@@ -0,0 +1,91 @@
+/** @file
+* SPCR Table
+*
+* Copyright (c) 2019 Pete Batard <pete@...>
+* Copyright (c) 2014-2021, ARM Limited. All rights reserved.
+*
+* SPDX-License-Identifier: BSD-2-Clause-Patent
+*
+**/
+
+#include <IndustryStandard/Acpi.h>
+#include <IndustryStandard/Bcm2836.h>
+#include <IndustryStandard/SerialPortConsoleRedirectionTable.h>
+#include <Library/AcpiLib.h>
+#include <Library/PcdLib.h>
+
+#include "AcpiTables.h"
+
+#define RPI_UART_FLOW_CONTROL_NONE 0
+
+#define RPI_UART_INTERFACE_TYPE EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_INTERFACE_TYPE_BCM2835_UART
+#define RPI_UART_BASE_ADDRESS BCM2836_MINI_UART_BASE_ADDRESS
+#define RPI_UART_INTERRUPT BCM2836_MINI_UART_INTERRUPT
+
+STATIC EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE Spcr = {
+ ACPI_HEADER (
+ EFI_ACPI_6_3_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_SIGNATURE,
+ EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE,
+ EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_REVISION
+ ),
+ // UINT8 InterfaceType;
+ RPI_UART_INTERFACE_TYPE,
+ // UINT8 Reserved1[3];
+ {
+ EFI_ACPI_RESERVED_BYTE,
+ EFI_ACPI_RESERVED_BYTE,
+ EFI_ACPI_RESERVED_BYTE
+ },
+ // EFI_ACPI_6_3_GENERIC_ADDRESS_STRUCTURE BaseAddress;
+ ARM_GAS32 (RPI_UART_BASE_ADDRESS),
+ // UINT8 InterruptType;
+ EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_INTERRUPT_TYPE_GIC,
+ // UINT8 Irq;
+ 0, // Not used on ARM
+ // UINT32 GlobalSystemInterrupt;
+ RPI_UART_INTERRUPT,
+ // UINT8 BaudRate;
+#if (FixedPcdGet64 (PcdUartDefaultBaudRate) == 9600)
+ EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_BAUD_RATE_9600,
+#elif (FixedPcdGet64 (PcdUartDefaultBaudRate) == 19200)
+ EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_BAUD_RATE_19200,
+#elif (FixedPcdGet64 (PcdUartDefaultBaudRate) == 57600)
+ EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_BAUD_RATE_57600,
+#elif (FixedPcdGet64 (PcdUartDefaultBaudRate) == 115200)
+ EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_BAUD_RATE_115200,
+#else
+#error Unsupported SPCR Baud Rate
+#endif
+ // UINT8 Parity;
+ EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_PARITY_NO_PARITY,
+ // UINT8 StopBits;
+ EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_STOP_BITS_1,
+ // UINT8 FlowControl;
+ RPI_UART_FLOW_CONTROL_NONE,
+ // UINT8 TerminalType;
+ EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_TERMINAL_TYPE_VT_UTF8,
+ // UINT8 Reserved2;
+ EFI_ACPI_RESERVED_BYTE,
+ // UINT16 PciDeviceId;
+ 0xFFFF,
+ // UINT16 PciVendorId;
+ 0xFFFF,
+ // UINT8 PciBusNumber;
+ 0x00,
+ // UINT8 PciDeviceNumber;
+ 0x00,
+ // UINT8 PciFunctionNumber;
+ 0x00,
+ // UINT32 PciFlags;
+ 0x00000000,
+ // UINT8 PciSegment;
+ 0x00,
+ // UINT32 Reserved3;
+ EFI_ACPI_RESERVED_DWORD
+};
+
+//
+// Reference the table being generated to prevent the optimizer from removing the
+// data structure from the executable
+//
+VOID* CONST ReferenceAcpiTable = &Spcr;
diff --git a/Platform/RaspberryPi/AcpiTables/Spcr.aslc b/Platform/RaspberryPi/AcpiTables/SpcrPl011.aslc
similarity index 87%
rename from Platform/RaspberryPi/AcpiTables/Spcr.aslc
rename to Platform/RaspberryPi/AcpiTables/SpcrPl011.aslc
index 07df3a718d..06e19c1245 100644
--- a/Platform/RaspberryPi/AcpiTables/Spcr.aslc
+++ b/Platform/RaspberryPi/AcpiTables/SpcrPl011.aslc
@@ -2,7 +2,7 @@
* SPCR Table
*
* Copyright (c) 2019 Pete Batard <pete@...>
-* Copyright (c) 2014-2016, ARM Limited. All rights reserved.
+* Copyright (c) 2014-2021, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-2-Clause-Patent
*
@@ -18,16 +18,10 @@

#define RPI_UART_FLOW_CONTROL_NONE 0

-// Prefer PL011 serial output on the Raspberry Pi 4
-#if (RPI_MODEL == 4)
#define RPI_UART_INTERFACE_TYPE EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_INTERFACE_TYPE_ARM_PL011_UART
#define RPI_UART_BASE_ADDRESS BCM2836_PL011_UART_BASE_ADDRESS
#define RPI_UART_INTERRUPT BCM2836_PL011_UART_INTERRUPT
-#else
-#define RPI_UART_INTERFACE_TYPE EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_INTERFACE_TYPE_BCM2835_UART
-#define RPI_UART_BASE_ADDRESS BCM2836_MINI_UART_BASE_ADDRESS
-#define RPI_UART_INTERRUPT BCM2836_MINI_UART_INTERRUPT
-#endif
+
STATIC EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE Spcr = {
ACPI_HEADER (
EFI_ACPI_6_3_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_SIGNATURE,
diff --git a/Platform/RaspberryPi/AcpiTables/Uart.asl b/Platform/RaspberryPi/AcpiTables/Uart.asl
index 81ae6711af..bac9d791eb 100644
--- a/Platform/RaspberryPi/AcpiTables/Uart.asl
+++ b/Platform/RaspberryPi/AcpiTables/Uart.asl
@@ -2,6 +2,7 @@
*
* [DSDT] Serial devices (UART).
*
+ * Copyright (c) 2021, ARM Limited. All rights reserved.
* Copyright (c) 2020, Pete Batard <pete@...>
* Copyright (c) 2018, Andrey Warkentin <andrey.warkentin@...>
* Copyright (c) Microsoft Corporation. All rights reserved.
@@ -93,57 +94,125 @@ Device(BTH0)
{
Name (_HID, "BCM2EA6")
Name (_CID, "BCM2EA6")
+
+ //
+ // UART In Use will be dynamically updated during boot
+ // 0x55 0x52 0x49 0x55 0xA 0x2 (Value must > 1)
+ //
+ Name (URIU, 0x2)
+
Method (_STA)
{
Return (0xf)
}
+
+ //
+ // Resource for URT0 (PL011)
+ //
+ Name (BTPL, ResourceTemplate ()
+ {
+ UARTSerialBus(
+ 115200, // InitialBaudRate: in BPS
+ , // BitsPerByte: default to 8 bits
+ , // StopBits: Defaults to one bit
+ 0x00, // LinesInUse: 8 1-bit flags to
+ // declare enabled control lines.
+ // Raspberry Pi does not exposed
+ // HW control signals -> not supported.
+ // Optional bits:
+ // - Bit 7 (0x80) Request To Send (RTS)
+ // - Bit 6 (0x40) Clear To Send (CTS)
+ // - Bit 5 (0x20) Data Terminal Ready (DTR)
+ // - Bit 4 (0x10) Data Set Ready (DSR)
+ // - Bit 3 (0x08) Ring Indicator (RI)
+ // - Bit 2 (0x04) Data Carrier Detect (DTD)
+ // - Bit 1 (0x02) Reserved. Must be 0.
+ // - Bit 0 (0x01) Reserved. Must be 0.
+ , // IsBigEndian:
+ // default to LittleEndian.
+ , // Parity: Defaults to no parity
+ , // FlowControl: Defaults to
+ // no flow control.
+ 16, // ReceiveBufferSize
+ 16, // TransmitBufferSize
+ "\\_SB.GDV0.URT0", // ResourceSource:
+ // UART bus controller name
+ , // ResourceSourceIndex: assumed to be 0
+ , // ResourceUsage: assumed to be
+ // ResourceConsumer
+ UAR0, // DescriptorName: creates name
+ // for offset of resource descriptor
+ ) // Vendor data
+ //
+ // RPIQ connection for BT_ON/OFF
+ //
+ GpioIO (Shared, PullUp, 0, 0, IoRestrictionNone, "\\_SB.GDV0.RPIQ", 0, ResourceConsumer, , ) { 128 }
+ })
+
+ //
+ // Resource for URTM (miniUART)
+ //
+ Name (BTMN, ResourceTemplate ()
+ {
+ //
+ // BT UART: ResourceSource will be dynamically updated to
+ // either URT0 (PL011) or URTM (miniUART) during boot
+ //
+ UARTSerialBus(
+ 115200, // InitialBaudRate: in BPS
+ , // BitsPerByte: default to 8 bits
+ , // StopBits: Defaults to one bit
+ 0x00, // LinesInUse: 8 1-bit flags to
+ // declare enabled control lines.
+ // Raspberry Pi does not exposed
+ // HW control signals -> not supported.
+ // Optional bits:
+ // - Bit 7 (0x80) Request To Send (RTS)
+ // - Bit 6 (0x40) Clear To Send (CTS)
+ // - Bit 5 (0x20) Data Terminal Ready (DTR)
+ // - Bit 4 (0x10) Data Set Ready (DSR)
+ // - Bit 3 (0x08) Ring Indicator (RI)
+ // - Bit 2 (0x04) Data Carrier Detect (DTD)
+ // - Bit 1 (0x02) Reserved. Must be 0.
+ // - Bit 0 (0x01) Reserved. Must be 0.
+ , // IsBigEndian:
+ // default to LittleEndian.
+ , // Parity: Defaults to no parity
+ , // FlowControl: Defaults to
+ // no flow control.
+ 16, // ReceiveBufferSize
+ 16, // TransmitBufferSize
+ "\\_SB.GDV0.URTM", // ResourceSource:
+ // UART bus controller name
+ , // ResourceSourceIndex: assumed to be 0
+ , // ResourceUsage: assumed to be
+ // ResourceConsumer
+ UARM, // DescriptorName: creates name
+ // for offset of resource descriptor
+ ) // Vendor data
+ //
+ // RPIQ connection for BT_ON/OFF
+ //
+ GpioIO (Shared, PullUp, 0, 0, IoRestrictionNone, "\\_SB.GDV0.RPIQ", 0, ResourceConsumer, , ) { 128 }
+ })
+
Method (_CRS, 0x0, Serialized)
{
- Name (RBUF, ResourceTemplate ()
+ if (URIU == 0)
{
- // BT UART: URT0 (PL011) or URTM (miniUART)
- UARTSerialBus(
- 115200, // InitialBaudRate: in BPS
- , // BitsPerByte: default to 8 bits
- , // StopBits: Defaults to one bit
- 0x00, // LinesInUse: 8 1-bit flags to
- // declare enabled control lines.
- // Raspberry Pi does not exposed
- // HW control signals -> not supported.
- // Optional bits:
- // - Bit 7 (0x80) Request To Send (RTS)
- // - Bit 6 (0x40) Clear To Send (CTS)
- // - Bit 5 (0x20) Data Terminal Ready (DTR)
- // - Bit 4 (0x10) Data Set Ready (DSR)
- // - Bit 3 (0x08) Ring Indicator (RI)
- // - Bit 2 (0x04) Data Carrier Detect (DTD)
- // - Bit 1 (0x02) Reserved. Must be 0.
- // - Bit 0 (0x01) Reserved. Must be 0.
- , // IsBigEndian:
- // default to LittleEndian.
- , // Parity: Defaults to no parity
- , // FlowControl: Defaults to
- // no flow control.
- 16, // ReceiveBufferSize
- 16, // TransmitBufferSize
-#if (RPI_MODEL == 4)
- "\\_SB.GDV0.URTM", // ResourceSource:
-#else
- "\\_SB.GDV0.URT0", // ResourceSource:
-#endif
- // UART bus controller name
- , // ResourceSourceIndex: assumed to be 0
- , // ResourceUsage: assumed to be
- // ResourceConsumer
- UAR0, // DescriptorName: creates name
- // for offset of resource descriptor
- ) // Vendor data
-
//
- // RPIQ connection for BT_ON/OFF
+ // PL011 UART is configured for console output
+ // Return Mini UART for Bluetooth
//
- GpioIO (Shared, PullUp, 0, 0, IoRestrictionNone, "\\_SB.GDV0.RPIQ", 0, ResourceConsumer, , ) { 128 }
- })
- Return (RBUF)
+ return (^BTMN)
+ }
+ else
+ {
+ //
+ // Mini UART is configured for console output
+ // Return PL011 UART for Bluetooth
+ //
+ return (^BTPL)
+ }
}
}
diff --git a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
index d3c5869949..d6efb59793 100644
--- a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
+++ b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c
@@ -12,6 +12,10 @@
#include <IndustryStandard/Bcm2836.h>
#include <IndustryStandard/Bcm2836Gpio.h>
#include <IndustryStandard/RpiMbox.h>
+#include <IndustryStandard/SerialPortConsoleRedirectionTable.h>
+#include <IndustryStandard/RpiDebugPort2Table.h>
+#include <UartSelection.h>
+
#include <Library/AcpiLib.h>
#include <Library/DebugLib.h>
#include <Library/DevicePathLib.h>
@@ -23,6 +27,7 @@
#include <Library/NetLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/PcdLib.h>
#include <Protocol/AcpiTable.h>
#include <Protocol/BcmGenetPlatformDevice.h>
#include <Protocol/RpiFirmware.h>
@@ -743,6 +748,11 @@ STATIC CONST AML_NAME_OP_REPLACE SsdtEmmcNameOpReplace[] = {
{ }
};

+STATIC CONST AML_NAME_OP_REPLACE DsdtNameOpReplace[] = {
+ { "URIU", PcdToken (PcdUartInUse) },
+ { }
+};
+
STATIC CONST NAMESPACE_TABLES SdtTables[] = {
{
SIGNATURE_64 ('R', 'P', 'I', 'T', 'H', 'F', 'A', 'N'),
@@ -756,11 +766,11 @@ STATIC CONST NAMESPACE_TABLES SdtTables[] = {
PcdToken(PcdSdIsArasan),
SsdtEmmcNameOpReplace
},
- {
+ { // DSDT
SIGNATURE_64 ('R', 'P', 'I', 0, 0, 0, 0, 0),
0,
0,
- NULL
+ DsdtNameOpReplace
},
{ }
};
@@ -779,6 +789,9 @@ HandleDynamicNamespace (
{
UINTN Tables;

+ EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE *SpcrTable;
+ DBG2_TABLE *Dbg2Table;
+
switch (AcpiHeader->Signature) {
case SIGNATURE_32 ('D', 'S', 'D', 'T'):
case SIGNATURE_32 ('S', 'S', 'D', 'T'):
@@ -788,14 +801,37 @@ HandleDynamicNamespace (
}
}
DEBUG ((DEBUG_ERROR, "Found namespace table not in table list.\n"));
-
return FALSE;
+
case SIGNATURE_32 ('I', 'O', 'R', 'T'):
// only enable the IORT on machines with >3G and no limit
// to avoid problems with rhel/centos and other older OSs
if (PcdGet32 (PcdRamLimitTo3GB) || !PcdGet32 (PcdRamMoreThan3GB)) {
return FALSE;
}
+ return TRUE;
+
+ case SIGNATURE_32 ('S', 'P', 'C', 'R'):
+ SpcrTable = (EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE *)AcpiHeader;
+ if ((PcdGet32 (PcdUartInUse) == PL011_UART_IN_USE) &&
+ (SpcrTable->InterfaceType == EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_INTERFACE_TYPE_ARM_PL011_UART)) {
+ return TRUE;
+ } else if ((PcdGet32 (PcdUartInUse) == MINI_UART_IN_USE) &&
+ (SpcrTable->InterfaceType == EFI_ACPI_SERIAL_PORT_CONSOLE_REDIRECTION_TABLE_INTERFACE_TYPE_BCM2835_UART)) {
+ return TRUE;
+ }
+ return FALSE;
+
+ case SIGNATURE_32 ('D', 'B', 'G', '2'):
+ Dbg2Table = (DBG2_TABLE *)AcpiHeader;
+ if ((PcdGet32 (PcdUartInUse) == PL011_UART_IN_USE) &&
+ (Dbg2Table->Dbg2DeviceInfo[0].Dbg2Device.PortSubtype == EFI_ACPI_DBG2_PORT_SUBTYPE_SERIAL_ARM_PL011_UART)) {
+ return TRUE;
+ } else if ((PcdGet32 (PcdUartInUse) == MINI_UART_IN_USE) &&
+ (Dbg2Table->Dbg2DeviceInfo[0].Dbg2Device.PortSubtype == EFI_ACPI_DBG2_PORT_SUBTYPE_SERIAL_BCM2835_UART)) {
+ return TRUE;
+ }
+ return FALSE;
}

return TRUE;
@@ -812,6 +848,12 @@ ConfigInitialize (
EFI_STATUS Status;
EFI_EVENT EndOfDxeEvent;

+ if ((MmioRead32(GPIO_GPFSEL1) & GPFSEL1_UART_MASK) == PL011_UART_IN_USE_REG_VALUE) {
+ PcdSet32S (PcdUartInUse, PL011_UART_IN_USE);
+ } else if ((MmioRead32(GPIO_GPFSEL1) & GPFSEL1_UART_MASK) == MINI_UART_IN_USE_REG_VALUE) {
+ PcdSet32S (PcdUartInUse, MINI_UART_IN_USE);
+ }
+
Status = gBS->LocateProtocol (&gRaspberryPiFirmwareProtocolGuid,
NULL, (VOID**)&mFwProtocol);
ASSERT_EFI_ERROR (Status);
diff --git a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.inf b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.inf
index 032e40b0c3..597e1b4205 100644
--- a/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.inf
+++ b/Platform/RaspberryPi/Drivers/ConfigDxe/ConfigDxe.inf
@@ -94,6 +94,7 @@
gRaspberryPiTokenSpaceGuid.PcdFanOnGpio
gRaspberryPiTokenSpaceGuid.PcdFanTemp
gRaspberryPiTokenSpaceGuid.PcdBootPolicy
+ gRaspberryPiTokenSpaceGuid.PcdUartInUse

[Depex]
gPcdProtocolGuid AND gRaspberryPiFirmwareProtocolGuid
diff --git a/Platform/RaspberryPi/Include/IndustryStandard/RpiDebugPort2Table.h b/Platform/RaspberryPi/Include/IndustryStandard/RpiDebugPort2Table.h
new file mode 100644
index 0000000000..73134dfdc2
--- /dev/null
+++ b/Platform/RaspberryPi/Include/IndustryStandard/RpiDebugPort2Table.h
@@ -0,0 +1,33 @@
+/** @file
+
+ Copyright (c) 2021, ARM Limited. All rights reserved.
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+ **/
+#ifndef __RPI_DEBUG_PORT_2_H__
+#define __RPI_DEBUG_PORT_2_H__
+
+#include <IndustryStandard/DebugPort2Table.h>
+
+#define RPI_DBG2_NUM_DEBUG_PORTS 1
+#define RPI_DBG2_NUMBER_OF_GENERIC_ADDRESS_REGISTERS 1
+#define RPI_DBG2_NAMESPACESTRING_FIELD_SIZE 15
+
+#pragma pack(1)
+
+
+typedef struct {
+ EFI_ACPI_DBG2_DEBUG_DEVICE_INFORMATION_STRUCT Dbg2Device;
+ EFI_ACPI_6_3_GENERIC_ADDRESS_STRUCTURE BaseAddressRegister;
+ UINT32 AddressSize;
+ UINT8 NameSpaceString[RPI_DBG2_NAMESPACESTRING_FIELD_SIZE];
+} DBG2_DEBUG_DEVICE_INFORMATION;
+
+typedef struct {
+ EFI_ACPI_DEBUG_PORT_2_DESCRIPTION_TABLE Description;
+ DBG2_DEBUG_DEVICE_INFORMATION Dbg2DeviceInfo[RPI_DBG2_NUM_DEBUG_PORTS];
+} DBG2_TABLE;
+
+#pragma pack()
+#endif //__RPI_DEBUG_PORT_2_H__
diff --git a/Platform/RaspberryPi/Include/UartSelection.h b/Platform/RaspberryPi/Include/UartSelection.h
new file mode 100644
index 0000000000..803bf860bb
--- /dev/null
+++ b/Platform/RaspberryPi/Include/UartSelection.h
@@ -0,0 +1,20 @@
+/** @file
+ *
+ * Copyright (c) 2021, ARM Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-2-Clause-Patent
+ *
+ **/
+
+#ifndef UART_SELECTION_H
+#define UART_SELECTION_H
+
+#define GPFSEL1_UART_MASK (BIT17 | BIT16 | BIT15 | BIT14 | BIT13 | BIT12)
+
+#define PL011_UART_IN_USE_REG_VALUE (BIT17 | BIT14) // ALT0 - 0x24000
+#define MINI_UART_IN_USE_REG_VALUE (BIT16 | BIT13) // ALT5 - 0x12000
+
+#define PL011_UART_IN_USE 0
+#define MINI_UART_IN_USE 1
+
+#endif /* UART_SELECTION_H */
diff --git a/Platform/RaspberryPi/RPi3/RPi3.dsc b/Platform/RaspberryPi/RPi3/RPi3.dsc
index 425c7ff9ec..53825bcf62 100644
--- a/Platform/RaspberryPi/RPi3/RPi3.dsc
+++ b/Platform/RaspberryPi/RPi3/RPi3.dsc
@@ -552,6 +552,14 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0

+ #
+ # UART in use
+ # This value will be synchronized with the setting in config.txt
+ # 0 - PL011_UART_IN_USE
+ # 1 - MINI_UART_IN_USE
+ #
+ gRaspberryPiTokenSpaceGuid.PcdUartInUse|1
+
################################################################################
#
# Components Section - list of all EDK II Modules needed by this Platform
diff --git a/Platform/RaspberryPi/RPi4/RPi4.dsc b/Platform/RaspberryPi/RPi4/RPi4.dsc
index d8c6fdd4bd..fd73c4d14b 100644
--- a/Platform/RaspberryPi/RPi4/RPi4.dsc
+++ b/Platform/RaspberryPi/RPi4/RPi4.dsc
@@ -568,6 +568,14 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0

+ #
+ # UART in use
+ # This value will be synchronized with the setting in config.txt
+ # 0 - PL011_UART_IN_USE
+ # 1 - MINI_UART_IN_USE
+ #
+ gRaspberryPiTokenSpaceGuid.PcdUartInUse|0
+
################################################################################
#
# Components Section - list of all EDK II Modules needed by this Platform
diff --git a/Platform/RaspberryPi/RaspberryPi.dec b/Platform/RaspberryPi/RaspberryPi.dec
index 8eb1c2bac7..f1dd8ac0ed 100644
--- a/Platform/RaspberryPi/RaspberryPi.dec
+++ b/Platform/RaspberryPi/RaspberryPi.dec
@@ -72,3 +72,4 @@
gRaspberryPiTokenSpaceGuid.PcdPlatformResetDelay|0|UINT32|0x0000001E
gRaspberryPiTokenSpaceGuid.PcdMmcEnableDma|0|UINT32|0x0000001F
gRaspberryPiTokenSpaceGuid.PcdBootPolicy|0|UINT32|0x00000020
+ gRaspberryPiTokenSpaceGuid.PcdUartInUse|1|UINT32|0x00000021
--
2.31.0.windows.1


[PATCH v4 0/3] Dynamically build UARTs info in ACPI

Sunny Wang
 

In v4: Address comments given by Mario on v3.
In v3: Address comments given by Jeremy, Mario, and Pete on v2.
In v2: Address comments given by Pete on v1.

Dynamically build UARTs info in ACPI so that it can match the UART
related settings defined in config.txt

Cc: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@...>
Cc: Sami Mujawar <sami.mujawar@...>
Cc: Jeremy Linton <jeremy.linton@...>
Cc: Pete Batard <pete@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Mario Balanica <mariobalanica02@...>

Sunny Wang (3):
Platform/RaspberryPi: Dynamically build UARTs info in ACPI
Silicon/Broadcom/Bcm283x: Clean up GpioPinSet function
Platform/RaspberryPi: Enable Bluetooth and UART in Windows OS

.../RaspberryPi/AcpiTables/AcpiTables.inf | 8 +-
.../RaspberryPi/AcpiTables/Dbg2MiniUart.aslc | 81 +++++++++
.../AcpiTables/{Dbg2.aslc => Dbg2Pl011.aslc} | 30 +---
.../RaspberryPi/AcpiTables/SpcrMiniUart.aslc | 91 ++++++++++
.../AcpiTables/{Spcr.aslc => SpcrPl011.aslc} | 10 +-
Platform/RaspberryPi/AcpiTables/Uart.asl | 155 ++++++++++++------
.../RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c | 70 +++++++-
.../Drivers/ConfigDxe/ConfigDxe.inf | 1 +
.../IndustryStandard/RpiDebugPort2Table.h | 33 ++++
Platform/RaspberryPi/Include/UartSelection.h | 20 +++
Platform/RaspberryPi/RPi3/RPi3.dsc | 8 +
Platform/RaspberryPi/RPi4/RPi4.dsc | 8 +
Platform/RaspberryPi/RaspberryPi.dec | 1 +
.../Bcm283x/Include/Library/GpioLib.h | 10 +-
.../Bcm283x/Library/GpioLib/GpioLib.c | 9 +-
15 files changed, 436 insertions(+), 99 deletions(-)
create mode 100644 Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc
rename Platform/RaspberryPi/AcpiTables/{Dbg2.aslc => Dbg2Pl011.aslc} (72%)
create mode 100644 Platform/RaspberryPi/AcpiTables/SpcrMiniUart.aslc
rename Platform/RaspberryPi/AcpiTables/{Spcr.aslc => SpcrPl011.aslc} (87%)
create mode 100644 Platform/RaspberryPi/Include/IndustryStandard/RpiDebugPort2Table.h
create mode 100644 Platform/RaspberryPi/Include/UartSelection.h

--
2.31.0.windows.1


Re: [PATCH v2 0/6] Secure Boot default keys

Grzegorz Bernacki
 

Hi Min M,

I tested it with Ovmf. I will try other compiler and provide you logs soon.

thanks,
greg

pt., 4 cze 2021 o 10:17 Xu, Min M <min.m.xu@...> napisał(a):


Grzegorz
Have you built this feature with different tool chains, such as VS2017/VS2019/GCC5? And test it in IA32/X64/AARCH64?
Would you post your test result in the mail?
Thanks much!

-----Original Message-----
From: Grzegorz Bernacki <gjb@...>
Sent: Tuesday, June 1, 2021 9:12 PM
To: devel@edk2.groups.io
Cc: leif@...; ardb+tianocore@...; Samer.El-Haj-
Mahmoud@...; sunny.Wang@...; mw@...;
upstream@...; Yao, Jiewen <jiewen.yao@...>; Wang, Jian J
<jian.j.wang@...>; Xu, Min M <min.m.xu@...>;
lersek@...; Grzegorz Bernacki <gjb@...>
Subject: [PATCH v2 0/6] Secure Boot default keys

This patchset adds support for initialization of default Secure Boot variables
based on keys content embedded in flash binary. This feature is active only if
Secure Boot is enabled and DEFAULT_KEY is defined. The patchset consist
also application to enroll keys from default variables and secure boot menu
change to allow user to reset key content to default values.
Discussion on design can be found at:
https://edk2.groups.io/g/rfc/topic/82139806#600

I also added patch for RPi4 which enables this feature for that platform.

Changes since v1:
- change names:
SecBootVariableLib => SecureBootVariableLib
SecBootDefaultKeysDxe => SecureBootDefaultKeysDxe
SecEnrollDefaultKeysApp => EnrollFromDefaultKeysApp
- change name of function CheckSetupMode to GetSetupMode
- remove ShellPkg dependecy from EnrollFromDefaultKeysApp
- rebase to master

Grzegorz Bernacki (6):
[edk2]
SecurityPkg: Create library for setting Secure Boot variables.
SecurityPkg: Create include file for default key content.
SecurityPkg: Add SecureBootDefaultKeysDxe driver
SecurityPkg: Add EnrollFromDefaultKeys application.
SecurityPkg: Add new modules to Security package.
SecurityPkg: Add option to reset secure boot keys.
[edk2-platform]
Platform/RaspberryPi: Enable default Secure Boot variables initialization

SecurityPkg/SecurityPkg.dec | 14 +
SecurityPkg/SecurityPkg.dsc | 5 +
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf
| 47 +
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
| 79 ++

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig
Dxe.inf | 2 +

SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD
efaultKeysDxe.inf | 46 +
SecurityPkg/Include/Library/SecureBootVariableLib.h |
252 +++++

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig
NvData.h | 2 +

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.
vfr | 6 +
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c
| 107 +++
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c
| 979 ++++++++++++++++++++

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI
mpl.c | 343 ++++---

SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD
efaultKeysDxe.c | 69 ++
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni
| 16 +
SecurityPkg/SecureBootDefaultKeys.fdf.inc | 62 ++

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigS
trings.uni | 4 +

SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD
efaultKeysDxe.uni | 17 +
17 files changed, 1862 insertions(+), 188 deletions(-) create mode 100644
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf
create mode 100644
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
create mode 100644
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD
efaultKeysDxe.inf
create mode 100644 SecurityPkg/Include/Library/SecureBootVariableLib.h
create mode 100644
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c
create mode 100644
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c
create mode 100644
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD
efaultKeysDxe.c
create mode 100644
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni
create mode 100644 SecurityPkg/SecureBootDefaultKeys.fdf.inc
create mode 100644
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD
efaultKeysDxe.uni

--
2.25.1


VirtIO sound device in qemu?

Ethin Probst
 

For my audio output protocol (I wonder if we should abbreviate it as
AOP?) I need to get access to VirtIO devices in PCIe configuration
space. However, I can't seem to find a way of telling QEMU to use this
device for audio output. Is there something I missed, or something
that does support this?

--
Signed,
Ethin D. Probst


Re: [PATCH v2 2/3] UefiPayloadPkg: Add PayloadLoaderPeim which can load ELF payload

Guo Dong
 

Reviewed-by: Guo Dong <guo.dong@...>

-----Original Message-----
From: Ni, Ray <ray.ni@...>
Sent: Wednesday, June 2, 2021 11:23 PM
To: devel@edk2.groups.io
Cc: Ma, Maurice <maurice.ma@...>; Dong, Guo
<guo.dong@...>; You, Benjamin <benjamin.you@...>
Subject: [PATCH v2 2/3] UefiPayloadPkg: Add PayloadLoaderPeim which can
load ELF payload

Per universal payload spec, the payload is in ELF format.
The patch adds a payload loader that supports to load ELF image.

The location of extra data sections whose names start with "upld."
is stored in PLD_EXTRA_DATA HOB.

Signed-off-by: Maurice Ma <maurice.ma@...>
Signed-off-by: Ray Ni <ray.ni@...>
Cc: Maurice Ma <maurice.ma@...>
Cc: Guo Dong <guo.dong@...>
Cc: Benjamin You <benjamin.you@...>
---
UefiPayloadPkg/PayloadLoaderPeim/ElfLib.h | 122 +++
.../PayloadLoaderPeim/ElfLib/Elf32.h | 252 +++++
.../PayloadLoaderPeim/ElfLib/Elf32Lib.c | 451 ++++++++
.../PayloadLoaderPeim/ElfLib/Elf64.h | 254 +++++
.../PayloadLoaderPeim/ElfLib/Elf64Lib.c | 460 ++++++++
.../PayloadLoaderPeim/ElfLib/ElfCommon.h | 983 ++++++++++++++++++
.../PayloadLoaderPeim/ElfLib/ElfLib.c | 473 +++++++++
.../PayloadLoaderPeim/ElfLib/ElfLibInternal.h | 109 ++
.../PayloadLoaderPeim/PayloadLoaderPeim.c | 187 ++++
.../PayloadLoaderPeim/PayloadLoaderPeim.inf | 59 ++
10 files changed, 3350 insertions(+)
create mode 100644 UefiPayloadPkg/PayloadLoaderPeim/ElfLib.h
create mode 100644 UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf32.h
create mode 100644 UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf32Lib.c
create mode 100644 UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64.h
create mode 100644 UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64Lib.c
create mode 100644
UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfCommon.h
create mode 100644 UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfLib.c
create mode 100644
UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfLibInternal.h
create mode 100644
UefiPayloadPkg/PayloadLoaderPeim/PayloadLoaderPeim.c
create mode 100644
UefiPayloadPkg/PayloadLoaderPeim/PayloadLoaderPeim.inf

diff --git a/UefiPayloadPkg/PayloadLoaderPeim/ElfLib.h
b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib.h
new file mode 100644
index 0000000000..9cfc2912cf
--- /dev/null
+++ b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib.h
@@ -0,0 +1,122 @@
+/** @file

+ ELF library

+

+ Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR>

+ SPDX-License-Identifier: BSD-2-Clause-Patent

+

+**/

+

+#ifndef ELF_LIB_H_

+#define ELF_LIB_H_

+

+#include <PiPei.h>

+

+#define ELF_CLASS32 1

+#define ELF_CLASS64 2

+

+#define ELF_PT_LOAD 1

+

+typedef struct {

+ RETURN_STATUS ParseStatus; ///< Return the status after
ParseElfImage().

+ UINT8 *FileBase; ///< The source location in memory.

+ UINTN FileSize; ///< The size including sections that don't
require loading.

+ UINT8 *PreferredImageAddress; ///< The preferred image to be
loaded. No relocation is needed if loaded to this address.

+ BOOLEAN ReloadRequired; ///< The image needs a new memory
location for running.

+ UINT8 *ImageAddress; ///< The destination memory address set
by caller.

+ UINTN ImageSize; ///< The memory size for loading and
execution.

+ UINT32 EiClass;

+ UINT32 ShNum;

+ UINT32 PhNum;

+ UINTN ShStrOff;

+ UINTN ShStrLen;

+ UINTN EntryPoint; ///< Return the actual entry point after
LoadElfImage().

+} ELF_IMAGE_CONTEXT;

+

+

+typedef struct {

+ UINT32 PtType;

+ UINTN Offset;

+ UINTN Length;

+ UINTN MemLen;

+ UINTN MemAddr;

+ UINTN Alignment;

+} SEGMENT_INFO;

+

+/**

+ Parse the ELF image info.

+

+ @param[in] ImageBase Memory address of an image.

+ @param[out] ElfCt The EFL image context pointer.

+

+ @retval EFI_INVALID_PARAMETER Input parameters are not valid.

+ @retval EFI_UNSUPPORTED Unsupported binary type.

+ @retval EFI_LOAD_ERROR ELF binary loading error.

+ @retval EFI_SUCCESS ELF binary is loaded successfully.

+**/

+EFI_STATUS

+EFIAPI

+ParseElfImage (

+ IN VOID *ImageBase,

+ OUT ELF_IMAGE_CONTEXT *ElfCt

+ );

+

+/**

+ Load the ELF segments to specified address in ELF header.

+

+ This function loads ELF image segments into memory address specified

+ in ELF program header.

+

+ @param[in] ElfCt ELF image context pointer.

+

+ @retval EFI_INVALID_PARAMETER Input parameters are not valid.

+ @retval EFI_UNSUPPORTED Unsupported binary type.

+ @retval EFI_LOAD_ERROR ELF binary loading error.

+ @retval EFI_SUCCESS ELF binary is loaded successfully.

+**/

+EFI_STATUS

+EFIAPI

+LoadElfImage (

+ IN ELF_IMAGE_CONTEXT *ElfCt

+ );

+

+/**

+ Get a ELF section name from its index.

+

+ @param[in] ElfCt ELF image context pointer.

+ @param[in] SectionIndex ELF section index.

+ @param[out] SectionName The pointer to the section name.

+

+ @retval EFI_INVALID_PARAMETER ElfCt or SecName is NULL.

+ @retval EFI_NOT_FOUND Could not find the section.

+ @retval EFI_SUCCESS Section name was filled successfully.

+**/

+EFI_STATUS

+EFIAPI

+GetElfSectionName (

+ IN ELF_IMAGE_CONTEXT *ElfCt,

+ IN UINT32 SectionIndex,

+ OUT CHAR8 **SectionName

+ );

+

+/**

+ Get the offset and size of x-th ELF section.

+

+ @param[in] ElfCt ELF image context pointer.

+ @param[in] Index ELF section index.

+ @param[out] Offset Return the offset of the specific section.

+ @param[out] Size Return the size of the specific section.

+

+ @retval EFI_INVALID_PARAMETER ImageBase, Offset or Size is NULL.

+ @retval EFI_INVALID_PARAMETER EiClass doesn't equal to ELFCLASS32 or
ELFCLASS64.

+ @retval EFI_NOT_FOUND Could not find the section.

+ @retval EFI_SUCCESS Offset and Size are returned.

+**/

+EFI_STATUS

+EFIAPI

+GetElfSectionPos (

+ IN ELF_IMAGE_CONTEXT *ElfCt,

+ IN UINT32 Index,

+ OUT UINTN *Offset,

+ OUT UINTN *Size

+ );

+#endif /* ELF_LIB_H_ */

diff --git a/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf32.h
b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf32.h
new file mode 100644
index 0000000000..ebed5f00c3
--- /dev/null
+++ b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf32.h
@@ -0,0 +1,252 @@
+/** @file

+Ported ELF include files from FreeBSD

+

+Copyright (c) 2009 - 2010, Apple Inc. All rights reserved.<BR>

+SPDX-License-Identifier: BSD-2-Clause-Patent

+

+

+**/

+/*-

+ * Copyright (c) 1996-1998 John D. Polstra.

+ * All rights reserved.

+ *

+ * Redistribution and use in source and binary forms, with or without

+ * modification, are permitted provided that the following conditions

+ * are met:

+ * 1. Redistributions of source code must retain the above copyright

+ * notice, this list of conditions and the following disclaimer.

+ * 2. Redistributions in binary form must reproduce the above copyright

+ * notice, this list of conditions and the following disclaimer in the

+ * documentation and/or other materials provided with the distribution.

+ *

+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS
IS'' AND

+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE

+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE

+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
BE LIABLE

+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL

+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS

+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION)

+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT

+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY

+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF

+ * SUCH DAMAGE.

+ *

+ * $FreeBSD: src/sys/sys/elf32.h,v 1.8.14.2 2007/12/03 21:30:36 marius Exp $

+ */

+

+#ifndef _SYS_ELF32_H_

+#define _SYS_ELF32_H_ 1

+

+

+/*

+ * ELF definitions common to all 32-bit architectures.

+ */

+

+typedef UINT32 Elf32_Addr;

+typedef UINT16 Elf32_Half;

+typedef UINT32 Elf32_Off;

+typedef INT32 Elf32_Sword;

+typedef UINT32 Elf32_Word;

+typedef UINT64 Elf32_Lword;

+

+typedef Elf32_Word Elf32_Hashelt;

+

+/* Non-standard class-dependent datatype used for abstraction. */

+typedef Elf32_Word Elf32_Size;

+typedef Elf32_Sword Elf32_Ssize;

+

+/*

+ * ELF header.

+ */

+

+typedef struct {

+ unsigned char e_ident[EI_NIDENT]; /* File identification. */

+ Elf32_Half e_type; /* File type. */

+ Elf32_Half e_machine; /* Machine architecture. */

+ Elf32_Word e_version; /* ELF format version. */

+ Elf32_Addr e_entry; /* Entry point. */

+ Elf32_Off e_phoff; /* Program header file offset. */

+ Elf32_Off e_shoff; /* Section header file offset. */

+ Elf32_Word e_flags; /* Architecture-specific flags. */

+ Elf32_Half e_ehsize; /* Size of ELF header in bytes. */

+ Elf32_Half e_phentsize; /* Size of program header entry. */

+ Elf32_Half e_phnum; /* Number of program header entries. */

+ Elf32_Half e_shentsize; /* Size of section header entry. */

+ Elf32_Half e_shnum; /* Number of section header entries. */

+ Elf32_Half e_shstrndx; /* Section name strings section. */

+} Elf32_Ehdr;

+

+/*

+ * Section header.

+ */

+

+typedef struct {

+ Elf32_Word sh_name; /* Section name (index into the

+ section header string table). */

+ Elf32_Word sh_type; /* Section type. */

+ Elf32_Word sh_flags; /* Section flags. */

+ Elf32_Addr sh_addr; /* Address in memory image. */

+ Elf32_Off sh_offset; /* Offset in file. */

+ Elf32_Word sh_size; /* Size in bytes. */

+ Elf32_Word sh_link; /* Index of a related section. */

+ Elf32_Word sh_info; /* Depends on section type. */

+ Elf32_Word sh_addralign; /* Alignment in bytes. */

+ Elf32_Word sh_entsize; /* Size of each entry in section. */

+} Elf32_Shdr;

+

+/*

+ * Program header.

+ */

+

+typedef struct {

+ Elf32_Word p_type; /* Entry type. */

+ Elf32_Off p_offset; /* File offset of contents. */

+ Elf32_Addr p_vaddr; /* Virtual address in memory image. */

+ Elf32_Addr p_paddr; /* Physical address (not used). */

+ Elf32_Word p_filesz; /* Size of contents in file. */

+ Elf32_Word p_memsz; /* Size of contents in memory. */

+ Elf32_Word p_flags; /* Access permission flags. */

+ Elf32_Word p_align; /* Alignment in memory and file. */

+} Elf32_Phdr;

+

+/*

+ * Dynamic structure. The ".dynamic" section contains an array of them.

+ */

+

+typedef struct {

+ Elf32_Sword d_tag; /* Entry type. */

+ union {

+ Elf32_Word d_val; /* Integer value. */

+ Elf32_Addr d_ptr; /* Address value. */

+ } d_un;

+} Elf32_Dyn;

+

+/*

+ * Relocation entries.

+ */

+

+/* Relocations that don't need an addend field. */

+typedef struct {

+ Elf32_Addr r_offset; /* Location to be relocated. */

+ Elf32_Word r_info; /* Relocation type and symbol index. */

+} Elf32_Rel;

+

+/* Relocations that need an addend field. */

+typedef struct {

+ Elf32_Addr r_offset; /* Location to be relocated. */

+ Elf32_Word r_info; /* Relocation type and symbol index. */

+ Elf32_Sword r_addend; /* Addend. */

+} Elf32_Rela;

+

+/* Macros for accessing the fields of r_info. */

+#define ELF32_R_SYM(info) ((info) >> 8)

+#define ELF32_R_TYPE(info) ((unsigned char)(info))

+

+/* Macro for constructing r_info from field values. */

+#define ELF32_R_INFO(sym, type) (((sym) << 8) + (unsigned char)(type))

+

+/*

+ * Note entry header

+ */

+typedef Elf_Note Elf32_Nhdr;

+

+/*

+ * Move entry

+ */

+typedef struct {

+ Elf32_Lword m_value; /* symbol value */

+ Elf32_Word m_info; /* size + index */

+ Elf32_Word m_poffset; /* symbol offset */

+ Elf32_Half m_repeat; /* repeat count */

+ Elf32_Half m_stride; /* stride info */

+} Elf32_Move;

+

+/*

+ * The macros compose and decompose values for Move.r_info

+ *

+ * sym = ELF32_M_SYM(M.m_info)

+ * size = ELF32_M_SIZE(M.m_info)

+ * M.m_info = ELF32_M_INFO(sym, size)

+ */

+#define ELF32_M_SYM(info) ((info)>>8)

+#define ELF32_M_SIZE(info) ((unsigned char)(info))

+#define ELF32_M_INFO(sym, size) (((sym)<<8)+(unsigned char)(size))

+

+/*

+ * Hardware/Software capabilities entry

+ */

+typedef struct {

+ Elf32_Word c_tag; /* how to interpret value */

+ union {

+ Elf32_Word c_val;

+ Elf32_Addr c_ptr;

+ } c_un;

+} Elf32_Cap;

+

+/*

+ * Symbol table entries.

+ */

+

+typedef struct {

+ Elf32_Word st_name; /* String table index of name. */

+ Elf32_Addr st_value; /* Symbol value. */

+ Elf32_Word st_size; /* Size of associated object. */

+ unsigned char st_info; /* Type and binding information. */

+ unsigned char st_other; /* Reserved (not used). */

+ Elf32_Half st_shndx; /* Section index of symbol. */

+} Elf32_Sym;

+

+/* Macros for accessing the fields of st_info. */

+#define ELF32_ST_BIND(info) ((info) >> 4)

+#define ELF32_ST_TYPE(info) ((info) & 0xf)

+

+/* Macro for constructing st_info from field values. */

+#define ELF32_ST_INFO(bind, type) (((bind) << 4) + ((type) & 0xf))

+

+/* Macro for accessing the fields of st_other. */

+#define ELF32_ST_VISIBILITY(oth) ((oth) & 0x3)

+

+/* Structures used by Sun & GNU symbol versioning. */

+typedef struct

+{

+ Elf32_Half vd_version;

+ Elf32_Half vd_flags;

+ Elf32_Half vd_ndx;

+ Elf32_Half vd_cnt;

+ Elf32_Word vd_hash;

+ Elf32_Word vd_aux;

+ Elf32_Word vd_next;

+} Elf32_Verdef;

+

+typedef struct

+{

+ Elf32_Word vda_name;

+ Elf32_Word vda_next;

+} Elf32_Verdaux;

+

+typedef struct

+{

+ Elf32_Half vn_version;

+ Elf32_Half vn_cnt;

+ Elf32_Word vn_file;

+ Elf32_Word vn_aux;

+ Elf32_Word vn_next;

+} Elf32_Verneed;

+

+typedef struct

+{

+ Elf32_Word vna_hash;

+ Elf32_Half vna_flags;

+ Elf32_Half vna_other;

+ Elf32_Word vna_name;

+ Elf32_Word vna_next;

+} Elf32_Vernaux;

+

+typedef Elf32_Half Elf32_Versym;

+

+typedef struct {

+ Elf32_Half si_boundto; /* direct bindings - symbol bound to */

+ Elf32_Half si_flags; /* per symbol flags */

+} Elf32_Syminfo;

+

+#endif /* !_SYS_ELF32_H_ */

diff --git a/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf32Lib.c
b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf32Lib.c
new file mode 100644
index 0000000000..3fa100ce4a
--- /dev/null
+++ b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf32Lib.c
@@ -0,0 +1,451 @@
+/** @file

+ ELF library

+

+ Copyright (c) 2019 - 2021, Intel Corporation. All rights reserved.<BR>

+ SPDX-License-Identifier: BSD-2-Clause-Patent

+

+**/

+

+#include "ElfLibInternal.h"

+

+/**

+ Return the section header specified by Index.

+

+ @param ImageBase The image base.

+ @param Index The section index.

+

+ @return Pointer to the section header.

+**/

+Elf32_Shdr *

+GetElf32SectionByIndex (

+ IN UINT8 *ImageBase,

+ IN UINT32 Index

+ )

+{

+ Elf32_Ehdr *Ehdr;

+

+ Ehdr = (Elf32_Ehdr *)ImageBase;

+ if (Index >= Ehdr->e_shnum) {

+ return NULL;

+ }

+

+ return (Elf32_Shdr *)(ImageBase + Ehdr->e_shoff + Index * Ehdr-
e_shentsize);
+}

+

+/**

+ Return the segment header specified by Index.

+

+ @param ImageBase The image base.

+ @param Index The segment index.

+

+ @return Pointer to the segment header.

+**/

+Elf32_Phdr *

+GetElf32SegmentByIndex (

+ IN UINT8 *ImageBase,

+ IN UINT32 Index

+ )

+{

+ Elf32_Ehdr *Ehdr;

+

+ Ehdr = (Elf32_Ehdr *)ImageBase;

+ if (Index >= Ehdr->e_phnum) {

+ return NULL;

+ }

+

+ return (Elf32_Phdr *)(ImageBase + Ehdr->e_phoff + Index * Ehdr-
e_phentsize);
+}

+

+/**

+ Return the section header specified by the range.

+

+ @param ImageBase The image base.

+ @param Offset The section offset.

+ @param Size The section size.

+

+ @return Pointer to the section header.

+**/

+Elf32_Shdr *

+GetElf32SectionByRange (

+ IN UINT8 *ImageBase,

+ IN UINT32 Offset,

+ IN UINT32 Size

+ )

+{

+ UINT32 Index;

+ Elf32_Ehdr *Ehdr;

+ Elf32_Shdr *Shdr;

+

+ Ehdr = (Elf32_Ehdr *)ImageBase;

+

+ Shdr = (Elf32_Shdr *) (ImageBase + Ehdr->e_shoff);

+ for (Index = 0; Index < Ehdr->e_shnum; Index++) {

+ if ((Shdr->sh_offset == Offset) && (Shdr->sh_size == Size)) {

+ return Shdr;

+ }

+ Shdr = ELF_NEXT_ENTRY (Elf32_Shdr, Shdr, Ehdr->e_shentsize);

+ }

+ return NULL;

+}

+

+/**

+ Fix up the image based on the relocation entries.

+

+ @param Rela Relocation entries.

+ @param RelaSize Total size of relocation entries.

+ @param RelaEntrySize Relocation entry size.

+ @param RelaType Type of relocation entry.

+ @param Delta The delta between preferred image base and the
actual image base.

+ @param DynamicLinking TRUE when fixing up according to dynamic
relocation.

+

+ @retval EFI_SUCCESS The image fix up is processed successfully.

+**/

+EFI_STATUS

+ProcessRelocation32 (

+ IN Elf32_Rela *Rela,

+ IN UINT32 RelaSize,

+ IN UINT32 RelaEntrySize,

+ IN UINT32 RelaType,

+ IN INTN Delta,

+ IN BOOLEAN DynamicLinking

+ )

+{

+ UINTN Index;

+ UINT32 *Ptr;

+ UINT32 Type;

+

+ for ( Index = 0

+ ; RelaEntrySize * Index < RelaSize

+ ; Index++, Rela = ELF_NEXT_ENTRY (Elf32_Rela, Rela, RelaEntrySize)

+ ) {

+ //

+ // r_offset is the virtual address of the storage unit affected by the
relocation.

+ //

+ Ptr = (UINT32 *)(UINTN)(Rela->r_offset + Delta);

+ Type = ELF32_R_TYPE(Rela->r_info);

+ switch (Type) {

+ case R_386_NONE:

+ case R_386_PC32:

+ //

+ // No fixup entry required.

+ //

+ break;

+

+ case R_386_32:

+ if (DynamicLinking) {

+ //

+ // Dynamic section doesn't contain entries of this type.

+ //

+ DEBUG ((DEBUG_INFO, "Unsupported relocation type %02X\n",
Type));

+ ASSERT (FALSE);

+ } else {

+ *Ptr += (UINT32) Delta;

+ }

+ break;

+

+ case R_386_RELATIVE:

+ if (DynamicLinking) {

+ //

+ // A: Represents the addend used to compute the value of the
relocatable field.

+ // B: Represents the base address at which a shared object has been
loaded into memory during execution.

+ // Generally, a shared object is built with a 0 base virtual address, but
the execution address will be different.

+ //

+ // B (Base Address) in ELF spec is slightly different:

+ // An executable or shared object file's base address (on platforms
that support the concept) is calculated during

+ // execution from three values: the virtual memory load address, the
maximum page size, and the lowest virtual address

+ // of a program's loadable segment. To compute the base address,
one determines the memory address associated with the

+ // lowest p_vaddr value for a PT_LOAD segment. This address is
truncated to the nearest multiple of the maximum page size.

+ // The corresponding p_vaddr value itself is also truncated to the
nearest multiple of the maximum page size.

+ //

+ // *** The base address is the difference between the truncated
memory address and the truncated p_vaddr value. ***

+ //

+ // Delta in this function is B.

+ //

+ // Calculation: B + A

+ //

+ if (RelaType == SHT_RELA) {

+ ASSERT (*Ptr == 0);

+ *Ptr = (UINT32) Delta + Rela->r_addend;

+ } else {

+ //

+ // A is stored in the field of relocation for REL type.

+ //

+ *Ptr = (UINT32) Delta + *Ptr;

+ }

+ } else {

+ //

+ // non-Dynamic section doesn't contain entries of this type.

+ //

+ DEBUG ((DEBUG_INFO, "Unsupported relocation type %02X\n",
Type));

+ ASSERT (FALSE);

+ }

+ break;

+

+ default:

+ DEBUG ((DEBUG_INFO, "Unsupported relocation type %02X\n", Type));

+ }

+ }

+ return EFI_SUCCESS;

+}

+

+/**

+ Relocate the DYN type image.

+

+ @param ElfCt Point to image context.

+

+ @retval EFI_SUCCESS The relocation succeeds.

+ @retval EFI_UNSUPPORTED The image doesn't contain a dynamic section.

+**/

+EFI_STATUS

+RelocateElf32Dynamic (

+ IN ELF_IMAGE_CONTEXT *ElfCt

+ )

+{

+ UINT32 Index;

+ Elf32_Phdr *Phdr;

+ Elf32_Shdr *DynShdr;

+ Elf32_Shdr *RelShdr;

+ Elf32_Dyn *Dyn;

+ UINT32 RelaOffset;

+ UINT32 RelaCount;

+ UINT32 RelaSize;

+ UINT32 RelaEntrySize;

+ UINT32 RelaType;

+

+ //

+ // 1. Locate the dynamic section.

+ //

+ // If an object file participates in dynamic linking, its program header table

+ // will have an element of type PT_DYNAMIC.

+ // This ``segment'' contains the .dynamic section. A special symbol,
_DYNAMIC,

+ // labels the section, which contains an array of Elf32_Dyn or Elf64_Dyn.

+ //

+ DynShdr = NULL;

+ for (Index = 0; Index < ElfCt->PhNum; Index++) {

+ Phdr = GetElf32SegmentByIndex (ElfCt->FileBase, Index);

+ ASSERT (Phdr != NULL);

+ if (Phdr->p_type == PT_DYNAMIC) {

+ //

+ // Verify the existence of the dynamic section.

+ //

+ DynShdr = GetElf32SectionByRange (ElfCt->FileBase, Phdr->p_offset,
Phdr->p_filesz);

+ break;

+ }

+ }

+

+ //

+ // It's abnormal a DYN ELF doesn't contain a dynamic section.

+ //

+ ASSERT (DynShdr != NULL);

+ if (DynShdr == NULL) {

+ return EFI_UNSUPPORTED;

+ }

+ ASSERT (DynShdr->sh_type == SHT_DYNAMIC);

+ ASSERT (DynShdr->sh_entsize >= sizeof (*Dyn));

+

+ //

+ // 2. Locate the relocation section from the dynamic section.

+ //

+ RelaOffset = MAX_UINT32;

+ RelaSize = 0;

+ RelaCount = 0;

+ RelaEntrySize = 0;

+ RelaType = 0;

+ for ( Index = 0, Dyn = (Elf32_Dyn *) (ElfCt->FileBase + DynShdr->sh_offset)

+ ; Index < DynShdr->sh_size / DynShdr->sh_entsize

+ ; Index++, Dyn = ELF_NEXT_ENTRY (Elf32_Dyn, Dyn, DynShdr-
sh_entsize)
+ ) {

+ switch (Dyn->d_tag) {

+ case DT_RELA:

+ case DT_REL:

+ //

+ // DT_REL represent program virtual addresses.

+ // A file's virtual addresses might not match the memory virtual
addresses during execution.

+ // When interpreting addresses contained in the dynamic structure, the
dynamic linker computes actual addresses,

+ // based on the original file value and the memory base address.

+ // For consistency, files do not contain relocation entries to ``correct''
addresses in the dynamic structure.

+ //

+ RelaOffset = Dyn->d_un.d_ptr - (UINT32) (UINTN) ElfCt-
PreferredImageAddress;
+ RelaType = (Dyn->d_tag == DT_RELA) ? SHT_RELA: SHT_REL;

+ break;

+ case DT_RELACOUNT:

+ case DT_RELCOUNT:

+ RelaCount = Dyn->d_un.d_val;

+ break;

+ case DT_RELENT:

+ case DT_RELAENT:

+ RelaEntrySize = Dyn->d_un.d_val;

+ break;

+ case DT_RELSZ:

+ case DT_RELASZ:

+ RelaSize = Dyn->d_un.d_val;

+ break;

+ default:

+ break;

+ }

+ }

+

+ if (RelaOffset == MAX_UINT64) {

+ ASSERT (RelaCount == 0);

+ ASSERT (RelaEntrySize == 0);

+ ASSERT (RelaSize == 0);

+ //

+ // It's fine that a DYN ELF doesn't contain relocation section.

+ //

+ return EFI_SUCCESS;

+ }

+

+ //

+ // Verify the existence of the relocation section.

+ //

+ RelShdr = GetElf32SectionByRange (ElfCt->FileBase, RelaOffset, RelaSize);

+ ASSERT (RelShdr != NULL);

+ if (RelShdr == NULL) {

+ return EFI_UNSUPPORTED;

+ }

+ ASSERT (RelShdr->sh_type == RelaType);

+ ASSERT (RelShdr->sh_entsize == RelaEntrySize);

+

+ //

+ // 3. Process the relocation section.

+ //

+ ProcessRelocation32 (

+ (Elf32_Rela *) (ElfCt->FileBase + RelShdr->sh_offset),

+ RelShdr->sh_size, RelShdr->sh_entsize, RelShdr->sh_type,

+ (UINTN) ElfCt->ImageAddress - (UINTN) ElfCt->PreferredImageAddress,

+ TRUE

+ );

+ return EFI_SUCCESS;

+}

+

+/**

+ Relocate all sections in a ELF image.

+

+ @param[in] ElfCt ELF image context pointer.

+

+ @retval EFI_UNSUPPORTED Relocation is not supported.

+ @retval EFI_SUCCESS ELF image was relocated successfully.

+**/

+EFI_STATUS

+RelocateElf32Sections (

+ IN ELF_IMAGE_CONTEXT *ElfCt

+ )

+{

+ EFI_STATUS Status;

+ Elf32_Ehdr *Ehdr;

+ Elf32_Shdr *RelShdr;

+ Elf32_Shdr *Shdr;

+ UINT32 Index;

+ UINTN Delta;

+

+ Ehdr = (Elf32_Ehdr *)ElfCt->FileBase;

+ if (Ehdr->e_machine != EM_386) {

+ return EFI_UNSUPPORTED;

+ }

+

+ Delta = (UINTN) ElfCt->ImageAddress - (UINTN) ElfCt-
PreferredImageAddress;
+ ElfCt->EntryPoint = (UINTN)(Ehdr->e_entry + Delta);

+

+ //

+ // 1. Relocate dynamic ELF using the relocation section pointed by dynamic
section

+ //

+ if (Ehdr->e_type == ET_DYN) {

+ DEBUG ((DEBUG_INFO, "DYN ELF: Relocate using dynamic sections...\n"));

+ Status = RelocateElf32Dynamic (ElfCt);

+ ASSERT_EFI_ERROR (Status);

+ return Status;

+ }

+

+ //

+ // 2. Executable ELF: Fix up the delta between actual image address and
preferred image address.

+ //

+ // Linker already fixed up EXEC ELF based on the preferred image address.

+ // A ELF loader in modern OS only loads it into the preferred image
address.

+ // The below relocation is unneeded in that case.

+ // But the ELF loader in firmware supports to load the image to a different
address.

+ // The below relocation is needed in this case.

+ //

+ DEBUG ((DEBUG_INFO, "EXEC ELF: Fix actual/preferred base address
delta ...\n"));

+ for ( Index = 0, RelShdr = (Elf32_Shdr *) (ElfCt->FileBase + Ehdr->e_shoff)

+ ; Index < Ehdr->e_shnum

+ ; Index++, RelShdr = ELF_NEXT_ENTRY (Elf32_Shdr, RelShdr, Ehdr-
e_shentsize)
+ ) {

+ if ((RelShdr->sh_type != SHT_REL) && (RelShdr->sh_type != SHT_RELA)) {

+ continue;

+ }

+ Shdr = GetElf32SectionByIndex (ElfCt->FileBase, RelShdr->sh_info);

+ if ((Shdr->sh_flags & SHF_ALLOC) == SHF_ALLOC) {

+ //

+ // Only fix up sections that occupy memory during process execution.

+ //

+ ProcessRelocation32 (

+ (Elf32_Rela *)((UINT8*)Ehdr + RelShdr->sh_offset),

+ RelShdr->sh_size, RelShdr->sh_entsize, RelShdr->sh_type,

+ Delta, FALSE

+ );

+ }

+ }

+

+ return EFI_SUCCESS;

+}

+

+/**

+ Load ELF image which has 32-bit architecture.

+

+ Caller should set Context.ImageAddress to a proper value, either pointing
to

+ a new allocated memory whose size equal to Context.ImageSize, or
pointing

+ to Context.PreferredImageAddress.

+

+ @param[in] ElfCt ELF image context pointer.

+

+ @retval EFI_SUCCESS ELF binary is loaded successfully.

+ @retval Others Loading ELF binary fails.

+

+**/

+EFI_STATUS

+LoadElf32Image (

+ IN ELF_IMAGE_CONTEXT *ElfCt

+ )

+{

+ Elf32_Ehdr *Ehdr;

+ Elf32_Phdr *Phdr;

+ UINT16 Index;

+ UINTN Delta;

+

+ ASSERT (ElfCt != NULL);

+

+ //

+ // Per the sprit of ELF, loading to memory only consumes info from
program headers.

+ //

+ Ehdr = (Elf32_Ehdr *)ElfCt->FileBase;

+

+ for ( Index = 0, Phdr = (Elf32_Phdr *)(ElfCt->FileBase + Ehdr->e_phoff)

+ ; Index < Ehdr->e_phnum

+ ; Index++, Phdr = ELF_NEXT_ENTRY (Elf32_Phdr, Phdr, Ehdr-
e_phentsize)
+ ) {

+ //

+ // Skip segments that don't require load (type tells, or size is 0)

+ //

+ if ((Phdr->p_type != PT_LOAD) ||

+ (Phdr->p_memsz == 0)) {

+ continue;

+ }

+

+ //

+ // The memory offset of segment relative to the image base

+ // Note: CopyMem() does nothing when the dst equals to src.

+ //

+ Delta = Phdr->p_paddr - (UINT32) (UINTN) ElfCt-
PreferredImageAddress;
+ CopyMem (ElfCt->ImageAddress + Delta, ElfCt->FileBase + Phdr-
p_offset, Phdr->p_filesz);
+ ZeroMem (ElfCt->ImageAddress + Delta + Phdr->p_filesz, Phdr-
p_memsz - Phdr->p_filesz);
+ }

+

+ //

+ // Relocate when new new image base is not the preferred image base.

+ //

+ if (ElfCt->ImageAddress != ElfCt->PreferredImageAddress) {

+ RelocateElf32Sections (ElfCt);

+ }

+

+ return EFI_SUCCESS;

+}

diff --git a/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64.h
b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64.h
new file mode 100644
index 0000000000..d64dc64a6a
--- /dev/null
+++ b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64.h
@@ -0,0 +1,254 @@
+/** @file

+Ported ELF include files from FreeBSD

+

+Copyright (c) 2009 - 2010, Apple Inc. All rights reserved.<BR>

+SPDX-License-Identifier: BSD-2-Clause-Patent

+

+**/

+/*-

+ * Copyright (c) 1996-1998 John D. Polstra.

+ * All rights reserved.

+ *

+ * Redistribution and use in source and binary forms, with or without

+ * modification, are permitted provided that the following conditions

+ * are met:

+ * 1. Redistributions of source code must retain the above copyright

+ * notice, this list of conditions and the following disclaimer.

+ * 2. Redistributions in binary form must reproduce the above copyright

+ * notice, this list of conditions and the following disclaimer in the

+ * documentation and/or other materials provided with the distribution.

+ *

+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS
IS'' AND

+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE

+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE

+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
BE LIABLE

+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL

+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS

+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION)

+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT

+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY

+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF

+ * SUCH DAMAGE.

+ *

+ * $FreeBSD: src/sys/sys/elf64.h,v 1.10.14.2 2007/12/03 21:30:36 marius Exp
$

+ */

+

+#ifndef _SYS_ELF64_H_

+#define _SYS_ELF64_H_ 1

+

+

+/*

+ * ELF definitions common to all 64-bit architectures.

+ */

+

+typedef UINT64 Elf64_Addr;

+typedef UINT16 Elf64_Half;

+typedef UINT64 Elf64_Off;

+typedef INT32 Elf64_Sword;

+typedef INT64 Elf64_Sxword;

+typedef UINT32 Elf64_Word;

+typedef UINT64 Elf64_Lword;

+typedef UINT64 Elf64_Xword;

+

+/*

+ * Types of dynamic symbol hash table bucket and chain elements.

+ *

+ * This is inconsistent among 64 bit architectures, so a machine dependent

+ * typedef is required.

+ */

+

+typedef Elf64_Word Elf64_Hashelt;

+

+/* Non-standard class-dependent datatype used for abstraction. */

+typedef Elf64_Xword Elf64_Size;

+typedef Elf64_Sxword Elf64_Ssize;

+

+/*

+ * ELF header.

+ */

+

+typedef struct {

+ unsigned char e_ident[EI_NIDENT]; /* File identification. */

+ Elf64_Half e_type; /* File type. */

+ Elf64_Half e_machine; /* Machine architecture. */

+ Elf64_Word e_version; /* ELF format version. */

+ Elf64_Addr e_entry; /* Entry point. */

+ Elf64_Off e_phoff; /* Program header file offset. */

+ Elf64_Off e_shoff; /* Section header file offset. */

+ Elf64_Word e_flags; /* Architecture-specific flags. */

+ Elf64_Half e_ehsize; /* Size of ELF header in bytes. */

+ Elf64_Half e_phentsize; /* Size of program header entry. */

+ Elf64_Half e_phnum; /* Number of program header entries. */

+ Elf64_Half e_shentsize; /* Size of section header entry. */

+ Elf64_Half e_shnum; /* Number of section header entries. */

+ Elf64_Half e_shstrndx; /* Section name strings section. */

+} Elf64_Ehdr;

+

+/*

+ * Section header.

+ */

+

+typedef struct {

+ Elf64_Word sh_name; /* Section name (index into the

+ section header string table). */

+ Elf64_Word sh_type; /* Section type. */

+ Elf64_Xword sh_flags; /* Section flags. */

+ Elf64_Addr sh_addr; /* Address in memory image. */

+ Elf64_Off sh_offset; /* Offset in file. */

+ Elf64_Xword sh_size; /* Size in bytes. */

+ Elf64_Word sh_link; /* Index of a related section. */

+ Elf64_Word sh_info; /* Depends on section type. */

+ Elf64_Xword sh_addralign; /* Alignment in bytes. */

+ Elf64_Xword sh_entsize; /* Size of each entry in section. */

+} Elf64_Shdr;

+

+/*

+ * Program header.

+ */

+

+typedef struct {

+ Elf64_Word p_type; /* Entry type. */

+ Elf64_Word p_flags; /* Access permission flags. */

+ Elf64_Off p_offset; /* File offset of contents. */

+ Elf64_Addr p_vaddr; /* Virtual address in memory image. */

+ Elf64_Addr p_paddr; /* Physical address (not used). */

+ Elf64_Xword p_filesz; /* Size of contents in file. */

+ Elf64_Xword p_memsz; /* Size of contents in memory. */

+ Elf64_Xword p_align; /* Alignment in memory and file. */

+} Elf64_Phdr;

+

+/*

+ * Dynamic structure. The ".dynamic" section contains an array of them.

+ */

+

+typedef struct {

+ Elf64_Sxword d_tag; /* Entry type. */

+ union {

+ Elf64_Xword d_val; /* Integer value. */

+ Elf64_Addr d_ptr; /* Address value. */

+ } d_un;

+} Elf64_Dyn;

+

+/*

+ * Relocation entries.

+ */

+

+/* Relocations that don't need an addend field. */

+typedef struct {

+ Elf64_Addr r_offset; /* Location to be relocated. */

+ Elf64_Xword r_info; /* Relocation type and symbol index. */

+} Elf64_Rel;

+

+/* Relocations that need an addend field. */

+typedef struct {

+ Elf64_Addr r_offset; /* Location to be relocated. */

+ Elf64_Xword r_info; /* Relocation type and symbol index. */

+ Elf64_Sxword r_addend; /* Addend. */

+} Elf64_Rela;

+

+/* Macros for accessing the fields of r_info. */

+#define ELF64_R_SYM(info) ((UINT32) RShiftU64 ((info), 32))

+#define ELF64_R_TYPE(info) ((info) & 0xffffffffL)

+

+/* Macro for constructing r_info from field values. */

+#define ELF64_R_INFO(sym, type) (((sym) << 32) + ((type) & 0xffffffffL))

+

+#define ELF64_R_TYPE_DATA(info) (((Elf64_Xword)(info)<<32)>>40)

+#define ELF64_R_TYPE_ID(info) (((Elf64_Xword)(info)<<56)>>56)

+#define ELF64_R_TYPE_INFO(data, type) \

+ (((Elf64_Xword)(data)<<8)+(Elf64_Xword)(type))

+

+/*

+ * Note entry header

+ */

+typedef Elf_Note Elf64_Nhdr;

+

+/*

+ * Move entry

+ */

+typedef struct {

+ Elf64_Lword m_value; /* symbol value */

+ Elf64_Xword m_info; /* size + index */

+ Elf64_Xword m_poffset; /* symbol offset */

+ Elf64_Half m_repeat; /* repeat count */

+ Elf64_Half m_stride; /* stride info */

+} Elf64_Move;

+

+#define ELF64_M_SYM(info) ((info)>>8)

+#define ELF64_M_SIZE(info) ((unsigned char)(info))

+#define ELF64_M_INFO(sym, size) (((sym)<<8)+(unsigned char)(size))

+

+/*

+ * Hardware/Software capabilities entry

+ */

+typedef struct {

+ Elf64_Xword c_tag; /* how to interpret value */

+ union {

+ Elf64_Xword c_val;

+ Elf64_Addr c_ptr;

+ } c_un;

+} Elf64_Cap;

+

+/*

+ * Symbol table entries.

+ */

+

+typedef struct {

+ Elf64_Word st_name; /* String table index of name. */

+ unsigned char st_info; /* Type and binding information. */

+ unsigned char st_other; /* Reserved (not used). */

+ Elf64_Half st_shndx; /* Section index of symbol. */

+ Elf64_Addr st_value; /* Symbol value. */

+ Elf64_Xword st_size; /* Size of associated object. */

+} Elf64_Sym;

+

+/* Macros for accessing the fields of st_info. */

+#define ELF64_ST_BIND(info) ((info) >> 4)

+#define ELF64_ST_TYPE(info) ((info) & 0xf)

+

+/* Macro for constructing st_info from field values. */

+#define ELF64_ST_INFO(bind, type) (((bind) << 4) + ((type) & 0xf))

+

+/* Macro for accessing the fields of st_other. */

+#define ELF64_ST_VISIBILITY(oth) ((oth) & 0x3)

+

+/* Structures used by Sun & GNU-style symbol versioning. */

+typedef struct {

+ Elf64_Half vd_version;

+ Elf64_Half vd_flags;

+ Elf64_Half vd_ndx;

+ Elf64_Half vd_cnt;

+ Elf64_Word vd_hash;

+ Elf64_Word vd_aux;

+ Elf64_Word vd_next;

+} Elf64_Verdef;

+

+typedef struct {

+ Elf64_Word vda_name;

+ Elf64_Word vda_next;

+} Elf64_Verdaux;

+

+typedef struct {

+ Elf64_Half vn_version;

+ Elf64_Half vn_cnt;

+ Elf64_Word vn_file;

+ Elf64_Word vn_aux;

+ Elf64_Word vn_next;

+} Elf64_Verneed;

+

+typedef struct {

+ Elf64_Word vna_hash;

+ Elf64_Half vna_flags;

+ Elf64_Half vna_other;

+ Elf64_Word vna_name;

+ Elf64_Word vna_next;

+} Elf64_Vernaux;

+

+typedef Elf64_Half Elf64_Versym;

+

+typedef struct {

+ Elf64_Half si_boundto; /* direct bindings - symbol bound to */

+ Elf64_Half si_flags; /* per symbol flags */

+} Elf64_Syminfo;

+

+#endif /* !_SYS_ELF64_H_ */

diff --git a/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64Lib.c
b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64Lib.c
new file mode 100644
index 0000000000..e364807007
--- /dev/null
+++ b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/Elf64Lib.c
@@ -0,0 +1,460 @@
+/** @file

+ ELF library

+

+ Copyright (c) 2019 - 2021, Intel Corporation. All rights reserved.<BR>

+ SPDX-License-Identifier: BSD-2-Clause-Patent

+

+**/

+

+#include "ElfLibInternal.h"

+

+/**

+ Return the section header specified by Index.

+

+ @param ImageBase The image base.

+ @param Index The section index.

+

+ @return Pointer to the section header.

+**/

+Elf64_Shdr *

+GetElf64SectionByIndex (

+ IN UINT8 *ImageBase,

+ IN UINT32 Index

+ )

+{

+ Elf64_Ehdr *Ehdr;

+

+ Ehdr = (Elf64_Ehdr *)ImageBase;

+ if (Index >= Ehdr->e_shnum) {

+ return NULL;

+ }

+

+ return (Elf64_Shdr *)(ImageBase + Ehdr->e_shoff + Index * Ehdr-
e_shentsize);
+}

+

+/**

+ Return the segment header specified by Index.

+

+ @param ImageBase The image base.

+ @param Index The segment index.

+

+ @return Pointer to the segment header.

+**/

+Elf64_Phdr *

+GetElf64SegmentByIndex (

+ IN UINT8 *ImageBase,

+ IN UINT32 Index

+ )

+{

+ Elf64_Ehdr *Ehdr;

+

+ Ehdr = (Elf64_Ehdr *)ImageBase;

+ if (Index >= Ehdr->e_phnum) {

+ return NULL;

+ }

+

+ return (Elf64_Phdr *)(ImageBase + Ehdr->e_phoff + Index * Ehdr-
e_phentsize);
+}

+

+/**

+ Return the section header specified by the range.

+

+ @param ImageBase The image base.

+ @param Offset The section offset.

+ @param Size The section size.

+

+ @return Pointer to the section header.

+**/

+Elf64_Shdr *

+GetElf64SectionByRange (

+ IN UINT8 *ImageBase,

+ IN UINT64 Offset,

+ IN UINT64 Size

+ )

+{

+ UINT32 Index;

+ Elf64_Ehdr *Ehdr;

+ Elf64_Shdr *Shdr;

+

+ Ehdr = (Elf64_Ehdr *)ImageBase;

+

+ Shdr = (Elf64_Shdr *) (ImageBase + Ehdr->e_shoff);

+ for (Index = 0; Index < Ehdr->e_shnum; Index++) {

+ if ((Shdr->sh_offset == Offset) && (Shdr->sh_size == Size)) {

+ return Shdr;

+ }

+ Shdr = ELF_NEXT_ENTRY (Elf64_Shdr, Shdr, Ehdr->e_shentsize);

+ }

+ return NULL;

+}

+

+/**

+ Fix up the image based on the relocation entries.

+

+ @param Rela Relocation entries.

+ @param RelaSize Total size of relocation entries.

+ @param RelaEntrySize Relocation entry size.

+ @param RelaType Type of relocation entry.

+ @param Delta The delta between preferred image base and the
actual image base.

+ @param DynamicLinking TRUE when fixing up according to dynamic
relocation.

+

+ @retval EFI_SUCCESS The image fix up is processed successfully.

+**/

+EFI_STATUS

+ProcessRelocation64 (

+ IN Elf64_Rela *Rela,

+ IN UINT64 RelaSize,

+ IN UINT64 RelaEntrySize,

+ IN UINT64 RelaType,

+ IN INTN Delta,

+ IN BOOLEAN DynamicLinking

+ )

+{

+ UINTN Index;

+ UINT64 *Ptr;

+ UINT32 Type;

+

+ for ( Index = 0

+ ; MultU64x64 (RelaEntrySize, Index) < RelaSize

+ ; Index++, Rela = ELF_NEXT_ENTRY (Elf64_Rela, Rela, RelaEntrySize)

+ ) {

+ //

+ // r_offset is the virtual address of the storage unit affected by the
relocation.

+ //

+ Ptr = (UINT64 *)(UINTN)(Rela->r_offset + Delta);

+ Type = ELF64_R_TYPE(Rela->r_info);

+ switch (Type) {

+ case R_X86_64_NONE:

+ case R_X86_64_PC32:

+ case R_X86_64_PLT32:

+ case R_X86_64_GOTPCREL:

+ case R_X86_64_GOTPCRELX:

+ case R_X86_64_REX_GOTPCRELX:

+ break;

+

+ case R_X86_64_64:

+ if (DynamicLinking) {

+ //

+ // Dynamic section doesn't contain entries of this type.

+ //

+ DEBUG ((DEBUG_INFO, "Unsupported relocation type %02X\n",
Type));

+ ASSERT (FALSE);

+ } else {

+ *Ptr += Delta;

+ }

+ break;

+

+ case R_X86_64_32:

+ //

+ // Dynamic section doesn't contain entries of this type.

+ //

+ DEBUG ((DEBUG_INFO, "Unsupported relocation type %02X\n", Type));

+ ASSERT (FALSE);

+ break;

+

+ case R_X86_64_RELATIVE:

+ if (DynamicLinking) {

+ //

+ // A: Represents the addend used to compute the value of the
relocatable field.

+ // B: Represents the base address at which a shared object has been
loaded into memory during execution.

+ // Generally, a shared object is built with a 0 base virtual address, but
the execution address will be different.

+ //

+ // B (Base Address) in ELF spec is slightly different:

+ // An executable or shared object file's base address (on platforms
that support the concept) is calculated during

+ // execution from three values: the virtual memory load address, the
maximum page size, and the lowest virtual address

+ // of a program's loadable segment. To compute the base address,
one determines the memory address associated with the

+ // lowest p_vaddr value for a PT_LOAD segment. This address is
truncated to the nearest multiple of the maximum page size.

+ // The corresponding p_vaddr value itself is also truncated to the
nearest multiple of the maximum page size.

+ //

+ // *** The base address is the difference between the truncated
memory address and the truncated p_vaddr value. ***

+ //

+ // Delta in this function is B.

+ //

+ // Calculation: B + A

+ //

+ if (RelaType == SHT_RELA) {

+ ASSERT (*Ptr == 0);

+ *Ptr = Delta + Rela->r_addend;

+ } else {

+ //

+ // A is stored in the field of relocation for REL type.

+ //

+ *Ptr = Delta + *Ptr;

+ }

+ } else {

+ //

+ // non-Dynamic section doesn't contain entries of this type.

+ //

+ DEBUG ((DEBUG_INFO, "Unsupported relocation type %02X\n",
Type));

+ ASSERT (FALSE);

+ }

+ break;

+

+ default:

+ DEBUG ((DEBUG_INFO, "Unsupported relocation type %02X\n", Type));

+ }

+ }

+ return EFI_SUCCESS;

+}

+

+/**

+ Relocate the DYN type image.

+

+ @param ElfCt Point to image context.

+

+ @retval EFI_SUCCESS The relocation succeeds.

+ @retval EFI_UNSUPPORTED The image doesn't contain a dynamic section.

+**/

+EFI_STATUS

+RelocateElf64Dynamic (

+ IN ELF_IMAGE_CONTEXT *ElfCt

+ )

+{

+ UINT32 Index;

+ Elf64_Phdr *Phdr;

+ Elf64_Shdr *DynShdr;

+ Elf64_Shdr *RelShdr;

+ Elf64_Dyn *Dyn;

+ UINT64 RelaOffset;

+ UINT64 RelaCount;

+ UINT64 RelaSize;

+ UINT64 RelaEntrySize;

+ UINT64 RelaType;

+

+ //

+ // 1. Locate the dynamic section.

+ //

+ // If an object file participates in dynamic linking, its program header table

+ // will have an element of type PT_DYNAMIC.

+ // This ``segment'' contains the .dynamic section. A special symbol,
_DYNAMIC,

+ // labels the section, which contains an array of Elf32_Dyn or Elf64_Dyn.

+ //

+ DynShdr = NULL;

+ for (Index = 0; Index < ElfCt->PhNum; Index++) {

+ Phdr = GetElf64SegmentByIndex (ElfCt->FileBase, Index);

+ ASSERT (Phdr != NULL);

+ if (Phdr->p_type == PT_DYNAMIC) {

+ //

+ // Verify the existence of the dynamic section.

+ //

+ DynShdr = GetElf64SectionByRange (ElfCt->FileBase, Phdr->p_offset,
Phdr->p_filesz);

+ break;

+ }

+ }

+

+ //

+ // It's abnormal a DYN ELF doesn't contain a dynamic section.

+ //

+ ASSERT (DynShdr != NULL);

+ if (DynShdr == NULL) {

+ return EFI_UNSUPPORTED;

+ }

+ ASSERT (DynShdr->sh_type == SHT_DYNAMIC);

+ ASSERT (DynShdr->sh_entsize >= sizeof (*Dyn));

+

+ //

+ // 2. Locate the relocation section from the dynamic section.

+ //

+ RelaOffset = MAX_UINT64;

+ RelaSize = 0;

+ RelaCount = 0;

+ RelaEntrySize = 0;

+ RelaType = 0;

+ for ( Index = 0, Dyn = (Elf64_Dyn *) (ElfCt->FileBase + DynShdr->sh_offset)

+ ; Index < DivU64x64Remainder (DynShdr->sh_size, DynShdr->sh_entsize,
NULL)

+ ; Index++, Dyn = ELF_NEXT_ENTRY (Elf64_Dyn, Dyn, DynShdr-
sh_entsize)
+ ) {

+ switch (Dyn->d_tag) {

+ case DT_RELA:

+ case DT_REL:

+ //

+ // DT_REL represent program virtual addresses.

+ // A file's virtual addresses might not match the memory virtual
addresses during execution.

+ // When interpreting addresses contained in the dynamic structure, the
dynamic linker computes actual addresses,

+ // based on the original file value and the memory base address.

+ // For consistency, files do not contain relocation entries to ``correct''
addresses in the dynamic structure.

+ //

+ RelaOffset = Dyn->d_un.d_ptr - (UINTN) ElfCt-
PreferredImageAddress;
+ RelaType = (Dyn->d_tag == DT_RELA) ? SHT_RELA: SHT_REL;

+ break;

+ case DT_RELACOUNT:

+ case DT_RELCOUNT:

+ RelaCount = Dyn->d_un.d_val;

+ break;

+ case DT_RELENT:

+ case DT_RELAENT:

+ RelaEntrySize = Dyn->d_un.d_val;

+ break;

+ case DT_RELSZ:

+ case DT_RELASZ:

+ RelaSize = Dyn->d_un.d_val;

+ break;

+ default:

+ break;

+ }

+ }

+

+ if (RelaOffset == MAX_UINT64) {

+ ASSERT (RelaCount == 0);

+ ASSERT (RelaEntrySize == 0);

+ ASSERT (RelaSize == 0);

+ //

+ // It's fine that a DYN ELF doesn't contain relocation section.

+ //

+ return EFI_SUCCESS;

+ }

+

+ //

+ // Verify the existence of the relocation section.

+ //

+ RelShdr = GetElf64SectionByRange (ElfCt->FileBase, RelaOffset, RelaSize);

+ ASSERT (RelShdr != NULL);

+ if (RelShdr == NULL) {

+ return EFI_UNSUPPORTED;

+ }

+ ASSERT (RelShdr->sh_type == RelaType);

+ ASSERT (RelShdr->sh_entsize == RelaEntrySize);

+

+ //

+ // 3. Process the relocation section.

+ //

+ ProcessRelocation64 (

+ (Elf64_Rela *) (ElfCt->FileBase + RelShdr->sh_offset),

+ RelShdr->sh_size, RelShdr->sh_entsize, RelShdr->sh_type,

+ (UINTN) ElfCt->ImageAddress - (UINTN) ElfCt->PreferredImageAddress,

+ TRUE

+ );

+ return EFI_SUCCESS;

+}

+

+/**

+ Relocate all sections in a ELF image.

+

+ @param[in] ElfCt ELF image context pointer.

+

+ @retval EFI_UNSUPPORTED Relocation is not supported.

+ @retval EFI_SUCCESS ELF image was relocated successfully.

+**/

+EFI_STATUS

+RelocateElf64Sections (

+ IN ELF_IMAGE_CONTEXT *ElfCt

+ )

+{

+ EFI_STATUS Status;

+ Elf64_Ehdr *Ehdr;

+ Elf64_Shdr *RelShdr;

+ Elf64_Shdr *Shdr;

+ UINT32 Index;

+ UINTN Delta;

+

+ Ehdr = (Elf64_Ehdr *)ElfCt->FileBase;

+ if (Ehdr->e_machine != EM_X86_64) {

+ return EFI_UNSUPPORTED;

+ }

+

+ Delta = (UINTN) ElfCt->ImageAddress - (UINTN) ElfCt-
PreferredImageAddress;
+ ElfCt->EntryPoint = (UINTN)(Ehdr->e_entry + Delta);

+

+ //

+ // 1. Relocate dynamic ELF using the relocation section pointed by dynamic
section

+ //

+ if (Ehdr->e_type == ET_DYN) {

+ DEBUG ((DEBUG_INFO, "DYN ELF: Relocate using dynamic sections...\n"));

+ Status = RelocateElf64Dynamic (ElfCt);

+ ASSERT_EFI_ERROR (Status);

+ return Status;

+ }

+

+ //

+ // 2. Executable ELF: Fix up the delta between actual image address and
preferred image address.

+ //

+ // Linker already fixed up EXEC ELF based on the preferred image address.

+ // A ELF loader in modern OS only loads it into the preferred image
address.

+ // The below relocation is unneeded in that case.

+ // But the ELF loader in firmware supports to load the image to a different
address.

+ // The below relocation is needed in this case.

+ //

+ DEBUG ((DEBUG_INFO, "EXEC ELF: Fix actual/preferred base address
delta ...\n"));

+ for ( Index = 0, RelShdr = (Elf64_Shdr *) (ElfCt->FileBase + Ehdr->e_shoff)

+ ; Index < Ehdr->e_shnum

+ ; Index++, RelShdr = ELF_NEXT_ENTRY (Elf64_Shdr, RelShdr, Ehdr-
e_shentsize)
+ ) {

+ if ((RelShdr->sh_type != SHT_REL) && (RelShdr->sh_type != SHT_RELA)) {

+ continue;

+ }

+ Shdr = GetElf64SectionByIndex (ElfCt->FileBase, RelShdr->sh_info);

+ if ((Shdr->sh_flags & SHF_ALLOC) == SHF_ALLOC) {

+ //

+ // Only fix up sections that occupy memory during process execution.

+ //

+ ProcessRelocation64 (

+ (Elf64_Rela *)((UINT8*)Ehdr + RelShdr->sh_offset),

+ RelShdr->sh_size, RelShdr->sh_entsize, RelShdr->sh_type,

+ Delta, FALSE

+ );

+ }

+ }

+

+ return EFI_SUCCESS;

+}

+

+/**

+ Load ELF image which has 64-bit architecture.

+

+ Caller should set Context.ImageAddress to a proper value, either pointing
to

+ a new allocated memory whose size equal to Context.ImageSize, or
pointing

+ to Context.PreferredImageAddress.

+

+ @param[in] ElfCt ELF image context pointer.

+

+ @retval EFI_SUCCESS ELF binary is loaded successfully.

+ @retval Others Loading ELF binary fails.

+

+**/

+EFI_STATUS

+LoadElf64Image (

+ IN ELF_IMAGE_CONTEXT *ElfCt

+ )

+{

+ Elf64_Ehdr *Ehdr;

+ Elf64_Phdr *Phdr;

+ UINT16 Index;

+ UINTN Delta;

+

+ ASSERT (ElfCt != NULL);

+

+ //

+ // Per the sprit of ELF, loading to memory only consumes info from
program headers.

+ //

+ Ehdr = (Elf64_Ehdr *)ElfCt->FileBase;

+

+ for ( Index = 0, Phdr = (Elf64_Phdr *)(ElfCt->FileBase + Ehdr->e_phoff)

+ ; Index < Ehdr->e_phnum

+ ; Index++, Phdr = ELF_NEXT_ENTRY (Elf64_Phdr, Phdr, Ehdr-
e_phentsize)
+ ) {

+ //

+ // Skip segments that don't require load (type tells, or size is 0)

+ //

+ if ((Phdr->p_type != PT_LOAD) ||

+ (Phdr->p_memsz == 0)) {

+ continue;

+ }

+

+ //

+ // The memory offset of segment relative to the image base

+ // Note: CopyMem() does nothing when the dst equals to src.

+ //

+ Delta = (UINTN) Phdr->p_paddr - (UINTN) ElfCt->PreferredImageAddress;

+ CopyMem (ElfCt->ImageAddress + Delta, ElfCt->FileBase + (UINTN) Phdr-
p_offset, (UINTN) Phdr->p_filesz);
+ ZeroMem (ElfCt->ImageAddress + Delta + (UINTN) Phdr->p_filesz,
(UINTN) (Phdr->p_memsz - Phdr->p_filesz));

+ }

+

+ //

+ // Relocate when new new image base is not the preferred image base.

+ //

+ if (ElfCt->ImageAddress != ElfCt->PreferredImageAddress) {

+ RelocateElf64Sections (ElfCt);

+ }

+

+ return EFI_SUCCESS;

+}

diff --git a/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfCommon.h
b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfCommon.h
new file mode 100644
index 0000000000..15c9e33d3f
--- /dev/null
+++ b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfCommon.h
@@ -0,0 +1,983 @@
+/** @file

+Ported ELF include files from FreeBSD

+

+Copyright (c) 2009 - 2010, Apple Inc. All rights reserved.<BR>

+Portions Copyright (c) 2011 - 2013, ARM Ltd. All rights reserved.<BR>

+SPDX-License-Identifier: BSD-2-Clause-Patent

+

+

+**/

+/*-

+ * Copyright (c) 1998 John D. Polstra.

+ * All rights reserved.

+ *

+ * Redistribution and use in source and binary forms, with or without

+ * modification, are permitted provided that the following conditions

+ * are met:

+ * 1. Redistributions of source code must retain the above copyright

+ * notice, this list of conditions and the following disclaimer.

+ * 2. Redistributions in binary form must reproduce the above copyright

+ * notice, this list of conditions and the following disclaimer in the

+ * documentation and/or other materials provided with the distribution.

+ *

+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS
IS'' AND

+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE

+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE

+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
BE LIABLE

+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL

+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS

+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION)

+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT

+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY

+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF

+ * SUCH DAMAGE.

+ *

+ * $FreeBSD: src/sys/sys/elf_common.h,v 1.15.8.2 2007/12/03 21:30:36
marius Exp $

+ */

+

+#ifndef _SYS_ELF_COMMON_H_

+#define _SYS_ELF_COMMON_H_ 1

+

+/*

+ * ELF definitions that are independent of architecture or word size.

+ */

+

+/*

+ * Note header. The ".note" section contains an array of notes. Each

+ * begins with this header, aligned to a word boundary. Immediately

+ * following the note header is n_namesz bytes of name, padded to the

+ * next word boundary. Then comes n_descsz bytes of descriptor, again

+ * padded to a word boundary. The values of n_namesz and n_descsz do

+ * not include the padding.

+ */

+

+typedef struct {

+ UINT32 n_namesz; /* Length of name. */

+ UINT32 n_descsz; /* Length of descriptor. */

+ UINT32 n_type; /* Type of this note. */

+} Elf_Note;

+

+/* Indexes into the e_ident array. Keep synced with

+ http://www.sco.com/developers/gabi/latest/ch4.eheader.html */

+#define EI_MAG0 0 /* Magic number, byte 0. */

+#define EI_MAG1 1 /* Magic number, byte 1. */

+#define EI_MAG2 2 /* Magic number, byte 2. */

+#define EI_MAG3 3 /* Magic number, byte 3. */

+#define EI_CLASS 4 /* Class of machine. */

+#define EI_DATA 5 /* Data format. */

+#define EI_VERSION 6 /* ELF format version. */

+#define EI_OSABI 7 /* Operating system / ABI identification */

+#define EI_ABIVERSION 8 /* ABI version */

+#define OLD_EI_BRAND 8 /* Start of architecture identification. */

+#define EI_PAD 9 /* Start of padding (per SVR4 ABI). */

+#define EI_NIDENT 16 /* Size of e_ident array. */

+

+/* Values for the magic number bytes. */

+#define ELFMAG0 0x7f

+#define ELFMAG1 'E'

+#define ELFMAG2 'L'

+#define ELFMAG3 'F'

+#define ELFMAG "\177ELF" /* magic string */

+#define SELFMAG 4 /* magic string size */

+

+/* Values for e_ident[EI_VERSION] and e_version. */

+#define EV_NONE 0

+#define EV_CURRENT 1

+

+/* Values for e_ident[EI_CLASS]. */

+#define ELFCLASSNONE 0 /* Unknown class. */

+#define ELFCLASS32 1 /* 32-bit architecture. */

+#define ELFCLASS64 2 /* 64-bit architecture. */

+

+/* Values for e_ident[EI_DATA]. */

+#define ELFDATANONE 0 /* Unknown data format. */

+#define ELFDATA2LSB 1 /* 2's complement little-endian. */

+#define ELFDATA2MSB 2 /* 2's complement big-endian. */

+

+/* Values for e_ident[EI_OSABI]. */

+#define ELFOSABI_NONE 0 /* UNIX System V ABI */

+#define ELFOSABI_HPUX 1 /* HP-UX operating system */

+#define ELFOSABI_NETBSD 2 /* NetBSD */

+#define ELFOSABI_LINUX 3 /* GNU/Linux */

+#define ELFOSABI_HURD 4 /* GNU/Hurd */

+#define ELFOSABI_86OPEN 5 /* 86Open common IA32 ABI */

+#define ELFOSABI_SOLARIS 6 /* Solaris */

+#define ELFOSABI_AIX 7 /* AIX */

+#define ELFOSABI_IRIX 8 /* IRIX */

+#define ELFOSABI_FREEBSD 9 /* FreeBSD */

+#define ELFOSABI_TRU64 10 /* TRU64 UNIX */

+#define ELFOSABI_MODESTO 11 /* Novell Modesto */

+#define ELFOSABI_OPENBSD 12 /* OpenBSD */

+#define ELFOSABI_OPENVMS 13 /* Open VMS */

+#define ELFOSABI_NSK 14 /* HP Non-Stop Kernel */

+#define ELFOSABI_ARM 97 /* ARM */

+#define ELFOSABI_STANDALONE 255 /* Standalone (embedded)
application */

+

+#define ELFOSABI_SYSV ELFOSABI_NONE /* symbol used in old spec */

+#define ELFOSABI_MONTEREY ELFOSABI_AIX /* Monterey */

+

+/* e_ident */

+#define IS_ELF(ehdr) ((ehdr).e_ident[EI_MAG0] == ELFMAG0 && \

+ (ehdr).e_ident[EI_MAG1] == ELFMAG1 && \

+ (ehdr).e_ident[EI_MAG2] == ELFMAG2 && \

+ (ehdr).e_ident[EI_MAG3] == ELFMAG3)

+

+/* Values for e_type. */

+#define ET_NONE 0 /* Unknown type. */

+#define ET_REL 1 /* Relocatable. */

+#define ET_EXEC 2 /* Executable. */

+#define ET_DYN 3 /* Shared object. */

+#define ET_CORE 4 /* Core file. */

+#define ET_LOOS 0xfe00 /* First operating system specific. */

+#define ET_HIOS 0xfeff /* Last operating system-specific. */

+#define ET_LOPROC 0xff00 /* First processor-specific. */

+#define ET_HIPROC 0xffff /* Last processor-specific. */

+

+/* Values for e_machine. */

+#define EM_NONE 0 /* Unknown machine. */

+#define EM_M32 1 /* AT&T WE32100. */

+#define EM_SPARC 2 /* Sun SPARC. */

+#define EM_386 3 /* Intel i386. */

+#define EM_68K 4 /* Motorola 68000. */

+#define EM_88K 5 /* Motorola 88000. */

+#define EM_860 7 /* Intel i860. */

+#define EM_MIPS 8 /* MIPS R3000 Big-Endian only. */

+#define EM_S370 9 /* IBM System/370. */

+#define EM_MIPS_RS3_LE 10 /* MIPS R3000 Little-Endian. */

+#define EM_PARISC 15 /* HP PA-RISC. */

+#define EM_VPP500 17 /* Fujitsu VPP500. */

+#define EM_SPARC32PLUS 18 /* SPARC v8plus. */

+#define EM_960 19 /* Intel 80960. */

+#define EM_PPC 20 /* PowerPC 32-bit. */

+#define EM_PPC64 21 /* PowerPC 64-bit. */

+#define EM_S390 22 /* IBM System/390. */

+#define EM_V800 36 /* NEC V800. */

+#define EM_FR20 37 /* Fujitsu FR20. */

+#define EM_RH32 38 /* TRW RH-32. */

+#define EM_RCE 39 /* Motorola RCE. */

+#define EM_ARM 40 /* ARM. */

+#define EM_SH 42 /* Hitachi SH. */

+#define EM_SPARCV9 43 /* SPARC v9 64-bit. */

+#define EM_TRICORE 44 /* Siemens TriCore embedded processor. */

+#define EM_ARC 45 /* Argonaut RISC Core. */

+#define EM_H8_300 46 /* Hitachi H8/300. */

+#define EM_H8_300H 47 /* Hitachi H8/300H. */

+#define EM_H8S 48 /* Hitachi H8S. */

+#define EM_H8_500 49 /* Hitachi H8/500. */

+#define EM_MIPS_X 51 /* Stanford MIPS-X. */

+#define EM_COLDFIRE 52 /* Motorola ColdFire. */

+#define EM_68HC12 53 /* Motorola M68HC12. */

+#define EM_MMA 54 /* Fujitsu MMA. */

+#define EM_PCP 55 /* Siemens PCP. */

+#define EM_NCPU 56 /* Sony nCPU. */

+#define EM_NDR1 57 /* Denso NDR1 microprocessor. */

+#define EM_STARCORE 58 /* Motorola Star*Core processor. */

+#define EM_ME16 59 /* Toyota ME16 processor. */

+#define EM_ST100 60 /* STMicroelectronics ST100 processor. */

+#define EM_TINYJ 61 /* Advanced Logic Corp. TinyJ processor. */

+#define EM_X86_64 62 /* Advanced Micro Devices x86-64 */

+#define EM_AMD64 EM_X86_64 /* Advanced Micro Devices x86-64
(compat) */

+#define EM_AARCH64 183 /* ARM 64bit Architecture */

+

+/* Non-standard or deprecated. */

+#define EM_486 6 /* Intel i486. */

+#define EM_MIPS_RS4_BE 10 /* MIPS R4000 Big-Endian */

+#define EM_ALPHA_STD 41 /* Digital Alpha (standard value). */

+#define EM_ALPHA 0x9026 /* Alpha (written in the absence of an ABI) */

+

+/* Special section indexes. */

+#define SHN_UNDEF 0 /* Undefined, missing, irrelevant. */

+#define SHN_LORESERVE 0xff00 /* First of reserved range. */

+#define SHN_LOPROC 0xff00 /* First processor-specific. */

+#define SHN_HIPROC 0xff1f /* Last processor-specific. */

+#define SHN_LOOS 0xff20 /* First operating system-specific. */

+#define SHN_HIOS 0xff3f /* Last operating system-specific. */

+#define SHN_ABS 0xfff1 /* Absolute values. */

+#define SHN_COMMON 0xfff2 /* Common data. */

+#define SHN_XINDEX 0xffff /* Escape -- index stored elsewhere. */

+#define SHN_HIRESERVE 0xffff /* Last of reserved range. */

+

+/* sh_type */

+#define SHT_NULL 0 /* inactive */

+#define SHT_PROGBITS 1 /* program defined information */

+#define SHT_SYMTAB 2 /* symbol table section */

+#define SHT_STRTAB 3 /* string table section */

+#define SHT_RELA 4 /* relocation section with addends */

+#define SHT_HASH 5 /* symbol hash table section */

+#define SHT_DYNAMIC 6 /* dynamic section */

+#define SHT_NOTE 7 /* note section */

+#define SHT_NOBITS 8 /* no space section */

+#define SHT_REL 9 /* relocation section - no addends */

+#define SHT_SHLIB 10 /* reserved - purpose unknown */

+#define SHT_DYNSYM 11 /* dynamic symbol table section */

+#define SHT_INIT_ARRAY 14 /* Initialization function pointers. */

+#define SHT_FINI_ARRAY 15 /* Termination function pointers. */

+#define SHT_PREINIT_ARRAY 16 /* Pre-initialization function ptrs. */

+#define SHT_GROUP 17 /* Section group. */

+#define SHT_SYMTAB_SHNDX 18 /* Section indexes (see SHN_XINDEX). */

+#define SHT_LOOS 0x60000000 /* First of OS specific semantics */

+#define SHT_LOSUNW 0x6ffffff4

+#define SHT_SUNW_dof 0x6ffffff4

+#define SHT_SUNW_cap 0x6ffffff5

+#define SHT_SUNW_SIGNATURE 0x6ffffff6

+#define SHT_SUNW_ANNOTATE 0x6ffffff7

+#define SHT_SUNW_DEBUGSTR 0x6ffffff8

+#define SHT_SUNW_DEBUG 0x6ffffff9

+#define SHT_SUNW_move 0x6ffffffa

+#define SHT_SUNW_COMDAT 0x6ffffffb

+#define SHT_SUNW_syminfo 0x6ffffffc

+#define SHT_SUNW_verdef 0x6ffffffd

+#define SHT_GNU_verdef 0x6ffffffd /* Symbol versions provided */

+#define SHT_SUNW_verneed 0x6ffffffe

+#define SHT_GNU_verneed 0x6ffffffe /* Symbol versions required */

+#define SHT_SUNW_versym 0x6fffffff

+#define SHT_GNU_versym 0x6fffffff /* Symbol version table */

+#define SHT_HISUNW 0x6fffffff

+#define SHT_HIOS 0x6fffffff /* Last of OS specific semantics */

+#define SHT_LOPROC 0x70000000 /* reserved range for processor */

+#define SHT_AMD64_UNWIND 0x70000001 /* unwind information */

+#define SHT_HIPROC 0x7fffffff /* specific section header types */

+#define SHT_LOUSER 0x80000000 /* reserved range for application */

+#define SHT_HIUSER 0xffffffff /* specific indexes */

+

+/* Flags for sh_flags. */

+#define SHF_WRITE 0x1 /* Section contains writable data. */

+#define SHF_ALLOC 0x2 /* Section occupies memory. */

+#define SHF_EXECINSTR 0x4 /* Section contains instructions. */

+#define SHF_MERGE 0x10 /* Section may be merged. */

+#define SHF_STRINGS 0x20 /* Section contains strings. */

+#define SHF_INFO_LINK 0x40 /* sh_info holds section index. */

+#define SHF_LINK_ORDER 0x80 /* Special ordering requirements. */

+#define SHF_OS_NONCONFORMING 0x100 /* OS-specific processing
required. */

+#define SHF_GROUP 0x200 /* Member of section group. */

+#define SHF_TLS 0x400 /* Section contains TLS data. */

+#define SHF_MASKOS 0x0ff00000 /* OS-specific semantics. */

+#define SHF_MASKPROC 0xf0000000 /* Processor-specific semantics. */

+

+/* Values for p_type. */

+#define PT_NULL 0 /* Unused entry. */

+#define PT_LOAD 1 /* Loadable segment. */

+#define PT_DYNAMIC 2 /* Dynamic linking information segment. */

+#define PT_INTERP 3 /* Pathname of interpreter. */

+#define PT_NOTE 4 /* Auxiliary information. */

+#define PT_SHLIB 5 /* Reserved (not used). */

+#define PT_PHDR 6 /* Location of program header itself. */

+#define PT_TLS 7 /* Thread local storage segment */

+#define PT_LOOS 0x60000000 /* First OS-specific. */

+#define PT_SUNW_UNWIND 0x6464e550 /* amd64 UNWIND program
header */

+#define PT_GNU_EH_FRAME 0x6474e550

+#define PT_LOSUNW 0x6ffffffa

+#define PT_SUNWBSS 0x6ffffffa /* Sun Specific segment */

+#define PT_SUNWSTACK 0x6ffffffb /* describes the stack segment */

+#define PT_SUNWDTRACE 0x6ffffffc /* private */

+#define PT_SUNWCAP 0x6ffffffd /* hard/soft capabilities segment */

+#define PT_HISUNW 0x6fffffff

+#define PT_HIOS 0x6fffffff /* Last OS-specific. */

+#define PT_LOPROC 0x70000000 /* First processor-specific type. */

+#define PT_HIPROC 0x7fffffff /* Last processor-specific type. */

+

+/* Values for p_flags. */

+#define PF_X 0x1 /* Executable. */

+#define PF_W 0x2 /* Writable. */

+#define PF_R 0x4 /* Readable. */

+#define PF_MASKOS 0x0ff00000 /* Operating system-specific. */

+#define PF_MASKPROC 0xf0000000 /* Processor-specific. */

+

+/* Extended program header index. */

+#define PN_XNUM 0xffff

+

+/* Values for d_tag. */

+#define DT_NULL 0 /* Terminating entry. */

+#define DT_NEEDED 1 /* String table offset of a needed shared

+ library. */

+#define DT_PLTRELSZ 2 /* Total size in bytes of PLT relocations. */

+#define DT_PLTGOT 3 /* Processor-dependent address. */

+#define DT_HASH 4 /* Address of symbol hash table. */

+#define DT_STRTAB 5 /* Address of string table. */

+#define DT_SYMTAB 6 /* Address of symbol table. */

+#define DT_RELA 7 /* Address of ElfNN_Rela relocations. */

+#define DT_RELASZ 8 /* Total size of ElfNN_Rela relocations. */

+#define DT_RELAENT 9 /* Size of each ElfNN_Rela relocation entry. */

+#define DT_STRSZ 10 /* Size of string table. */

+#define DT_SYMENT 11 /* Size of each symbol table entry. */

+#define DT_INIT 12 /* Address of initialization function. */

+#define DT_FINI 13 /* Address of finalization function. */

+#define DT_SONAME 14 /* String table offset of shared object

+ name. */

+#define DT_RPATH 15 /* String table offset of library path. [sup] */

+#define DT_SYMBOLIC 16 /* Indicates "symbolic" linking. [sup] */

+#define DT_REL 17 /* Address of ElfNN_Rel relocations. */

+#define DT_RELSZ 18 /* Total size of ElfNN_Rel relocations. */

+#define DT_RELENT 19 /* Size of each ElfNN_Rel relocation. */

+#define DT_PLTREL 20 /* Type of relocation used for PLT. */

+#define DT_DEBUG 21 /* Reserved (not used). */

+#define DT_TEXTREL 22 /* Indicates there may be relocations in

+ non-writable segments. [sup] */

+#define DT_JMPREL 23 /* Address of PLT relocations. */

+#define DT_BIND_NOW 24 /* [sup] */

+#define DT_INIT_ARRAY 25 /* Address of the array of pointers to

+ initialization functions */

+#define DT_FINI_ARRAY 26 /* Address of the array of pointers to

+ termination functions */

+#define DT_INIT_ARRAYSZ 27 /* Size in bytes of the array of

+ initialization functions. */

+#define DT_FINI_ARRAYSZ 28 /* Size in bytes of the array of

+ terminationfunctions. */

+#define DT_RUNPATH 29 /* String table offset of a null-terminated

+ library search path string. */

+#define DT_FLAGS 30 /* Object specific flag values. */

+#define DT_ENCODING 32 /* Values greater than or equal to
DT_ENCODING

+ and less than DT_LOOS follow the rules for

+ the interpretation of the d_un union

+ as follows: even == 'd_ptr', even == 'd_val'

+ or none */

+#define DT_PREINIT_ARRAY 32 /* Address of the array of pointers to

+ pre-initialization functions. */

+#define DT_PREINIT_ARRAYSZ 33 /* Size in bytes of the array of

+ pre-initialization functions. */

+#define DT_MAXPOSTAGS 34 /* number of positive tags */

+#define DT_LOOS 0x6000000d /* First OS-specific */

+#define DT_SUNW_AUXILIARY 0x6000000d /* symbol auxiliary name */

+#define DT_SUNW_RTLDINF 0x6000000e /* ld.so.1 info (private) */

+#define DT_SUNW_FILTER 0x6000000f /* symbol filter name */

+#define DT_SUNW_CAP 0x60000010 /* hardware/software */

+#define DT_HIOS 0x6ffff000 /* Last OS-specific */

+

+/*

+ * DT_* entries which fall between DT_VALRNGHI & DT_VALRNGLO use the

+ * Dyn.d_un.d_val field of the Elf*_Dyn structure.

+ */

+#define DT_VALRNGLO 0x6ffffd00

+#define DT_CHECKSUM 0x6ffffdf8 /* elf checksum */

+#define DT_PLTPADSZ 0x6ffffdf9 /* pltpadding size */

+#define DT_MOVEENT 0x6ffffdfa /* move table entry size */

+#define DT_MOVESZ 0x6ffffdfb /* move table size */

+#define DT_FEATURE_1 0x6ffffdfc /* feature holder */

+#define DT_POSFLAG_1 0x6ffffdfd /* flags for DT_* entries, effecting */

+ /* the following DT_* entry. */

+ /* See DF_P1_* definitions */

+#define DT_SYMINSZ 0x6ffffdfe /* syminfo table size (in bytes) */

+#define DT_SYMINENT 0x6ffffdff /* syminfo entry size (in bytes) */

+#define DT_VALRNGHI 0x6ffffdff

+

+/*

+ * DT_* entries which fall between DT_ADDRRNGHI & DT_ADDRRNGLO use
the

+ * Dyn.d_un.d_ptr field of the Elf*_Dyn structure.

+ *

+ * If any adjustment is made to the ELF object after it has been

+ * built, these entries will need to be adjusted.

+ */

+#define DT_ADDRRNGLO 0x6ffffe00

+#define DT_CONFIG 0x6ffffefa /* configuration information */

+#define DT_DEPAUDIT 0x6ffffefb /* dependency auditing */

+#define DT_AUDIT 0x6ffffefc /* object auditing */

+#define DT_PLTPAD 0x6ffffefd /* pltpadding (sparcv9) */

+#define DT_MOVETAB 0x6ffffefe /* move table */

+#define DT_SYMINFO 0x6ffffeff /* syminfo table */

+#define DT_ADDRRNGHI 0x6ffffeff

+

+#define DT_VERSYM 0x6ffffff0 /* Address of versym section. */

+#define DT_RELACOUNT 0x6ffffff9 /* number of RELATIVE relocations */

+#define DT_RELCOUNT 0x6ffffffa /* number of RELATIVE relocations */

+#define DT_FLAGS_1 0x6ffffffb /* state flags - see DF_1_* defs */

+#define DT_VERDEF 0x6ffffffc /* Address of verdef section. */

+#define DT_VERDEFNUM 0x6ffffffd /* Number of elems in verdef section
*/

+#define DT_VERNEED 0x6ffffffe /* Address of verneed section. */

+#define DT_VERNEEDNUM 0x6fffffff /* Number of elems in verneed
section */

+

+#define DT_LOPROC 0x70000000 /* First processor-specific type. */

+#define DT_DEPRECATED_SPARC_REGISTER 0x7000001

+#define DT_AUXILIARY 0x7ffffffd /* shared library auxiliary name */

+#define DT_USED 0x7ffffffe /* ignored - same as needed */

+#define DT_FILTER 0x7fffffff /* shared library filter name */

+#define DT_HIPROC 0x7fffffff /* Last processor-specific type. */

+

+/* Values for DT_FLAGS */

+#define DF_ORIGIN 0x0001 /* Indicates that the object being loaded may

+ make reference to the $ORIGIN substitution

+ string */

+#define DF_SYMBOLIC 0x0002 /* Indicates "symbolic" linking. */

+#define DF_TEXTREL 0x0004 /* Indicates there may be relocations in

+ non-writable segments. */

+#define DF_BIND_NOW 0x0008 /* Indicates that the dynamic linker
should

+ process all relocations for the object

+ containing this entry before transferring

+ control to the program. */

+#define DF_STATIC_TLS 0x0010 /* Indicates that the shared object or

+ executable contains code using a static

+ thread-local storage scheme. */

+

+/* Values for n_type. Used in core files. */

+#define NT_PRSTATUS 1 /* Process status. */

+#define NT_FPREGSET 2 /* Floating point registers. */

+#define NT_PRPSINFO 3 /* Process state info. */

+

+/* Symbol Binding - ELFNN_ST_BIND - st_info */

+#define STB_LOCAL 0 /* Local symbol */

+#define STB_GLOBAL 1 /* Global symbol */

+#define STB_WEAK 2 /* like global - lower precedence */

+#define STB_LOOS 10 /* Reserved range for operating system */

+#define STB_HIOS 12 /* specific semantics. */

+#define STB_LOPROC 13 /* reserved range for processor */

+#define STB_HIPROC 15 /* specific semantics. */

+

+/* Symbol type - ELFNN_ST_TYPE - st_info */

+#define STT_NOTYPE 0 /* Unspecified type. */

+#define STT_OBJECT 1 /* Data object. */

+#define STT_FUNC 2 /* Function. */

+#define STT_SECTION 3 /* Section. */

+#define STT_FILE 4 /* Source file. */

+#define STT_COMMON 5 /* Uninitialized common block. */

+#define STT_TLS 6 /* TLS object. */

+#define STT_NUM 7

+#define STT_LOOS 10 /* Reserved range for operating system */

+#define STT_HIOS 12 /* specific semantics. */

+#define STT_LOPROC 13 /* reserved range for processor */

+#define STT_HIPROC 15 /* specific semantics. */

+

+/* Symbol visibility - ELFNN_ST_VISIBILITY - st_other */

+#define STV_DEFAULT 0x0 /* Default visibility (see binding). */

+#define STV_INTERNAL 0x1 /* Special meaning in relocatable objects. */

+#define STV_HIDDEN 0x2 /* Not visible. */

+#define STV_PROTECTED 0x3 /* Visible but not preemptible. */

+

+/* Special symbol table indexes. */

+#define STN_UNDEF 0 /* Undefined symbol index. */

+

+/* Symbol versioning flags. */

+#define VER_DEF_CURRENT 1

+#define VER_DEF_IDX(x) VER_NDX(x)

+

+#define VER_FLG_BASE 0x01

+#define VER_FLG_WEAK 0x02

+

+#define VER_NEED_CURRENT 1

+#define VER_NEED_WEAK (1u << 15)

+#define VER_NEED_HIDDEN VER_NDX_HIDDEN

+#define VER_NEED_IDX(x) VER_NDX(x)

+

+#define VER_NDX_LOCAL 0

+#define VER_NDX_GLOBAL 1

+#define VER_NDX_GIVEN 2

+

+#define VER_NDX_HIDDEN (1u << 15)

+#define VER_NDX(x) ((x) & ~(1u << 15))

+

+#define CA_SUNW_NULL 0

+#define CA_SUNW_HW_1 1 /* first hardware capabilities entry */

+#define CA_SUNW_SF_1 2 /* first software capabilities entry */

+

+/*

+ * Syminfo flag values

+ */

+#define SYMINFO_FLG_DIRECT 0x0001 /* symbol ref has direct association
*/

+ /* to object containing defn. */

+#define SYMINFO_FLG_PASSTHRU 0x0002 /* ignored - see
SYMINFO_FLG_FILTER */

+#define SYMINFO_FLG_COPY 0x0004 /* symbol is a copy-reloc */

+#define SYMINFO_FLG_LAZYLOAD 0x0008 /* object containing defn
should be */

+ /* lazily-loaded */

+#define SYMINFO_FLG_DIRECTBIND 0x0010 /* ref should be bound
directly to */

+ /* object containing defn. */

+#define SYMINFO_FLG_NOEXTDIRECT 0x0020 /* don't let an external
reference */

+ /* directly bind to this symbol */

+#define SYMINFO_FLG_FILTER 0x0002 /* symbol ref is associated to a */

+#define SYMINFO_FLG_AUXILIARY 0x0040 /* standard or auxiliary filter
*/

+

+/*

+ * Syminfo.si_boundto values.

+ */

+#define SYMINFO_BT_SELF 0xffff /* symbol bound to self */

+#define SYMINFO_BT_PARENT 0xfffe /* symbol bound to parent */

+#define SYMINFO_BT_NONE 0xfffd /* no special symbol binding */

+#define SYMINFO_BT_EXTERN 0xfffc /* symbol defined as external */

+#define SYMINFO_BT_LOWRESERVE 0xff00 /* beginning of reserved
entries */

+

+/*

+ * Syminfo version values.

+ */

+#define SYMINFO_NONE 0 /* Syminfo version */

+#define SYMINFO_CURRENT 1

+#define SYMINFO_NUM 2

+

+/*

+ * Relocation types.

+ *

+ * All machine architectures are defined here to allow tools on one to

+ * handle others.

+ */

+

+#define R_386_NONE 0 /* No relocation. */

+#define R_386_32 1 /* Add symbol value. */

+#define R_386_PC32 2 /* Add PC-relative symbol value. */

+#define R_386_GOT32 3 /* Add PC-relative GOT offset. */

+#define R_386_PLT32 4 /* Add PC-relative PLT offset. */

+#define R_386_COPY 5 /* Copy data from shared object. */

+#define R_386_GLOB_DAT 6 /* Set GOT entry to data address. */

+#define R_386_JMP_SLOT 7 /* Set GOT entry to code address. */

+#define R_386_RELATIVE 8 /* Add load address of shared object. */

+#define R_386_GOTOFF 9 /* Add GOT-relative symbol address. */

+#define R_386_GOTPC 10 /* Add PC-relative GOT table address. */

+#define R_386_TLS_TPOFF 14 /* Negative offset in static TLS block */

+#define R_386_TLS_IE 15 /* Absolute address of GOT for -ve static TLS */

+#define R_386_TLS_GOTIE 16 /* GOT entry for negative static TLS block
*/

+#define R_386_TLS_LE 17 /* Negative offset relative to static TLS */

+#define R_386_TLS_GD 18 /* 32 bit offset to GOT (index,off) pair */

+#define R_386_TLS_LDM 19 /* 32 bit offset to GOT (index,zero) pair */

+#define R_386_TLS_GD_32 24 /* 32 bit offset to GOT (index,off) pair */

+#define R_386_TLS_GD_PUSH 25 /* pushl instruction for Sun ABI GD
sequence */

+#define R_386_TLS_GD_CALL 26 /* call instruction for Sun ABI GD
sequence */

+#define R_386_TLS_GD_POP 27 /* popl instruction for Sun ABI GD
sequence */

+#define R_386_TLS_LDM_32 28 /* 32 bit offset to GOT (index,zero) pair */

+#define R_386_TLS_LDM_PUSH 29 /* pushl instruction for Sun ABI LD
sequence */

+#define R_386_TLS_LDM_CALL 30 /* call instruction for Sun ABI LD
sequence */

+#define R_386_TLS_LDM_POP 31 /* popl instruction for Sun ABI LD
sequence */

+#define R_386_TLS_LDO_32 32 /* 32 bit offset from start of TLS block */

+#define R_386_TLS_IE_32 33 /* 32 bit offset to GOT static TLS offset entry
*/

+#define R_386_TLS_LE_32 34 /* 32 bit offset within static TLS block */

+#define R_386_TLS_DTPMOD32 35 /* GOT entry containing TLS index */

+#define R_386_TLS_DTPOFF32 36 /* GOT entry containing TLS offset */

+#define R_386_TLS_TPOFF32 37 /* GOT entry of -ve static TLS offset */

+

+/* Null relocation */

+#define R_AARCH64_NONE 256 /* No relocation */

+/* Static AArch64 relocations */

+ /* Static data relocations */

+#define R_AARCH64_ABS64 257 /* S + A */

+#define R_AARCH64_ABS32 258 /* S + A */

+#define R_AARCH64_ABS16 259 /* S + A */

+#define R_AARCH64_PREL64 260 /* S + A - P */

+#define R_AARCH64_PREL32 261 /* S + A - P */

+#define R_AARCH64_PREL16 262 /* S + A - P */

+ /* Group relocations to create a 16, 32, 48, or 64 bit unsigned data value or
address inline */

+#define R_AARCH64_MOVW_UABS_G0 263 /* S + A */

+#define R_AARCH64_MOVW_UABS_G0_NC 264 /* S + A */

+#define R_AARCH64_MOVW_UABS_G1 265 /* S + A */

+#define R_AARCH64_MOVW_UABS_G1_NC 266 /* S + A */

+#define R_AARCH64_MOVW_UABS_G2 267 /* S + A */

+#define R_AARCH64_MOVW_UABS_G2_NC 268 /* S + A */

+#define R_AARCH64_MOVW_UABS_G3 269 /* S + A */

+ /* Group relocations to create a 16, 32, 48, or 64 bit signed data or offset
value inline */

+#define R_AARCH64_MOVW_SABS_G0 270 /* S + A */

+#define R_AARCH64_MOVW_SABS_G1 271 /* S + A */

+#define R_AARCH64_MOVW_SABS_G2 272 /* S + A */

+ /* Relocations to generate 19, 21 and 33 bit PC-relative addresses */

+#define R_AARCH64_LD_PREL_LO19 273 /* S + A - P */

+#define R_AARCH64_ADR_PREL_LO21 274 /* S + A - P */

+#define R_AARCH64_ADR_PREL_PG_HI21 275 /* Page(S+A) - Page(P) */

+#define R_AARCH64_ADR_PREL_PG_HI21_NC 276 /* Page(S+A) - Page(P)
*/

+#define R_AARCH64_ADD_ABS_LO12_NC 277 /* S + A */

+#define R_AARCH64_LDST8_ABS_LO12_NC 278 /* S + A */

+#define R_AARCH64_LDST16_ABS_LO12_NC 284 /* S + A */

+#define R_AARCH64_LDST32_ABS_LO12_NC 285 /* S + A */

+#define R_AARCH64_LDST64_ABS_LO12_NC 286 /* S + A */

+#define R_AARCH64_LDST128_ABS_LO12_NC 299 /* S + A */

+ /* Relocations for control-flow instructions - all offsets are a multiple of 4 */

+#define R_AARCH64_TSTBR14 279 /* S+A-P */

+#define R_AARCH64_CONDBR19 280 /* S+A-P */

+#define R_AARCH64_JUMP26 282 /* S+A-P */

+#define R_AARCH64_CALL26 283 /* S+A-P */

+ /* Group relocations to create a 16, 32, 48, or 64 bit PC-relative offset inline
*/

+#define R_AARCH64_MOVW_PREL_G0 287 /* S+A-P */

+#define R_AARCH64_MOVW_PREL_G0_NC 288 /* S+A-P */

+#define R_AARCH64_MOVW_PREL_G1 289 /* S+A-P */

+#define R_AARCH64_MOVW_PREL_G1_NC 290 /* S+A-P */

+#define R_AARCH64_MOVW_PREL_G2 291 /* S+A-P */

+#define R_AARCH64_MOVW_PREL_G2_NC 292 /* S+A-P */

+#define R_AARCH64_MOVW_PREL_G3 293 /* S+A-P */

+ /* Group relocations to create a 16, 32, 48, or 64 bit GOT-relative offsets
inline */

+#define R_AARCH64_MOVW_GOTOFF_G0 300 /* G(S)-GOT */

+#define R_AARCH64_MOVW_GOTOFF_G0_NC 301 /* G(S)-GOT */

+#define R_AARCH64_MOVW_GOTOFF_G1 302 /* G(S)-GOT */

+#define R_AARCH64_MOVW_GOTOFF_G1_NC 303 /* G(S)-GOT */

+#define R_AARCH64_MOVW_GOTOFF_G2 304 /* G(S)-GOT */

+#define R_AARCH64_MOVW_GOTOFF_G2_NC 305 /* G(S)-GOT */

+#define R_AARCH64_MOVW_GOTOFF_G3 306 /* G(S)-GOT */

+ /* GOT-relative data relocations */

+#define R_AARCH64_GOTREL64 307 /* S+A-GOT */

+#define R_AARCH64_GOTREL32 308 /* S+A-GOT */

+ /* GOT-relative instruction relocations */

+#define R_AARCH64_GOT_LD_PREL19 309 /* G(S)-P */

+#define R_AARCH64_LD64_GOTOFF_LO15 310 /* G(S)-GOT */

+#define R_AARCH64_ADR_GOT_PAGE 311 /* Page(G(S))-Page(P) */

+#define R_AARCH64_LD64_GOT_LO12_NC 312 /* G(S) */

+#define R_AARCH64_LD64_GOTPAGE_LO15 313 /* G(S)-Page(GOT) */

+/* Relocations for thread-local storage */

+ /* General Dynamic TLS relocations */

+#define R_AARCH64_TLSGD_ADR_PREL21 512 /* G(TLSIDX(S+A)) - P */

+#define R_AARCH64_TLSGD_ADR_PAGE21 513 /* Page(G(TLSIDX(S+A)))
- Page(P) */

+#define R_AARCH64_TLSGD_ADD_LO12_NC 514 /* G(TLSIDX(S+A)) */

+#define R_AARCH64_TLSGD_MOVW_G1 515 /* G(TLSIDX(S+A)) - GOT
*/

+#define R_AARCH64_TLSGD_MOVW_G0_NC 516 /* G(TLSIDX(S+A)) -
GOT */

+ /* Local Dynamic TLS relocations */

+#define R_AARCH64_TLSLD_ADR_PREL21 517 /* G(LDM(S))) - P */

+#define R_AARCH64_TLSLD_ADR_PAGE21 518 /* Page(G(LDM(S)))-
Page(P) */

+#define R_AARCH64_TLSLD_ADD_LO12_NC 519 /* G(LDM(S)) */

+#define R_AARCH64_TLSLD_MOVW_G1 520 /* G(LDM(S)) - GOT */

+#define R_AARCH64_TLSLD_MOVW_G0_NC 521 /* G(LDM(S)) - GOT */

+#define R_AARCH64_TLSLD_LD_PREL19 522 /* G(LDM(S)) - P */

+#define R_AARCH64_TLSLD_MOVW_DTPREL_G2 523 /* DTPREL(S+A) */

+#define R_AARCH64_TLSLD_MOVW_DTPREL_G1 524 /* DTPREL(S+A) */

+#define R_AARCH64_TLSLD_MOVW_DTPREL_G1_NC 525 /* DTPREL(S+A)
*/

+#define R_AARCH64_TLSLD_MOVW_DTPREL_G0 526 /* DTPREL(S+A) */

+#define R_AARCH64_TLSLD_MOVW_DTPREL_G0_NC 527 /* DTPREL(S+A)
*/

+#define R_AARCH64_TLSLD_ADD_DTPREL_HI12 528 /* DTPREL(S+A) */

+#define R_AARCH64_TLSLD_ADD_DTPREL_LO12 529 /* DTPREL(S+A) */

+#define R_AARCH64_TLSLD_ADD_DTPREL_LO12_NC 530 /* DTPREL(S+A)
*/

+#define R_AARCH64_TLSLD_LDST8_DTPREL_LO12 531 /* DTPREL(S+A) */

+#define R_AARCH64_TLSLD_LDST8_DTPREL_LO12_NC 532 /* DTPREL(S+A)
*/

+#define R_AARCH64_TLSLD_LDST16_DTPREL_LO12 533 /* DTPREL(S+A) */

+#define R_AARCH64_TLSLD_LDST16_DTPREL_LO12_NC 534 /* DTPREL(S+A)
*/

+#define R_AARCH64_TLSLD_LDST32_DTPREL_LO12 535 /* DTPREL(S+A) */

+#define R_AARCH64_TLSLD_LDST32_DTPREL_LO12_NC 536 /* DTPREL(S+A)
*/

+#define R_AARCH64_TLSLD_LDST64_DTPREL_LO12 537 /* DTPREL(S+A) */

+#define R_AARCH64_TLSLD_LDST64_DTPREL_LO12_NC 538 /* DTPREL(S+A)
*/

+ /* Initial Exec TLS relocations */

+#define R_AARCH64_TLSIE_MOVW_GOTTPREL_G1 539 /* G(TPREL(S+A))
- GOT */

+#define R_AARCH64_TLSIE_MOVW_GOTTPREL_G0_NC 540 /*
G(TPREL(S+A)) - GOT */

+#define R_AARCH64_TLSIE_ADR_GOTTPREL_PAGE21 541 /*
Page(G(TPREL(S+A))) - Page(P) */

+#define R_AARCH64_TLSIE_LD64_GOTTPREL_LO12_NC 542 /*
G(TPREL(S+A)) */

+#define R_AARCH64_TLSIE_LD_GOTTPREL_PREL19 543 /* G(TPREL(S+A)) -
P */

+ /* Local Exec TLS relocations */

+#define R_AARCH64_TLSLE_MOVW_TPREL_G2 544 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_MOVW_TPREL_G1 545 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_MOVW_TPREL_G1_NC 546 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_MOVW_TPREL_G0 547 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_MOVW_TPREL_G0_NC 548 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_ADD_TPREL_HI12 549 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_ADD_TPREL_LO12 550 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_ADD_TPREL_LO12_NC 551 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_LDST8_TPREL_LO12 552 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_LDST8_TPREL_LO12_NC 553 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_LDST16_TPREL_LO12 554 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_LDST16_TPREL_LO12_NC 555 /* TPREL(S+A)
*/

+#define R_AARCH64_TLSLE_LDST32_TPREL_LO12 556 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_LDST32_TPREL_LO12_NC 557 /* TPREL(S+A)
*/

+#define R_AARCH64_TLSLE_LDST64_TPREL_LO12 558 /* TPREL(S+A) */

+#define R_AARCH64_TLSLE_LDST64_TPREL_LO12_NC 559 /* TPREL(S+A)
*/

+/* Dynamic relocations */

+ /* Dynamic relocations */

+#define R_AARCH64_COPY 1024

+#define R_AARCH64_GLOB_DAT 1025 /* S + A */

+#define R_AARCH64_JUMP_SLOT 1026 /* S + A */

+#define R_AARCH64_RELATIVE 1027 /* Delta(S) + A , Delta(P) + A */

+#define R_AARCH64_TLS_DTPREL64 1028 /* DTPREL(S+A) */

+#define R_AARCH64_TLS_DTPMOD64 1029 /* LDM(S) */

+#define R_AARCH64_TLS_TPREL64 1030 /* TPREL(S+A) */

+#define R_AARCH64_TLS_DTPREL32 1031 /* DTPREL(S+A) */

+#define R_AARCH64_TLS_DTPMOD32 1032 /* LDM(S) */

+#define R_AARCH64_TLS_TPREL32 1033 /* DTPREL(S+A) */

+

+#define R_ALPHA_NONE 0 /* No reloc */

+#define R_ALPHA_REFLONG 1 /* Direct 32 bit */

+#define R_ALPHA_REFQUAD 2 /* Direct 64 bit */

+#define R_ALPHA_GPREL32 3 /* GP relative 32 bit */

+#define R_ALPHA_LITERAL 4 /* GP relative 16 bit w/optimization */

+#define R_ALPHA_LITUSE 5 /* Optimization hint for LITERAL */

+#define R_ALPHA_GPDISP 6 /* Add displacement to GP */

+#define R_ALPHA_BRADDR 7 /* PC+4 relative 23 bit shifted */

+#define R_ALPHA_HINT 8 /* PC+4 relative 16 bit shifted */

+#define R_ALPHA_SREL16 9 /* PC relative 16 bit */

+#define R_ALPHA_SREL32 10 /* PC relative 32 bit */

+#define R_ALPHA_SREL64 11 /* PC relative 64 bit */

+#define R_ALPHA_OP_PUSH 12 /* OP stack push */

+#define R_ALPHA_OP_STORE 13 /* OP stack pop and store */

+#define R_ALPHA_OP_PSUB 14 /* OP stack subtract */

+#define R_ALPHA_OP_PRSHIFT 15 /* OP stack right shift */

+#define R_ALPHA_GPVALUE 16

+#define R_ALPHA_GPRELHIGH 17

+#define R_ALPHA_GPRELLOW 18

+#define R_ALPHA_IMMED_GP_16 19

+#define R_ALPHA_IMMED_GP_HI32 20

+#define R_ALPHA_IMMED_SCN_HI32 21

+#define R_ALPHA_IMMED_BR_HI32 22

+#define R_ALPHA_IMMED_LO32 23

+#define R_ALPHA_COPY 24 /* Copy symbol at runtime */

+#define R_ALPHA_GLOB_DAT 25 /* Create GOT entry */

+#define R_ALPHA_JMP_SLOT 26 /* Create PLT entry */

+#define R_ALPHA_RELATIVE 27 /* Adjust by program base */

+

+#define R_ARM_NONE 0 /* No relocation. */

+#define R_ARM_PC24 1

+#define R_ARM_ABS32 2

+#define R_ARM_REL32 3

+#define R_ARM_PC13 4

+#define R_ARM_ABS16 5

+#define R_ARM_ABS12 6

+#define R_ARM_THM_ABS5 7

+#define R_ARM_ABS8 8

+#define R_ARM_SBREL32 9

+#define R_ARM_THM_PC22 10

+#define R_ARM_THM_PC8 11

+#define R_ARM_AMP_VCALL9 12

+#define R_ARM_SWI24 13

+#define R_ARM_THM_SWI8 14

+#define R_ARM_XPC25 15

+#define R_ARM_THM_XPC22 16

+#define R_ARM_COPY 20 /* Copy data from shared object. */

+#define R_ARM_GLOB_DAT 21 /* Set GOT entry to data address. */

+#define R_ARM_JUMP_SLOT 22 /* Set GOT entry to code address. */

+#define R_ARM_RELATIVE 23 /* Add load address of shared object. */

+#define R_ARM_GOTOFF 24 /* Add GOT-relative symbol address. */

+#define R_ARM_GOTPC 25 /* Add PC-relative GOT table address. */

+#define R_ARM_GOT32 26 /* Add PC-relative GOT offset. */

+#define R_ARM_PLT32 27 /* Add PC-relative PLT offset. */

+#define R_ARM_CALL 28

+#define R_ARM_JMP24 29

+#define R_ARM_THM_MOVW_ABS_NC 47

+#define R_ARM_THM_MOVT_ABS 48

+

+// Block of PC-relative relocations added to work around gcc putting

+// object relocations in static executables.

+#define R_ARM_THM_JUMP24 30

+#define R_ARM_PREL31 42

+#define R_ARM_MOVW_PREL_NC 45

+#define R_ARM_MOVT_PREL 46

+#define R_ARM_THM_MOVW_PREL_NC 49

+#define R_ARM_THM_MOVT_PREL 50

+#define R_ARM_THM_JMP6 52

+#define R_ARM_THM_ALU_PREL_11_0 53

+#define R_ARM_THM_PC12 54

+#define R_ARM_REL32_NOI 56

+#define R_ARM_ALU_PC_G0_NC 57

+#define R_ARM_ALU_PC_G0 58

+#define R_ARM_ALU_PC_G1_NC 59

+#define R_ARM_ALU_PC_G1 60

+#define R_ARM_ALU_PC_G2 61

+#define R_ARM_LDR_PC_G1 62

+#define R_ARM_LDR_PC_G2 63

+#define R_ARM_LDRS_PC_G0 64

+#define R_ARM_LDRS_PC_G1 65

+#define R_ARM_LDRS_PC_G2 66

+#define R_ARM_LDC_PC_G0 67

+#define R_ARM_LDC_PC_G1 68

+#define R_ARM_LDC_PC_G2 69

+#define R_ARM_GOT_PREL 96

+#define R_ARM_THM_JUMP11 102

+#define R_ARM_THM_JUMP8 103

+#define R_ARM_TLS_GD32 104

+#define R_ARM_TLS_LDM32 105

+#define R_ARM_TLS_IE32 107

+

+#define R_ARM_THM_JUMP19 51

+#define R_ARM_GNU_VTENTRY 100

+#define R_ARM_GNU_VTINHERIT 101

+#define R_ARM_RSBREL32 250

+#define R_ARM_THM_RPC22 251

+#define R_ARM_RREL32 252

+#define R_ARM_RABS32 253

+#define R_ARM_RPC24 254

+#define R_ARM_RBASE 255

+

+#define R_PPC_NONE 0 /* No relocation. */

+#define R_PPC_ADDR32 1

+#define R_PPC_ADDR24 2

+#define R_PPC_ADDR16 3

+#define R_PPC_ADDR16_LO 4

+#define R_PPC_ADDR16_HI 5

+#define R_PPC_ADDR16_HA 6

+#define R_PPC_ADDR14 7

+#define R_PPC_ADDR14_BRTAKEN 8

+#define R_PPC_ADDR14_BRNTAKEN 9

+#define R_PPC_REL24 10

+#define R_PPC_REL14 11

+#define R_PPC_REL14_BRTAKEN 12

+#define R_PPC_REL14_BRNTAKEN 13

+#define R_PPC_GOT16 14

+#define R_PPC_GOT16_LO 15

+#define R_PPC_GOT16_HI 16

+#define R_PPC_GOT16_HA 17

+#define R_PPC_PLTREL24 18

+#define R_PPC_COPY 19

+#define R_PPC_GLOB_DAT 20

+#define R_PPC_JMP_SLOT 21

+#define R_PPC_RELATIVE 22

+#define R_PPC_LOCAL24PC 23

+#define R_PPC_UADDR32 24

+#define R_PPC_UADDR16 25

+#define R_PPC_REL32 26

+#define R_PPC_PLT32 27

+#define R_PPC_PLTREL32 28

+#define R_PPC_PLT16_LO 29

+#define R_PPC_PLT16_HI 30

+#define R_PPC_PLT16_HA 31

+#define R_PPC_SDAREL16 32

+#define R_PPC_SECTOFF 33

+#define R_PPC_SECTOFF_LO 34

+#define R_PPC_SECTOFF_HI 35

+#define R_PPC_SECTOFF_HA 36

+

+/*

+ * TLS relocations

+ */

+#define R_PPC_TLS 67

+#define R_PPC_DTPMOD32 68

+#define R_PPC_TPREL16 69

+#define R_PPC_TPREL16_LO 70

+#define R_PPC_TPREL16_HI 71

+#define R_PPC_TPREL16_HA 72

+#define R_PPC_TPREL32 73

+#define R_PPC_DTPREL16 74

+#define R_PPC_DTPREL16_LO 75

+#define R_PPC_DTPREL16_HI 76

+#define R_PPC_DTPREL16_HA 77

+#define R_PPC_DTPREL32 78

+#define R_PPC_GOT_TLSGD16 79

+#define R_PPC_GOT_TLSGD16_LO 80

+#define R_PPC_GOT_TLSGD16_HI 81

+#define R_PPC_GOT_TLSGD16_HA 82

+#define R_PPC_GOT_TLSLD16 83

+#define R_PPC_GOT_TLSLD16_LO 84

+#define R_PPC_GOT_TLSLD16_HI 85

+#define R_PPC_GOT_TLSLD16_HA 86

+#define R_PPC_GOT_TPREL16 87

+#define R_PPC_GOT_TPREL16_LO 88

+#define R_PPC_GOT_TPREL16_HI 89

+#define R_PPC_GOT_TPREL16_HA 90

+

+/*

+ * The remaining relocs are from the Embedded ELF ABI, and are not in the

+ * SVR4 ELF ABI.

+ */

+

+#define R_PPC_EMB_NADDR32 101

+#define R_PPC_EMB_NADDR16 102

+#define R_PPC_EMB_NADDR16_LO 103

+#define R_PPC_EMB_NADDR16_HI 104

+#define R_PPC_EMB_NADDR16_HA 105

+#define R_PPC_EMB_SDAI16 106

+#define R_PPC_EMB_SDA2I16 107

+#define R_PPC_EMB_SDA2REL 108

+#define R_PPC_EMB_SDA21 109

+#define R_PPC_EMB_MRKREF 110

+#define R_PPC_EMB_RELSEC16 111

+#define R_PPC_EMB_RELST_LO 112

+#define R_PPC_EMB_RELST_HI 113

+#define R_PPC_EMB_RELST_HA 114

+#define R_PPC_EMB_BIT_FLD 115

+#define R_PPC_EMB_RELSDA 116

+

+#define R_SPARC_NONE 0

+#define R_SPARC_8 1

+#define R_SPARC_16 2

+#define R_SPARC_32 3

+#define R_SPARC_DISP8 4

+#define R_SPARC_DISP16 5

+#define R_SPARC_DISP32 6

+#define R_SPARC_WDISP30 7

+#define R_SPARC_WDISP22 8

+#define R_SPARC_HI22 9

+#define R_SPARC_22 10

+#define R_SPARC_13 11

+#define R_SPARC_LO10 12

+#define R_SPARC_GOT10 13

+#define R_SPARC_GOT13 14

+#define R_SPARC_GOT22 15

+#define R_SPARC_PC10 16

+#define R_SPARC_PC22 17

+#define R_SPARC_WPLT30 18

+#define R_SPARC_COPY 19

+#define R_SPARC_GLOB_DAT 20

+#define R_SPARC_JMP_SLOT 21

+#define R_SPARC_RELATIVE 22

+#define R_SPARC_UA32 23

+#define R_SPARC_PLT32 24

+#define R_SPARC_HIPLT22 25

+#define R_SPARC_LOPLT10 26

+#define R_SPARC_PCPLT32 27

+#define R_SPARC_PCPLT22 28

+#define R_SPARC_PCPLT10 29

+#define R_SPARC_10 30

+#define R_SPARC_11 31

+#define R_SPARC_64 32

+#define R_SPARC_OLO10 33

+#define R_SPARC_HH22 34

+#define R_SPARC_HM10 35

+#define R_SPARC_LM22 36

+#define R_SPARC_PC_HH22 37

+#define R_SPARC_PC_HM10 38

+#define R_SPARC_PC_LM22 39

+#define R_SPARC_WDISP16 40

+#define R_SPARC_WDISP19 41

+#define R_SPARC_GLOB_JMP 42

+#define R_SPARC_7 43

+#define R_SPARC_5 44

+#define R_SPARC_6 45

+#define R_SPARC_DISP64 46

+#define R_SPARC_PLT64 47

+#define R_SPARC_HIX22 48

+#define R_SPARC_LOX10 49

+#define R_SPARC_H44 50

+#define R_SPARC_M44 51

+#define R_SPARC_L44 52

+#define R_SPARC_REGISTER 53

+#define R_SPARC_UA64 54

+#define R_SPARC_UA16 55

+#define R_SPARC_TLS_GD_HI22 56

+#define R_SPARC_TLS_GD_LO10 57

+#define R_SPARC_TLS_GD_ADD 58

+#define R_SPARC_TLS_GD_CALL 59

+#define R_SPARC_TLS_LDM_HI22 60

+#define R_SPARC_TLS_LDM_LO10 61

+#define R_SPARC_TLS_LDM_ADD 62

+#define R_SPARC_TLS_LDM_CALL 63

+#define R_SPARC_TLS_LDO_HIX22 64

+#define R_SPARC_TLS_LDO_LOX10 65

+#define R_SPARC_TLS_LDO_ADD 66

+#define R_SPARC_TLS_IE_HI22 67

+#define R_SPARC_TLS_IE_LO10 68

+#define R_SPARC_TLS_IE_LD 69

+#define R_SPARC_TLS_IE_LDX 70

+#define R_SPARC_TLS_IE_ADD 71

+#define R_SPARC_TLS_LE_HIX22 72

+#define R_SPARC_TLS_LE_LOX10 73

+#define R_SPARC_TLS_DTPMOD32 74

+#define R_SPARC_TLS_DTPMOD64 75

+#define R_SPARC_TLS_DTPOFF32 76

+#define R_SPARC_TLS_DTPOFF64 77

+#define R_SPARC_TLS_TPOFF32 78

+#define R_SPARC_TLS_TPOFF64 79

+

+#define R_X86_64_NONE 0 /* No relocation. */

+#define R_X86_64_64 1 /* Add 64 bit symbol value. */

+#define R_X86_64_PC32 2 /* PC-relative 32 bit signed sym value. */

+#define R_X86_64_GOT32 3 /* PC-relative 32 bit GOT offset. */

+#define R_X86_64_PLT32 4 /* PC-relative 32 bit PLT offset. */

+#define R_X86_64_COPY 5 /* Copy data from shared object. */

+#define R_X86_64_GLOB_DAT 6 /* Set GOT entry to data address. */

+#define R_X86_64_JMP_SLOT 7 /* Set GOT entry to code address. */

+#define R_X86_64_RELATIVE 8 /* Add load address of shared object. */

+#define R_X86_64_GOTPCREL 9 /* Add 32 bit signed pcrel offset to GOT.
*/

+#define R_X86_64_32 10 /* Add 32 bit zero extended symbol value */

+#define R_X86_64_32S 11 /* Add 32 bit sign extended symbol value */

+#define R_X86_64_16 12 /* Add 16 bit zero extended symbol value */

+#define R_X86_64_PC16 13 /* Add 16 bit signed extended pc relative
symbol value */

+#define R_X86_64_8 14 /* Add 8 bit zero extended symbol value */

+#define R_X86_64_PC8 15 /* Add 8 bit signed extended pc relative
symbol value */

+#define R_X86_64_DTPMOD64 16 /* ID of module containing symbol */

+#define R_X86_64_DTPOFF64 17 /* Offset in TLS block */

+#define R_X86_64_TPOFF64 18 /* Offset in static TLS block */

+#define R_X86_64_TLSGD 19 /* PC relative offset to GD GOT entry */

+#define R_X86_64_TLSLD 20 /* PC relative offset to LD GOT entry */

+#define R_X86_64_DTPOFF32 21 /* Offset in TLS block */

+#define R_X86_64_GOTTPOFF 22 /* PC relative offset to IE GOT entry */

+#define R_X86_64_TPOFF32 23 /* Offset in static TLS block */

+#define R_X86_64_PC64 24 /* PC relative 64 bit */

+#define R_X86_64_GOTOFF64 25 /* 64 bit offset to GOT */

+#define R_X86_64_GOTPC3 26 /* 32 bit signed pc relative offset to GOT */

+#define R_X86_64_GOT64 27 /* 64-bit GOT entry offset */

+#define R_X86_64_GOTPCREL64 28 /* 64-bit PC relative offset to GOT
entry */

+#define R_X86_64_GOTPC64 29 /* 64-bit PC relative offset to GOT */

+#define R_X86_64_GOTPLT64 30 /* like GOT64, says PLT entry needed */

+#define R_X86_64_PLTOFF64 31 /* 64-bit GOT relative offset to PLT entry
*/

+#define R_X86_64_SIZE32 32 /* Size of symbol plus 32-bit addend */

+#define R_X86_64_SIZE64 33 /* Size of symbol plus 64-bit addend */

+#define R_X86_64_GOTPC32_TLSDESC 34 /* GOT offset for TLS descriptor.
*/

+#define R_X86_64_TLSDESC_CALL 35 /* Marker for call through TLS
descriptor. */

+#define R_X86_64_TLSDESC 36 /* TLS descriptor. */

+#define R_X86_64_IRELATIVE 37 /* Adjust indirectly by program base */

+#define R_X86_64_RELATIVE64 38 /* 64-bit adjust by program base */

+#define R_X86_64_GOTPCRELX 41 /* Load from 32 bit signed pc relative
offset to GOT entry without REX prefix, relaxable. */

+#define R_X86_64_REX_GOTPCRELX 42 /* Load from 32 bit signed pc
relative offset to GOT entry with REX prefix, relaxable. */

+

+

+#endif /* !_SYS_ELF_COMMON_H_ */

diff --git a/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfLib.c
b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfLib.c
new file mode 100644
index 0000000000..531b3486d2
--- /dev/null
+++ b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfLib.c
@@ -0,0 +1,473 @@
+/** @file

+ ELF library

+

+ Copyright (c) 2019 - 2021, Intel Corporation. All rights reserved.<BR>

+ SPDX-License-Identifier: BSD-2-Clause-Patent

+

+**/

+

+#include "ElfLibInternal.h"

+

+/**

+ Check if the ELF image is valid.

+

+ @param[in] ImageBase Memory address of an image.

+

+ @retval TRUE if valid.

+

+**/

+BOOLEAN

+IsElfFormat (

+ IN CONST UINT8 *ImageBase

+ )

+{

+ Elf32_Ehdr *Elf32Hdr;

+ Elf64_Ehdr *Elf64Hdr;

+

+ ASSERT (ImageBase != NULL);

+

+ Elf32Hdr = (Elf32_Ehdr *)ImageBase;

+

+ //

+ // Start with correct signature "\7fELF"

+ //

+ if ((Elf32Hdr->e_ident[EI_MAG0] != ELFMAG0) ||

+ (Elf32Hdr->e_ident[EI_MAG1] != ELFMAG1) ||

+ (Elf32Hdr->e_ident[EI_MAG1] != ELFMAG1) ||

+ (Elf32Hdr->e_ident[EI_MAG2] != ELFMAG2)

+ ) {

+ return FALSE;

+ }

+

+ //

+ // Support little-endian only

+ //

+ if (Elf32Hdr->e_ident[EI_DATA] != ELFDATA2LSB) {

+ return FALSE;

+ }

+

+ //

+ // Check 32/64-bit architecture

+ //

+ if (Elf32Hdr->e_ident[EI_CLASS] == ELFCLASS64) {

+ Elf64Hdr = (Elf64_Ehdr *)Elf32Hdr;

+ Elf32Hdr = NULL;

+ } else if (Elf32Hdr->e_ident[EI_CLASS] == ELFCLASS32) {

+ Elf64Hdr = NULL;

+ } else {

+ return FALSE;

+ }

+

+ if (Elf64Hdr != NULL) {

+ //

+ // Support intel architecture only for now

+ //

+ if (Elf64Hdr->e_machine != EM_X86_64) {

+ return FALSE;

+ }

+

+ //

+ // Support ELF types: EXEC (Executable file), DYN (Shared object file)

+ //

+ if ((Elf64Hdr->e_type != ET_EXEC) && (Elf64Hdr->e_type != ET_DYN)) {

+ return FALSE;

+ }

+

+ //

+ // Support current ELF version only

+ //

+ if (Elf64Hdr->e_version != EV_CURRENT) {

+ return FALSE;

+ }

+ } else {

+ //

+ // Support intel architecture only for now

+ //

+ if (Elf32Hdr->e_machine != EM_386) {

+ return FALSE;

+ }

+

+ //

+ // Support ELF types: EXEC (Executable file), DYN (Shared object file)

+ //

+ if ((Elf32Hdr->e_type != ET_EXEC) && (Elf32Hdr->e_type != ET_DYN)) {

+ return FALSE;

+ }

+

+ //

+ // Support current ELF version only

+ //

+ if (Elf32Hdr->e_version != EV_CURRENT) {

+ return FALSE;

+ }

+ }

+ return TRUE;

+}

+

+/**

+ Calculate a ELF file size.

+

+ @param[in] ElfCt ELF image context pointer.

+ @param[out] FileSize Return the file size.

+

+ @retval EFI_INVALID_PARAMETER ElfCt or SecPos is NULL.

+ @retval EFI_NOT_FOUND Could not find the section.

+ @retval EFI_SUCCESS Section posistion was filled successfully.

+**/

+EFI_STATUS

+CalculateElfFileSize (

+ IN ELF_IMAGE_CONTEXT *ElfCt,

+ OUT UINTN *FileSize

+ )

+{

+ EFI_STATUS Status;

+ UINTN FileSize1;

+ UINTN FileSize2;

+ Elf32_Ehdr *Elf32Hdr;

+ Elf64_Ehdr *Elf64Hdr;

+ UINTN Offset;

+ UINTN Size;

+

+ if ((ElfCt == NULL) || (FileSize == NULL)) {

+ return EFI_INVALID_PARAMETER;

+ }

+

+ // Use last section as end of file

+ Status = GetElfSectionPos (ElfCt, ElfCt->ShNum - 1, &Offset, &Size);

+ if (EFI_ERROR(Status)) {

+ return EFI_UNSUPPORTED;

+ }

+ FileSize1 = Offset + Size;

+

+ // Use end of section header as end of file

+ FileSize2 = 0;

+ if (ElfCt->EiClass == ELFCLASS32) {

+ Elf32Hdr = (Elf32_Ehdr *)ElfCt->FileBase;

+ FileSize2 = Elf32Hdr->e_shoff + Elf32Hdr->e_shentsize * Elf32Hdr-
e_shnum;
+ } else if (ElfCt->EiClass == ELFCLASS64) {

+ Elf64Hdr = (Elf64_Ehdr *)ElfCt->FileBase;

+ FileSize2 = (UINTN)(Elf64Hdr->e_shoff + Elf64Hdr->e_shentsize *
Elf64Hdr->e_shnum);

+ }

+

+ *FileSize = MAX(FileSize1, FileSize2);

+

+ return EFI_SUCCESS;

+}

+

+/**

+ Get a ELF program segment loading info.

+

+ @param[in] ImageBase Image base.

+ @param[in] EiClass ELF class.

+ @param[in] Index ELF segment index.

+ @param[out] SegInfo The pointer to the segment info.

+

+ @retval EFI_INVALID_PARAMETER ElfCt or SecPos is NULL.

+ @retval EFI_NOT_FOUND Could not find the section.

+ @retval EFI_SUCCESS Section posistion was filled successfully.

+**/

+EFI_STATUS

+GetElfSegmentInfo (

+ IN UINT8 *ImageBase,

+ IN UINT32 EiClass,

+ IN UINT32 Index,

+ OUT SEGMENT_INFO *SegInfo

+ )

+{

+ Elf32_Phdr *Elf32Phdr;

+ Elf64_Phdr *Elf64Phdr;

+

+ if ((ImageBase == NULL) || (SegInfo == NULL)) {

+ return EFI_INVALID_PARAMETER;

+ }

+

+ if (EiClass == ELFCLASS32) {

+ Elf32Phdr = GetElf32SegmentByIndex (ImageBase, Index);

+ if (Elf32Phdr != NULL) {

+ SegInfo->PtType = Elf32Phdr->p_type;

+ SegInfo->Offset = Elf32Phdr->p_offset;

+ SegInfo->Length = Elf32Phdr->p_filesz;

+ SegInfo->MemLen = Elf32Phdr->p_memsz;

+ SegInfo->MemAddr = Elf32Phdr->p_paddr;

+ SegInfo->Alignment = Elf32Phdr->p_align;

+ return EFI_SUCCESS;

+ }

+ } else if (EiClass == ELFCLASS64) {

+ Elf64Phdr = GetElf64SegmentByIndex (ImageBase, Index);

+ if (Elf64Phdr != NULL) {

+ SegInfo->PtType = Elf64Phdr->p_type;

+ SegInfo->Offset = (UINTN)Elf64Phdr->p_offset;

+ SegInfo->Length = (UINTN)Elf64Phdr->p_filesz;

+ SegInfo->MemLen = (UINTN)Elf64Phdr->p_memsz;

+ SegInfo->MemAddr = (UINTN)Elf64Phdr->p_paddr;

+ SegInfo->Alignment = (UINTN)Elf64Phdr->p_align;

+ return EFI_SUCCESS;

+ }

+ }

+

+ return EFI_NOT_FOUND;

+}

+

+/**

+ Parse the ELF image info.

+

+ On return, all fields in ElfCt are updated except ImageAddress.

+

+ @param[in] ImageBase Memory address of an image.

+ @param[out] ElfCt The EFL image context pointer.

+

+ @retval EFI_INVALID_PARAMETER Input parameters are not valid.

+ @retval EFI_UNSUPPORTED Unsupported binary type.

+ @retval EFI_LOAD_ERROR ELF binary loading error.

+ @retval EFI_SUCCESS ELF binary is loaded successfully.

+**/

+EFI_STATUS

+EFIAPI

+ParseElfImage (

+ IN VOID *ImageBase,

+ OUT ELF_IMAGE_CONTEXT *ElfCt

+ )

+{

+ Elf32_Ehdr *Elf32Hdr;

+ Elf64_Ehdr *Elf64Hdr;

+ Elf32_Shdr *Elf32Shdr;

+ Elf64_Shdr *Elf64Shdr;

+ EFI_STATUS Status;

+ UINT32 Index;

+ SEGMENT_INFO SegInfo;

+ UINTN End;

+ UINTN Base;

+

+ if (ElfCt == NULL) {

+ return EFI_INVALID_PARAMETER;

+ }

+ ZeroMem (ElfCt, sizeof(ELF_IMAGE_CONTEXT));

+

+ if (ImageBase == NULL) {

+ return (ElfCt->ParseStatus = EFI_INVALID_PARAMETER);

+ }

+

+ ElfCt->FileBase = (UINT8 *)ImageBase;

+ if (!IsElfFormat (ElfCt->FileBase)) {

+ return (ElfCt->ParseStatus = EFI_UNSUPPORTED);

+ }

+

+ Elf32Hdr = (Elf32_Ehdr *)ElfCt->FileBase;

+ ElfCt->EiClass = Elf32Hdr->e_ident[EI_CLASS];

+ if (ElfCt->EiClass == ELFCLASS32) {

+ if ((Elf32Hdr->e_type != ET_EXEC) && (Elf32Hdr->e_type != ET_DYN)) {

+ return (ElfCt->ParseStatus = EFI_UNSUPPORTED);

+ }

+ Elf32Shdr = (Elf32_Shdr *)GetElf32SectionByIndex (ElfCt->FileBase,
Elf32Hdr->e_shstrndx);

+ if (Elf32Shdr == NULL) {

+ return (ElfCt->ParseStatus = EFI_UNSUPPORTED);

+ }

+ ElfCt->EntryPoint = (UINTN)Elf32Hdr->e_entry;

+ ElfCt->ShNum = Elf32Hdr->e_shnum;

+ ElfCt->PhNum = Elf32Hdr->e_phnum;

+ ElfCt->ShStrLen = Elf32Shdr->sh_size;

+ ElfCt->ShStrOff = Elf32Shdr->sh_offset;

+ } else {

+ Elf64Hdr = (Elf64_Ehdr *)Elf32Hdr;

+ if ((Elf64Hdr->e_type != ET_EXEC) && (Elf64Hdr->e_type != ET_DYN)) {

+ return (ElfCt->ParseStatus = EFI_UNSUPPORTED);

+ }

+ Elf64Shdr = (Elf64_Shdr *)GetElf64SectionByIndex (ElfCt->FileBase,
Elf64Hdr->e_shstrndx);

+ if (Elf64Shdr == NULL) {

+ return (ElfCt->ParseStatus = EFI_UNSUPPORTED);

+ }

+ ElfCt->EntryPoint = (UINTN)Elf64Hdr->e_entry;

+ ElfCt->ShNum = Elf64Hdr->e_shnum;

+ ElfCt->PhNum = Elf64Hdr->e_phnum;

+ ElfCt->ShStrLen = (UINT32)Elf64Shdr->sh_size;

+ ElfCt->ShStrOff = (UINT32)Elf64Shdr->sh_offset;

+ }

+

+ //

+ // Get the preferred image base and required memory size when loaded
to new location.

+ //

+ End = 0;

+ Base = MAX_UINT32;

+ ElfCt->ReloadRequired = FALSE;

+ for (Index = 0; Index < ElfCt->PhNum; Index++) {

+ Status = GetElfSegmentInfo (ElfCt->FileBase, ElfCt->EiClass, Index,
&SegInfo);

+ ASSERT_EFI_ERROR (Status);

+

+ if (SegInfo.PtType != PT_LOAD) {

+ continue;

+ }

+

+ if (SegInfo.MemLen != SegInfo.Length) {

+ //

+ // Not enough space to execute at current location.

+ //

+ ElfCt->ReloadRequired = TRUE;

+ }

+

+ if (Base > (SegInfo.MemAddr & ~(EFI_PAGE_SIZE - 1))) {

+ Base = SegInfo.MemAddr & ~(EFI_PAGE_SIZE - 1);

+ }

+ if (End < ALIGN_VALUE (SegInfo.MemAddr + SegInfo.MemLen,
EFI_PAGE_SIZE) - 1) {

+ End = ALIGN_VALUE (SegInfo.MemAddr + SegInfo.MemLen,
EFI_PAGE_SIZE) - 1;

+ }

+ }

+ //

+ // 0 - MAX_UINT32 + 1 equals to 0.

+ //

+ ElfCt->ImageSize = End - Base + 1;

+ ElfCt->PreferredImageAddress = (VOID *) Base;

+

+ CalculateElfFileSize (ElfCt, &ElfCt->FileSize);

+ return (ElfCt->ParseStatus = EFI_SUCCESS);;

+}

+

+/**

+ Load the ELF image to Context.ImageAddress.

+

+ Context should be initialized by ParseElfImage().

+ Caller should set Context.ImageAddress to a proper value, either pointing
to

+ a new allocated memory whose size equal to Context.ImageSize, or
pointing

+ to Context.PreferredImageAddress.

+

+ @param[in] ElfCt ELF image context pointer.

+

+ @retval EFI_INVALID_PARAMETER Input parameters are not valid.

+ @retval EFI_UNSUPPORTED Unsupported binary type.

+ @retval EFI_LOAD_ERROR ELF binary loading error.

+ @retval EFI_SUCCESS ELF binary is loaded successfully.

+**/

+EFI_STATUS

+EFIAPI

+LoadElfImage (

+ IN ELF_IMAGE_CONTEXT *ElfCt

+ )

+{

+ EFI_STATUS Status;

+

+ if (ElfCt == NULL) {

+ return EFI_INVALID_PARAMETER;

+ }

+

+ if (EFI_ERROR (ElfCt->ParseStatus)) {

+ return ElfCt->ParseStatus;

+ }

+

+ if (ElfCt->ImageAddress == NULL) {

+ return EFI_INVALID_PARAMETER;

+ }

+

+ Status = EFI_UNSUPPORTED;

+ if (ElfCt->EiClass == ELFCLASS32) {

+ Status = LoadElf32Image (ElfCt);

+ } else if (ElfCt->EiClass == ELFCLASS64) {

+ Status = LoadElf64Image (ElfCt);

+ }

+

+ return Status;

+}

+

+

+/**

+ Get a ELF section name from its index.

+

+ @param[in] ElfCt ELF image context pointer.

+ @param[in] SectionIndex ELF section index.

+ @param[out] SectionName The pointer to the section name.

+

+ @retval EFI_INVALID_PARAMETER ElfCt or SecName is NULL.

+ @retval EFI_NOT_FOUND Could not find the section.

+ @retval EFI_SUCCESS Section name was filled successfully.

+**/

+EFI_STATUS

+EFIAPI

+GetElfSectionName (

+ IN ELF_IMAGE_CONTEXT *ElfCt,

+ IN UINT32 SectionIndex,

+ OUT CHAR8 **SectionName

+ )

+{

+ Elf32_Shdr *Elf32Shdr;

+ Elf64_Shdr *Elf64Shdr;

+ CHAR8 *Name;

+

+ if ((ElfCt == NULL) || (SectionName == NULL)) {

+ return EFI_INVALID_PARAMETER;

+ }

+

+ if (EFI_ERROR (ElfCt->ParseStatus)) {

+ return ElfCt->ParseStatus;

+ }

+

+ Name = NULL;

+ if (ElfCt->EiClass == ELFCLASS32) {

+ Elf32Shdr = GetElf32SectionByIndex (ElfCt->FileBase, SectionIndex);

+ if ((Elf32Shdr != NULL) && (Elf32Shdr->sh_name < ElfCt->ShStrLen)) {

+ Name = (CHAR8 *)(ElfCt->FileBase + ElfCt->ShStrOff + Elf32Shdr-
sh_name);
+ }

+ } else if (ElfCt->EiClass == ELFCLASS64) {

+ Elf64Shdr = GetElf64SectionByIndex (ElfCt->FileBase, SectionIndex);

+ if ((Elf64Shdr != NULL) && (Elf64Shdr->sh_name < ElfCt->ShStrLen)) {

+ Name = (CHAR8 *)(ElfCt->FileBase + ElfCt->ShStrOff + Elf64Shdr-
sh_name);
+ }

+ }

+

+ if (Name == NULL) {

+ return EFI_NOT_FOUND;

+ }

+

+ *SectionName = Name;

+ return EFI_SUCCESS;

+}

+

+

+/**

+ Get the offset and size of x-th ELF section.

+

+ @param[in] ElfCt ELF image context pointer.

+ @param[in] Index ELF section index.

+ @param[out] Offset Return the offset of the specific section.

+ @param[out] Size Return the size of the specific section.

+

+ @retval EFI_INVALID_PARAMETER ImageBase, Offset or Size is NULL.

+ @retval EFI_INVALID_PARAMETER EiClass doesn't equal to ELFCLASS32 or
ELFCLASS64.

+ @retval EFI_NOT_FOUND Could not find the section.

+ @retval EFI_SUCCESS Offset and Size are returned.

+**/

+EFI_STATUS

+EFIAPI

+GetElfSectionPos (

+ IN ELF_IMAGE_CONTEXT *ElfCt,

+ IN UINT32 Index,

+ OUT UINTN *Offset,

+ OUT UINTN *Size

+ )

+{

+ Elf32_Shdr *Elf32Shdr;

+ Elf64_Shdr *Elf64Shdr;

+

+ if ((ElfCt == NULL) || (Offset == NULL) || (Size == NULL)) {

+ return EFI_INVALID_PARAMETER;

+ }

+

+ if (EFI_ERROR (ElfCt->ParseStatus)) {

+ return ElfCt->ParseStatus;

+ }

+

+ if (ElfCt->EiClass == ELFCLASS32) {

+ Elf32Shdr = GetElf32SectionByIndex (ElfCt->FileBase, Index);

+ if (Elf32Shdr != NULL) {

+ *Offset = (UINTN)Elf32Shdr->sh_offset;

+ *Size = (UINTN)Elf32Shdr->sh_size;

+ return EFI_SUCCESS;

+ }

+ } else if (ElfCt->EiClass == ELFCLASS64) {

+ Elf64Shdr = GetElf64SectionByIndex (ElfCt->FileBase, Index);

+ if (Elf64Shdr != NULL) {

+ *Offset = (UINTN)Elf64Shdr->sh_offset;

+ *Size = (UINTN)Elf64Shdr->sh_size;

+ return EFI_SUCCESS;

+ }

+ }

+

+ return EFI_NOT_FOUND;

+}

diff --git a/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfLibInternal.h
b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfLibInternal.h
new file mode 100644
index 0000000000..3c782807e2
--- /dev/null
+++ b/UefiPayloadPkg/PayloadLoaderPeim/ElfLib/ElfLibInternal.h
@@ -0,0 +1,109 @@
+/** @file

+ ELF library

+

+ Copyright (c) 2019 - 2021, Intel Corporation. All rights reserved.<BR>

+ SPDX-License-Identifier: BSD-2-Clause-Patent

+

+**/

+

+#ifndef EFI_LIB_INTERNAL_H_

+#define EFI_LIB_INTERNAL_H_

+

+#include <Library/BaseLib.h>

+#include <Library/DebugLib.h>

+#include <Library/BaseMemoryLib.h>

+#include "ElfLib.h"

+#include "ElfCommon.h"

+#include "Elf32.h"

+#include "Elf64.h"

+

+#define ELF_NEXT_ENTRY(EntryType, Current, EntrySize) \

+ ((EntryType *) ((UINT8 *)Current + EntrySize))

+

+

+/**

+ Return the section header specified by Index.

+

+ @param ImageBase The image base.

+ @param Index The section index.

+

+ @return Pointer to the section header.

+**/

+Elf32_Shdr *

+GetElf32SectionByIndex (

+ IN UINT8 *ImageBase,

+ IN UINT32 Index

+ );

+

+/**

+ Return the section header specified by Index.

+

+ @param ImageBase The image base.

+ @param Index The section index.

+

+ @return Pointer to the section header.

+**/

+Elf64_Shdr *

+GetElf64SectionByIndex (

+ IN UINT8 *ImageBase,

+ IN UINT32 Index

+ );

+

+/**

+ Return the segment header specified by Index.

+

+ @param ImageBase The image base.

+ @param Index The segment index.

+

+ @return Pointer to the segment header.

+**/

+Elf32_Phdr *

+GetElf32SegmentByIndex (

+ IN UINT8 *ImageBase,

+ IN UINT32 Index

+ );

+

+/**

+ Return the segment header specified by Index.

+

+ @param ImageBase The image base.

+ @param Index The segment index.

+

+ @return Pointer to the segment header.

+**/

+Elf64_Phdr *

+GetElf64SegmentByIndex (

+ IN UINT8 *ImageBase,

+ IN UINT32 Index

+ );

+

+/**

+ Load ELF image which has 32-bit architecture

+

+ @param[in] ElfCt ELF image context pointer.

+

+ @retval EFI_SUCCESS ELF binary is loaded successfully.

+ @retval Others Loading ELF binary fails.

+

+**/

+EFI_STATUS

+LoadElf32Image (

+ IN ELF_IMAGE_CONTEXT *ElfCt

+ );

+

+/**

+ Load ELF image which has 64-bit architecture

+

+ @param[in] ImageBase Memory address of an image.

+ @param[out] EntryPoint The entry point of loaded ELF image.

+

+ @retval EFI_SUCCESS ELF binary is loaded successfully.

+ @retval Others Loading ELF binary fails.

+

+**/

+EFI_STATUS

+LoadElf64Image (

+ IN ELF_IMAGE_CONTEXT *ElfCt

+ );

+

+#endif

diff --git a/UefiPayloadPkg/PayloadLoaderPeim/PayloadLoaderPeim.c
b/UefiPayloadPkg/PayloadLoaderPeim/PayloadLoaderPeim.c
new file mode 100644
index 0000000000..44639f9fd2
--- /dev/null
+++ b/UefiPayloadPkg/PayloadLoaderPeim/PayloadLoaderPeim.c
@@ -0,0 +1,187 @@
+/** @file

+ ELF Load Image Support

+

+Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>

+SPDX-License-Identifier: BSD-2-Clause-Patent

+

+**/

+

+#include <PiPei.h>

+#include <UniversalPayload/UniversalPayload.h>

+#include <UniversalPayload/ExtraData.h>

+

+#include <Ppi/LoadFile.h>

+

+#include <Library/DebugLib.h>

+#include <Library/HobLib.h>

+#include <Library/PeiServicesLib.h>

+#include <Library/MemoryAllocationLib.h>

+#include <Library/BaseMemoryLib.h>

+

+#include "ElfLib.h"

+

+/**

+ The wrapper function of PeiLoadImageLoadImage().

+

+ @param This - Pointer to EFI_PEI_LOAD_FILE_PPI.

+ @param FileHandle - Pointer to the FFS file header of the image.

+ @param ImageAddressArg - Pointer to PE/TE image.

+ @param ImageSizeArg - Size of PE/TE image.

+ @param EntryPoint - Pointer to entry point of specified image file for
output.

+ @param AuthenticationState - Pointer to attestation authentication state
of image.

+

+ @return Status of PeiLoadImageLoadImage().

+

+**/

+EFI_STATUS

+EFIAPI

+PeiLoadFileLoadPayload (

+ IN CONST EFI_PEI_LOAD_FILE_PPI *This,

+ IN EFI_PEI_FILE_HANDLE FileHandle,

+ OUT EFI_PHYSICAL_ADDRESS *ImageAddressArg, OPTIONAL

+ OUT UINT64 *ImageSizeArg, OPTIONAL

+ OUT EFI_PHYSICAL_ADDRESS *EntryPoint,

+ OUT UINT32 *AuthenticationState

+ )

+{

+ EFI_STATUS Status;

+ VOID *Elf;

+ PLD_EXTRA_DATA *ExtraData;

+ ELF_IMAGE_CONTEXT Context;

+ PLD_INFO_HEADER *PldInfo;

+ UINT32 Index;

+ UINT16 ExtraDataIndex;

+ CHAR8 *SectionName;

+ UINTN Offset;

+ UINTN Size;

+ UINT32 ExtraDataCount;

+ UINTN Instance;

+

+ //

+ // ELF is added to file as RAW section for EDKII bootloader.

+ // But RAW section might be added by build tool before the ELF RAW
section when alignment is specified for ELF RAW section.

+ // Below loop skips the RAW section that doesn't contain valid ELF image.

+ //

+ Instance = 0;

+ do {

+ Status = PeiServicesFfsFindSectionData3 (EFI_SECTION_RAW, Instance++,
FileHandle, &Elf, AuthenticationState);

+ if (EFI_ERROR (Status)) {

+ return Status;

+ }

+

+ ZeroMem (&Context, sizeof (Context));

+ Status = ParseElfImage (Elf, &Context);

+ } while (EFI_ERROR (Status));

+

+ DEBUG ((

+ DEBUG_INFO, "Payload File Size: 0x%08X, Mem Size: 0x%08x,
Reload: %d\n",

+ Context.FileSize, Context.ImageSize, Context.ReloadRequired

+ ));

+

+ //

+ // Get PLD_INFO and number of additional PLD sections.

+ //

+ PldInfo = NULL;

+ ExtraDataCount = 0;

+ for (Index = 0; Index < Context.ShNum; Index++) {

+ Status = GetElfSectionName (&Context, Index, &SectionName);

+ if (EFI_ERROR(Status)) {

+ continue;

+ }

+ DEBUG ((DEBUG_INFO, "Payload Section[%d]: %a\n", Index,
SectionName));

+ if (AsciiStrCmp(SectionName, PLD_INFO_SEC_NAME) == 0) {

+ Status = GetElfSectionPos (&Context, Index, &Offset, &Size);

+ if (!EFI_ERROR(Status)) {

+ PldInfo = (PLD_INFO_HEADER *)(Context.FileBase + Offset);

+ }

+ } else if (AsciiStrnCmp(SectionName, PLD_EXTRA_SEC_NAME_PREFIX,
PLD_EXTRA_SEC_NAME_PREFIX_LENGTH) == 0) {

+ Status = GetElfSectionPos (&Context, Index, &Offset, &Size);

+ if (!EFI_ERROR (Status)) {

+ ExtraDataCount++;

+ }

+ }

+ }

+

+ //

+ // Report the additional PLD sections through HOB.

+ //

+ ExtraData = BuildGuidHob (

+ &gPldExtraDataGuid,

+ sizeof (PLD_EXTRA_DATA) + ExtraDataCount * sizeof
(PLD_EXTRA_DATA_ENTRY)

+ );

+ ExtraData->Count = ExtraDataCount;

+ if (ExtraDataCount != 0) {

+ for (ExtraDataIndex = 0, Index = 0; Index < Context.ShNum; Index++) {

+ Status = GetElfSectionName (&Context, Index, &SectionName);

+ if (EFI_ERROR(Status)) {

+ continue;

+ }

+ if (AsciiStrnCmp(SectionName, PLD_EXTRA_SEC_NAME_PREFIX,
PLD_EXTRA_SEC_NAME_PREFIX_LENGTH) == 0) {

+ Status = GetElfSectionPos (&Context, Index, &Offset, &Size);

+ if (!EFI_ERROR (Status)) {

+ ASSERT (ExtraDataIndex < ExtraDataCount);

+ AsciiStrCpyS (

+ ExtraData->Entry[ExtraDataIndex].Identifier,

+ sizeof(ExtraData->Entry[ExtraDataIndex].Identifier),

+ SectionName + PLD_EXTRA_SEC_NAME_PREFIX_LENGTH

+ );

+ ExtraData->Entry[ExtraDataIndex].Base = (UINTN)(Context.FileBase +
Offset);

+ ExtraData->Entry[ExtraDataIndex].Size = Size;

+ ExtraDataIndex++;

+ }

+ }

+ }

+ }

+

+ if (Context.ReloadRequired || Context.PreferredImageAddress !=
Context.FileBase) {

+ Context.ImageAddress = AllocatePages (EFI_SIZE_TO_PAGES
(Context.ImageSize));

+ } else {

+ Context.ImageAddress = Context.FileBase;

+ }

+

+ //

+ // Load ELF into the required base

+ //

+ Status = LoadElfImage (&Context);

+ if (!EFI_ERROR(Status)) {

+ *ImageAddressArg = (UINTN) Context.ImageAddress;

+ *EntryPoint = Context.EntryPoint;

+ *ImageSizeArg = Context.ImageSize;

+ }

+ return Status;

+}

+

+

+EFI_PEI_LOAD_FILE_PPI mPeiLoadFilePpi = {

+ PeiLoadFileLoadPayload

+};

+

+

+EFI_PEI_PPI_DESCRIPTOR gPpiLoadFilePpiList = {

+ (EFI_PEI_PPI_DESCRIPTOR_PPI |
EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),

+ &gEfiPeiLoadFilePpiGuid,

+ &mPeiLoadFilePpi

+};

+/**

+

+ Install Pei Load File PPI.

+

+ @param FileHandle Handle of the file being invoked.

+ @param PeiServices Describes the list of possible PEI Services.

+

+ @retval EFI_SUCESS The entry point executes successfully.

+ @retval Others Some error occurs during the execution of this function.

+

+**/

+EFI_STATUS

+EFIAPI

+InitializePayloadLoaderPeim (

+ IN EFI_PEI_FILE_HANDLE FileHandle,

+ IN CONST EFI_PEI_SERVICES **PeiServices

+ )

+{

+ EFI_STATUS Status;

+ Status = PeiServicesInstallPpi (&gPpiLoadFilePpiList);

+

+ return Status;

+}

diff --git a/UefiPayloadPkg/PayloadLoaderPeim/PayloadLoaderPeim.inf
b/UefiPayloadPkg/PayloadLoaderPeim/PayloadLoaderPeim.inf
new file mode 100644
index 0000000000..c45f3ecf2d
--- /dev/null
+++ b/UefiPayloadPkg/PayloadLoaderPeim/PayloadLoaderPeim.inf
@@ -0,0 +1,59 @@
+## @file

+# Produce LoadFile PPI for ELF loading.

+#

+# Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>

+#

+# SPDX-License-Identifier: BSD-2-Clause-Patent

+#

+##

+

+[Defines]

+ INF_VERSION = 0x00010005

+ BASE_NAME = ElfLoaderPeim

+ FILE_GUID = D071A3B4-3EC1-40C5-BEF8-D0BD4A2446F0

+ MODULE_TYPE = PEIM

+ VERSION_STRING = 1.0

+

+ ENTRY_POINT = InitializePayloadLoaderPeim

+

+#

+# The following information is for reference only and not required by the
build tools.

+#

+# VALID_ARCHITECTURES = IA32 X64

+#

+

+[Sources]

+ PayloadLoaderPeim.c

+ ElfLib.h

+ ElfLib/ElfLibInternal.h

+ ElfLib/ElfCommon.h

+ ElfLib/Elf32.h

+ ElfLib/Elf64.h

+ ElfLib/ElfLibInternal.h

+ ElfLib/ElfLib.c

+ ElfLib/Elf32Lib.c

+ ElfLib/Elf64Lib.c

+

+[Packages]

+ MdePkg/MdePkg.dec

+ MdeModulePkg/MdeModulePkg.dec

+ UefiPayloadPkg/UefiPayloadPkg.dec

+

+[LibraryClasses]

+ PcdLib

+ MemoryAllocationLib

+ BaseMemoryLib

+ PeiServicesLib

+ HobLib

+ BaseLib

+ PeimEntryPoint

+ DebugLib

+

+[Ppis]

+ gEfiPeiLoadFilePpiGuid ## PRODUCES

+

+[Guids]

+ gPldExtraDataGuid ## PRODUCES

+

+[Depex]

+ TRUE
\ No newline at end of file
--
2.31.1.windows.1


Re: [PATCH v1 0/8] Measured SEV boot with kernel/initrd/cmdline

Dov Murik
 

On 04/06/2021 14:26, Laszlo Ersek wrote:
On 06/04/21 12:30, Dov Murik wrote:

So I argue to keep the existing approach with two separate areas:
existing one for injected secrets, and new one for a table of approved
hashes (filled by QEMU and updated as initial encrypted measured guest
memory).
OK.

If the issue is MEMFD space,
Yes, that's it.

maybe we can do something like: use the
existing secrets page (4KB) for two uses: first 3KB for secrets, and
last 1KB for hashes. If this is not enough, the hashes are even
smaller than 1KB; and we can even publish only one hash - the hash of
all 3 hashes (need to think about edge cases when there's no
cmdline/initrd). But all these "solutions" feel a bit hacky for me and
might complicate the code.
All these PCDs come in pairs -- base and size. (IIRC.) If there's no
architectural requirement to keep these two kinds of info in different
pages (such as different page protections or whatever), then packing
them into a single page is something I'd like. The above 3K+1K
subdivision sounds OK to me.
I'll go with 3KB secrets + 1KB hashes.



I don't understand your suggestion: "I'd *really* like us to extend
one of the existent structures. If necessary, introduce a new GUID,
for a table that contains both previously injected data, and the new
data."; does this mean to use a single MEMFD page for the injected
secrets and the hashes?
Yes, it's the same (say, 3K+1K) idea, just expressed differently. In one
case, you have two GUIDed structs in the (plaintext, not compressed)
reset vector in the pflash, and the base+size structures associated wth
those two separate GUIDs happen to identify distinct ranges of the same
MEMFD page. In the other case, you have just one GUIDed structure (with
base+size contents), and the page pointed-to by this base+size pair is
subdivided by *internal* structuring -- such as internal GUIDs and so
on. Whichever is simpler to implement in both QEMU and edk2; I just want
to avoid wasing a full page for three hashes.
I'll go with the two GUIDed structures in the reset vector (which will
point to distinct parts of a single 4KB page).

That actually means shortening the existing secrets MEMFD area from 4KB
to 3KB. Is that OK?




Also, in general, I don't really understand the implications of
running out of MEMFD place;
Here's one implication of enlarging MEMFD. It pushes BS Code, BS Data,
Loader Code, Loader Data, perhaps some AcpiNVS and Reserved memory
allocations to higher addresses. Then when the kernel is loaded, its
load address may be higher too. I'm not worried about wasted guest
memory, but abut various silent assumptions as to where the kernel
"should be". For example, after one round of enlarging DXEFV, the
"crash" utility stopped opening guest memory dumps, because it couldn't
find a kernel signature in the (low) address range that it used to scan.
The fix wasn't too difficult (the range to scan could be specified on
the "crash" commadn line, and then my colleague Dave Anderson just
modified "crash"), but it was a *surprise*. I don't like those.

maybe you have other ideas around this (for example,
can we make MEMFD bigger only for AmdSevX64 platform?).
Yes, experimenting with a larger MEMFD in just the AmdSevX64 platform is
fine.
But now I understand that failures can appear way later in userspace
(the crash utility), so just testing that a modern AMD VM boots fine is
not enough to get confidence here.


NB reordering various PCDs between each other, so that their relative
relationships (orders) change, is a *lot* more risky than just enlarging
existing areas. The code in OVMF tends not to rely on actual bases and
sizes, but it may very well rely on a particular BasePCD + SizePCD sum
not exceeding another particular BasePCD.
Thanks for pointing this out. I'll avoid reordering.




- Modifying the QemuFwCfgLib class for this purpose is inappropriate.
Even if we do our own home-brewed verifier, none of it must go into
QemuFwCfgLib class. QemuFwCfgLib is for transport.
OK, we'll take the verifier out (as you suggested below - to a
BlobVerifierLib with two implementations).


[Ard, please see this one question:]

- A major complication for hashing all three of: kernel, initrd,
cmdline, is that the *fetching* of this triplet is split between two
places. (Well, it is split between *three* places in fact, but I'm
going to ignore LinuxInitrdDynamicShellCommand for now, because the
AmdSevX64 platform sets BUILD_SHELL to FALSE for production.)

The kernel and the initrd are fetched in QemuKernelLoaderFsDxe, but
the command line is fetched in (both) QemuLoadImageLib instances.
This requires that all these modules be littered with hashing as
well, which I find *really bad*. Even if we factor out the actual
logic, I strongly dislike having *just hooks* for hashing in multiple
modules.

Now, please refer to efc52d67e157 ("OvmfPkg/QemuKernelLoaderFsDxe:
don't expose kernel command line", 2020-03-05). If we first

(a) reverted that commit, and

(b) modified *both* QemuLoadImageLib instances, to load the kernel
command line from the *synthetic filesystem* (rather than directly
from fw_cfg),

then we could centralize the hashing to just QemuKernelLoaderFsDxe.

Ard -- what's your thought on this?
I understand there's agreement here, and that both this suggested
change (use the synthetic filesystem) and my patch series (add hash
verification) touch the same code areas. How do you envision this
process in the mailing list? Seperate patch serieses with dependency?
One long patch series with both changes? What goes first?
Good point. I do have a kind of patch order laid out in my mind, but I
didn't think of whether we should have the patches in one patch series,
or in two "waves".

OK, let's go with two patch sets.

In the first set, we should just focus on the above steps (a) and (b).
Step (a) shouldn't be too hard. In step (b), you'd modify both
QemuLoadImageLib instances (two separate patches), replacing the
QemuFwCfgLib APIs for fetching the cmdline with
EFI_SIMPLE_FILE_SYSTEM_PROTOCOL and EFI_FILE_PROTOCOL APIs.

Speaking from memory, the synthetic filesystem has a unique device path,
so the first step would be calling gBS->LocateDevicePath(), for finding
SimpleFs on the unique device path. Once you have the SimpleFs
interface, you can call OpenVolume, then open the "cmdline" file using
the EFI_FILE_PROTOCOL output by OpenVolume.

Once we merge this series (basically just three patches), there is no
QemuFwCfgLib dependency left in either QemuLoadImageLib instance, I
reckon. Then you can post the second wave, in which:

- a new "firmware config verifier" library class is introduced,

- two library instances for that class are introduced (null, and the
real thing),

- the AmdSevX64.dsc platform resolves the new lib class to the "real"
(hashing) instance,

- all other platform DSCs using QemuKernelLoaderFsDxe resolve the new
lib class to the null instance,

- QemuKernelLoaderFsDxe is extended with a dependency on the new class,
calling the proper APIs to (a) initialize the verifier, and (b) verify
every fw_cfg blob that is about to be exposed as a synthetic file.

Then QemuLoadImageLib needs no changes, as it will not depend on fw_cfg,
and every synthetic file it may want to access will have been verified
by QemuKernelLoaderFsDxe already, according to the verifier lib instance
that's used in the respective platform DSC file.

I would recommend only posting the first patch set initially. It has a
very well defined goal (--> hide the fw_cfg dependency in both
QemuLoadImageLib instances behind the synthetic filesystem); we can
validate / review that regardless of the ultimate crypto / security
goal. Using the SimpleFs / FILE protocol APIs is not trivial IMO, so
it's possible that just the first wave will require a v2.
OK, I'll try to follow this plan.




And then, we could eliminate the dynamic callback registration, plus
the separate SevFwCfgVerifier, SevHashFinderLib, and
SevQemuLoadImageLib stuff.

We'd only need one new lib class, with *statically linked* hooks for
QemuKernelLoaderFsDxe, and two instances of this new class, a Null
one, and an actual (SEV hash verifier) one. The latter instance would
locate the hash values, calculate the fresh hashes, and perform the
comparisons. Only the AmdSevX64 platform would use the non-Null
instance of this library class.
OK, I'll refactor to static linking with two BlobVerifierLib
imlementations.



(NB QemuKernelLoaderFsDxe is used by some ArmVirtPkg platforms, so
resolutions to the Null instance would be required there too.)
I'll need to learn how to build edk2 for Arm to test this. Thanks for
the heads-up.
With regard to QemuKernelLoaderFsDxe specifically:

build -b NOOPT -t GCC5 -p ArmVirtPkg/ArmVirtQemu.dsc -a AARCH64
build -b NOOPT -t GCC5 -p ArmVirtPkg/ArmVirtQemu.dsc -a ARM
build -b NOOPT -t GCC5 -p ArmVirtPkg/ArmVirtQemuKernel.dsc -a AARCH64
build -b NOOPT -t GCC5 -p ArmVirtPkg/ArmVirtQemuKernel.dsc -a ARM

If you work on an x86_64 machine, you'll need cross-gcc and
cross-binutils for this. I have the following packages installed on my
laptop:

binutils-aarch64-linux-gnu-2.31.1-3.el7.x86_64
binutils-arm-linux-gnu-2.31.1-3.el7.x86_64
cross-binutils-common-2.31.1-3.el7.noarch

cross-gcc-common-9.2.1-3.el7.1.noarch
gcc-aarch64-linux-gnu-9.2.1-3.el7.1.x86_64
gcc-arm-linux-gnu-9.2.1-3.el7.1.x86_64
gcc-c++-aarch64-linux-gnu-9.2.1-3.el7.1.x86_64
gcc-c++-arm-linux-gnu-9.2.1-3.el7.1.x86_64

(I don't remember why I have the c++ cross-compiler installed.)
Thanks for the details; I'll try it.

-Dov


Re: [edk2-rfc] [edk2-devel] RFC: design review for TDVF in OVMF

Min Xu
 

On June 6, 2021 7:30 PM, Michael Brown Wrote:
On 06/06/2021 03:03, Min Xu wrote:
(11) "Page table should support both 4-level and 5-level page table"

As a general development strategy, I would suggest building TDX
support in small, well-isolated layers. 5-level paging is not enabled
(has never been tested, to my knowledge) with OVMF on QEMU/KVM,
regardless of confidential computing, for starters. If 5-level paging
is a strict requirement for TDX, then it arguably needs to be
implemented independently of TDX, at first. So that the common edk2
architecture be at least testable on QEMU/KVM with 5-level paging
enabled.
Yes, 5-level paging is a strict requirement for TDX. I would wait for
the conclusion of the *one binary*.
The "one binary" decision isn't relevant here, is it? It would make more
sense to implement 5-level paging within the base EDK2 architecture. This
would allow that feature to be tested in isolation from TDX (and
consequently tested more widely), and would reduce the distance between
standard builds and TDX builds.
In our first version of TDVF, a static 5-level page table is used. It is simple and
straight forward. But for *one binary* solution, we have to consider the compatibility
with the current 4-level page table. That's why I said "I would wait for the conclusion
of the *one binary*"

Thanks for the suggestion. We will discuss the it internally first.

Michael

18521 - 18540 of 94575