Date   

Re: [edk2-platforms] [PATCH V1] KabylakeOpenBoardPkg: Fix GalagoPro3 Build

Nate DeSimone
 

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Nate DeSimone
Sent: Wednesday, August 11, 2021 6:52 PM
To: devel@edk2.groups.io
Cc: Chiu, Chasel <chasel.chiu@...>; Jeremy Soller <jeremy@...>; Michael Kubacki <Michael.Kubacki@...>; Benjamin Doron <benjamin.doron00@...>
Subject: [edk2-devel] [edk2-platforms] [PATCH V1] KabylakeOpenBoardPkg: Fix GalagoPro3 Build

This resolves a build error introduced by 891b355.

Cc: Chasel Chiu <chasel.chiu@...>
Cc: Jeremy Soller <jeremy@...>
Cc: Michael Kubacki <Michael.Kubacki@...>
Cc: Benjamin Doron <benjamin.doron00@...>
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@...>
---
.../Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c
index 6bf77a2af0..f4833149f3 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c
+++ b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLi
+++ b/PeiGalagoPro3InitPreMemLib.c
@@ -29,6 +29,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <SioRegs.h> #include <Library/PchPcrLib.h> #include <Library/SiliconInitLib.h>
+#include <Library/PchResetLib.h>

#include "PeiGalagoPro3InitLib.h"

@@ -192,6 +193,8 @@ GalagoPro3BoardInitBeforeMemoryInit (
VOID
)
{
+ EFI_STATUS Status;
+
GalagoPro3InitPreMem ();

//
--
2.27.0.windows.1


Re: [edk2-platforms][PATCH V1 1/1] WhitleyOpenBoardPkg/BoardAcpiLib: Fix GP Fault in ACPI Enable SMI

Nate DeSimone
 

Good Catch!

Reviewed-by: Nate DeSimone <nathaniel.l.desimone@...>

-----Original Message-----
From: Oram, Isaac W <isaac.w.oram@...>
Sent: Wednesday, August 11, 2021 4:40 PM
To: devel@edk2.groups.io
Cc: Desimone, Nathaniel L <nathaniel.l.desimone@...>; Chiu, Chasel <chasel.chiu@...>
Subject: [edk2-devel][edk2-platforms][PATCH V1 1/1] WhitleyOpenBoardPkg/BoardAcpiLib: Fix GP Fault in ACPI Enable SMI

Fixed AcpiSmm library BoardAcpiLib to use the correct SMM services table and DynamicSiliconLibrarySmmProtocol.

Cc: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Chasel Chiu <chasel.chiu@...>
Signed-off-by: Isaac Oram <isaac.w.oram@...>
---
Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmBoardAcpiEnableLib.inf | 4 ++-- Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmSiliconAcpiEnableLib.c | 16 ++++++++--------
2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmBoardAcpiEnableLib.inf b/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmBoardAcpiEnableLib.inf
index fcbc94cc50..19d29ed40f 100644
--- a/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmBoardAcpiEnableLib.inf
+++ b/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmBoardAc
+++ piEnableLib.inf
@@ -42,7 +42,7 @@
SmmBoardAcpiEnableLib.c

[Protocols]
- gDynamicSiLibraryProtocolGuid ## CONSUMES
+ gDynamicSiLibrarySmmProtocolGuid ## CONSUMES

[Depex]
- gDynamicSiLibraryProtocolGuid
+ gDynamicSiLibrarySmmProtocolGuid
diff --git a/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmSiliconAcpiEnableLib.c b/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmSiliconAcpiEnableLib.c
index 2b8a35c7e8..484311811b 100644
--- a/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmSiliconAcpiEnableLib.c
+++ b/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmSilicon
+++ AcpiEnableLib.c
@@ -16,8 +16,8 @@
#include <Library/PcdLib.h>
#include <Library/DebugLib.h>
#include <PchAccess.h>
-#include <Protocol/DynamicSiLibraryProtocol.h>
-#include <Library/UefiBootServicesTableLib.h>
+#include <Protocol/DynamicSiLibrarySmmProtocol.h>
+#include <Library/SmmServicesTableLib.h>

/**
Clear Port 80h
@@ -61,9 +61,9 @@ SiliconEnableAcpi (
UINT16 Pm1Cnt;
UINT16 PchPmBase;
EFI_STATUS Status;
- DYNAMIC_SI_LIBARY_PROTOCOL *DynamicSiLibraryProtocol = NULL;
+ DYNAMIC_SI_LIBARY_SMM_PROTOCOL *DynamicSiLibrarySmmProtocol = NULL;

- Status = gBS->LocateProtocol (&gDynamicSiLibraryProtocolGuid, NULL, &DynamicSiLibraryProtocol);
+ Status = gSmst->SmmLocateProtocol (&gDynamicSiLibrarySmmProtocolGuid,
+ NULL, &DynamicSiLibrarySmmProtocol);
if (EFI_ERROR (Status)) {
ASSERT_EFI_ERROR (Status);
return Status;
@@ -72,7 +72,7 @@ SiliconEnableAcpi (
//
// Init Power Management I/O Base aka ACPI Base
//
- PchPmBase = DynamicSiLibraryProtocol->PmcGetAcpiBase ();
+ PchPmBase = DynamicSiLibrarySmmProtocol->PmcGetAcpiBase ();

SmiEn = IoRead32 (PchPmBase + R_ACPI_IO_SMI_EN);

@@ -112,9 +112,9 @@ SiliconDisableAcpi (
UINT16 Pm1Cnt;
UINT16 PchPmBase;
EFI_STATUS Status;
- DYNAMIC_SI_LIBARY_PROTOCOL *DynamicSiLibraryProtocol = NULL;
+ DYNAMIC_SI_LIBARY_SMM_PROTOCOL *DynamicSiLibrarySmmProtocol = NULL;

- Status = gBS->LocateProtocol (&gDynamicSiLibraryProtocolGuid, NULL, &DynamicSiLibraryProtocol);
+ Status = gSmst->SmmLocateProtocol (&gDynamicSiLibrarySmmProtocolGuid,
+ NULL, &DynamicSiLibrarySmmProtocol);
if (EFI_ERROR (Status)) {
ASSERT_EFI_ERROR (Status);
return Status;
@@ -123,7 +123,7 @@ SiliconDisableAcpi (
//
// Init Power Management I/O Base aka ACPI Base
//
- PchPmBase = DynamicSiLibraryProtocol->PmcGetAcpiBase ();
+ PchPmBase = DynamicSiLibrarySmmProtocol->PmcGetAcpiBase ();

Pm1Cnt = IoRead16 (PchPmBase + R_ACPI_IO_PM1_CNT);

--
2.27.0.windows.1


Re: [edk2-platforms] [PATCH V1] KabylakeOpenBoardPkg: Fix GalagoPro3 Build

Chiu, Chasel
 

Reviewed-by: Chasel Chiu <chasel.chiu@...>

-----Original Message-----
From: Desimone, Nathaniel L <nathaniel.l.desimone@...>
Sent: Thursday, August 12, 2021 9:52 AM
To: devel@edk2.groups.io
Cc: Chiu, Chasel <chasel.chiu@...>; Jeremy Soller
<jeremy@...>; Michael Kubacki
<Michael.Kubacki@...>; Benjamin Doron
<benjamin.doron00@...>
Subject: [edk2-platforms] [PATCH V1] KabylakeOpenBoardPkg: Fix
GalagoPro3 Build

This resolves a build error introduced by 891b355.

Cc: Chasel Chiu <chasel.chiu@...>
Cc: Jeremy Soller <jeremy@...>
Cc: Michael Kubacki <Michael.Kubacki@...>
Cc: Benjamin Doron <benjamin.doron00@...>
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@...>
---
.../Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c | 3 +++
1 file changed, 3 insertions(+)

diff --git
a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/P
eiGalagoPro3InitPreMemLib.c
b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/P
eiGalagoPro3InitPreMemLib.c
index 6bf77a2af0..f4833149f3 100644
---
a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/P
eiGalagoPro3InitPreMemLib.c
+++
b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLi
+++ b/PeiGalagoPro3InitPreMemLib.c
@@ -29,6 +29,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include
<SioRegs.h> #include <Library/PchPcrLib.h> #include
<Library/SiliconInitLib.h>
+#include <Library/PchResetLib.h>

#include "PeiGalagoPro3InitLib.h"

@@ -192,6 +193,8 @@ GalagoPro3BoardInitBeforeMemoryInit (
VOID
)
{
+ EFI_STATUS Status;
+
GalagoPro3InitPreMem ();

//
--
2.27.0.windows.1


Re: [edk2-platforms][PATCH V1 1/1] WhitleyOpenBoardPkg: Fix boot failure due to FSP rebase address

Nate DeSimone
 

Reviewed-by: Nate DeSimone <nathaniel.l.desimone@...>

-----Original Message-----
From: Oram, Isaac W <isaac.w.oram@...>
Sent: Wednesday, August 11, 2021 4:34 PM
To: devel@edk2.groups.io
Cc: Oram, Isaac W <isaac.w.oram@...>; Desimone, Nathaniel L <nathaniel.l.desimone@...>; Chiu, Chasel <chasel.chiu@...>
Subject: [edk2-devel][edk2-platforms][PATCH V1 1/1] WhitleyOpenBoardPkg: Fix boot failure due to FSP rebase address

Fixed boot failure caused by FSP not being rebased to the correct address.

Cc: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Chasel Chiu <chasel.chiu@...>
Signed-off-by: Isaac Oram <isaac.w.oram@...>
---
Platform/Intel/WhitleyOpenBoardPkg/FspFlashOffsets.fdf | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/Platform/Intel/WhitleyOpenBoardPkg/FspFlashOffsets.fdf b/Platform/Intel/WhitleyOpenBoardPkg/FspFlashOffsets.fdf
index a14afd693b..1f5e0fd48b 100644
--- a/Platform/Intel/WhitleyOpenBoardPkg/FspFlashOffsets.fdf
+++ b/Platform/Intel/WhitleyOpenBoardPkg/FspFlashOffsets.fdf
@@ -11,7 +11,11 @@
# The FDF file for WhitleyOpenBoardPkg should be adapted to leverage FlashMapInclude.fdf
# format found in other OpenBoardPkgs.

-DEFINE FLASH_BASE = 0xFF000000 #
+#
+# Note Whitley unintuitively has multiple "FD" in a single BIOS flash
+region, so the base should be for FD.SecPei # and not the basis of the BIOS region for the FLASH device.
+#
+DEFINE FLASH_BASE = 0xFFCA0000

SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvFspSOffset = 0x00020000 # Flash addr (0xFF020000)
SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvFspSSize = 0x00040000 #
--
2.27.0.windows.1


Re: [edk2-platforms][PATCH V1 1/1] WhitleyOpenBoardPkg: Fix missing security library build error

Nate DeSimone
 

Reviewed-by: Nate DeSimone <nathaniel.l.desimone@...>

-----Original Message-----
From: Oram, Isaac W <isaac.w.oram@...>
Sent: Wednesday, August 11, 2021 4:22 PM
To: devel@edk2.groups.io
Cc: Desimone, Nathaniel L <nathaniel.l.desimone@...>; Chiu, Chasel <chasel.chiu@...>
Subject: [edk2-devel][edk2-platforms][PATCH V1 1/1] WhitleyOpenBoardPkg: Fix missing security library build error

7b723de06c8e1623f77eafe89cde80c57253913b broke WhitleyOpenBoardPkg build This corrects by making SecureBootConfigDxe.inf conditional too.

Cc: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Chasel Chiu <chasel.chiu@...>
Signed-off-by: Isaac Oram <isaac.w.oram@...>
---
Platform/Intel/WhitleyOpenBoardPkg/Include/Dsc/CoreDxeInclude.dsc | 2 ++
1 file changed, 2 insertions(+)

diff --git a/Platform/Intel/WhitleyOpenBoardPkg/Include/Dsc/CoreDxeInclude.dsc b/Platform/Intel/WhitleyOpenBoardPkg/Include/Dsc/CoreDxeInclude.dsc
index 13f65ff43d..99ab0961ca 100644
--- a/Platform/Intel/WhitleyOpenBoardPkg/Include/Dsc/CoreDxeInclude.dsc
+++ b/Platform/Intel/WhitleyOpenBoardPkg/Include/Dsc/CoreDxeInclude.dsc
@@ -119,7 +119,9 @@
MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf

+!if gMinPlatformPkgTokenSpaceGuid.PcdUefiSecureBootEnable == TRUE
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
+!endif

!if gMinPlatformPkgTokenSpaceGuid.PcdTpm2Enable == TRUE
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
--
2.27.0.windows.1


[edk2-platforms] [PATCH V1] KabylakeOpenBoardPkg: Fix GalagoPro3 Build

Nate DeSimone
 

This resolves a build error introduced by 891b355.

Cc: Chasel Chiu <chasel.chiu@...>
Cc: Jeremy Soller <jeremy@...>
Cc: Michael Kubacki <Michael.Kubacki@...>
Cc: Benjamin Doron <benjamin.doron00@...>
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@...>
---
.../Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c
index 6bf77a2af0..f4833149f3 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c
+++ b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c
@@ -29,6 +29,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <SioRegs.h>
#include <Library/PchPcrLib.h>
#include <Library/SiliconInitLib.h>
+#include <Library/PchResetLib.h>

#include "PeiGalagoPro3InitLib.h"

@@ -192,6 +193,8 @@ GalagoPro3BoardInitBeforeMemoryInit (
VOID
)
{
+ EFI_STATUS Status;
+
GalagoPro3InitPreMem ();

//
--
2.27.0.windows.1


[edk2-platforms][PATCH v1] KabylakeSiliconPkg/PchPmcLib: Add GetSleepTypeAfterWakeup()

Nate DeSimone
 

From: Michael Kubacki <michael.kubacki@...>

Adds the capability to get the system sleep type after wakeup to
PchPmcLib in KabylakeSiliconPkg.

This is needed by platforms to determine the Sx resume state.

Cc: Chasel Chiu <chasel.chiu@...>
Cc: Sai Chaganty <rangasai.v.chaganty@...>
Cc: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Benjamin Doron <benjamin.doron00@...>
Signed-off-by: Michael Kubacki <michael.kubacki@...>
---
Silicon/Intel/KabylakeSiliconPkg/Pch/Library/PeiDxeSmmPchPmcLib/PchPmcLib.c | 54 ++++++++++++++++++++
Silicon/Intel/KabylakeSiliconPkg/Pch/Include/Library/PchPmcLib.h | 15 ++++++
Silicon/Intel/KabylakeSiliconPkg/Pch/Library/PeiDxeSmmPchPmcLib/PeiDxeSmmPchPmcLib.inf | 4 ++
3 files changed, 73 insertions(+)

diff --git a/Silicon/Intel/KabylakeSiliconPkg/Pch/Library/PeiDxeSmmPchPmcLib/PchPmcLib.c b/Silicon/Intel/KabylakeSiliconPkg/Pch/Library/PeiDxeSmmPchPmcLib/PchPmcLib.c
index 790af0a7a1..3c9c4c2a2d 100644
--- a/Silicon/Intel/KabylakeSiliconPkg/Pch/Library/PeiDxeSmmPchPmcLib/PchPmcLib.c
+++ b/Silicon/Intel/KabylakeSiliconPkg/Pch/Library/PeiDxeSmmPchPmcLib/PchPmcLib.c
@@ -128,3 +128,57 @@ PchIsRtcBatteryGood (
}
return FALSE;
}
+
+/**
+ Returns the sleep type after system wakeup.
+
+ @param[out] SleepType Sleep type to be returned.
+
+ @retval TRUE A wake event occurred without power failure.
+ @retval FALSE Power failure occurred or not a wakeup.
+
+**/
+BOOLEAN
+EFIAPI
+GetSleepTypeAfterWakeup (
+ OUT UINT32 *SleepType
+ )
+{
+ UINT16 Pm1Sts;
+ UINT32 Pm1Cnt;
+ UINTN PmcBaseAddress;
+
+ PmcBaseAddress = MmPciBase (
+ DEFAULT_PCI_BUS_NUMBER_PCH,
+ PCI_DEVICE_NUMBER_PCH_PMC,
+ PCI_FUNCTION_NUMBER_PCH_PMC
+ );
+
+ ///
+ /// Read the ACPI registers
+ ///
+ Pm1Sts = IoRead16 (PcdGet16 (PcdAcpiBaseAddress) + R_PCH_ACPI_PM1_STS);
+ Pm1Cnt = IoRead32 (PcdGet16 (PcdAcpiBaseAddress) + R_PCH_ACPI_PM1_CNT);
+
+ ///
+ /// Get sleep type if a wake event occurred and there is no power failure and reset
+ ///
+ if ((Pm1Sts & B_PCH_ACPI_PM1_STS_WAK) != 0) {
+ if ((MmioRead16 (PmcBaseAddress + R_PCH_PMC_GEN_PMCON_B) & (B_PCH_PMC_GEN_PMCON_B_RTC_PWR_STS | B_PCH_PMC_GEN_PMCON_B_PWR_FLR)) == 0) {
+ *SleepType = Pm1Cnt & B_PCH_ACPI_PM1_CNT_SLP_TYP;
+
+ return TRUE;
+ } else {
+ ///
+ /// Clear Wake Status (WAK_STS) and Sleep Type (SLP_TYP)
+ ///
+ IoWrite16 (PcdGet16 (PcdAcpiBaseAddress) + R_PCH_ACPI_PM1_STS, B_PCH_ACPI_PM1_STS_WAK);
+ Pm1Cnt &= ~B_PCH_ACPI_PM1_CNT_SLP_TYP;
+ IoWrite32 (PcdGet16 (PcdAcpiBaseAddress) + R_PCH_ACPI_PM1_CNT, Pm1Cnt);
+
+ return FALSE;
+ }
+ }
+
+ return FALSE;
+}
diff --git a/Silicon/Intel/KabylakeSiliconPkg/Pch/Include/Library/PchPmcLib.h b/Silicon/Intel/KabylakeSiliconPkg/Pch/Include/Library/PchPmcLib.h
index ec98e07100..f84606d31c 100644
--- a/Silicon/Intel/KabylakeSiliconPkg/Pch/Include/Library/PchPmcLib.h
+++ b/Silicon/Intel/KabylakeSiliconPkg/Pch/Include/Library/PchPmcLib.h
@@ -41,4 +41,19 @@ PchIsRtcBatteryGood (
VOID
);

+/**
+ Returns the sleep type after system wakeup.
+
+ @param[out] SleepType Sleep type to be returned.
+
+ @retval TRUE A wake event occurred without power failure.
+ @retval FALSE Power failure occurred or not a wakeup.
+
+**/
+BOOLEAN
+EFIAPI
+GetSleepTypeAfterWakeup (
+ OUT UINT32 *SleepType
+ );
+
#endif // _PCH_PMC_LIB_H_
diff --git a/Silicon/Intel/KabylakeSiliconPkg/Pch/Library/PeiDxeSmmPchPmcLib/PeiDxeSmmPchPmcLib.inf b/Silicon/Intel/KabylakeSiliconPkg/Pch/Library/PeiDxeSmmPchPmcLib/PeiDxeSmmPchPmcLib.inf
index 8b46a59b67..1e6103f4ca 100644
--- a/Silicon/Intel/KabylakeSiliconPkg/Pch/Library/PeiDxeSmmPchPmcLib/PeiDxeSmmPchPmcLib.inf
+++ b/Silicon/Intel/KabylakeSiliconPkg/Pch/Library/PeiDxeSmmPchPmcLib/PeiDxeSmmPchPmcLib.inf
@@ -33,5 +33,9 @@ MdePkg/MdePkg.dec
KabylakeSiliconPkg/SiPkg.dec


+[Pcd]
+gSiPkgTokenSpaceGuid.PcdAcpiBaseAddress
+
+
[Sources]
PchPmcLib.c
--
2.29.2.windows.2


Re: [PATCH v2 2/2] SecurityPkg/SecureBootConfigDxe: Fix certificate lookup algorithm

Min Xu
 

On August 9, 2021 5:51 PM, Marvin Häuser wrote:
The current certificate lookup code does not check the bounds of the
authentication data before accessing it. Abort if the header cannot fit, and
proceed to the next hashing algortihm if the OID of the current one exceeds the
authentication data bounds.

Additionally move the two-byte encoding check out of the loop as the data is
invariant.

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Min Xu <min.m.xu@...>
Cc: Vitaly Cheptsov <vit9696@...>
Signed-off-by: Marvin Häuser <mhaeuser@...>
---

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigIm
pl.c | 45 ++++++++++++--------
1 file changed, 28 insertions(+), 17 deletions(-)

diff --git
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI
mpl.c
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI
mpl.c
index 65a8188d6d03..fd7629f61862 100644
---
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI
mpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootCo
+++ nfigImpl.c
@@ -1969,30 +1969,41 @@ HashPeImageByType ( {

UINT8 Index;

WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;

+ UINT32 AuthDataSize;



PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase + mSecDataDir-
Offset);
+ if (PkcsCertData->Hdr.dwLength <= sizeof (PkcsCertData->Hdr)) {

+ return EFI_UNSUPPORTED;

+ }

+

+ AuthDataSize = PkcsCertData->Hdr.dwLength - sizeof
+ (PkcsCertData->Hdr);

+ if (AuthDataSize < 32) {

+ return EFI_UNSUPPORTED;

+ }

+ //

+ // Check the Hash algorithm in PE/COFF Authenticode.

+ // According to PKCS#7 Definition:

+ // SignedData ::= SEQUENCE {

+ // version Version,

+ // digestAlgorithms DigestAlgorithmIdentifiers,

+ // contentInfo ContentInfo,

+ // .... }

+ // The DigestAlgorithmIdentifiers can be used to determine the hash
algorithm in PE/COFF hashing

+ // This field has the fixed offset (+32) in final Authenticode ASN.1 data.

+ // Fixed offset (+32) is calculated based on two bytes of length encoding.

+ //

+ if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) !=
+ TWO_BYTE_ENCODE) {

+ //

+ // Only support two bytes of Long Form of Length Encoding.

+ //

+ return EFI_UNSUPPORTED;

+ }



for (Index = 0; Index < HASHALG_MAX; Index++) {

- //

- // Check the Hash algorithm in PE/COFF Authenticode.

- // According to PKCS#7 Definition:

- // SignedData ::= SEQUENCE {

- // version Version,

- // digestAlgorithms DigestAlgorithmIdentifiers,

- // contentInfo ContentInfo,

- // .... }

- // The DigestAlgorithmIdentifiers can be used to determine the hash
algorithm in PE/COFF hashing

- // This field has the fixed offset (+32) in final Authenticode ASN.1 data.

- // Fixed offset (+32) is calculated based on two bytes of length encoding.

- //

- if ((*(PkcsCertData->CertData + 1) & TWO_BYTE_ENCODE) !=
TWO_BYTE_ENCODE) {

- //

- // Only support two bytes of Long Form of Length Encoding.

- //

+ if (AuthDataSize - 32 < mHash[Index].OidLength) {

continue;

}



- //

if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue,
mHash[Index].OidLength) == 0) {

break;

}

--
2.31.1
Reviewed-by: Min Xu <min.m.xu@...>

Thanks!
Xu, Min


Re: [edk2-platforms] [PATCH V2] KabylakeOpenBoardPkg: Add MMIO Base/Length to SA GNVS

Nate DeSimone
 

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Nate DeSimone
Sent: Tuesday, August 10, 2021 8:46 PM
To: devel@edk2.groups.io
Cc: Chiu, Chasel <chasel.chiu@...>; Michael Kubacki <Michael.Kubacki@...>; Benjamin Doron <benjamin.doron00@...>
Subject: [edk2-devel] [edk2-platforms] [PATCH V2] KabylakeOpenBoardPkg: Add MMIO Base/Length to SA GNVS

The SA GNVS Area contains fields for the MMIO region base address and length. This implements code to populate those fields. The MMIO Base/Length are used by ASL at runtime and must be populated for normal system operation.

Cc: Chasel Chiu <chasel.chiu@...>
Cc: Michael Kubacki <Michael.Kubacki@...>
Cc: Benjamin Doron <benjamin.doron00@...>
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@...>
---
.../Acpi/BoardAcpiDxe/AcpiGnvsInit.c | 58 ++++++++++++++++++-
.../Acpi/BoardAcpiDxe/BoardAcpiDxe.inf | 12 +++-
2 files changed, 64 insertions(+), 6 deletions(-)

diff --git a/Platform/Intel/KabylakeOpenBoardPkg/Acpi/BoardAcpiDxe/AcpiGnvsInit.c b/Platform/Intel/KabylakeOpenBoardPkg/Acpi/BoardAcpiDxe/AcpiGnvsInit.c
index 0d9d217e38..5c32a6e04c 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/Acpi/BoardAcpiDxe/AcpiGnvsInit.c
+++ b/Platform/Intel/KabylakeOpenBoardPkg/Acpi/BoardAcpiDxe/AcpiGnvsInit
+++ .c
@@ -1,7 +1,7 @@
/** @file
Acpi Gnvs Init Library.

-Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2017 - 2021, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -11,11 +11,52 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/PciLib.h> #include <Library/DebugLib.h> #include <Library/BaseMemoryLib.h>
+#include <Library/UefiLib.h>
#include <Library/UefiBootServicesTableLib.h>

#include <PchAccess.h>
#include <Protocol/GlobalNvsArea.h>
#include <Protocol/MpService.h>
+#include <Protocol/SaGlobalNvsArea.h>
+
+/**
+ A protocol callback which updates MMIO Base and Length in SA GNVS
+area
+
+ @param[in] Event - The triggered event.
+ @param[in] Context - Context for this event.
+
+**/
+VOID
+EFIAPI
+UpdateSaGnvsForMmioResourceBaseLength (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ EFI_STATUS Status;
+ SYSTEM_AGENT_GLOBAL_NVS_AREA_PROTOCOL *SaGlobalNvsAreaProtocol;
+
+ Status = gBS->LocateProtocol (&gSaGlobalNvsAreaProtocolGuid, NULL,
+ (VOID **) &SaGlobalNvsAreaProtocol); if (Status != EFI_SUCCESS) {
+ return;
+ }
+ gBS->CloseEvent (Event);
+
+ //
+ // Configure MMIO Base/Length. This logic is only valid for platforms that use PciHostBridgeLibSimple.
+ //
+ DEBUG ((DEBUG_INFO, "[BoardAcpiDxe] Update SA GNVS Area.\n"));
+ SaGlobalNvsAreaProtocol->Area->Mmio32Base = PcdGet32
+(PcdPciReservedMemBase);
+ if (PcdGet32 (PcdPciReservedMemLimit) != 0) {
+ SaGlobalNvsAreaProtocol->Area->Mmio32Length = PcdGet32
+(PcdPciReservedMemLimit) - PcdGet32 (PcdPciReservedMemBase) + 1;
+ } else {
+ SaGlobalNvsAreaProtocol->Area->Mmio32Length = ((UINT32) PcdGet64
+(PcdPciExpressBaseAddress)) - PcdGet32 (PcdPciReservedMemBase);
+ }
+ if (PcdGet64 (PcdPciReservedMemAbove4GBLimit) > PcdGet64 (PcdPciReservedMemAbove4GBBase)) {
+ SaGlobalNvsAreaProtocol->Area->Mmio64Base = PcdGet64 (PcdPciReservedMemAbove4GBBase);
+ SaGlobalNvsAreaProtocol->Area->Mmio64Length = PcdGet64
+(PcdPciReservedMemAbove4GBLimit) - PcdGet64
+(PcdPciReservedMemAbove4GBBase) + 1;
+ }
+}

/**
@brief
@@ -39,6 +80,7 @@ AcpiGnvsInit (
EFI_MP_SERVICES_PROTOCOL *MpService;
UINTN NumberOfCPUs;
UINTN NumberOfEnabledCPUs;
+ VOID *SaGlobalNvsRegistration;

Pages = EFI_SIZE_TO_PAGES (sizeof (EFI_GLOBAL_NVS_AREA));
Address = 0xffffffff; // allocate address below 4G.
@@ -53,7 +95,7 @@ AcpiGnvsInit (
if (EFI_ERROR(Status)) {
return Status;
}
-
+
//
// Locate the MP services protocol
// Find the MP Protocol. This is an MP platform, so MP protocol must be there.
@@ -90,6 +132,16 @@ AcpiGnvsInit (
GNVS->Area->PL1LimitCS = 0;
GNVS->Area->PL1LimitCSValue = 4500;

+ //
+ // Update SA GNVS with MMIO Base/Length //
+ EfiCreateProtocolNotifyEvent (
+ &gSaGlobalNvsAreaProtocolGuid,
+ TPL_CALLBACK,
+ UpdateSaGnvsForMmioResourceBaseLength,
+ NULL,
+ &SaGlobalNvsRegistration
+ );
+
return EFI_SUCCESS;
}
-
diff --git a/Platform/Intel/KabylakeOpenBoardPkg/Acpi/BoardAcpiDxe/BoardAcpiDxe.inf b/Platform/Intel/KabylakeOpenBoardPkg/Acpi/BoardAcpiDxe/BoardAcpiDxe.inf
index 7d2e105e54..5d3d4c3a2b 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/Acpi/BoardAcpiDxe/BoardAcpiDxe.inf
+++ b/Platform/Intel/KabylakeOpenBoardPkg/Acpi/BoardAcpiDxe/BoardAcpiDxe
+++ .inf
@@ -1,7 +1,7 @@
### @file
# Component information file for AcpiPlatform module # -# Copyright (c) 2017 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2017 - 2021, Intel Corporation. All rights
+reserved.<BR>
#
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -38,6 +38,7 @@
PcdLib
UefiBootServicesTableLib
UefiRuntimeServicesTableLib
+ UefiLib
BaseMemoryLib
HobLib
AslUpdateLib
@@ -48,8 +49,15 @@
gEfiFirmwareVolume2ProtocolGuid ## CONSUMES
gEfiMpServiceProtocolGuid ## CONSUMES
gEfiGlobalNvsAreaProtocolGuid
+ gSaGlobalNvsAreaProtocolGuid ## CONSUMES

[Pcd]
+ gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress
+ gMinPlatformPkgTokenSpaceGuid.PcdPciReservedMemBase
+ gMinPlatformPkgTokenSpaceGuid.PcdPciReservedMemLimit
+ gMinPlatformPkgTokenSpaceGuid.PcdPciReservedMemAbove4GBBase
+ gMinPlatformPkgTokenSpaceGuid.PcdPciReservedMemAbove4GBLimit
+
gKabylakeOpenBoardPkgTokenSpaceGuid.PcdAcpiGnvsAddress

gKabylakeOpenBoardPkgTokenSpaceGuid.PcdAcpiSleepState
@@ -65,5 +73,3 @@
gEfiPciRootBridgeIoProtocolGuid AND
gEfiVariableArchProtocolGuid AND
gEfiVariableWriteArchProtocolGuid
-
-
--
2.27.0.windows.1


Re: [PATCH v2 1/2] SecurityPkg/DxeImageVerificationLib: Fix certificate lookup algorithm

Min Xu
 

On August 9, 2021 5:51 PM, Marvin Häuser wrote:
The current certificate lookup code does not check the bounds of the
authentication data before accessing it. Abort if the header cannot fit. Also,
the lookup code aborts once the authetication data is smaller than an
algorithm's OID size. As OIDs are variably-sized, this may cause unexpected
authentication failure due to the early error-exit.

Additionally move the two-byte encoding check out of the loop as the data is
invariant.

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Min Xu <min.m.xu@...>
Cc: Vitaly Cheptsov <vit9696@...>
Signed-off-by: Marvin Häuser <mhaeuser@...>
---
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 43
+++++++++++---------
1 file changed, 23 insertions(+), 20 deletions(-)

diff --git
a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index c48861cd6496..6615099baafb 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLi
+++ b.c
@@ -624,30 +624,33 @@ HashPeImageByType ( {

UINT8 Index;



+ if (AuthDataSize < 32) {

+ return EFI_UNSUPPORTED;

+ }

+ //

+ // Check the Hash algorithm in PE/COFF Authenticode.

+ // According to PKCS#7 Definition:

+ // SignedData ::= SEQUENCE {

+ // version Version,

+ // digestAlgorithms DigestAlgorithmIdentifiers,

+ // contentInfo ContentInfo,

+ // .... }

+ // The DigestAlgorithmIdentifiers can be used to determine the hash
algorithm in PE/COFF hashing

+ // This field has the fixed offset (+32) in final Authenticode ASN.1 data.

+ // Fixed offset (+32) is calculated based on two bytes of length encoding.

+ //

+ if ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {

+ //

+ // Only support two bytes of Long Form of Length Encoding.

+ //

+ return EFI_UNSUPPORTED;

+ }

+

for (Index = 0; Index < HASHALG_MAX; Index++) {

- //

- // Check the Hash algorithm in PE/COFF Authenticode.

- // According to PKCS#7 Definition:

- // SignedData ::= SEQUENCE {

- // version Version,

- // digestAlgorithms DigestAlgorithmIdentifiers,

- // contentInfo ContentInfo,

- // .... }

- // The DigestAlgorithmIdentifiers can be used to determine the hash
algorithm in PE/COFF hashing

- // This field has the fixed offset (+32) in final Authenticode ASN.1 data.

- // Fixed offset (+32) is calculated based on two bytes of length encoding.

- //

- if ((*(AuthData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) {

- //

- // Only support two bytes of Long Form of Length Encoding.

- //

+ if (AuthDataSize - 32 < mHash[Index].OidLength) {

continue;

}



- if (AuthDataSize < 32 + mHash[Index].OidLength) {

- return EFI_UNSUPPORTED;

- }

-

if (CompareMem (AuthData + 32, mHash[Index].OidValue,
mHash[Index].OidLength) == 0) {

break;

}

--
2.31.1
Reviewed-by: Min Xu <min.m.xu@...>

Thanks!
Xu, Min


Re: [PATCH 0/3] Add support for gdb and lldb

Rebecca Cran <rebecca@...>
 

I should note my comments are against https://github.com/ajfish/edk2/tree/BZ3500-gdb, not the patches you sent out.

AARCH64 is working great! The only thing I noticed that doesn't look quite right is the following message on startup when running gdb -ex "target remote localhost:1234" -ex "source efi_gdb.py" -ex "efi":


Traceback (most recent call last):
  File "efi_gdb.py", line 804, in invoke
    self.restore_user_state()
  File "efi_gdb.py", line 690, in restore_user_state
    self.user_selected_frame.select()
gdb.error: Frame is invalid.
Traceback (most recent call last):
  File "efi_gdb.py", line 822, in invoke
    gdb.execute('efi symbols --extended')
gdb.error: Error occurred in Python: Frame is invalid.
Error occurred in Python: Error occurred in Python: Frame is invalid.


Running `bt` shows the full set of frames except for the last one which as expected is shown as ??.


--

Rebecca Cran

On 8/11/21 5:22 PM, Andrew Fish wrote:

On Aug 11, 2021, at 3:11 PM, Rebecca Cran <rebecca@...> wrote:

I realized the Arm gcc 10.3 aarch64 download from https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads uses Python 2.7.18 and not Python 3, so the f-Strings and likely more cause problems. I suspect at this point there's little point putting effort into supporting Python 2.
I’ve not tested on ARM yet, so please let me know if it works. I’d like to avoid Python 2.7 support is possible given it is passed its best by date.

I noticed a couple of issues though: in efi_debugging.py the Attributes text is partially underlined with the non-ASCII characters '——————' instead of '----------'.
Thanks did not notice that.

Attributes
——————----
_dict_ : dictionay


There are also a couple of typos of 'dictionary':


_dict_ : dictionay
Shoot though I fixed those




Thanks,

Andrew Fish

--
Rebecca Cran


On 8/8/21 3:46 PM, Andrew Fish via groups.io wrote:
This patch set adds debugging support for gdb and lldb.
It also adds generic debugging classes that use a file like object to
make it easy to import into any debugger that supports Python.

Since these debugging scripts don't depend on any EFI code I was thinking
we could place them in the root of the repo to be easy to discover.

I've tested gdb on Ubuntu and lldb on macOS for IA32 and X64.

Andrew Fish (3):
efi_debugging.py: - Add debugger agnostic debugging Python Classes
efi_gdb.py: - Add gdb EFI commands and pretty Print
efi_lldb.py: - Add lldb EFI commands and pretty Print

efi_debugging.py | 2187 ++++++++++++++++++++++++++++++++++++++++++++++
efi_gdb.py | 918 +++++++++++++++++++
efi_lldb.py | 1044 ++++++++++++++++++++++
3 files changed, 4149 insertions(+)
create mode 100755 efi_debugging.py
create mode 100755 efi_gdb.py
create mode 100755 efi_lldb.py


Re: [edk2-platforms] [PATCH V1] WhitleySiliconPkg: Improve comments for silicon policy structures

Nate DeSimone
 

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Nate DeSimone
Sent: Tuesday, July 20, 2021 1:22 PM
To: devel@edk2.groups.io
Cc: Oram, Isaac W <isaac.w.oram@...>; Chiu, Chasel <chasel.chiu@...>
Subject: [edk2-devel] [edk2-platforms] [PATCH V1] WhitleySiliconPkg: Improve comments for silicon policy structures

Signed-off-by: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Isaac Oram <isaac.w.oram@...>
Cc: Chasel Chiu <chasel.chiu@...>
---
.../Include/Ppi/RasImcS3Data.h | 6 +
.../Include/Ppi/UpiPolicyPpi.h | 5 +-
.../WhitleySiliconPkg/Include/Upi/KtiHost.h | 250 +++++++++---------
.../SouthClusterLbg/Include/PchPolicyCommon.h | 9 +
.../SecurityIp/SecurityIpMkTme1v0_Inputs.h | 8 +-
.../SecurityIp/SecurityIpMkTme1v0_Outputs.h | 12 +-
.../SecurityIp/SecurityIpSgxTem1v0_Inputs.h | 43 +--
.../Guid/SecurityIp/SecurityIpTdx1v0_Inputs.h | 4 +-
.../Security/Include/Guid/SecurityPolicy.h | 29 ++
.../Include/Guid/SecurityPolicy_Flat.h | 4 +-
.../Library/SecurityPolicyDefinitions.h | 28 ++
11 files changed, 245 insertions(+), 153 deletions(-) create mode 100644 Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy.h
create mode 100644 Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPolicyDefinitions.h

diff --git a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h
index 82725bc84..2198f8516 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h
@@ -44,7 +44,13 @@ EFI_STATUS
OUT VOID *Data
);

+/**
+ RAS IMC S3 Data PPI
+**/
struct _RAS_IMC_S3_DATA_PPI {
+ /**
+ Retrieves data for S3 saved memory RAS features from non-volatile storage.
+ **/
RAS_IMC_S3_DATA_PPI_GET_IMC_S3_RAS_DATA GetImcS3RasData; };

diff --git a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h
index e355dcaba..503c5c0ae 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h
@@ -24,6 +24,9 @@

typedef struct _UPI_POLICY_PPI UPI_POLICY_PPI;

+/**
+ UPI Policy Structure
+**/
struct _UPI_POLICY_PPI {
/**
This member specifies the revision of the UPI_POLICY_PPI. This field is used to @@ -32,7 +35,7 @@ struct _UPI_POLICY_PPI {
to correctly interpret the content of the INTERFACE fields.
**/
UINT32 Revision;
- KTI_HOST_IN Upi;
+ KTI_HOST_IN Upi; ///< KTIRC input structure
};

#endif // _UPI_POLICY_PPI_H_
diff --git a/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h b/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h
index cf558b3d3..e793cc647 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h
@@ -99,28 +99,31 @@ typedef struct {
KTI_RESERVED_2 Phy[MAX_FW_KTI_PORTS]; } KTI_RESERVED_4;

-//
-// PHY settings that are system dependent. Need 1 of these for each socket/link/freq.
-//
+/**
+ Per Lane PHY Configuration

+ These PHY settings are system dependent. Every socket/link/freq requires an instance of this structure.
+**/
typedef struct {
- UINT8 SocketID;
- UINT8 AllLanesUseSameTxeq;
- UINT8 Freq;
- UINT32 Link;
- UINT32 TXEQL[20];
- UINT32 CTLEPEAK[5];
+ UINT8 SocketID; ///< Socket ID
+ UINT8 AllLanesUseSameTxeq; ///< Use same TXEQ on all lanes
+ UINT8 Freq; ///< The Link Speed these TXEQ settings should be used for
+ UINT32 Link; ///< Port Number
+ UINT32 TXEQL[20]; ///< TXEQ Settings
+ UINT32 CTLEPEAK[5]; ///< CTLE Peaking Settings
} PER_LANE_EPARAM_LINK_INFO;

-//
-// This is for full speed mode, all lanes have the same TXEQ setting -//
+/**
+ All Lanes PHY Configuration
+
+ This is for full speed mode, all lanes have the same TXEQ setting **/
typedef struct {
- UINT8 SocketID;
- UINT8 Freq;
- UINT32 Link;
- UINT32 AllLanesTXEQ;
- UINT8 CTLEPEAK;
+ UINT8 SocketID; ///< Socket ID
+ UINT8 Freq; ///< The Link Speed these TXEQ settings should be used for
+ UINT32 Link; ///< Port Number
+ UINT32 AllLanesTXEQ; ///< TXEQ Setting
+ UINT8 CTLEPEAK; ///< CTLE Peaking Setting
} ALL_LANES_EPARAM_LINK_INFO;

#define ADAPTIVE_CTLE 0x3f
@@ -173,130 +176,141 @@ typedef struct {
KTI_CPU_PHY_SETTING Phy[MAX_FW_KTI_PORTS];
} KTI_CPU_SETTING;

-//
-// KTIRC input structure
-//
+/**
+ KTIRC input structure
+**/
typedef struct {
//
// Protocol layer and other general options; note that "Auto" is provided only options whose value will change depending
// on the topology, not for all options.
//

- //
- // Indicates the ratio of Bus/MMIOL/IO resource to be allocated for each CPU's IIO.
- // Value 0 indicates, that CPU is not relevant for the system. If resource is
- // requested for an CPU that is not currently populated, KTIRC will assume
- // that the ratio is 0 for that CPU and won't allocate any resources for it.
- // If resource is not requested for an CPU that is populated, KTIRC will force
- // the ratio for that CPU to 1.
- //
-
-
+ /**
+ Indicates the ratio of Bus/MMIOL/IO resource to be allocated for each CPU's IIO.
+ Value 0 indicates, that CPU is not relevant for the system. If resource is
+ requested for an CPU that is not currently populated, KTIRC will assume
+ that the ratio is 0 for that CPU and won't allocate any resources for it.
+ If resource is not requested for an CPU that is populated, KTIRC will force
+ the ratio for that CPU to 1.
+ **/
UINT8 BusRatio[MAX_SOCKET];

- UINT8 D2KCreditConfig; // 1 - Min, 2 - Med (Default), 3- Max
- UINT8 SnoopThrottleConfig; // 0 - Disabled (Default), 1 - Min, 2 - Med, 3- Max
- UINT8 SnoopAllCores; // 0 - Disabled, 1 - Enabled, 2 - Auto
- UINT8 LegacyVgaSoc; // Socket that claims the legacy VGA range; valid values are 0-7; 0 is default.
- UINT8 LegacyVgaStack; // Stack that claims the legacy VGA range; valid values are 0-3; 0 is default.
- UINT8 ColdResetRequestStart;
- UINT8 P2pRelaxedOrdering; // 0 - Disable(default) 1 - Enable
- UINT8 DebugPrintLevel; // Bit 0 - Fatal, Bit1 - Warning, Bit2 - Info Summary; Bit 3 - Info detailed. 1 - Enable; 0 - Disable
- UINT8 SncEn; // 0 - Disable, (default) 1 - Enable
- UINT8 UmaClustering; // 0 - Disable, 2 - 2Clusters UMA, 4 - 4Clusters UMA
- UINT8 IoDcMode; // 0 - Disable IODC, 1 - AUTO (default), 2 - IODC_EN_REM_INVITOM_PUSH, 3 - IODC_EN_REM_INVITOM_ALLOCFLOW
- // 4 - IODC_EN_REM_INVITOM_ALLOC_NONALLOC, 5 - IODC_EN_REM_INVITOM_AND_WCILF
- UINT8 DegradePrecedence; // Use DEGRADE_PRECEDENCE definition; TOPOLOGY_PRECEDENCE is default
- UINT8 Degrade4SPreference;// 4S1LFullConnect topology is default; another option is 4S2LRing topology.
- UINT8 DirectoryModeEn; // 0 - Disable; 1 - Enable (default)
- UINT8 XptPrefetchEn; // Xpt Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default)
- UINT8 KtiPrefetchEn; // Kti Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default)
- UINT8 XptRemotePrefetchEn; // Xpt Remote Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default) (ICX only)
- UINT8 RdCurForXptPrefetchEn; // RdCur for XPT Prefetch : 0 - Disable, 1 - Enable, 2- Auto (default)
- UINT8 KtiFpgaEnable[MAX_SOCKET]; // Indicate if should enable Fpga device found in this socket : 0 - Disable, 1 - Enable, 2- Auto
- UINT8 DdrtQosMode; // DDRT QoS Feature: 0 - Disable (default), 1 - M2M QoS Enable, Cha QoS Disable
- // 2 - M2M QoS Enable, Cha QoS Enable
+ UINT8 D2KCreditConfig; ///< 1 - Min, 2 - Med (Default), 3- Max
+ UINT8 SnoopThrottleConfig; ///< 0 - Disabled (Default), 1 - Min, 2 - Med, 3- Max
+ UINT8 SnoopAllCores; ///< 0 - Disabled, 1 - Enabled, 2 - Auto
+ UINT8 LegacyVgaSoc; ///< Socket that claims the legacy VGA range; valid values are 0-7; 0 is default.
+ UINT8 LegacyVgaStack; ///< Stack that claims the legacy VGA range; valid values are 0-3; 0 is default.
+ UINT8 ColdResetRequestStart; ///< @deprecated Reserved.
+ UINT8 P2pRelaxedOrdering; ///< 0 - Disable(default) 1 - Enable
+ UINT8 DebugPrintLevel; ///< Bit 0 - Fatal, Bit1 - Warning, Bit2 - Info Summary; Bit 3 - Info detailed. 1 - Enable; 0 - Disable
+ UINT8 SncEn; ///< 0 - Disable, (default) 1 - Enable
+ UINT8 UmaClustering; ///< 0 - Disable, 2 - 2Clusters UMA, 4 - 4Clusters UMA
+ UINT8 IoDcMode; ///< 0 - Disable IODC, 1 - AUTO (default), 2 - IODC_EN_REM_INVITOM_PUSH, 3 - IODC_EN_REM_INVITOM_ALLOCFLOW
+ ///< 4 - IODC_EN_REM_INVITOM_ALLOC_NONALLOC, 5 - IODC_EN_REM_INVITOM_AND_WCILF
+ UINT8 DegradePrecedence; ///< Use DEGRADE_PRECEDENCE definition; TOPOLOGY_PRECEDENCE is default
+ UINT8 Degrade4SPreference; ///< 4S1LFullConnect topology is default; another option is 4S2LRing topology.
+ UINT8 DirectoryModeEn; ///< 0 - Disable; 1 - Enable (default)
+ UINT8 XptPrefetchEn; ///< Xpt Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default)
+ UINT8 KtiPrefetchEn; ///< Kti Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default)
+ UINT8 XptRemotePrefetchEn; ///< Xpt Remote Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default) (ICX only)
+ UINT8 RdCurForXptPrefetchEn; ///< RdCur for XPT Prefetch : 0 - Disable, 1 - Enable, 2- Auto (default)
+ UINT8 KtiFpgaEnable[MAX_SOCKET]; ///< Indicate if should enable Fpga device found in this socket : 0 - Disable, 1 - Enable, 2- Auto
+ UINT8 DdrtQosMode; ///< DDRT QoS Feature: 0 - Disable (default), 1 - M2M QoS Enable, Cha QoS Disable
+ ///< 2 - M2M QoS
+ Enable, Cha QoS Enable

//
// Phy/Link Layer Options (System-wide and per socket)
//
- UINT8 KtiLinkSpeedMode; // Link speed mode selection; 0 - Slow Speed; 1- Full Speed (default)
- UINT8 KtiLinkSpeed; // Use KTI_LINKSPEED definition
- UINT8 KtiAdaptationEn; // 0 - Disable, 1 - Enable
- UINT8 KtiAdaptationSpeed; // Use KTI_LINK_SPEED definition; MAX_KTI_LINK_SPEED - Auto (i.e BIOS choosen speed)
- UINT8 KtiLinkL0pEn; // 0 - Disable, 1 - Enable, 2- Auto (default)
- UINT8 KtiLinkL1En; // 0 - Disable, 1 - Enable, 2- Auto (default)
- UINT8 KtiFailoverEn; // 0 - Disable, 1 - Enable, 2- Auto (default)
- UINT8 KtiLbEn; // 0 - Disable(default), 1 - Enable
- UINT8 KtiCrcMode; // CRC_MODE_16BIT, CRC_MODE_ROLLING_32BIT, CRC_MODE_AUTO or CRC_MODE_PER_LINK
-
- UINT8 KtiCpuSktHotPlugEn; // 0 - Disable (default), 1 - Enable
- UINT8 KtiCpuSktHotPlugTopology; // 0 - 4S Topology (default), 1 - 8S Topology
- UINT8 KtiSkuMismatchCheck; // 0 - No, 1 - Yes (default)
- UINT8 IrqThreshold; // IRQ Threshold setting
- UINT8 TorThresLoctoremNorm; // TOR threshold - Loctorem threshold normal
- UINT8 TorThresLoctoremEmpty; // TOR threshold - Loctorem threshold empty
- UINT8 MbeBwCal; // 0 - Linear, 1 - Biased, 2 - Legacy, 3 - AUTO (default = Linear)
- UINT8 TscSyncEn; // TSC sync in sockets: 0 - Disable, 1 - Enable, 2 - AUTO (Default)
- UINT8 StaleAtoSOptEn; // HA A to S directory optimization: 1 - Enable; 0 - Disable; 2 - Auto (Default)
- UINT8 LLCDeadLineAlloc; // LLC dead line alloc: 1 - Enable(Default); 0 - Disable
- UINT8 SplitLock;
- UINT8 ColdResetRequestEnd;
-
- //
- // Phy/Link Layer Options (per Port)
- //
+ UINT8 KtiLinkSpeedMode; ///< Link speed mode selection; 0 - Slow Speed; 1- Full Speed (default)
+ UINT8 KtiLinkSpeed; ///< Use KTI_LINKSPEED definition
+ UINT8 KtiAdaptationEn; ///< 0 - Disable, 1 - Enable
+ UINT8 KtiAdaptationSpeed; ///< Use KTI_LINK_SPEED definition; MAX_KTI_LINK_SPEED - Auto (i.e BIOS choosen speed)
+ UINT8 KtiLinkL0pEn; ///< 0 - Disable, 1 - Enable, 2- Auto (default)
+ UINT8 KtiLinkL1En; ///< 0 - Disable, 1 - Enable, 2- Auto (default)
+ UINT8 KtiFailoverEn; ///< 0 - Disable, 1 - Enable, 2- Auto (default)
+ UINT8 KtiLbEn; ///< 0 - Disable(default), 1 - Enable
+ UINT8 KtiCrcMode; ///< CRC_MODE_16BIT, CRC_MODE_ROLLING_32BIT, CRC_MODE_AUTO or CRC_MODE_PER_LINK
+
+ UINT8 KtiCpuSktHotPlugEn; ///< 0 - Disable (default), 1 - Enable
+ UINT8 KtiCpuSktHotPlugTopology; ///< 0 - 4S Topology (default), 1 - 8S Topology
+ UINT8 KtiSkuMismatchCheck; ///< 0 - No, 1 - Yes (default)
+ UINT8 IrqThreshold; ///< IRQ Threshold setting
+ UINT8 TorThresLoctoremNorm; ///< TOR threshold - Loctorem threshold normal
+ UINT8 TorThresLoctoremEmpty; ///< TOR threshold - Loctorem threshold empty
+ UINT8 MbeBwCal; ///< 0 - Linear, 1 - Biased, 2 - Legacy, 3 - AUTO (default = Linear)
+ UINT8 TscSyncEn; ///< TSC sync in sockets: 0 - Disable, 1 - Enable, 2 - AUTO (Default)
+ UINT8 StaleAtoSOptEn; ///< HA A to S directory optimization: 1 - Enable; 0 - Disable; 2 - Auto (Default)
+ UINT8 LLCDeadLineAlloc; ///< LLC dead line alloc: 1 - Enable(Default); 0 - Disable
+ UINT8 SplitLock; ///< @deprecated Reserved, must be set to 0.
+ UINT8 ColdResetRequestEnd; ///< @deprecated Reserved.
+
+ ///
+ /// Phy/Link Layer Options (per Port) ///
KTI_CPU_SETTING PhyLinkPerPortSetting[MAX_SOCKET];


- UINT8 mmCfgBase; ///< MMCFG Base address, must be 64MB (SKX, HSX, BDX) / 256MB (GROVEPORT) aligned. Options: {0:1G, 1:1.5G, 2:1.75G, 3:2G, 4:2.25G, 5:3G, 6: Auto}
- UINT8 mmCfgSize; ///< MMCFG Size address, must be 64M, 128M or 256M. Options: {0:64M, 1:128M, 2:256M, 3:512M, 4:1G, 5:2G, 6: Auto}
- UINT32 mmiolBase; ///< MMIOL Base address, must be 64MB aligned
- UINT32 mmiolSize; ///< MMIOL Size address
- UINT32 mmiohBase; ///< Address bits above 4GB, i,e, the hex value here is address Bit[45:32] for SKX family, Bit[51:32] for ICX-SP
- UINT8 CpuPaLimit; ///< Limits the max address to 46bits. This will take precedence over mmiohBase
- UINT8 lowGap;
- UINT8 highGap;
- UINT16 mmiohSize; ////<< Number of 1GB contiguous regions to be assigned for MMIOH space per CPU. Range 1-1024
- UINT8 isocEn; ///< 1 - Enable; 0 - Disable (BIOS will force this for 4S)
- UINT8 dcaEn; ///< 1 - Enable; 0 - Disable
+ UINT8 mmCfgBase; ///< MMCFG Base address, must be 64MB (SKX, HSX, BDX) / 256MB (GROVEPORT) aligned. Options: {0:1G, 1:1.5G, 2:1.75G, 3:2G, 4:2.25G, 5:3G, 6: Auto}
+ UINT8 mmCfgSize; ///< MMCFG Size address, must be 64M, 128M or 256M. Options: {0:64M, 1:128M, 2:256M, 3:512M, 4:1G, 5:2G, 6: Auto}
+ UINT32 mmiolBase; ///< MMIOL Base address, must be 64MB aligned
+ UINT32 mmiolSize; ///< MMIOL Size address
+ UINT32 mmiohBase; ///< Address bits above 4GB, i,e, the hex value here is address Bit[45:32] for SKX family, Bit[51:32] for ICX-SP
+ UINT8 CpuPaLimit; ///< Limits the max address to 46bits. This will take precedence over mmiohBase
+ UINT8 lowGap; ///< @deprecated Reserved.
+ UINT8 highGap; ///< @deprecated Reserved.
+ UINT16 mmiohSize; ///< Number of 1GB contiguous regions to be assigned for MMIOH space per CPU. Range 1-1024
+ UINT8 isocEn; ///< 1 - Enable; 0 - Disable (BIOS will force this for 4S)
+ UINT8 dcaEn; ///< 1 - Enable; 0 - Disable

- /*
+ /**
BoardTypeBitmask:
- Bits[3:0] - Socket0
- Bits[7:4] - Socket1
- Bits[11:8] - Socket2
- Bits[15:12] - Socket3
- Bits[19:16] - Socket4
- Bits[23:20] - Socket5
- Bits[27:24] - Socket6
- Bits[31:28] - Socket7
+ - Bits[3:0] - Socket0
+ - Bits[7:4] - Socket1
+ - Bits[11:8] - Socket2
+ - Bits[15:12] - Socket3
+ - Bits[19:16] - Socket4
+ - Bits[23:20] - Socket5
+ - Bits[27:24] - Socket6
+ - Bits[31:28] - Socket7

Within each Socket-specific field, bits mean:
- Bit0 = CPU_TYPE_STD support; always 1 on Socket0
- Bit1 = CPU_TYPE_F support
- Bit2 = CPU_TYPE_P support
- Bit3 = reserved
- */
+ - Bit0 = CPU_TYPE_STD support; always 1 on Socket0
+ - Bit1 = CPU_TYPE_F support
+ - Bit2 = CPU_TYPE_P support
+ - Bit3 = reserved
+ **/
UINT32 BoardTypeBitmask;
- UINT32 AllLanesPtr;
- UINT32 PerLanePtr;
- UINT32 AllLanesSizeOfTable;
- UINT32 PerLaneSizeOfTable;
- UINT32 WaitTimeForPSBP; // the wait time in units of 1000us for PBSP to check in.
- BOOLEAN IsKtiNvramDataReady;
- UINT32 OemHookPostTopologyDiscovery;
- UINT32 OemGetResourceMapUpdate;
- UINT32 OemGetAdaptedEqSettings;
- UINT32 OemCheckCpuPartsChangeSwap;
-
- BOOLEAN WaSerializationEn; // Enable BIOS serialization WA by PcdWaSerializationEn
+ UINT32 AllLanesPtr; ///< Pointer to an array of ALL_LANES_EPARAM_LINK_INFO structures.
+ UINT32 PerLanePtr; ///< Pointer to an array of PER_LANE_EPARAM_LINK_INFO structures.
+ UINT32 AllLanesSizeOfTable; ///< Number of elements in array pointed to by AllLanesPtr
+ UINT32 PerLaneSizeOfTable; ///< Number of elements in array pointed to by PerLanePtr
+ UINT32 WaitTimeForPSBP; ///< the wait time in units of 1000us for PBSP to check in.
+ BOOLEAN IsKtiNvramDataReady; ///< Used internally, Reserved.
+ UINT32 OemHookPostTopologyDiscovery; ///< OEM_HOOK_POST_TOPOLOGY_DISCOVERY function pointer. Invoked at the end of topology discovery, used for error reporting.
+ UINT32 OemGetResourceMapUpdate; ///< OEM_GET_RESOURCE_MAP_UPDATE function pointer. Allows platform code to adjust the resource map.
+ UINT32 OemGetAdaptedEqSettings; ///< @deprecated Reserved, must be set to 0.
+ UINT32 OemCheckCpuPartsChangeSwap; ///< @deprecated Reserved, must be set to 0.
+
+ BOOLEAN WaSerializationEn; ///< Enable BIOS serialization WA by PcdWaSerializationEn
KTI_RESERVED_3 Reserved166;
KTI_RESERVED_4 Reserved167[MAX_SOCKET];
- UINT8 KtiInEnableMktme; // 0 - Disabled; 1 - Enabled; MkTme status decides D2Kti feature state
+ UINT8 KtiInEnableMktme; ///< 0 - Disabled; 1 - Enabled; MkTme status decides D2Kti feature state
+ /**
+ Pointers to the location of the CFR/SINIT binaries.
+
+ Contains a pointer to a 24 byte fixed length array.
+ The array contains the 3 instances of the following c-struct
+ ~~~
+ typedef struct {
+ UINT32 CfrImagePtr;
+ UINT32 CfrImageSize;
+ }
+ ~~~
+ This allows a maximum of 3 CFR/SINIT binaries to be provided by platform code.
+ **/
UINT32 CFRImagePtr;
- UINT8 S3mCFRCommit; // 0 - Disable S3m CFR flow. 1 - Provision S3m CFR but not Commit. 2 - Provsion and Commit S3M CFR.
- UINT8 PucodeCFRCommit; // 0 - Disable Pucode CFR flow. 1 - Provision Pucode CFR but not Commit. 2 - Provsion and Commit Pucode CFR.
+ UINT8 S3mCFRCommit; ///< 0 - Disable S3m CFR flow. 1 - Provision S3m CFR but not Commit. 2 - Provision and Commit S3M CFR.
+ UINT8 PucodeCFRCommit; ///< 0 - Disable Pucode CFR flow. 1 - Provision Pucode CFR but not Commit. 2 - Provision and Commit Pucode CFR.
} KTI_HOST_IN;

#pragma pack()
diff --git a/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolicyCommon.h b/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolicyCommon.h
index f5861ccaf..0e10d0b8f 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolicyCommon.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolicyCommon.h
@@ -23,6 +23,9 @@ extern EFI_GUID gFlashProtectionConfigGuid;
// ---------------------------- PCH General Config -------------------------------
//

+/**
+ PCH General Configuration
+**/
typedef struct {
/**
Subsystem Vendor ID and Subsystem ID of the PCH devices.
@@ -775,6 +778,9 @@ typedef enum {
PchHdaIDispMode1T = 1
} PCH_HDAUDIO_IDISP_TMODE;

+/**
+ This structure contains the policies which are related to HD Audio device (cAVS).
+**/
typedef struct {
/**
This member describes whether or not Intel HD Audio (Azalia) should be enabled.
@@ -1674,6 +1680,9 @@ typedef struct {
UINT16 ProtectedRangeBase;
} PROTECTED_RANGE;

+/**
+ PCH Flash Protection Configuration
+**/
typedef struct {
PROTECTED_RANGE ProtectRange[PCH_FLASH_PROTECTED_RANGES];
} PCH_FLASH_PROTECTION_CONFIG;
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Inputs.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Inputs.h
index 4c48ca19e..84197b8c8 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Inputs.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Inputs.h
@@ -8,15 +8,15 @@
**/

//
-// TME
+// TME (Total Memory Encryption)
//
-UINT8 EnableTme; // TME Enable
-UINT8 EnableTmeCR; // Exclude Crystal Ridge memory from encryption.
+UINT8 EnableTme; ///< TME Enable
+UINT8 EnableTmeCR; ///< TME for Optane Persistent Memory. Set to 0 exclude Optane from encryption.

//
// MK-TME
//
-UINT8 EnableMktme; // MK-TME Enable
+UINT8 EnableMktme; ///< MK-TME Enable

UINT8 ReservedS234;
UINT8 ReservedS235;
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Outputs.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Outputs.h
index 3a6262a65..201cdd9a9 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Outputs.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Outputs.h
@@ -10,9 +10,9 @@
//
// MK-TME
//
-// NAK - Not a knob, used just for indication
-UINT8 TmeCapability; // TME Capable
-UINT8 TmeCrSupport; // Flag used to check if Crystal Ridge is supported in UEFI
-UINT8 MktmeCapability; // MK-TME Capable
-UINT16 MktmeMaxKeys; // Max number of keys used for encryption
-UINT8 MkTmeKeyIdBits; // Used to suppress setup menu key-splits
\ No newline at end of file
+// NAK (Not a knob) - Used just for indication
+UINT8 TmeCapability; // NAK (Not a knob) - TME Capable
+UINT8 TmeCrSupport; // NAK (Not a knob) - Flag used to check if Crystal Ridge is supported in UEFI
+UINT8 MktmeCapability; // NAK (Not a knob) - MK-TME Capable
+UINT16 MktmeMaxKeys; // NAK (Not a knob) - Max number of keys used for encryption
+UINT8 MkTmeKeyIdBits; // NAK (Not a knob) - Used to suppress setup menu key-splits
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpSgxTem1v0_Inputs.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpSgxTem1v0_Inputs.h
index 2deabd0b5..c46434392 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpSgxTem1v0_Inputs.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpSgxTem1v0_Inputs.h
@@ -10,27 +10,30 @@
//
// SGX
//
-UINT8 EnableSgx;
-UINT8 SgxFactoryReset; // Delete all registration data, if SGX enabled force IPE/FirstBinding flow
-UINT64 PrmrrSize; // SGX PRMRR size
+UINT8 EnableSgx; ///< Enable SGX
+UINT8 SgxFactoryReset; ///< Delete all registration data, if SGX enabled force IPE/FirstBinding flow
+UINT64 PrmrrSize; ///< SGX PRMRR size
UINT64 ReservedS239;
-UINT8 SgxQoS; // SGX Quality of Service
-UINT8 SgxAutoRegistrationAgent;
-UINT8 SgxPackageInfoInBandAccess; // Expose Package Info to OS
-UINT8 EpochUpdate;
-UINT64 SgxEpoch0; // SGX EPOCH0 value {0 - 0xFFFFFFFFFFFFFFFF}
-UINT64 SgxEpoch1; // SGX EPOCH1 value {0 - 0xFFFFFFFFFFFFFFFF}
-UINT8 SgxLeWr; // Flexible Launch Enclave Policy (Wr En)
-UINT64 SgxLePubKeyHash0; // Launch Enclave Hash 0
-UINT64 SgxLePubKeyHash1; // Launch Enclave Hash 1
-UINT64 SgxLePubKeyHash2; // Launch Enclave Hash 2
-UINT64 SgxLePubKeyHash3; // Launch Enclave Hash 3
-// Client SGX - unused in server
-UINT8 SgxSinitNvsData; // SGX NVS data from Flash passed during previous boot using CPU_INFO_PROTOCOL.SGX_INFO;
- // Pass value of zero if there is not data saved or when SGX is disabled.
-UINT8 SgxSinitDataFromTpm; // SGX SVN data from TPM; 0: when SGX is disabled or TPM is not present or no data
- // is present in TPM.
-UINT8 SgxDebugMode;
+UINT8 SgxQoS; ///< SGX Quality of Service
+UINT8 SgxAutoRegistrationAgent; ///< SGX Auto Registration Agent
+UINT8 SgxPackageInfoInBandAccess; ///< SGX Expose Package Info to OS
+UINT8 EpochUpdate; ///< SGX EPOCH Update
+UINT64 SgxEpoch0; ///< SGX EPOCH0 value {0 - 0xFFFFFFFFFFFFFFFF}
+UINT64 SgxEpoch1; ///< SGX EPOCH1 value {0 - 0xFFFFFFFFFFFFFFFF}
+UINT8 SgxLeWr; ///< Flexible Launch Enclave Policy (Wr En)
+UINT64 SgxLePubKeyHash0; ///< Launch Enclave Hash 0
+UINT64 SgxLePubKeyHash1; ///< Launch Enclave Hash 1
+UINT64 SgxLePubKeyHash2; ///< Launch Enclave Hash 2
+UINT64 SgxLePubKeyHash3; ///< Launch Enclave Hash 3
+
+//
+// DEPRECATED
+//
+UINT8 SgxSinitNvsData; ///< @deprecated SGX NVS data from Flash passed during previous boot using CPU_INFO_PROTOCOL.SGX_INFO;
+ /// Pass value of zero if there is not data saved or when SGX is disabled.
+UINT8 SgxSinitDataFromTpm; ///< @deprecated SGX SVN data from TPM; 0: when SGX is disabled or TPM is not present or no data
+ /// is present in TPM.
+UINT8 SgxDebugMode; ///< @deprecated

UINT8 ReservedS240;
UINT8 ReservedS241;
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpTdx1v0_Inputs.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpTdx1v0_Inputs.h
index db5081c0a..79369f989 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpTdx1v0_Inputs.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpTdx1v0_Inputs.h
@@ -7,7 +7,7 @@
SPDX-License-Identifier: BSD-2-Clause-Patent
**/

-UINT8 EnableTdx; // TDX Enable
-UINT8 KeySplit; // TDX/MK-TME key split
+UINT8 EnableTdx; ///< TDX Enable
+UINT8 KeySplit; ///< TDX/MK-TME key split

UINT8 ReservedS245;
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy.h
new file mode 100644
index 000000000..0beb26704
--- /dev/null
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy.h
@@ -0,0 +1,29 @@
+/** @file
+ Provides data structure information used by ServerSecurity features in Mtkme etc.
+
+ @copyright
+ Copyright 2018 - 2021 Intel Corporation. <BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef _SECURITY_POLICY_H_
+#define _SECURITY_POLICY_H_
+
+extern EFI_GUID gSecurityPolicyDataGuid;
+#include <Library/SecurityPolicyDefinitions.h>
+
+#pragma pack(1)
+
+/**
+ Security Policy
+**/
+typedef struct {
+ /**
+ * Please put common definitions inside the SecurityPolicy_Flat.h *
+ **/
+ #include "SecurityPolicy_Flat.h"
+} SECURITY_POLICY;
+
+#pragma pack()
+#endif
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy_Flat.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy_Flat.h
index ba62b8c3a..09dacdf62 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy_Flat.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy_Flat.h
@@ -1,6 +1,6 @@
/** @file
Provides data structure information used by ServerSecurity features in literally all products
- Header is flat and injected directly in SecurityPolicy sructuture and SOCKET_PROCESSORCORE_CONFIGURATION.
+ Header is flat and injected directly in SecurityPolicy structure and SOCKET_PROCESSORCORE_CONFIGURATION.

@copyright
Copyright 2020 - 2021 Intel Corporation. <BR>
@@ -8,7 +8,7 @@
SPDX-License-Identifier: BSD-2-Clause-Patent
**/

- // Header is flat and injected directly in SecurityPolicy sructuture and SOCKET_PROCESSORCORE_CONFIGURATION.
+ // Header is flat and injected directly in SecurityPolicy structure and SOCKET_PROCESSORCORE_CONFIGURATION.
// Put common definitons here either directly or via intermediate header file..

// SECURITY_IP_MKTME_1V0 MkTme;
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPolicyDefinitions.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPolicyDefinitions.h
new file mode 100644
index 000000000..700f5abb4
--- /dev/null
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPolicyDefinitions.h
@@ -0,0 +1,28 @@
+/**@file
+ @copyright
+ Copyright 2020 - 2021 Intel Corporation. <BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef __SECURITY_POLICY_DEFINITIONS_H__
+#define __SECURITY_POLICY_DEFINITIONS_H__
+
+//
+// Security Policy definitions
+//
+
+//
+// Values for capable/incapable == supported/unsupported
+//
+#define SECURITY_POLICY_UNSUPPORTED 0
+#define SECURITY_POLICY_SUPPORTED 1
+
+//
+// Values for enable/disable options
+//
+#define SECURITY_POLICY_DISABLE 0
+#define SECURITY_POLICY_ENABLE 1
+#define SECURITY_POLICY_AUTO 2
+
+#endif
--
2.27.0.windows.1


Re: [edk2-platforms] [PATCH V1] WhitleySiliconPkg: Improve comments for silicon policy structures

Nate DeSimone
 

Hi Chasel,

Thank you for the feedback. I have resolved it before push.

Thanks,
Nate

-----Original Message-----
From: Chiu, Chasel <chasel.chiu@...>
Sent: Tuesday, July 20, 2021 9:07 PM
To: Desimone, Nathaniel L <nathaniel.l.desimone@...>; devel@edk2.groups.io
Cc: Oram, Isaac W <isaac.w.oram@...>
Subject: RE: [edk2-platforms] [PATCH V1] WhitleySiliconPkg: Improve comments for silicon policy structures


Hi Nate,

Just one small feedbacks inline, please check them.
With that resolved: Reviewed-by: Chasel Chiu <chasel.chiu@...>

Thanks,
Chasel


-----Original Message-----
From: Desimone, Nathaniel L <nathaniel.l.desimone@...>
Sent: Wednesday, July 21, 2021 4:22 AM
To: devel@edk2.groups.io
Cc: Oram, Isaac W <isaac.w.oram@...>; Chiu, Chasel
<chasel.chiu@...>
Subject: [edk2-platforms] [PATCH V1] WhitleySiliconPkg: Improve
comments for silicon policy structures

Signed-off-by: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Isaac Oram <isaac.w.oram@...>
Cc: Chasel Chiu <chasel.chiu@...>
---
.../Include/Ppi/RasImcS3Data.h | 6 +
.../Include/Ppi/UpiPolicyPpi.h | 5 +-
.../WhitleySiliconPkg/Include/Upi/KtiHost.h | 250 +++++++++---------
.../SouthClusterLbg/Include/PchPolicyCommon.h | 9 +
.../SecurityIp/SecurityIpMkTme1v0_Inputs.h | 8 +-
.../SecurityIp/SecurityIpMkTme1v0_Outputs.h | 12 +-
.../SecurityIp/SecurityIpSgxTem1v0_Inputs.h | 43 +--
.../Guid/SecurityIp/SecurityIpTdx1v0_Inputs.h | 4 +-
.../Security/Include/Guid/SecurityPolicy.h | 29 ++
.../Include/Guid/SecurityPolicy_Flat.h | 4 +-
.../Library/SecurityPolicyDefinitions.h | 28 ++
11 files changed, 245 insertions(+), 153 deletions(-) create mode
100644
Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy.h
create mode 100644
Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPolic
yDefinition
s.h

diff --git
a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h
b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h
index 82725bc84..2198f8516 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h
@@ -44,7 +44,13 @@ EFI_STATUS
OUT VOID *Data
);

+/**
+ RAS IMC S3 Data PPI
+**/
struct _RAS_IMC_S3_DATA_PPI {
+ /**
+ Retrieves data for S3 saved memory RAS features from non-volatile storage.
+ **/
RAS_IMC_S3_DATA_PPI_GET_IMC_S3_RAS_DATA GetImcS3RasData; };

diff --git
a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h
b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h
index e355dcaba..503c5c0ae 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h
@@ -24,6 +24,9 @@

typedef struct _UPI_POLICY_PPI UPI_POLICY_PPI;

+/**
+ UPI Policy Structure
+**/
struct _UPI_POLICY_PPI {
/**
This member specifies the revision of the UPI_POLICY_PPI. This
field is used to @@ -32,7 +35,7 @@ struct _UPI_POLICY_PPI {
to correctly interpret the content of the INTERFACE fields.
**/
UINT32 Revision;
- KTI_HOST_IN Upi;
+ KTI_HOST_IN Upi; ///< KTIRC input structure
};

#endif // _UPI_POLICY_PPI_H_
diff --git a/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h
b/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h
index cf558b3d3..e793cc647 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h
@@ -99,28 +99,31 @@ typedef struct {
KTI_RESERVED_2 Phy[MAX_FW_KTI_PORTS]; } KTI_RESERVED_4;

-//
-// PHY settings that are system dependent. Need 1 of these for each
socket/link/freq.
-//
+/**
+ Per Lane PHY Configuration

+ These PHY settings are system dependent. Every socket/link/freq
+ requires an
instance of this structure.
+**/
typedef struct {
- UINT8 SocketID;
- UINT8 AllLanesUseSameTxeq;
- UINT8 Freq;
- UINT32 Link;
- UINT32 TXEQL[20];
- UINT32 CTLEPEAK[5];
+ UINT8 SocketID; ///< Socket ID
+ UINT8 AllLanesUseSameTxeq; ///< Use same TXEQ on all lanes
+ UINT8 Freq; ///< The Link Speed these TXEQ settings should be used
for
+ UINT32 Link; ///< Port Number
+ UINT32 TXEQL[20]; ///< TXEQ Settings
+ UINT32 CTLEPEAK[5]; ///< CTLE Peaking Settings
} PER_LANE_EPARAM_LINK_INFO;

-//
-// This is for full speed mode, all lanes have the same TXEQ setting
-//
+/**
+ All Lanes PHY Configuration
+
+ This is for full speed mode, all lanes have the same TXEQ setting
+ **/
typedef struct {
- UINT8 SocketID;
- UINT8 Freq;
- UINT32 Link;
- UINT32 AllLanesTXEQ;
- UINT8 CTLEPEAK;
+ UINT8 SocketID; ///< Socket ID
+ UINT8 Freq; ///< The Link Speed these TXEQ settings should be used
for
+ UINT32 Link; ///< Port Number
+ UINT32 AllLanesTXEQ; ///< TXEQ Setting
+ UINT8 CTLEPEAK; ///< CTLE Peaking Setting
} ALL_LANES_EPARAM_LINK_INFO;

#define ADAPTIVE_CTLE 0x3f
@@ -173,130 +176,141 @@ typedef struct {
KTI_CPU_PHY_SETTING Phy[MAX_FW_KTI_PORTS];
} KTI_CPU_SETTING;

-//
-// KTIRC input structure
-//
+/**
+ KTIRC input structure
+**/
typedef struct {
//
// Protocol layer and other general options; note that "Auto" is
provided only options whose value will change depending
// on the topology, not for all options.
//

- //
- // Indicates the ratio of Bus/MMIOL/IO resource to be allocated for
each CPU's IIO.
- // Value 0 indicates, that CPU is not relevant for the system. If
resource is
- // requested for an CPU that is not currently populated, KTIRC will
assume
- // that the ratio is 0 for that CPU and won't allocate any resources for it.
- // If resource is not requested for an CPU that is populated, KTIRC
will force
- // the ratio for that CPU to 1.
- //
-
-
+ /**
+ Indicates the ratio of Bus/MMIOL/IO resource to be allocated for
+ each CPU's
IIO.
Align indents for every lines in this blob.









+ Value 0 indicates, that CPU is not relevant for the system. If resource is
+ requested for an CPU that is not currently populated, KTIRC will
+ assume
For 'a' CPU




+ that the ratio is 0 for that CPU and won't allocate any resources for it.
+ If resource is not requested for an CPU that is populated, KTIRC will force
+ the ratio for that CPU to 1.
+ **/
UINT8 BusRatio[MAX_SOCKET];

- UINT8 D2KCreditConfig; // 1 - Min, 2 - Med (Default), 3- Max
- UINT8 SnoopThrottleConfig; // 0 - Disabled (Default), 1 - Min, 2 - Med,
3- Max
- UINT8 SnoopAllCores; // 0 - Disabled, 1 - Enabled, 2 - Auto
- UINT8 LegacyVgaSoc; // Socket that claims the legacy VGA range;
valid values are 0-7; 0 is default.
- UINT8 LegacyVgaStack; // Stack that claims the legacy VGA range;
valid values are 0-3; 0 is default.
- UINT8 ColdResetRequestStart;
- UINT8 P2pRelaxedOrdering; // 0 - Disable(default) 1 - Enable
- UINT8 DebugPrintLevel; // Bit 0 - Fatal, Bit1 - Warning, Bit2 - Info
Summary; Bit 3 - Info detailed. 1 - Enable; 0 - Disable
- UINT8 SncEn; // 0 - Disable, (default) 1 - Enable
- UINT8 UmaClustering; // 0 - Disable, 2 - 2Clusters UMA, 4 -
4Clusters UMA
- UINT8 IoDcMode; // 0 - Disable IODC, 1 - AUTO (default), 2 -
IODC_EN_REM_INVITOM_PUSH, 3 - IODC_EN_REM_INVITOM_ALLOCFLOW
- // 4 - IODC_EN_REM_INVITOM_ALLOC_NONALLOC, 5 -
IODC_EN_REM_INVITOM_AND_WCILF
- UINT8 DegradePrecedence; // Use DEGRADE_PRECEDENCE definition;
TOPOLOGY_PRECEDENCE is default
- UINT8 Degrade4SPreference;// 4S1LFullConnect topology is default;
another option is 4S2LRing topology.
- UINT8 DirectoryModeEn; // 0 - Disable; 1 - Enable (default)
- UINT8 XptPrefetchEn; // Xpt Prefetch : 1 - Enable; 0 - Disable; 2 -
Auto (default)
- UINT8 KtiPrefetchEn; // Kti Prefetch : 1 - Enable; 0 - Disable; 2 -
Auto (default)
- UINT8 XptRemotePrefetchEn; // Xpt Remote Prefetch : 1 - Enable; 0
- Disable; 2 - Auto (default) (ICX only)
- UINT8 RdCurForXptPrefetchEn; // RdCur for XPT Prefetch : 0 - Disable,
1 - Enable, 2- Auto (default)
- UINT8 KtiFpgaEnable[MAX_SOCKET]; // Indicate if should enable Fpga
device found in this socket : 0 - Disable, 1 - Enable, 2- Auto
- UINT8 DdrtQosMode; // DDRT QoS Feature: 0 - Disable (default),
1 - M2M QoS Enable, Cha QoS Disable
- // 2 - M2M QoS Enable, Cha QoS Enable
+ UINT8 D2KCreditConfig; ///< 1 - Min, 2 - Med (Default), 3-
Max
+ UINT8 SnoopThrottleConfig; ///< 0 - Disabled (Default), 1 - Min,
2 - Med, 3- Max
+ UINT8 SnoopAllCores; ///< 0 - Disabled, 1 - Enabled, 2 - Auto
+ UINT8 LegacyVgaSoc; ///< Socket that claims the legacy
VGA range; valid values are 0-7; 0 is default.
+ UINT8 LegacyVgaStack; ///< Stack that claims the legacy VGA
range; valid values are 0-3; 0 is default.
+ UINT8 ColdResetRequestStart; ///< @deprecated Reserved.
+ UINT8 P2pRelaxedOrdering; ///< 0 - Disable(default) 1 - Enable
+ UINT8 DebugPrintLevel; ///< Bit 0 - Fatal, Bit1 - Warning, Bit2
- Info Summary; Bit 3 - Info detailed. 1 - Enable; 0 - Disable
+ UINT8 SncEn; ///< 0 - Disable, (default) 1 - Enable
+ UINT8 UmaClustering; ///< 0 - Disable, 2 - 2Clusters UMA, 4 -
4Clusters UMA
+ UINT8 IoDcMode; ///< 0 - Disable IODC, 1 - AUTO
(default), 2 - IODC_EN_REM_INVITOM_PUSH, 3 -
IODC_EN_REM_INVITOM_ALLOCFLOW
+ ///< 4 -
IODC_EN_REM_INVITOM_ALLOC_NONALLOC, 5 - IODC_EN_REM_INVITOM_AND_WCILF
+ UINT8 DegradePrecedence; ///< Use DEGRADE_PRECEDENCE
definition; TOPOLOGY_PRECEDENCE is default
+ UINT8 Degrade4SPreference; ///< 4S1LFullConnect topology is
default; another option is 4S2LRing topology.
+ UINT8 DirectoryModeEn; ///< 0 - Disable; 1 - Enable (default)
+ UINT8 XptPrefetchEn; ///< Xpt Prefetch : 1 - Enable; 0 -
Disable; 2 - Auto (default)
+ UINT8 KtiPrefetchEn; ///< Kti Prefetch : 1 - Enable; 0 -
Disable; 2 - Auto (default)
+ UINT8 XptRemotePrefetchEn; ///< Xpt Remote Prefetch : 1 -
Enable; 0 - Disable; 2 - Auto (default) (ICX only)
+ UINT8 RdCurForXptPrefetchEn; ///< RdCur for XPT Prefetch : 0 -
Disable, 1 - Enable, 2- Auto (default)
+ UINT8 KtiFpgaEnable[MAX_SOCKET]; ///< Indicate if should enable
Fpga device found in this socket : 0 - Disable, 1 - Enable, 2- Auto
+ UINT8 DdrtQosMode; ///< DDRT QoS Feature: 0 - Disable
(default), 1 - M2M QoS Enable, Cha QoS Disable
+ ///< 2 - M2M
+ QoS Enable, Cha QoS Enable

//
// Phy/Link Layer Options (System-wide and per socket)
//
- UINT8 KtiLinkSpeedMode; // Link speed mode selection; 0 - Slow
Speed; 1- Full Speed (default)
- UINT8 KtiLinkSpeed; // Use KTI_LINKSPEED definition
- UINT8 KtiAdaptationEn; // 0 - Disable, 1 - Enable
- UINT8 KtiAdaptationSpeed; // Use KTI_LINK_SPEED definition;
MAX_KTI_LINK_SPEED - Auto (i.e BIOS choosen speed)
- UINT8 KtiLinkL0pEn; // 0 - Disable, 1 - Enable, 2- Auto (default)
- UINT8 KtiLinkL1En; // 0 - Disable, 1 - Enable, 2- Auto (default)
- UINT8 KtiFailoverEn; // 0 - Disable, 1 - Enable, 2- Auto (default)
- UINT8 KtiLbEn; // 0 - Disable(default), 1 - Enable
- UINT8 KtiCrcMode; // CRC_MODE_16BIT,
CRC_MODE_ROLLING_32BIT, CRC_MODE_AUTO or CRC_MODE_PER_LINK
-
- UINT8 KtiCpuSktHotPlugEn; // 0 - Disable (default), 1 - Enable
- UINT8 KtiCpuSktHotPlugTopology; // 0 - 4S Topology (default), 1 - 8S
Topology
- UINT8 KtiSkuMismatchCheck; // 0 - No, 1 - Yes (default)
- UINT8 IrqThreshold; // IRQ Threshold setting
- UINT8 TorThresLoctoremNorm; // TOR threshold - Loctorem
threshold normal
- UINT8 TorThresLoctoremEmpty; // TOR threshold - Loctorem
threshold empty
- UINT8 MbeBwCal; // 0 - Linear, 1 - Biased, 2 - Legacy, 3 -
AUTO (default = Linear)
- UINT8 TscSyncEn; // TSC sync in sockets: 0 - Disable, 1 - Enable,
2 - AUTO (Default)
- UINT8 StaleAtoSOptEn; // HA A to S directory optimization: 1 -
Enable; 0 - Disable; 2 - Auto (Default)
- UINT8 LLCDeadLineAlloc; // LLC dead line alloc: 1 -
Enable(Default); 0 - Disable
- UINT8 SplitLock;
- UINT8 ColdResetRequestEnd;
-
- //
- // Phy/Link Layer Options (per Port)
- //
+ UINT8 KtiLinkSpeedMode; ///< Link speed mode selection; 0 -
Slow Speed; 1- Full Speed (default)
+ UINT8 KtiLinkSpeed; ///< Use KTI_LINKSPEED definition
+ UINT8 KtiAdaptationEn; ///< 0 - Disable, 1 - Enable
+ UINT8 KtiAdaptationSpeed; ///< Use KTI_LINK_SPEED definition;
MAX_KTI_LINK_SPEED - Auto (i.e BIOS choosen speed)
+ UINT8 KtiLinkL0pEn; ///< 0 - Disable, 1 - Enable, 2- Auto
(default)
+ UINT8 KtiLinkL1En; ///< 0 - Disable, 1 - Enable, 2- Auto
(default)
+ UINT8 KtiFailoverEn; ///< 0 - Disable, 1 - Enable, 2- Auto
(default)
+ UINT8 KtiLbEn; ///< 0 - Disable(default), 1 - Enable
+ UINT8 KtiCrcMode; ///< CRC_MODE_16BIT,
CRC_MODE_ROLLING_32BIT, CRC_MODE_AUTO or CRC_MODE_PER_LINK
+
+ UINT8 KtiCpuSktHotPlugEn; ///< 0 - Disable (default), 1 - Enable
+ UINT8 KtiCpuSktHotPlugTopology; ///< 0 - 4S Topology (default), 1
- 8S Topology
+ UINT8 KtiSkuMismatchCheck; ///< 0 - No, 1 - Yes (default)
+ UINT8 IrqThreshold; ///< IRQ Threshold setting
+ UINT8 TorThresLoctoremNorm; ///< TOR threshold - Loctorem
threshold normal
+ UINT8 TorThresLoctoremEmpty; ///< TOR threshold - Loctorem
threshold empty
+ UINT8 MbeBwCal; ///< 0 - Linear, 1 - Biased, 2 - Legacy, 3
- AUTO (default = Linear)
+ UINT8 TscSyncEn; ///< TSC sync in sockets: 0 - Disable, 1 -
Enable, 2 - AUTO (Default)
+ UINT8 StaleAtoSOptEn; ///< HA A to S directory optimization:
1 - Enable; 0 - Disable; 2 - Auto (Default)
+ UINT8 LLCDeadLineAlloc; ///< LLC dead line alloc: 1 -
Enable(Default); 0 - Disable
+ UINT8 SplitLock; ///< @deprecated Reserved, must be set
to 0.
+ UINT8 ColdResetRequestEnd; ///< @deprecated Reserved.
+
+ ///
+ /// Phy/Link Layer Options (per Port) ///
KTI_CPU_SETTING PhyLinkPerPortSetting[MAX_SOCKET];


- UINT8 mmCfgBase; ///< MMCFG Base address, must be 64MB (SKX,
HSX, BDX) / 256MB (GROVEPORT) aligned. Options: {0:1G, 1:1.5G,
2:1.75G, 3:2G, 4:2.25G, 5:3G, 6: Auto}
- UINT8 mmCfgSize; ///< MMCFG Size address, must be 64M, 128M or
256M. Options: {0:64M, 1:128M, 2:256M, 3:512M, 4:1G, 5:2G, 6: Auto}
- UINT32 mmiolBase; ///< MMIOL Base address, must be 64MB aligned
- UINT32 mmiolSize; ///< MMIOL Size address
- UINT32 mmiohBase; ///< Address bits above 4GB, i,e, the hex value
here is address Bit[45:32] for SKX family, Bit[51:32] for ICX-SP
- UINT8 CpuPaLimit; ///< Limits the max address to 46bits. This will take
precedence over mmiohBase
- UINT8 lowGap;
- UINT8 highGap;
- UINT16 mmiohSize; ////<< Number of 1GB contiguous regions to be
assigned for MMIOH space per CPU. Range 1-1024
- UINT8 isocEn; ///< 1 - Enable; 0 - Disable (BIOS will force this for 4S)
- UINT8 dcaEn; ///< 1 - Enable; 0 - Disable
+ UINT8 mmCfgBase; ///< MMCFG Base address, must be
64MB (SKX, HSX, BDX) / 256MB (GROVEPORT) aligned. Options: {0:1G,
1:1.5G, 2:1.75G, 3:2G, 4:2.25G, 5:3G, 6: Auto}
+ UINT8 mmCfgSize; ///< MMCFG Size address, must be 64M,
128M or 256M. Options: {0:64M, 1:128M, 2:256M, 3:512M, 4:1G, 5:2G, 6:
Auto}
+ UINT32 mmiolBase; ///< MMIOL Base address, must be
64MB aligned
+ UINT32 mmiolSize; ///< MMIOL Size address
+ UINT32 mmiohBase; ///< Address bits above 4GB, i,e, the
hex value here is address Bit[45:32] for SKX family, Bit[51:32] for
ICX-SP
+ UINT8 CpuPaLimit; ///< Limits the max address to 46bits.
This will take precedence over mmiohBase
+ UINT8 lowGap; ///< @deprecated Reserved.
+ UINT8 highGap; ///< @deprecated Reserved.
+ UINT16 mmiohSize; ///< Number of 1GB contiguous
regions to be assigned for MMIOH space per CPU. Range 1-1024
+ UINT8 isocEn; ///< 1 - Enable; 0 - Disable (BIOS will force
this for 4S)
+ UINT8 dcaEn; ///< 1 - Enable; 0 - Disable

- /*
+ /**
BoardTypeBitmask:
- Bits[3:0] - Socket0
- Bits[7:4] - Socket1
- Bits[11:8] - Socket2
- Bits[15:12] - Socket3
- Bits[19:16] - Socket4
- Bits[23:20] - Socket5
- Bits[27:24] - Socket6
- Bits[31:28] - Socket7
+ - Bits[3:0] - Socket0
+ - Bits[7:4] - Socket1
+ - Bits[11:8] - Socket2
+ - Bits[15:12] - Socket3
+ - Bits[19:16] - Socket4
+ - Bits[23:20] - Socket5
+ - Bits[27:24] - Socket6
+ - Bits[31:28] - Socket7

Within each Socket-specific field, bits mean:
- Bit0 = CPU_TYPE_STD support; always 1 on Socket0
- Bit1 = CPU_TYPE_F support
- Bit2 = CPU_TYPE_P support
- Bit3 = reserved
- */
+ - Bit0 = CPU_TYPE_STD support; always 1 on Socket0
+ - Bit1 = CPU_TYPE_F support
+ - Bit2 = CPU_TYPE_P support
+ - Bit3 = reserved
+ **/
UINT32 BoardTypeBitmask;
- UINT32 AllLanesPtr;
- UINT32 PerLanePtr;
- UINT32 AllLanesSizeOfTable;
- UINT32 PerLaneSizeOfTable;
- UINT32 WaitTimeForPSBP; // the wait time in units of 1000us for PBSP
to check in.
- BOOLEAN IsKtiNvramDataReady;
- UINT32 OemHookPostTopologyDiscovery;
- UINT32 OemGetResourceMapUpdate;
- UINT32 OemGetAdaptedEqSettings;
- UINT32 OemCheckCpuPartsChangeSwap;
-
- BOOLEAN WaSerializationEn; // Enable BIOS serialization WA by
PcdWaSerializationEn
+ UINT32 AllLanesPtr; ///< Pointer to an array of
ALL_LANES_EPARAM_LINK_INFO structures.
+ UINT32 PerLanePtr; ///< Pointer to an array of
PER_LANE_EPARAM_LINK_INFO structures.
+ UINT32 AllLanesSizeOfTable; ///< Number of elements in array
pointed to by AllLanesPtr
+ UINT32 PerLaneSizeOfTable; ///< Number of elements in array
pointed to by PerLanePtr
+ UINT32 WaitTimeForPSBP; ///< the wait time in units of
1000us for PBSP to check in.
+ BOOLEAN IsKtiNvramDataReady; ///< Used internally, Reserved.
+ UINT32 OemHookPostTopologyDiscovery; ///<
OEM_HOOK_POST_TOPOLOGY_DISCOVERY function pointer. Invoked at the end
of topology discovery, used for error reporting.
+ UINT32 OemGetResourceMapUpdate; ///<
OEM_GET_RESOURCE_MAP_UPDATE function pointer. Allows platform code to
adjust the resource map.
+ UINT32 OemGetAdaptedEqSettings; ///< @deprecated Reserved,
must be set to 0.
+ UINT32 OemCheckCpuPartsChangeSwap; ///< @deprecated
Reserved, must be set to 0.
+
+ BOOLEAN WaSerializationEn; ///< Enable BIOS serialization WA
by PcdWaSerializationEn
KTI_RESERVED_3 Reserved166;
KTI_RESERVED_4 Reserved167[MAX_SOCKET];
- UINT8 KtiInEnableMktme; // 0 - Disabled; 1 - Enabled; MkTme
status decides D2Kti feature state
+ UINT8 KtiInEnableMktme; ///< 0 - Disabled; 1 - Enabled;
MkTme status decides D2Kti feature state
+ /**
+ Pointers to the location of the CFR/SINIT binaries.
+
+ Contains a pointer to a 24 byte fixed length array.
+ The array contains the 3 instances of the following c-struct
+ ~~~
+ typedef struct {
+ UINT32 CfrImagePtr;
+ UINT32 CfrImageSize;
+ }
+ ~~~
+ This allows a maximum of 3 CFR/SINIT binaries to be provided by
+ platform
code.
+ **/
UINT32 CFRImagePtr;
- UINT8 S3mCFRCommit; // 0 - Disable S3m CFR flow. 1 -
Provision S3m CFR but not Commit. 2 - Provsion and Commit S3M CFR.
- UINT8 PucodeCFRCommit; // 0 - Disable Pucode CFR flow. 1 -
Provision Pucode CFR but not Commit. 2 - Provsion and Commit Pucode CFR.
+ UINT8 S3mCFRCommit; ///< 0 - Disable S3m CFR flow. 1 -
Provision S3m CFR but not Commit. 2 - Provision and Commit S3M CFR.
+ UINT8 PucodeCFRCommit; ///< 0 - Disable Pucode CFR flow. 1
- Provision Pucode CFR but not Commit. 2 - Provision and Commit Pucode CFR.
} KTI_HOST_IN;

#pragma pack()
diff --git
a/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolic
yComm
on.h
b/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolic
yComm
on.h
index f5861ccaf..0e10d0b8f 100644
---
a/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolic
yComm
on.h
+++
b/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolic
yComm
on.h
@@ -23,6 +23,9 @@ extern EFI_GUID gFlashProtectionConfigGuid; //
---------------------------- PCH General Config
------------------------------- //

+/**
+ PCH General Configuration
+**/
typedef struct {
/**
Subsystem Vendor ID and Subsystem ID of the PCH devices.
@@ -775,6 +778,9 @@ typedef enum {
PchHdaIDispMode1T = 1
} PCH_HDAUDIO_IDISP_TMODE;

+/**
+ This structure contains the policies which are related to HD Audio
+device
(cAVS).
+**/
typedef struct {
/**
This member describes whether or not Intel HD Audio (Azalia)
should be enabled.
@@ -1674,6 +1680,9 @@ typedef struct {
UINT16 ProtectedRangeBase;
} PROTECTED_RANGE;

+/**
+ PCH Flash Protection Configuration
+**/
typedef struct {
PROTECTED_RANGE ProtectRange[PCH_FLASH_PROTECTED_RANGES];
} PCH_FLASH_PROTECTION_CONFIG;
diff --git
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpMk
Tme1v0_Inputs.h
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpMk
Tme1v0_Inputs.h
index 4c48ca19e..84197b8c8 100644
---
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpMk
Tme1v0_Inputs.h
+++
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpMk
Tme1v0_Inputs.h
@@ -8,15 +8,15 @@
**/

//
-// TME
+// TME (Total Memory Encryption)
//
-UINT8 EnableTme; // TME Enable
-UINT8 EnableTmeCR; // Exclude Crystal Ridge memory from
encryption.
+UINT8 EnableTme; ///< TME Enable
+UINT8 EnableTmeCR; ///< TME for Optane Persistent Memory.
Set to 0 exclude Optane from encryption.

//
// MK-TME
//
-UINT8 EnableMktme; // MK-TME Enable
+UINT8 EnableMktme; ///< MK-TME Enable

UINT8 ReservedS234;
UINT8 ReservedS235;
diff --git
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpMk
Tme1v0_Outputs.h
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpMk
Tme1v0_Outputs.h
index 3a6262a65..201cdd9a9 100644
---
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpMk
Tme1v0_Outputs.h
+++
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpMk
Tme1v0_Outputs.h
@@ -10,9 +10,9 @@
//
// MK-TME
//
-// NAK - Not a knob, used just for indication
-UINT8 TmeCapability; // TME Capable
-UINT8 TmeCrSupport; // Flag used to check if Crystal Ridge is
supported in UEFI
-UINT8 MktmeCapability; // MK-TME Capable
-UINT16 MktmeMaxKeys; // Max number of keys used for encryption
-UINT8 MkTmeKeyIdBits; // Used to suppress setup menu key-splits \ No
newline at end of file
+// NAK (Not a knob) - Used just for indication
+UINT8 TmeCapability; // NAK (Not a knob) - TME Capable
+UINT8 TmeCrSupport; // NAK (Not a knob) - Flag used to check
if Crystal Ridge is supported in UEFI
+UINT8 MktmeCapability; // NAK (Not a knob) - MK-TME Capable
+UINT16 MktmeMaxKeys; // NAK (Not a knob) - Max number of
keys used for encryption
+UINT8 MkTmeKeyIdBits; // NAK (Not a knob) - Used to suppress
setup menu key-splits
diff --git
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpSgx
Tem1v0_Inputs.h
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpSgx
Tem1v0_Inputs.h
index 2deabd0b5..c46434392 100644
---
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpSgx
Tem1v0_Inputs.h
+++
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpSgx
Tem1v0_Inputs.h
@@ -10,27 +10,30 @@
//
// SGX
//
-UINT8 EnableSgx;
-UINT8 SgxFactoryReset; // Delete all registration data, if SGX enabled
force IPE/FirstBinding flow
-UINT64 PrmrrSize; // SGX PRMRR size
+UINT8 EnableSgx; ///< Enable SGX
+UINT8 SgxFactoryReset; ///< Delete all registration data, if SGX
enabled force IPE/FirstBinding flow
+UINT64 PrmrrSize; ///< SGX PRMRR size
UINT64 ReservedS239;
-UINT8 SgxQoS; // SGX Quality of Service
-UINT8 SgxAutoRegistrationAgent;
-UINT8 SgxPackageInfoInBandAccess; // Expose Package Info to OS
-UINT8 EpochUpdate;
-UINT64 SgxEpoch0; // SGX EPOCH0 value {0 - 0xFFFFFFFFFFFFFFFF}
-UINT64 SgxEpoch1; // SGX EPOCH1 value {0 - 0xFFFFFFFFFFFFFFFF}
-UINT8 SgxLeWr; // Flexible Launch Enclave Policy (Wr En)
-UINT64 SgxLePubKeyHash0; // Launch Enclave Hash 0
-UINT64 SgxLePubKeyHash1; // Launch Enclave Hash 1
-UINT64 SgxLePubKeyHash2; // Launch Enclave Hash 2
-UINT64 SgxLePubKeyHash3; // Launch Enclave Hash 3
-// Client SGX - unused in server
-UINT8 SgxSinitNvsData; // SGX NVS data from Flash passed during
previous boot using CPU_INFO_PROTOCOL.SGX_INFO;
- // Pass value of zero if there is not data saved or when
SGX is disabled.
-UINT8 SgxSinitDataFromTpm; // SGX SVN data from TPM; 0: when SGX is
disabled or TPM is not present or no data
- // is present in TPM.
-UINT8 SgxDebugMode;
+UINT8 SgxQoS; ///< SGX Quality of Service
+UINT8 SgxAutoRegistrationAgent; ///< SGX Auto Registration Agent
+UINT8 SgxPackageInfoInBandAccess; ///< SGX Expose Package Info to
OS
+UINT8 EpochUpdate; ///< SGX EPOCH Update
+UINT64 SgxEpoch0; ///< SGX EPOCH0 value {0 -
0xFFFFFFFFFFFFFFFF}
+UINT64 SgxEpoch1; ///< SGX EPOCH1 value {0 -
0xFFFFFFFFFFFFFFFF}
+UINT8 SgxLeWr; ///< Flexible Launch Enclave Policy (Wr En)
+UINT64 SgxLePubKeyHash0; ///< Launch Enclave Hash 0
+UINT64 SgxLePubKeyHash1; ///< Launch Enclave Hash 1
+UINT64 SgxLePubKeyHash2; ///< Launch Enclave Hash 2
+UINT64 SgxLePubKeyHash3; ///< Launch Enclave Hash 3
+
+//
+// DEPRECATED
+//
+UINT8 SgxSinitNvsData; ///< @deprecated SGX NVS data from
Flash passed during previous boot using CPU_INFO_PROTOCOL.SGX_INFO;
+ /// Pass value of zero if there is not data
saved or when SGX is disabled.
+UINT8 SgxSinitDataFromTpm; ///< @deprecated SGX SVN data
from TPM; 0: when SGX is disabled or TPM is not present or no data
+ /// is present in TPM.
+UINT8 SgxDebugMode; ///< @deprecated

UINT8 ReservedS240;
UINT8 ReservedS241;
diff --git
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpTdx
1v0_Inputs.h
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpTdx
1v0_Inputs.h
index db5081c0a..79369f989 100644
---
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpTdx
1v0_Inputs.h
+++
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/Sec
urityIpTdx
1v0_Inputs.h
@@ -7,7 +7,7 @@
SPDX-License-Identifier: BSD-2-Clause-Patent **/

-UINT8 EnableTdx; // TDX Enable
-UINT8 KeySplit; // TDX/MK-TME key split
+UINT8 EnableTdx; ///< TDX Enable
+UINT8 KeySplit; ///< TDX/MK-TME key split

UINT8 ReservedS245;
diff --git
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy
.h
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy
.h
new file mode 100644
index 000000000..0beb26704
--- /dev/null
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPo
+++ licy.h
@@ -0,0 +1,29 @@
+/** @file
+ Provides data structure information used by ServerSecurity features
+in Mtkme
etc.
+
+ @copyright
+ Copyright 2018 - 2021 Intel Corporation. <BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent **/
+
+#ifndef _SECURITY_POLICY_H_
+#define _SECURITY_POLICY_H_
+
+extern EFI_GUID gSecurityPolicyDataGuid; #include
+<Library/SecurityPolicyDefinitions.h>
+
+#pragma pack(1)
+
+/**
+ Security Policy
+**/
+typedef struct {
+ /**
+ * Please put common definitions inside the SecurityPolicy_Flat.h *
+ **/
+ #include "SecurityPolicy_Flat.h"
+} SECURITY_POLICY;
+
+#pragma pack()
+#endif
diff --git
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy
_Flat.h
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy
_Flat.h
index ba62b8c3a..09dacdf62 100644
---
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy
_Flat.h
+++
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy
_Flat.h
@@ -1,6 +1,6 @@
/** @file
Provides data structure information used by ServerSecurity features
in literally all products
- Header is flat and injected directly in SecurityPolicy sructuture
and SOCKET_PROCESSORCORE_CONFIGURATION.
+ Header is flat and injected directly in SecurityPolicy structure
+ and
SOCKET_PROCESSORCORE_CONFIGURATION.

@copyright
Copyright 2020 - 2021 Intel Corporation. <BR> @@ -8,7 +8,7 @@
SPDX-License-Identifier: BSD-2-Clause-Patent **/

- // Header is flat and injected directly in SecurityPolicy
sructuture and SOCKET_PROCESSORCORE_CONFIGURATION.
+ // Header is flat and injected directly in SecurityPolicy structure
+ and
SOCKET_PROCESSORCORE_CONFIGURATION.
// Put common definitons here either directly or via intermediate header file..

// SECURITY_IP_MKTME_1V0 MkTme;
diff --git
a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPol
icyDefiniti
ons.h
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPol
icyDefiniti
ons.h
new file mode 100644
index 000000000..700f5abb4
--- /dev/null
+++
b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPol
icyDefiniti
ons.h
@@ -0,0 +1,28 @@
+/**@file
+ @copyright
+ Copyright 2020 - 2021 Intel Corporation. <BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent **/
+
+#ifndef __SECURITY_POLICY_DEFINITIONS_H__ #define
+__SECURITY_POLICY_DEFINITIONS_H__
+
+//
+// Security Policy definitions
+//
+
+//
+// Values for capable/incapable == supported/unsupported //
+#define SECURITY_POLICY_UNSUPPORTED 0
+#define SECURITY_POLICY_SUPPORTED 1
+
+//
+// Values for enable/disable options
+//
+#define SECURITY_POLICY_DISABLE 0
+#define SECURITY_POLICY_ENABLE 1
+#define SECURITY_POLICY_AUTO 2
+
+#endif
--
2.27.0.windows.1


Re: [edk2-platforms] [PATCH V1] MinPlatformPkg: Cleanup PeiFspWrapperHobProcessLib dependencies

Nate DeSimone
 

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Nate DeSimone
Sent: Monday, August 9, 2021 9:37 PM
To: devel@edk2.groups.io
Cc: Chiu, Chasel <chasel.chiu@...>; Michael Kubacki <Michael.Kubacki@...>; Benjamin Doron <benjamin.doron00@...>
Subject: [edk2-devel] [edk2-platforms] [PATCH V1] MinPlatformPkg: Cleanup PeiFspWrapperHobProcessLib dependencies

PeiFspWrapperHobProcessLib is currently set to depens on FspWrapperPlatformLib, but it does not use any of the functions implemented by that LibraryClass. This change removes that unneeded dependency.

Cc: Chasel Chiu <chasel.chiu@...>
Cc: Michael Kubacki <Michael.Kubacki@...>
Cc: Benjamin Doron <benjamin.doron00@...>
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@...>
---
.../PeiFspWrapperHobProcessLib/PeiFspWrapperHobProcessLib.inf | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/Platform/Intel/MinPlatformPkg/FspWrapper/Library/PeiFspWrapperHobProcessLib/PeiFspWrapperHobProcessLib.inf b/Platform/Intel/MinPlatformPkg/FspWrapper/Library/PeiFspWrapperHobProcessLib/PeiFspWrapperHobProcessLib.inf
index 64f3302959..b846e7af1d 100644
--- a/Platform/Intel/MinPlatformPkg/FspWrapper/Library/PeiFspWrapperHobProcessLib/PeiFspWrapperHobProcessLib.inf
+++ b/Platform/Intel/MinPlatformPkg/FspWrapper/Library/PeiFspWrapperHobP
+++ rocessLib/PeiFspWrapperHobProcessLib.inf
@@ -1,7 +1,7 @@
## @file
# Provide FSP wrapper hob process related function.
#
-# Copyright (c) 2017 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2017 - 2021, Intel Corporation. All rights
+reserved.<BR>
#
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -55,7 +55,6 @@
BaseMemoryLib
HobLib
DebugLib
- FspWrapperPlatformLib
PeiServicesLib
PeiServicesTablePointerLib

--
2.27.0.windows.1


Re: [edk2-platforms] [PATCH V1] WhitleySiliconPkg: Improve comments for silicon policy structures

Oram, Isaac W
 

Reviewed-by: Isaac Oram <Isaac.w.oram@...>

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Desimone, Nathaniel L
Sent: Tuesday, July 20, 2021 1:22 PM
To: devel@edk2.groups.io
Cc: Oram, Isaac W <isaac.w.oram@...>; Chiu, Chasel <chasel.chiu@...>
Subject: [edk2-devel] [edk2-platforms] [PATCH V1] WhitleySiliconPkg: Improve comments for silicon policy structures

Signed-off-by: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Isaac Oram <isaac.w.oram@...>
Cc: Chasel Chiu <chasel.chiu@...>
---
.../Include/Ppi/RasImcS3Data.h | 6 +
.../Include/Ppi/UpiPolicyPpi.h | 5 +-
.../WhitleySiliconPkg/Include/Upi/KtiHost.h | 250 +++++++++---------
.../SouthClusterLbg/Include/PchPolicyCommon.h | 9 +
.../SecurityIp/SecurityIpMkTme1v0_Inputs.h | 8 +-
.../SecurityIp/SecurityIpMkTme1v0_Outputs.h | 12 +-
.../SecurityIp/SecurityIpSgxTem1v0_Inputs.h | 43 +--
.../Guid/SecurityIp/SecurityIpTdx1v0_Inputs.h | 4 +-
.../Security/Include/Guid/SecurityPolicy.h | 29 ++
.../Include/Guid/SecurityPolicy_Flat.h | 4 +-
.../Library/SecurityPolicyDefinitions.h | 28 ++
11 files changed, 245 insertions(+), 153 deletions(-) create mode 100644 Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy.h
create mode 100644 Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPolicyDefinitions.h

diff --git a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h
index 82725bc84..2198f8516 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/RasImcS3Data.h
@@ -44,7 +44,13 @@ EFI_STATUS
OUT VOID *Data
);

+/**
+ RAS IMC S3 Data PPI
+**/
struct _RAS_IMC_S3_DATA_PPI {
+ /**
+ Retrieves data for S3 saved memory RAS features from non-volatile storage.
+ **/
RAS_IMC_S3_DATA_PPI_GET_IMC_S3_RAS_DATA GetImcS3RasData; };

diff --git a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h
index e355dcaba..503c5c0ae 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Include/Ppi/UpiPolicyPpi.h
@@ -24,6 +24,9 @@

typedef struct _UPI_POLICY_PPI UPI_POLICY_PPI;

+/**
+ UPI Policy Structure
+**/
struct _UPI_POLICY_PPI {
/**
This member specifies the revision of the UPI_POLICY_PPI. This field is used to @@ -32,7 +35,7 @@ struct _UPI_POLICY_PPI {
to correctly interpret the content of the INTERFACE fields.
**/
UINT32 Revision;
- KTI_HOST_IN Upi;
+ KTI_HOST_IN Upi; ///< KTIRC input structure
};

#endif // _UPI_POLICY_PPI_H_
diff --git a/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h b/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h
index cf558b3d3..e793cc647 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Include/Upi/KtiHost.h
@@ -99,28 +99,31 @@ typedef struct {
KTI_RESERVED_2 Phy[MAX_FW_KTI_PORTS]; } KTI_RESERVED_4;

-//
-// PHY settings that are system dependent. Need 1 of these for each socket/link/freq.
-//
+/**
+ Per Lane PHY Configuration

+ These PHY settings are system dependent. Every socket/link/freq requires an instance of this structure.
+**/
typedef struct {
- UINT8 SocketID;
- UINT8 AllLanesUseSameTxeq;
- UINT8 Freq;
- UINT32 Link;
- UINT32 TXEQL[20];
- UINT32 CTLEPEAK[5];
+ UINT8 SocketID; ///< Socket ID
+ UINT8 AllLanesUseSameTxeq; ///< Use same TXEQ on all lanes
+ UINT8 Freq; ///< The Link Speed these TXEQ settings should be used for
+ UINT32 Link; ///< Port Number
+ UINT32 TXEQL[20]; ///< TXEQ Settings
+ UINT32 CTLEPEAK[5]; ///< CTLE Peaking Settings
} PER_LANE_EPARAM_LINK_INFO;

-//
-// This is for full speed mode, all lanes have the same TXEQ setting -//
+/**
+ All Lanes PHY Configuration
+
+ This is for full speed mode, all lanes have the same TXEQ setting **/
typedef struct {
- UINT8 SocketID;
- UINT8 Freq;
- UINT32 Link;
- UINT32 AllLanesTXEQ;
- UINT8 CTLEPEAK;
+ UINT8 SocketID; ///< Socket ID
+ UINT8 Freq; ///< The Link Speed these TXEQ settings should be used for
+ UINT32 Link; ///< Port Number
+ UINT32 AllLanesTXEQ; ///< TXEQ Setting
+ UINT8 CTLEPEAK; ///< CTLE Peaking Setting
} ALL_LANES_EPARAM_LINK_INFO;

#define ADAPTIVE_CTLE 0x3f
@@ -173,130 +176,141 @@ typedef struct {
KTI_CPU_PHY_SETTING Phy[MAX_FW_KTI_PORTS];
} KTI_CPU_SETTING;

-//
-// KTIRC input structure
-//
+/**
+ KTIRC input structure
+**/
typedef struct {
//
// Protocol layer and other general options; note that "Auto" is provided only options whose value will change depending
// on the topology, not for all options.
//

- //
- // Indicates the ratio of Bus/MMIOL/IO resource to be allocated for each CPU's IIO.
- // Value 0 indicates, that CPU is not relevant for the system. If resource is
- // requested for an CPU that is not currently populated, KTIRC will assume
- // that the ratio is 0 for that CPU and won't allocate any resources for it.
- // If resource is not requested for an CPU that is populated, KTIRC will force
- // the ratio for that CPU to 1.
- //
-
-
+ /**
+ Indicates the ratio of Bus/MMIOL/IO resource to be allocated for each CPU's IIO.
+ Value 0 indicates, that CPU is not relevant for the system. If resource is
+ requested for an CPU that is not currently populated, KTIRC will assume
+ that the ratio is 0 for that CPU and won't allocate any resources for it.
+ If resource is not requested for an CPU that is populated, KTIRC will force
+ the ratio for that CPU to 1.
+ **/
UINT8 BusRatio[MAX_SOCKET];

- UINT8 D2KCreditConfig; // 1 - Min, 2 - Med (Default), 3- Max
- UINT8 SnoopThrottleConfig; // 0 - Disabled (Default), 1 - Min, 2 - Med, 3- Max
- UINT8 SnoopAllCores; // 0 - Disabled, 1 - Enabled, 2 - Auto
- UINT8 LegacyVgaSoc; // Socket that claims the legacy VGA range; valid values are 0-7; 0 is default.
- UINT8 LegacyVgaStack; // Stack that claims the legacy VGA range; valid values are 0-3; 0 is default.
- UINT8 ColdResetRequestStart;
- UINT8 P2pRelaxedOrdering; // 0 - Disable(default) 1 - Enable
- UINT8 DebugPrintLevel; // Bit 0 - Fatal, Bit1 - Warning, Bit2 - Info Summary; Bit 3 - Info detailed. 1 - Enable; 0 - Disable
- UINT8 SncEn; // 0 - Disable, (default) 1 - Enable
- UINT8 UmaClustering; // 0 - Disable, 2 - 2Clusters UMA, 4 - 4Clusters UMA
- UINT8 IoDcMode; // 0 - Disable IODC, 1 - AUTO (default), 2 - IODC_EN_REM_INVITOM_PUSH, 3 - IODC_EN_REM_INVITOM_ALLOCFLOW
- // 4 - IODC_EN_REM_INVITOM_ALLOC_NONALLOC, 5 - IODC_EN_REM_INVITOM_AND_WCILF
- UINT8 DegradePrecedence; // Use DEGRADE_PRECEDENCE definition; TOPOLOGY_PRECEDENCE is default
- UINT8 Degrade4SPreference;// 4S1LFullConnect topology is default; another option is 4S2LRing topology.
- UINT8 DirectoryModeEn; // 0 - Disable; 1 - Enable (default)
- UINT8 XptPrefetchEn; // Xpt Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default)
- UINT8 KtiPrefetchEn; // Kti Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default)
- UINT8 XptRemotePrefetchEn; // Xpt Remote Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default) (ICX only)
- UINT8 RdCurForXptPrefetchEn; // RdCur for XPT Prefetch : 0 - Disable, 1 - Enable, 2- Auto (default)
- UINT8 KtiFpgaEnable[MAX_SOCKET]; // Indicate if should enable Fpga device found in this socket : 0 - Disable, 1 - Enable, 2- Auto
- UINT8 DdrtQosMode; // DDRT QoS Feature: 0 - Disable (default), 1 - M2M QoS Enable, Cha QoS Disable
- // 2 - M2M QoS Enable, Cha QoS Enable
+ UINT8 D2KCreditConfig; ///< 1 - Min, 2 - Med (Default), 3- Max
+ UINT8 SnoopThrottleConfig; ///< 0 - Disabled (Default), 1 - Min, 2 - Med, 3- Max
+ UINT8 SnoopAllCores; ///< 0 - Disabled, 1 - Enabled, 2 - Auto
+ UINT8 LegacyVgaSoc; ///< Socket that claims the legacy VGA range; valid values are 0-7; 0 is default.
+ UINT8 LegacyVgaStack; ///< Stack that claims the legacy VGA range; valid values are 0-3; 0 is default.
+ UINT8 ColdResetRequestStart; ///< @deprecated Reserved.
+ UINT8 P2pRelaxedOrdering; ///< 0 - Disable(default) 1 - Enable
+ UINT8 DebugPrintLevel; ///< Bit 0 - Fatal, Bit1 - Warning, Bit2 - Info Summary; Bit 3 - Info detailed. 1 - Enable; 0 - Disable
+ UINT8 SncEn; ///< 0 - Disable, (default) 1 - Enable
+ UINT8 UmaClustering; ///< 0 - Disable, 2 - 2Clusters UMA, 4 - 4Clusters UMA
+ UINT8 IoDcMode; ///< 0 - Disable IODC, 1 - AUTO (default), 2 - IODC_EN_REM_INVITOM_PUSH, 3 - IODC_EN_REM_INVITOM_ALLOCFLOW
+ ///< 4 - IODC_EN_REM_INVITOM_ALLOC_NONALLOC, 5 - IODC_EN_REM_INVITOM_AND_WCILF
+ UINT8 DegradePrecedence; ///< Use DEGRADE_PRECEDENCE definition; TOPOLOGY_PRECEDENCE is default
+ UINT8 Degrade4SPreference; ///< 4S1LFullConnect topology is default; another option is 4S2LRing topology.
+ UINT8 DirectoryModeEn; ///< 0 - Disable; 1 - Enable (default)
+ UINT8 XptPrefetchEn; ///< Xpt Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default)
+ UINT8 KtiPrefetchEn; ///< Kti Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default)
+ UINT8 XptRemotePrefetchEn; ///< Xpt Remote Prefetch : 1 - Enable; 0 - Disable; 2 - Auto (default) (ICX only)
+ UINT8 RdCurForXptPrefetchEn; ///< RdCur for XPT Prefetch : 0 - Disable, 1 - Enable, 2- Auto (default)
+ UINT8 KtiFpgaEnable[MAX_SOCKET]; ///< Indicate if should enable Fpga device found in this socket : 0 - Disable, 1 - Enable, 2- Auto
+ UINT8 DdrtQosMode; ///< DDRT QoS Feature: 0 - Disable (default), 1 - M2M QoS Enable, Cha QoS Disable
+ ///< 2 - M2M QoS
+ Enable, Cha QoS Enable

//
// Phy/Link Layer Options (System-wide and per socket)
//
- UINT8 KtiLinkSpeedMode; // Link speed mode selection; 0 - Slow Speed; 1- Full Speed (default)
- UINT8 KtiLinkSpeed; // Use KTI_LINKSPEED definition
- UINT8 KtiAdaptationEn; // 0 - Disable, 1 - Enable
- UINT8 KtiAdaptationSpeed; // Use KTI_LINK_SPEED definition; MAX_KTI_LINK_SPEED - Auto (i.e BIOS choosen speed)
- UINT8 KtiLinkL0pEn; // 0 - Disable, 1 - Enable, 2- Auto (default)
- UINT8 KtiLinkL1En; // 0 - Disable, 1 - Enable, 2- Auto (default)
- UINT8 KtiFailoverEn; // 0 - Disable, 1 - Enable, 2- Auto (default)
- UINT8 KtiLbEn; // 0 - Disable(default), 1 - Enable
- UINT8 KtiCrcMode; // CRC_MODE_16BIT, CRC_MODE_ROLLING_32BIT, CRC_MODE_AUTO or CRC_MODE_PER_LINK
-
- UINT8 KtiCpuSktHotPlugEn; // 0 - Disable (default), 1 - Enable
- UINT8 KtiCpuSktHotPlugTopology; // 0 - 4S Topology (default), 1 - 8S Topology
- UINT8 KtiSkuMismatchCheck; // 0 - No, 1 - Yes (default)
- UINT8 IrqThreshold; // IRQ Threshold setting
- UINT8 TorThresLoctoremNorm; // TOR threshold - Loctorem threshold normal
- UINT8 TorThresLoctoremEmpty; // TOR threshold - Loctorem threshold empty
- UINT8 MbeBwCal; // 0 - Linear, 1 - Biased, 2 - Legacy, 3 - AUTO (default = Linear)
- UINT8 TscSyncEn; // TSC sync in sockets: 0 - Disable, 1 - Enable, 2 - AUTO (Default)
- UINT8 StaleAtoSOptEn; // HA A to S directory optimization: 1 - Enable; 0 - Disable; 2 - Auto (Default)
- UINT8 LLCDeadLineAlloc; // LLC dead line alloc: 1 - Enable(Default); 0 - Disable
- UINT8 SplitLock;
- UINT8 ColdResetRequestEnd;
-
- //
- // Phy/Link Layer Options (per Port)
- //
+ UINT8 KtiLinkSpeedMode; ///< Link speed mode selection; 0 - Slow Speed; 1- Full Speed (default)
+ UINT8 KtiLinkSpeed; ///< Use KTI_LINKSPEED definition
+ UINT8 KtiAdaptationEn; ///< 0 - Disable, 1 - Enable
+ UINT8 KtiAdaptationSpeed; ///< Use KTI_LINK_SPEED definition; MAX_KTI_LINK_SPEED - Auto (i.e BIOS choosen speed)
+ UINT8 KtiLinkL0pEn; ///< 0 - Disable, 1 - Enable, 2- Auto (default)
+ UINT8 KtiLinkL1En; ///< 0 - Disable, 1 - Enable, 2- Auto (default)
+ UINT8 KtiFailoverEn; ///< 0 - Disable, 1 - Enable, 2- Auto (default)
+ UINT8 KtiLbEn; ///< 0 - Disable(default), 1 - Enable
+ UINT8 KtiCrcMode; ///< CRC_MODE_16BIT, CRC_MODE_ROLLING_32BIT, CRC_MODE_AUTO or CRC_MODE_PER_LINK
+
+ UINT8 KtiCpuSktHotPlugEn; ///< 0 - Disable (default), 1 - Enable
+ UINT8 KtiCpuSktHotPlugTopology; ///< 0 - 4S Topology (default), 1 - 8S Topology
+ UINT8 KtiSkuMismatchCheck; ///< 0 - No, 1 - Yes (default)
+ UINT8 IrqThreshold; ///< IRQ Threshold setting
+ UINT8 TorThresLoctoremNorm; ///< TOR threshold - Loctorem threshold normal
+ UINT8 TorThresLoctoremEmpty; ///< TOR threshold - Loctorem threshold empty
+ UINT8 MbeBwCal; ///< 0 - Linear, 1 - Biased, 2 - Legacy, 3 - AUTO (default = Linear)
+ UINT8 TscSyncEn; ///< TSC sync in sockets: 0 - Disable, 1 - Enable, 2 - AUTO (Default)
+ UINT8 StaleAtoSOptEn; ///< HA A to S directory optimization: 1 - Enable; 0 - Disable; 2 - Auto (Default)
+ UINT8 LLCDeadLineAlloc; ///< LLC dead line alloc: 1 - Enable(Default); 0 - Disable
+ UINT8 SplitLock; ///< @deprecated Reserved, must be set to 0.
+ UINT8 ColdResetRequestEnd; ///< @deprecated Reserved.
+
+ ///
+ /// Phy/Link Layer Options (per Port) ///
KTI_CPU_SETTING PhyLinkPerPortSetting[MAX_SOCKET];


- UINT8 mmCfgBase; ///< MMCFG Base address, must be 64MB (SKX, HSX, BDX) / 256MB (GROVEPORT) aligned. Options: {0:1G, 1:1.5G, 2:1.75G, 3:2G, 4:2.25G, 5:3G, 6: Auto}
- UINT8 mmCfgSize; ///< MMCFG Size address, must be 64M, 128M or 256M. Options: {0:64M, 1:128M, 2:256M, 3:512M, 4:1G, 5:2G, 6: Auto}
- UINT32 mmiolBase; ///< MMIOL Base address, must be 64MB aligned
- UINT32 mmiolSize; ///< MMIOL Size address
- UINT32 mmiohBase; ///< Address bits above 4GB, i,e, the hex value here is address Bit[45:32] for SKX family, Bit[51:32] for ICX-SP
- UINT8 CpuPaLimit; ///< Limits the max address to 46bits. This will take precedence over mmiohBase
- UINT8 lowGap;
- UINT8 highGap;
- UINT16 mmiohSize; ////<< Number of 1GB contiguous regions to be assigned for MMIOH space per CPU. Range 1-1024
- UINT8 isocEn; ///< 1 - Enable; 0 - Disable (BIOS will force this for 4S)
- UINT8 dcaEn; ///< 1 - Enable; 0 - Disable
+ UINT8 mmCfgBase; ///< MMCFG Base address, must be 64MB (SKX, HSX, BDX) / 256MB (GROVEPORT) aligned. Options: {0:1G, 1:1.5G, 2:1.75G, 3:2G, 4:2.25G, 5:3G, 6: Auto}
+ UINT8 mmCfgSize; ///< MMCFG Size address, must be 64M, 128M or 256M. Options: {0:64M, 1:128M, 2:256M, 3:512M, 4:1G, 5:2G, 6: Auto}
+ UINT32 mmiolBase; ///< MMIOL Base address, must be 64MB aligned
+ UINT32 mmiolSize; ///< MMIOL Size address
+ UINT32 mmiohBase; ///< Address bits above 4GB, i,e, the hex value here is address Bit[45:32] for SKX family, Bit[51:32] for ICX-SP
+ UINT8 CpuPaLimit; ///< Limits the max address to 46bits. This will take precedence over mmiohBase
+ UINT8 lowGap; ///< @deprecated Reserved.
+ UINT8 highGap; ///< @deprecated Reserved.
+ UINT16 mmiohSize; ///< Number of 1GB contiguous regions to be assigned for MMIOH space per CPU. Range 1-1024
+ UINT8 isocEn; ///< 1 - Enable; 0 - Disable (BIOS will force this for 4S)
+ UINT8 dcaEn; ///< 1 - Enable; 0 - Disable

- /*
+ /**
BoardTypeBitmask:
- Bits[3:0] - Socket0
- Bits[7:4] - Socket1
- Bits[11:8] - Socket2
- Bits[15:12] - Socket3
- Bits[19:16] - Socket4
- Bits[23:20] - Socket5
- Bits[27:24] - Socket6
- Bits[31:28] - Socket7
+ - Bits[3:0] - Socket0
+ - Bits[7:4] - Socket1
+ - Bits[11:8] - Socket2
+ - Bits[15:12] - Socket3
+ - Bits[19:16] - Socket4
+ - Bits[23:20] - Socket5
+ - Bits[27:24] - Socket6
+ - Bits[31:28] - Socket7

Within each Socket-specific field, bits mean:
- Bit0 = CPU_TYPE_STD support; always 1 on Socket0
- Bit1 = CPU_TYPE_F support
- Bit2 = CPU_TYPE_P support
- Bit3 = reserved
- */
+ - Bit0 = CPU_TYPE_STD support; always 1 on Socket0
+ - Bit1 = CPU_TYPE_F support
+ - Bit2 = CPU_TYPE_P support
+ - Bit3 = reserved
+ **/
UINT32 BoardTypeBitmask;
- UINT32 AllLanesPtr;
- UINT32 PerLanePtr;
- UINT32 AllLanesSizeOfTable;
- UINT32 PerLaneSizeOfTable;
- UINT32 WaitTimeForPSBP; // the wait time in units of 1000us for PBSP to check in.
- BOOLEAN IsKtiNvramDataReady;
- UINT32 OemHookPostTopologyDiscovery;
- UINT32 OemGetResourceMapUpdate;
- UINT32 OemGetAdaptedEqSettings;
- UINT32 OemCheckCpuPartsChangeSwap;
-
- BOOLEAN WaSerializationEn; // Enable BIOS serialization WA by PcdWaSerializationEn
+ UINT32 AllLanesPtr; ///< Pointer to an array of ALL_LANES_EPARAM_LINK_INFO structures.
+ UINT32 PerLanePtr; ///< Pointer to an array of PER_LANE_EPARAM_LINK_INFO structures.
+ UINT32 AllLanesSizeOfTable; ///< Number of elements in array pointed to by AllLanesPtr
+ UINT32 PerLaneSizeOfTable; ///< Number of elements in array pointed to by PerLanePtr
+ UINT32 WaitTimeForPSBP; ///< the wait time in units of 1000us for PBSP to check in.
+ BOOLEAN IsKtiNvramDataReady; ///< Used internally, Reserved.
+ UINT32 OemHookPostTopologyDiscovery; ///< OEM_HOOK_POST_TOPOLOGY_DISCOVERY function pointer. Invoked at the end of topology discovery, used for error reporting.
+ UINT32 OemGetResourceMapUpdate; ///< OEM_GET_RESOURCE_MAP_UPDATE function pointer. Allows platform code to adjust the resource map.
+ UINT32 OemGetAdaptedEqSettings; ///< @deprecated Reserved, must be set to 0.
+ UINT32 OemCheckCpuPartsChangeSwap; ///< @deprecated Reserved, must be set to 0.
+
+ BOOLEAN WaSerializationEn; ///< Enable BIOS serialization WA by PcdWaSerializationEn
KTI_RESERVED_3 Reserved166;
KTI_RESERVED_4 Reserved167[MAX_SOCKET];
- UINT8 KtiInEnableMktme; // 0 - Disabled; 1 - Enabled; MkTme status decides D2Kti feature state
+ UINT8 KtiInEnableMktme; ///< 0 - Disabled; 1 - Enabled; MkTme status decides D2Kti feature state
+ /**
+ Pointers to the location of the CFR/SINIT binaries.
+
+ Contains a pointer to a 24 byte fixed length array.
+ The array contains the 3 instances of the following c-struct
+ ~~~
+ typedef struct {
+ UINT32 CfrImagePtr;
+ UINT32 CfrImageSize;
+ }
+ ~~~
+ This allows a maximum of 3 CFR/SINIT binaries to be provided by platform code.
+ **/
UINT32 CFRImagePtr;
- UINT8 S3mCFRCommit; // 0 - Disable S3m CFR flow. 1 - Provision S3m CFR but not Commit. 2 - Provsion and Commit S3M CFR.
- UINT8 PucodeCFRCommit; // 0 - Disable Pucode CFR flow. 1 - Provision Pucode CFR but not Commit. 2 - Provsion and Commit Pucode CFR.
+ UINT8 S3mCFRCommit; ///< 0 - Disable S3m CFR flow. 1 - Provision S3m CFR but not Commit. 2 - Provision and Commit S3M CFR.
+ UINT8 PucodeCFRCommit; ///< 0 - Disable Pucode CFR flow. 1 - Provision Pucode CFR but not Commit. 2 - Provision and Commit Pucode CFR.
} KTI_HOST_IN;

#pragma pack()
diff --git a/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolicyCommon.h b/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolicyCommon.h
index f5861ccaf..0e10d0b8f 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolicyCommon.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Pch/SouthClusterLbg/Include/PchPolicyCommon.h
@@ -23,6 +23,9 @@ extern EFI_GUID gFlashProtectionConfigGuid;
// ---------------------------- PCH General Config -------------------------------
//

+/**
+ PCH General Configuration
+**/
typedef struct {
/**
Subsystem Vendor ID and Subsystem ID of the PCH devices.
@@ -775,6 +778,9 @@ typedef enum {
PchHdaIDispMode1T = 1
} PCH_HDAUDIO_IDISP_TMODE;

+/**
+ This structure contains the policies which are related to HD Audio device (cAVS).
+**/
typedef struct {
/**
This member describes whether or not Intel HD Audio (Azalia) should be enabled.
@@ -1674,6 +1680,9 @@ typedef struct {
UINT16 ProtectedRangeBase;
} PROTECTED_RANGE;

+/**
+ PCH Flash Protection Configuration
+**/
typedef struct {
PROTECTED_RANGE ProtectRange[PCH_FLASH_PROTECTED_RANGES];
} PCH_FLASH_PROTECTION_CONFIG;
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Inputs.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Inputs.h
index 4c48ca19e..84197b8c8 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Inputs.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Inputs.h
@@ -8,15 +8,15 @@
**/

//
-// TME
+// TME (Total Memory Encryption)
//
-UINT8 EnableTme; // TME Enable
-UINT8 EnableTmeCR; // Exclude Crystal Ridge memory from encryption.
+UINT8 EnableTme; ///< TME Enable
+UINT8 EnableTmeCR; ///< TME for Optane Persistent Memory. Set to 0 exclude Optane from encryption.

//
// MK-TME
//
-UINT8 EnableMktme; // MK-TME Enable
+UINT8 EnableMktme; ///< MK-TME Enable

UINT8 ReservedS234;
UINT8 ReservedS235;
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Outputs.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Outputs.h
index 3a6262a65..201cdd9a9 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Outputs.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpMkTme1v0_Outputs.h
@@ -10,9 +10,9 @@
//
// MK-TME
//
-// NAK - Not a knob, used just for indication
-UINT8 TmeCapability; // TME Capable
-UINT8 TmeCrSupport; // Flag used to check if Crystal Ridge is supported in UEFI
-UINT8 MktmeCapability; // MK-TME Capable
-UINT16 MktmeMaxKeys; // Max number of keys used for encryption
-UINT8 MkTmeKeyIdBits; // Used to suppress setup menu key-splits
\ No newline at end of file
+// NAK (Not a knob) - Used just for indication
+UINT8 TmeCapability; // NAK (Not a knob) - TME Capable
+UINT8 TmeCrSupport; // NAK (Not a knob) - Flag used to check if Crystal Ridge is supported in UEFI
+UINT8 MktmeCapability; // NAK (Not a knob) - MK-TME Capable
+UINT16 MktmeMaxKeys; // NAK (Not a knob) - Max number of keys used for encryption
+UINT8 MkTmeKeyIdBits; // NAK (Not a knob) - Used to suppress setup menu key-splits
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpSgxTem1v0_Inputs.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpSgxTem1v0_Inputs.h
index 2deabd0b5..c46434392 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpSgxTem1v0_Inputs.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpSgxTem1v0_Inputs.h
@@ -10,27 +10,30 @@
//
// SGX
//
-UINT8 EnableSgx;
-UINT8 SgxFactoryReset; // Delete all registration data, if SGX enabled force IPE/FirstBinding flow
-UINT64 PrmrrSize; // SGX PRMRR size
+UINT8 EnableSgx; ///< Enable SGX
+UINT8 SgxFactoryReset; ///< Delete all registration data, if SGX enabled force IPE/FirstBinding flow
+UINT64 PrmrrSize; ///< SGX PRMRR size
UINT64 ReservedS239;
-UINT8 SgxQoS; // SGX Quality of Service
-UINT8 SgxAutoRegistrationAgent;
-UINT8 SgxPackageInfoInBandAccess; // Expose Package Info to OS
-UINT8 EpochUpdate;
-UINT64 SgxEpoch0; // SGX EPOCH0 value {0 - 0xFFFFFFFFFFFFFFFF}
-UINT64 SgxEpoch1; // SGX EPOCH1 value {0 - 0xFFFFFFFFFFFFFFFF}
-UINT8 SgxLeWr; // Flexible Launch Enclave Policy (Wr En)
-UINT64 SgxLePubKeyHash0; // Launch Enclave Hash 0
-UINT64 SgxLePubKeyHash1; // Launch Enclave Hash 1
-UINT64 SgxLePubKeyHash2; // Launch Enclave Hash 2
-UINT64 SgxLePubKeyHash3; // Launch Enclave Hash 3
-// Client SGX - unused in server
-UINT8 SgxSinitNvsData; // SGX NVS data from Flash passed during previous boot using CPU_INFO_PROTOCOL.SGX_INFO;
- // Pass value of zero if there is not data saved or when SGX is disabled.
-UINT8 SgxSinitDataFromTpm; // SGX SVN data from TPM; 0: when SGX is disabled or TPM is not present or no data
- // is present in TPM.
-UINT8 SgxDebugMode;
+UINT8 SgxQoS; ///< SGX Quality of Service
+UINT8 SgxAutoRegistrationAgent; ///< SGX Auto Registration Agent
+UINT8 SgxPackageInfoInBandAccess; ///< SGX Expose Package Info to OS
+UINT8 EpochUpdate; ///< SGX EPOCH Update
+UINT64 SgxEpoch0; ///< SGX EPOCH0 value {0 - 0xFFFFFFFFFFFFFFFF}
+UINT64 SgxEpoch1; ///< SGX EPOCH1 value {0 - 0xFFFFFFFFFFFFFFFF}
+UINT8 SgxLeWr; ///< Flexible Launch Enclave Policy (Wr En)
+UINT64 SgxLePubKeyHash0; ///< Launch Enclave Hash 0
+UINT64 SgxLePubKeyHash1; ///< Launch Enclave Hash 1
+UINT64 SgxLePubKeyHash2; ///< Launch Enclave Hash 2
+UINT64 SgxLePubKeyHash3; ///< Launch Enclave Hash 3
+
+//
+// DEPRECATED
+//
+UINT8 SgxSinitNvsData; ///< @deprecated SGX NVS data from Flash passed during previous boot using CPU_INFO_PROTOCOL.SGX_INFO;
+ /// Pass value of zero if there is not data saved or when SGX is disabled.
+UINT8 SgxSinitDataFromTpm; ///< @deprecated SGX SVN data from TPM; 0: when SGX is disabled or TPM is not present or no data
+ /// is present in TPM.
+UINT8 SgxDebugMode; ///< @deprecated

UINT8 ReservedS240;
UINT8 ReservedS241;
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpTdx1v0_Inputs.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpTdx1v0_Inputs.h
index db5081c0a..79369f989 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpTdx1v0_Inputs.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityIp/SecurityIpTdx1v0_Inputs.h
@@ -7,7 +7,7 @@
SPDX-License-Identifier: BSD-2-Clause-Patent
**/

-UINT8 EnableTdx; // TDX Enable
-UINT8 KeySplit; // TDX/MK-TME key split
+UINT8 EnableTdx; ///< TDX Enable
+UINT8 KeySplit; ///< TDX/MK-TME key split

UINT8 ReservedS245;
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy.h
new file mode 100644
index 000000000..0beb26704
--- /dev/null
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy.h
@@ -0,0 +1,29 @@
+/** @file
+ Provides data structure information used by ServerSecurity features in Mtkme etc.
+
+ @copyright
+ Copyright 2018 - 2021 Intel Corporation. <BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef _SECURITY_POLICY_H_
+#define _SECURITY_POLICY_H_
+
+extern EFI_GUID gSecurityPolicyDataGuid;
+#include <Library/SecurityPolicyDefinitions.h>
+
+#pragma pack(1)
+
+/**
+ Security Policy
+**/
+typedef struct {
+ /**
+ * Please put common definitions inside the SecurityPolicy_Flat.h *
+ **/
+ #include "SecurityPolicy_Flat.h"
+} SECURITY_POLICY;
+
+#pragma pack()
+#endif
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy_Flat.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy_Flat.h
index ba62b8c3a..09dacdf62 100644
--- a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy_Flat.h
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Guid/SecurityPolicy_Flat.h
@@ -1,6 +1,6 @@
/** @file
Provides data structure information used by ServerSecurity features in literally all products
- Header is flat and injected directly in SecurityPolicy sructuture and SOCKET_PROCESSORCORE_CONFIGURATION.
+ Header is flat and injected directly in SecurityPolicy structure and SOCKET_PROCESSORCORE_CONFIGURATION.

@copyright
Copyright 2020 - 2021 Intel Corporation. <BR>
@@ -8,7 +8,7 @@
SPDX-License-Identifier: BSD-2-Clause-Patent
**/

- // Header is flat and injected directly in SecurityPolicy sructuture and SOCKET_PROCESSORCORE_CONFIGURATION.
+ // Header is flat and injected directly in SecurityPolicy structure and SOCKET_PROCESSORCORE_CONFIGURATION.
// Put common definitons here either directly or via intermediate header file..

// SECURITY_IP_MKTME_1V0 MkTme;
diff --git a/Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPolicyDefinitions.h b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPolicyDefinitions.h
new file mode 100644
index 000000000..700f5abb4
--- /dev/null
+++ b/Silicon/Intel/WhitleySiliconPkg/Security/Include/Library/SecurityPolicyDefinitions.h
@@ -0,0 +1,28 @@
+/**@file
+ @copyright
+ Copyright 2020 - 2021 Intel Corporation. <BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef __SECURITY_POLICY_DEFINITIONS_H__
+#define __SECURITY_POLICY_DEFINITIONS_H__
+
+//
+// Security Policy definitions
+//
+
+//
+// Values for capable/incapable == supported/unsupported
+//
+#define SECURITY_POLICY_UNSUPPORTED 0
+#define SECURITY_POLICY_SUPPORTED 1
+
+//
+// Values for enable/disable options
+//
+#define SECURITY_POLICY_DISABLE 0
+#define SECURITY_POLICY_ENABLE 1
+#define SECURITY_POLICY_AUTO 2
+
+#endif
--
2.27.0.windows.1


[edk2-platforms][PATCH V1 1/1] WhitleyOpenBoardPkg/BoardAcpiLib: Fix GP Fault in ACPI Enable SMI

Oram, Isaac W
 

Fixed AcpiSmm library BoardAcpiLib to use the correct SMM services
table and DynamicSiliconLibrarySmmProtocol.

Cc: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Chasel Chiu <chasel.chiu@...>
Signed-off-by: Isaac Oram <isaac.w.oram@...>
---
Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmBoardAcpiEnableLib.inf | 4 ++--
Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmSiliconAcpiEnableLib.c | 16 ++++++++--------
2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmBoardAcpiEnableLib.inf b/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmBoardAcpiEnableLib.inf
index fcbc94cc50..19d29ed40f 100644
--- a/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmBoardAcpiEnableLib.inf
+++ b/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmBoardAcpiEnableLib.inf
@@ -42,7 +42,7 @@
SmmBoardAcpiEnableLib.c

[Protocols]
- gDynamicSiLibraryProtocolGuid ## CONSUMES
+ gDynamicSiLibrarySmmProtocolGuid ## CONSUMES

[Depex]
- gDynamicSiLibraryProtocolGuid
+ gDynamicSiLibrarySmmProtocolGuid
diff --git a/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmSiliconAcpiEnableLib.c b/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmSiliconAcpiEnableLib.c
index 2b8a35c7e8..484311811b 100644
--- a/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmSiliconAcpiEnableLib.c
+++ b/Platform/Intel/WhitleyOpenBoardPkg/Library/BoardAcpiLib/SmmSiliconAcpiEnableLib.c
@@ -16,8 +16,8 @@
#include <Library/PcdLib.h>
#include <Library/DebugLib.h>
#include <PchAccess.h>
-#include <Protocol/DynamicSiLibraryProtocol.h>
-#include <Library/UefiBootServicesTableLib.h>
+#include <Protocol/DynamicSiLibrarySmmProtocol.h>
+#include <Library/SmmServicesTableLib.h>

/**
Clear Port 80h
@@ -61,9 +61,9 @@ SiliconEnableAcpi (
UINT16 Pm1Cnt;
UINT16 PchPmBase;
EFI_STATUS Status;
- DYNAMIC_SI_LIBARY_PROTOCOL *DynamicSiLibraryProtocol = NULL;
+ DYNAMIC_SI_LIBARY_SMM_PROTOCOL *DynamicSiLibrarySmmProtocol = NULL;

- Status = gBS->LocateProtocol (&gDynamicSiLibraryProtocolGuid, NULL, &DynamicSiLibraryProtocol);
+ Status = gSmst->SmmLocateProtocol (&gDynamicSiLibrarySmmProtocolGuid, NULL, &DynamicSiLibrarySmmProtocol);
if (EFI_ERROR (Status)) {
ASSERT_EFI_ERROR (Status);
return Status;
@@ -72,7 +72,7 @@ SiliconEnableAcpi (
//
// Init Power Management I/O Base aka ACPI Base
//
- PchPmBase = DynamicSiLibraryProtocol->PmcGetAcpiBase ();
+ PchPmBase = DynamicSiLibrarySmmProtocol->PmcGetAcpiBase ();

SmiEn = IoRead32 (PchPmBase + R_ACPI_IO_SMI_EN);

@@ -112,9 +112,9 @@ SiliconDisableAcpi (
UINT16 Pm1Cnt;
UINT16 PchPmBase;
EFI_STATUS Status;
- DYNAMIC_SI_LIBARY_PROTOCOL *DynamicSiLibraryProtocol = NULL;
+ DYNAMIC_SI_LIBARY_SMM_PROTOCOL *DynamicSiLibrarySmmProtocol = NULL;

- Status = gBS->LocateProtocol (&gDynamicSiLibraryProtocolGuid, NULL, &DynamicSiLibraryProtocol);
+ Status = gSmst->SmmLocateProtocol (&gDynamicSiLibrarySmmProtocolGuid, NULL, &DynamicSiLibrarySmmProtocol);
if (EFI_ERROR (Status)) {
ASSERT_EFI_ERROR (Status);
return Status;
@@ -123,7 +123,7 @@ SiliconDisableAcpi (
//
// Init Power Management I/O Base aka ACPI Base
//
- PchPmBase = DynamicSiLibraryProtocol->PmcGetAcpiBase ();
+ PchPmBase = DynamicSiLibrarySmmProtocol->PmcGetAcpiBase ();

Pm1Cnt = IoRead16 (PchPmBase + R_ACPI_IO_PM1_CNT);

--
2.27.0.windows.1


Re: [edk2-platforms] [PATCH V1] KabylakeSiliconPkg: Update SA_MISC_PEI_PREMEM_CONFIG

Nate DeSimone
 

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Nate DeSimone
Sent: Monday, August 9, 2021 9:37 PM
To: devel@edk2.groups.io
Cc: Chiu, Chasel <chasel.chiu@...>; Michael Kubacki <Michael.Kubacki@...>; Benjamin Doron <benjamin.doron00@...>
Subject: [edk2-devel] [edk2-platforms] [PATCH V1] KabylakeSiliconPkg: Update SA_MISC_PEI_PREMEM_CONFIG

Updates SA_MISC_PEI_PREMEM_CONFIG from revision 1 to revision 3. Add initialization of the policy values.

Cc: Chasel Chiu <chasel.chiu@...>
Cc: Michael Kubacki <Michael.Kubacki@...>
Cc: Benjamin Doron <benjamin.doron00@...>
Signed-off-by: Nate DeSimone <nathaniel.l.desimone@...>
---
.../KabylakeRvp3/OpenBoardPkg.dsc | 24 +++---
.../PeiSiliconPolicyUpdateLib.c | 39 +++++++++-
.../PeiSiliconPolicyUpdateLib.inf | 9 ++-
.../ConfigBlock/SaMiscPeiPreMemConfig.h | 77 ++++++++++++++++++-
.../Library/PeiSaPolicyLib/PeiSaPolicyLib.c | 37 ++++++++-
5 files changed, 169 insertions(+), 17 deletions(-)

diff --git a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/OpenBoardPkg.dsc b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/OpenBoardPkg.dsc
index 8523ab3f4f..f64555e391 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/OpenBoardPkg.dsc
+++ b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/OpenBoardPkg.dsc
@@ -182,17 +182,6 @@
# Board-specific
#######################################
PlatformHookLib|$(PROJECT)/Library/BasePlatformHookLib/BasePlatformHookLib.inf
-!if gIntelFsp2WrapperTokenSpaceGuid.PcdFspModeSelection == 1
- #
- # FSP API mode
- #
- SiliconPolicyUpdateLib|$(PROJECT)/FspWrapper/Library/PeiSiliconPolicyUpdateLibFsp/PeiSiliconPolicyUpdateLibFsp.inf
-!else
- #
- # FSP Dispatch mode and non-FSP build (EDK2 build)
- #
- SiliconPolicyUpdateLib|$(PROJECT)/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.inf
-!endif

[LibraryClasses.IA32.SEC]
#######################################
@@ -200,6 +189,7 @@
#######################################
TestPointCheckLib|$(PLATFORM_PACKAGE)/Test/Library/TestPointCheckLib/SecTestPointCheckLib.inf
SecBoardInitLib|$(PLATFORM_PACKAGE)/PlatformInit/Library/SecBoardInitLibNull/SecBoardInitLibNull.inf
+
+ SiliconPolicyUpdateLib|MinPlatformPkg/PlatformInit/Library/SiliconPoli
+ cyUpdateLibNull/SiliconPolicyUpdateLibNull.inf

[LibraryClasses.common.PEIM]
#######################################
@@ -222,6 +212,18 @@
#######################################
# Board Package
#######################################
+!if gIntelFsp2WrapperTokenSpaceGuid.PcdFspModeSelection == 1
+ #
+ # FSP API mode
+ #
+
+SiliconPolicyUpdateLib|$(PROJECT)/FspWrapper/Library/PeiSiliconPolicyUp
+dateLibFsp/PeiSiliconPolicyUpdateLibFsp.inf
+!else
+ #
+ # FSP Dispatch mode and non-FSP build (EDK2 build)
+ #
+
+SiliconPolicyUpdateLib|$(PROJECT)/Policy/Library/PeiSiliconPolicyUpdate
+Lib/PeiSiliconPolicyUpdateLib.inf
+!endif
+
# Thunderbolt
!if gKabylakeOpenBoardPkgTokenSpaceGuid.PcdTbtEnable == TRUE
PeiDTbtInitLib|$(PLATFORM_BOARD_PACKAGE)/Features/Tbt/Library/Private/PeiDTbtInitLib/PeiDTbtInitLib.inf
diff --git a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.c b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.c
index 5cc7c03c61..2dce9be63c 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.c
+++ b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/Pe
+++ iSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.c
@@ -1,7 +1,7 @@
/** @file
Provides silicon policy update library functions.

-Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2019 - 2021, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -398,6 +398,8 @@ SiliconPolicyUpdatePreMem (
SA_MISC_PEI_PREMEM_CONFIG *MiscPeiPreMemConfig;
MEMORY_CONFIG_NO_CRC *MemConfigNoCrc;
VOID *Buffer;
+ UINTN VariableSize;
+ VOID *MemorySavedData;
UINT8 SpdAddressTable[4];

DEBUG((DEBUG_INFO, "\nUpdating Policy in Pre-Mem\n")); @@ -417,6 +419,41 @@ SiliconPolicyUpdatePreMem (
// Pass board specific SpdAddressTable to policy
//
CopyMem ((VOID *) MiscPeiPreMemConfig->SpdAddressTable, (VOID *) SpdAddressTable, (sizeof (UINT8) * 4));
+
+ //
+ // Set size of SMRAM
+ //
+ MiscPeiPreMemConfig->TsegSize = PcdGet32 (PcdTsegSize);
+
+ //
+ // Initialize S3 Data variable (S3DataPtr). It may be used for warm and fast boot paths.
+ // Note: AmberLake FSP does not implement the FSPM_ARCH_CONFIG_PPI added in FSP 2.1, hence
+ // the platform specific S3DataPtr must be used instead.
+ //
+ VariableSize = 0;
+ MemorySavedData = NULL;
+ Status = PeiGetVariable (
+ L"MemoryConfig",
+ &gFspNonVolatileStorageHobGuid,
+ &MemorySavedData,
+ &VariableSize
+ );
+ DEBUG ((DEBUG_INFO, "Get L\"MemoryConfig\" gFspNonVolatileStorageHobGuid - %r\n", Status));
+ DEBUG ((DEBUG_INFO, "MemoryConfig Size - 0x%x\n", VariableSize));
+ if (!EFI_ERROR (Status)) {
+ MiscPeiPreMemConfig->S3DataPtr = MemorySavedData;
+ }
+
+ //
+ // In FSP Dispatch Mode these BAR values are initialized by SiliconPolicyInitPreMem() in
+ // KabylakeSiliconPkg/Library/PeiSiliconPolicyInitLib/PeiPolicyInitPreMem.c; this function calls
+ // PEI_PREMEM_SI_DEFAULT_POLICY_INIT_PPI->PeiPreMemPolicyInit() to initialize all Config Blocks
+ // with default policy values (including these BAR values.) PEI_PREMEM_SI_DEFAULT_POLICY_INIT_PPI
+ // is implemented in the FSP. Make sure the value that FSP is using matches the value we are using.
+ //
+ ASSERT (PcdGet64 (PcdMchBaseAddress) <= 0xFFFFFFFF);
+ ASSERT (MiscPeiPreMemConfig->MchBar == (UINT32) PcdGet64 (PcdMchBaseAddress));
+ ASSERT (MiscPeiPreMemConfig->SmbusBar == PcdGet16
+ (PcdSmbusBaseAddress));
}
MemConfigNoCrc = NULL;
Status = GetConfigBlock (Policy, &gMemoryConfigNoCrcGuid, (VOID *) &MemConfigNoCrc); diff --git a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.inf b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.inf
index 97ec70f611..5c2da68bf9 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/PeiSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.inf
+++ b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Policy/Library/Pe
+++ iSiliconPolicyUpdateLib/PeiSiliconPolicyUpdateLib.inf
@@ -1,7 +1,7 @@
### @file
# Component information file for silicon policy update library # -# Copyright (c) 2019 - 2020 Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2019 - 2021 Intel Corporation. All rights reserved.<BR>
#
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -11,7 +11,7 @@
INF_VERSION = 0x00010005
BASE_NAME = PeiSiliconPolicyUpdateLib
FILE_GUID = 14F5D83D-76A5-4241-BEC5-987E70E233D5
- MODULE_TYPE = BASE
+ MODULE_TYPE = PEIM
VERSION_STRING = 1.0
LIBRARY_CLASS = SiliconPolicyUpdateLib

@@ -33,6 +33,7 @@
[Packages]
MinPlatformPkg/MinPlatformPkg.dec
MdePkg/MdePkg.dec
+ IntelFsp2Pkg/IntelFsp2Pkg.dec
UefiCpuPkg/UefiCpuPkg.dec
KabylakeSiliconPkg/SiPkg.dec
KabylakeOpenBoardPkg/OpenBoardPkg.dec
@@ -49,11 +50,15 @@
gHsioPciePreMemConfigGuid ## CONSUMES
gHsioSataPreMemConfigGuid ## CONSUMES
gSaMiscPeiPreMemConfigGuid ## CONSUMES
+ gFspNonVolatileStorageHobGuid ## CONSUMES

[Pcd]
gSiPkgTokenSpaceGuid.PcdPeiMinMemorySize
gSiPkgTokenSpaceGuid.PcdFlashMicrocodeFvBase
gSiPkgTokenSpaceGuid.PcdFlashMicrocodeFvSize
+ gSiPkgTokenSpaceGuid.PcdMchBaseAddress
+ gSiPkgTokenSpaceGuid.PcdSmbusBaseAddress
+ gSiPkgTokenSpaceGuid.PcdTsegSize
gKabylakeOpenBoardPkgTokenSpaceGuid.PcdGraphicsVbtGuid
gKabylakeOpenBoardPkgTokenSpaceGuid.PcdMrcRcompResistor ## CONSUMES
gKabylakeOpenBoardPkgTokenSpaceGuid.PcdMrcRcompTarget ## CONSUMES
diff --git a/Silicon/Intel/KabylakeSiliconPkg/SystemAgent/Include/ConfigBlock/SaMiscPeiPreMemConfig.h b/Silicon/Intel/KabylakeSiliconPkg/SystemAgent/Include/ConfigBlock/SaMiscPeiPreMemConfig.h
index 4aa02e3142..2ed587f425 100644
--- a/Silicon/Intel/KabylakeSiliconPkg/SystemAgent/Include/ConfigBlock/SaMiscPeiPreMemConfig.h
+++ b/Silicon/Intel/KabylakeSiliconPkg/SystemAgent/Include/ConfigBlock/S
+++ aMiscPeiPreMemConfig.h
@@ -1,7 +1,7 @@
/** @file
Policy details for miscellaneous configuration in System Agent

-Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2017 - 2021, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -14,18 +14,91 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define SA_MC_MAX_SOCKETS 4 #endif

-#define SA_MISC_PEI_PREMEM_CONFIG_REVISION 1
+#define SA_MISC_PEI_PREMEM_CONFIG_REVISION 3

/**
This configuration block is to configure SA Miscellaneous variables during PEI Pre-Mem phase like programming
different System Agent BARs, TsegSize, IedSize, MmioSize required etc.
<b>Revision 1</b>:
- Initial version.
+ <b>Revision 2</b>:
+ - Added SgDelayAfterOffMethod, SgDelayAfterLinkEnable and SgGenSpeedChangeEnable.
+ <b>Revision 3</b>:
+ - Added BdatTestType and BdatSchema.
**/
typedef struct {
CONFIG_BLOCK_HEADER Header; ///< Offset 0-27 Config Block Header
UINT8 SpdAddressTable[SA_MC_MAX_SOCKETS];///< Offset 28 Memory DIMMs' SPD address for reading SPD data. <b>example: SpdAddressTable[0]=0xA2(C0D0), SpdAddressTable[1]=0xA0(C0D1), SpdAddressTable[2]=0xA2(C1D0), SpdAddressTable[3]=0xA0(C1D1)</b>
+ VOID *S3DataPtr; ///< Offset 32 Memory data save pointer for S3 resume. The memory space should be allocated and filled with proper S3 resume data on a resume path
UINT32 MchBar; ///< Offset 36 Address of System Agent MCHBAR: <b>0xFED10000</b>
+ UINT32 DmiBar; ///< Offset 40 Address of System Agent DMIBAR: <b>0xFED18000</b>
+ UINT32 EpBar; ///< Offset 44 Address of System Agent EPBAR: <b>0xFED19000</b>
+ UINT32 SmbusBar; ///< Offset 48 Address of System Agent SMBUS BAR: <b>0xEFA0</b>
+ UINT32 GdxcBar; ///< Offset 52 Address of System Agent GDXCBAR: <b>0xFED84000</b>
+ /**
+ Offset 56 Size of TSEG in bytes. (Must be power of 2)
+ <b>0x400000</b>: 4MB for Release build (When IED enabled, it will be 8MB)
+ 0x1000000 : 16MB for Debug build (Regardless IED enabled or disabled)
+ **/
+ UINT32 TsegSize;
+ UINT32 EdramBar; ///< Offset 60 Address of System Agent EDRAMBAR: <b>0xFED80000</b>
+ /**
+ Offset 64
+ <b>(Test)</b> Size of IED region in bytes.
+ <b>0</b> : IED Disabled (no memory occupied)
+ 0x400000 : 4MB SMM memory occupied by IED (Part of TSEG)
+ <b>Note: Enabling IED may also enlarge TsegSize together.</b> **/
+ UINT32 IedSize;
+ UINT8 UserBd; ///< Offset 68 <b>0=Mobile/Mobile Halo</b>, 1=Desktop/DT Halo, 5=ULT/ULX/Mobile Halo, 7=UP Server
+ UINT8 SgMode; ///< Offset 69 SgMode: <b>0=Disabled</b>, 1=SG Muxed, 2=SG Muxless, 3=PEG
+ UINT16 SgSubSystemId; ///< Offset 70 Switchable Graphics Subsystem ID: <b>2212</b>
+ UINT16 SgDelayAfterPwrEn; ///< Offset 72 Dgpu Delay after Power enable using Setup option: 0=Minimal, 1000=Maximum, <b>300=300 microseconds</b>
+ UINT16 SgDelayAfterHoldReset; ///< Offset 74 Dgpu Delay after Hold Reset using Setup option: 0=Minimal, 1000=Maximum, <b>100=100 microseconds</b>
+ UINT32 SkipExtGfxScan:1; ///< <b>(Test)</b> OFfset 76:0 :1=Skip External Gfx Device Scan; <b>0=Scan for external graphics devices</b>. Set this policy to skip External Graphics card scanning if the platform uses Internal Graphics only.
+ UINT32 BdatEnable:1; ///< <b>(Test)</b> OFfset 76:1 :This field enables the generation of the BIOS DATA ACPI Tables: <b>0=FALSE</b>, 1=TRUE\n Please refer to the MRC documentation for more details
+ UINT32 TxtImplemented:1; ///< OFfset 76:2 :This field currently is used to tell MRC if it should run after TXT initializatoin completed: <b>0=Run without waiting for TXT</b>, 1=Run after TXT initialization by callback
+ /**
+ Offset 76:3 :
+ <b>(Test)</b> Scan External Discrete Graphics Devices for Legacy
+ Only VGA OpROMs
+
+ When enabled, if the primary graphics device is an external discrete graphics device, Si will scan the
+ graphics device for legacy only VGA OpROMs. If the primary graphics device only implements legacy VBIOS, then the
+ LegacyOnlyVgaOpRomDetected field in the SA_DATA_HOB will be set to 1.
+
+ This is intended to ease the implementation of a BIOS feature to automatically enable CSM if the Primary Gfx device
+ only supports Legacy VBIOS (No UEFI GOP Present). Otherwise disabling CSM won't result in no video being displayed.
+ This is useful for platforms that implement PCIe slots that allow the end user to install an arbitrary Gfx device.
+
+ This setting will only take effect if SkipExtGfxScan == 0. It is ignored otherwise.
+
+ - Disabled (0x0) : Don't Scan for Legacy Only VGA OpROMs (Default)
+ - <b>Enabled</b> (0x1) : Scan External Gfx for Legacy Only VGA
+ OpROM **/
+ UINT32 ScanExtGfxForLegacyOpRom:1;
+ UINT32 RsvdBits0 :28; ///< OFfset 76:4 :Reserved for future use
+ UINT8 LockPTMregs; ///< <b>(Test)</b> Offset 80 Lock PCU Thermal Management registers: 0=FALSE, <b>1=TRUE</b>
+ UINT8 BdatTestType; ///< Offset 81 When BdatEnable is set to TRUE, this option selects the type of data which will be populated in the BIOS Data ACPI Tables: <b>0=RMT</b>, 1=RMT Per Bit, 2=Margin 2D.
+ UINT8 BdatSchema; ///< Offset 82 When BdatEnable is set to TRUE, this option selects the BDAT Schema version which will be used to format BDAT Test results: 0=Schema 2, <b>1=Schema 6B</b>
+ UINT8 Rsvd1; ///< Offset 83 Reserved for future use
+ /**
+ Offset 84 :
+ Size of reserved MMIO space for PCI devices\n
+ <b>0=AUTO</b>, 512=512MB, 768=768MB, 1024=1024MB, 1280=1280MB, 1536=1536MB, 1792=1792MB,
+ 2048=2048MB, 2304=2304MB, 2560=2560MB, 2816=2816MB, 3072=3072MB\n
+ When AUTO mode selected, the MMIO size will be calculated by required MMIO size from PCIe devices detected.
+ **/
+ UINT16 MmioSize;
+ INT16 MmioSizeAdjustment; ///< Offset 86 Increase (given positive value) or Decrease (given negative value) the Reserved MMIO size when Dynamic Tolud/AUTO mode enabled (in MBs): <b>0=no adjustment</b>
+ UINT64 AcpiReservedMemoryBase; ///< Offset 88 The Base address of a Reserved memory buffer allocated in previous boot for S3 resume used. Originally it is retrieved from AcpiVariableCompatibility variable.
+ UINT64 SystemMemoryLength; ///< Offset 96 Total system memory length from previous boot, this is required for S3 resume. Originally it is retrieved from AcpiVariableCompatibility variable.
+ UINT32 AcpiReservedMemorySize; ///< Offset 104 The Size of a Reserved memory buffer allocated in previous boot for S3 resume used. Originally it is retrieved from AcpiVariableCompatibility variable.
+ UINT32 OpRomScanTempMmioBar; ///< <b>(Test)</b> Offset 108 Temporary address to MMIO map OpROMs during VGA scanning. Used for ScanExtGfxForLegacyOpRom feature. MUST BE 16MB ALIGNED!
+ UINT32 OpRomScanTempMmioLimit; ///< <b>(Test)</b> Offset 112 Limit address for OpROM MMIO range. Used for ScanExtGfxForLegacyOpRom feature. (OpROMScanTempMmioLimit - OpRomScanTempMmioBar) MUST BE >= 16MB!
+ UINT16 SgDelayAfterOffMethod; ///< Offset 128 Dgpu Delay after off method is called using Setup option: 0=Minimal, 1000=Maximum, <b>300=300 microseconds</b>
+ UINT16 SgDelayAfterLinkEnable; ///< Offset 130 Delay after link enable method is called using Setup option: 0=Minimal, 1000=Maximum, <b>100=100 microseconds</b>
+ UINT8 SgGenSpeedChangeEnable; ///< Offset 132 Enable/Disable Gen speed changes using Setup option: 0=Disable, 1=Enable
+ UINT8 Rsvd3[3]; ///< Offset 133 Reserved for future use
} SA_MISC_PEI_PREMEM_CONFIG;
#pragma pack(pop)

diff --git a/Silicon/Intel/KabylakeSiliconPkg/SystemAgent/Library/PeiSaPolicyLib/PeiSaPolicyLib.c b/Silicon/Intel/KabylakeSiliconPkg/SystemAgent/Library/PeiSaPolicyLib/PeiSaPolicyLib.c
index eb18d993e7..5210856346 100644
--- a/Silicon/Intel/KabylakeSiliconPkg/SystemAgent/Library/PeiSaPolicyLib/PeiSaPolicyLib.c
+++ b/Silicon/Intel/KabylakeSiliconPkg/SystemAgent/Library/PeiSaPolicyLi
+++ b/PeiSaPolicyLib.c
@@ -1,7 +1,7 @@
/** @file
This file provides services for PEI policy default initialization

-Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2017 - 2021, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -19,6 +19,9 @@ extern EFI_GUID gMemoryConfigNoCrcGuid; extern EFI_GUID gGraphicsPeiConfigGuid; extern EFI_GUID gVtdConfigGuid;

+#define DEFAULT_OPTION_ROM_TEMP_BAR 0x80000000
+#define DEFAULT_OPTION_ROM_TEMP_MEM_LIMIT 0xC0000000
+
//
// Function call to Load defaults for Individial IP Blocks // @@ -33,6 +36,38 @@ LoadSaMiscPeiPreMemDefault (

DEBUG ((DEBUG_INFO, "MiscPeiPreMemConfig->Header.GuidHob.Name = %g\n", &MiscPeiPreMemConfig->Header.GuidHob.Name));
DEBUG ((DEBUG_INFO, "MiscPeiPreMemConfig->Header.GuidHob.Header.HobLength = 0x%x\n", MiscPeiPreMemConfig->Header.GuidHob.Header.HobLength));
+
+ //
+ // Policy initialization commented out here is because it's the same with default 0 and no need to re-do again.
+ //
+ MiscPeiPreMemConfig->LockPTMregs = 1;
+
+ //
+ // Initialize the Platform Configuration //
+ MiscPeiPreMemConfig->MchBar = (UINT32) PcdGet64 (PcdMchBaseAddress);
+ MiscPeiPreMemConfig->DmiBar = 0xFED18000;
+ MiscPeiPreMemConfig->EpBar = 0xFED19000;
+ MiscPeiPreMemConfig->EdramBar = 0xFED80000;
+ MiscPeiPreMemConfig->SmbusBar = PcdGet16 (PcdSmbusBaseAddress);
+ MiscPeiPreMemConfig->TsegSize = PcdGet32 (PcdTsegSize);
+ MiscPeiPreMemConfig->GdxcBar = 0xFED84000;
+
+ //
+ // Initialize the Switchable Graphics Default Configuration //
+ MiscPeiPreMemConfig->SgDelayAfterHoldReset = 100; //100ms
+ MiscPeiPreMemConfig->SgDelayAfterPwrEn = 300; //300ms
+ MiscPeiPreMemConfig->SgDelayAfterOffMethod = 0;
+ MiscPeiPreMemConfig->SgDelayAfterLinkEnable = 0;
+ MiscPeiPreMemConfig->SgGenSpeedChangeEnable = 0;
+
+ ///
+ /// Initialize the DataPtr for S3 resume ///
+ MiscPeiPreMemConfig->S3DataPtr = NULL;
+ MiscPeiPreMemConfig->OpRomScanTempMmioBar = DEFAULT_OPTION_ROM_TEMP_BAR;
+ MiscPeiPreMemConfig->OpRomScanTempMmioLimit = DEFAULT_OPTION_ROM_TEMP_MEM_LIMIT;
}

VOID
--
2.27.0.windows.1


[edk2-platforms][PATCH V1 1/1] WhitleyOpenBoardPkg: Fix boot failure due to FSP rebase address

Oram, Isaac W
 

Fixed boot failure caused by FSP not being rebased to the correct address.

Cc: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Chasel Chiu <chasel.chiu@...>
Signed-off-by: Isaac Oram <isaac.w.oram@...>
---
Platform/Intel/WhitleyOpenBoardPkg/FspFlashOffsets.fdf | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/Platform/Intel/WhitleyOpenBoardPkg/FspFlashOffsets.fdf b/Platform/Intel/WhitleyOpenBoardPkg/FspFlashOffsets.fdf
index a14afd693b..1f5e0fd48b 100644
--- a/Platform/Intel/WhitleyOpenBoardPkg/FspFlashOffsets.fdf
+++ b/Platform/Intel/WhitleyOpenBoardPkg/FspFlashOffsets.fdf
@@ -11,7 +11,11 @@
# The FDF file for WhitleyOpenBoardPkg should be adapted to leverage FlashMapInclude.fdf
# format found in other OpenBoardPkgs.

-DEFINE FLASH_BASE = 0xFF000000 #
+#
+# Note Whitley unintuitively has multiple "FD" in a single BIOS flash region, so the base should be for FD.SecPei
+# and not the basis of the BIOS region for the FLASH device.
+#
+DEFINE FLASH_BASE = 0xFFCA0000

SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvFspSOffset = 0x00020000 # Flash addr (0xFF020000)
SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvFspSSize = 0x00040000 #
--
2.27.0.windows.1


Re: [edk2-platforms][PATCH V1] KabylakeOpenBoardPkg: Implement the PEI Reset Services

Nate DeSimone
 

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Nate DeSimone
Sent: Tuesday, July 13, 2021 2:27 AM
To: devel@edk2.groups.io
Cc: Chiu, Chasel <chasel.chiu@...>; Jeremy Soller <jeremy@...>; Michael Kubacki <Michael.Kubacki@...>; Benjamin Doron <benjamin.doron00@...>
Subject: [edk2-devel] [edk2-platforms][PATCH V1] KabylakeOpenBoardPkg: Implement the PEI Reset Services

This change implements the ResetSystem and ResetSystem2 PEI services for KabylakeRvp3 and GalagoPro3. The invocation of PchInitializeReset() was missing from BoardInitLib.

Signed-off-by: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Chasel Chiu <chasel.chiu@...>
Cc: Jeremy Soller <jeremy@...>
Cc: Michael Kubacki <Michael.Kubacki@...>
Cc: Benjamin Doron <benjamin.doron00@...>
---
.../Library/BoardInitLib/PeiBoardInitPreMemLib.inf | 3 ++-
.../BoardInitLib/PeiGalagoPro3InitPreMemLib.c | 8 +++++++-
.../BoardInitLib/PeiMultiBoardInitPreMemLib.inf | 3 ++-
.../Library/BoardInitLib/PeiBoardInitPreMemLib.inf | 3 ++-
.../BoardInitLib/PeiKabylakeRvp3InitPreMemLib.c | 13 +++++++++++--
.../BoardInitLib/PeiMultiBoardInitPreMemLib.inf | 3 ++-
6 files changed, 26 insertions(+), 7 deletions(-)

diff --git a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiBoardInitPreMemLib.inf b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiBoardInitPreMemLib.inf
index e4b783684f..d6c91cd2b9 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiBoardInitPreMemLib.inf
+++ b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLi
+++ b/PeiBoardInitPreMemLib.inf
@@ -1,7 +1,7 @@
## @file
# Component information file for PEI GalagoPro3 Board Init Pre-Mem Library # -# Copyright (c) 2019 - 2020 Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2019 - 2021 Intel Corporation. All rights reserved.<BR>
#
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -22,6 +22,7 @@
MemoryAllocationLib
PcdLib
SiliconInitLib
+ PchResetLib

[Packages]
MinPlatformPkg/MinPlatformPkg.dec
diff --git a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c
index ca32ab2514..6bf77a2af0 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiGalagoPro3InitPreMemLib.c
+++ b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLi
+++ b/PeiGalagoPro3InitPreMemLib.c
@@ -1,7 +1,7 @@
/** @file
System 76 GalagoPro3 board pre-memory initialization.

-Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2019 - 2021, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -209,6 +209,12 @@ GalagoPro3BoardInitBeforeMemoryInit (
///
SiliconInit ();

+ //
+ // Install PCH RESET PPI and EFI RESET2 PeiService // Status =
+ PchInitializeReset (); ASSERT_EFI_ERROR (Status);
+
return EFI_SUCCESS;
}

diff --git a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiMultiBoardInitPreMemLib.inf b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiMultiBoardInitPreMemLib.inf
index d866f59338..fe31f42135 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLib/PeiMultiBoardInitPreMemLib.inf
+++ b/Platform/Intel/KabylakeOpenBoardPkg/GalagoPro3/Library/BoardInitLi
+++ b/PeiMultiBoardInitPreMemLib.inf
@@ -1,7 +1,7 @@
## @file
# Component information file for PEI GalagoPro3 Board Init Pre-Mem Library # -# Copyright (c) 2019 - 2020 Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2019 - 2021 Intel Corporation. All rights reserved.<BR>
#
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -24,6 +24,7 @@
PcdLib
SiliconInitLib
MultiBoardInitSupportLib
+ PchResetLib

[Packages]
MinPlatformPkg/MinPlatformPkg.dec
diff --git a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInitLib/PeiBoardInitPreMemLib.inf b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInitLib/PeiBoardInitPreMemLib.inf
index d0cdba666f..850fc51418 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInitLib/PeiBoardInitPreMemLib.inf
+++ b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInit
+++ Lib/PeiBoardInitPreMemLib.inf
@@ -1,7 +1,7 @@
## @file
# Component information file for PEI KabylakeRvp3 Board Init Pre-Mem Library # -# Copyright (c) 2017 - 2020 Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2017 - 2021 Intel Corporation. All rights reserved.<BR>
#
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -23,6 +23,7 @@
PcdLib
SiliconInitLib
EcLib
+ PchResetLib

[Packages]
MinPlatformPkg/MinPlatformPkg.dec
diff --git a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInitLib/PeiKabylakeRvp3InitPreMemLib.c b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInitLib/PeiKabylakeRvp3InitPreMemLib.c
index 8f2e036356..d34b0be3c7 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInitLib/PeiKabylakeRvp3InitPreMemLib.c
+++ b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInit
+++ Lib/PeiKabylakeRvp3InitPreMemLib.c
@@ -1,6 +1,6 @@
/** @file

-Copyright (c) 2017 - 2019, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2017 - 2021, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -28,6 +28,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <SioRegs.h> #include <Library/PchPcrLib.h> #include <Library/SiliconInitLib.h>
+#include <Library/PchResetLib.h>

#include "PeiKabylakeRvp3InitLib.h"

@@ -282,6 +283,8 @@ KabylakeRvp3BoardInitBeforeMemoryInit (
VOID
)
{
+ EFI_STATUS Status;
+
if (LibPcdGetSku () == BoardIdKabyLakeYLpddr3Rvp3) {
KabylakeRvp3InitPreMem ();
} else if (LibPcdGetSku () == BoardIdSkylakeRvp3) { @@ -297,12 +300,18 @@ KabylakeRvp3BoardInitBeforeMemoryInit (

GpioInitPreMem ();
SioInit ();
-
+
///
/// Do basic PCH init
///
SiliconInit ();

+ //
+ // Install PCH RESET PPI and EFI RESET2 PeiService // Status =
+ PchInitializeReset (); ASSERT_EFI_ERROR (Status);
+
return EFI_SUCCESS;
}

diff --git a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInitLib/PeiMultiBoardInitPreMemLib.inf b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInitLib/PeiMultiBoardInitPreMemLib.inf
index a51712ac34..23fe6b6f03 100644
--- a/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInitLib/PeiMultiBoardInitPreMemLib.inf
+++ b/Platform/Intel/KabylakeOpenBoardPkg/KabylakeRvp3/Library/BoardInit
+++ Lib/PeiMultiBoardInitPreMemLib.inf
@@ -1,7 +1,7 @@
## @file
# Component information file for PEI KabylakeRvp3 Board Init Pre-Mem Library # -# Copyright (c) 2017 - 2020 Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2017 - 2021 Intel Corporation. All rights reserved.<BR>
#
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -25,6 +25,7 @@
SiliconInitLib
MultiBoardInitSupportLib
EcLib
+ PchResetLib

[Packages]
MinPlatformPkg/MinPlatformPkg.dec
--
2.27.0.windows.1


[edk2-platforms][PATCH V1 1/1] WhitleyOpenBoardPkg: Fix missing security library build error

Oram, Isaac W
 

7b723de06c8e1623f77eafe89cde80c57253913b broke WhitleyOpenBoardPkg build
This corrects by making SecureBootConfigDxe.inf conditional too.

Cc: Nate DeSimone <nathaniel.l.desimone@...>
Cc: Chasel Chiu <chasel.chiu@...>
Signed-off-by: Isaac Oram <isaac.w.oram@...>
---
Platform/Intel/WhitleyOpenBoardPkg/Include/Dsc/CoreDxeInclude.dsc | 2 ++
1 file changed, 2 insertions(+)

diff --git a/Platform/Intel/WhitleyOpenBoardPkg/Include/Dsc/CoreDxeInclude.dsc b/Platform/Intel/WhitleyOpenBoardPkg/Include/Dsc/CoreDxeInclude.dsc
index 13f65ff43d..99ab0961ca 100644
--- a/Platform/Intel/WhitleyOpenBoardPkg/Include/Dsc/CoreDxeInclude.dsc
+++ b/Platform/Intel/WhitleyOpenBoardPkg/Include/Dsc/CoreDxeInclude.dsc
@@ -119,7 +119,9 @@
MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf

+!if gMinPlatformPkgTokenSpaceGuid.PcdUefiSecureBootEnable == TRUE
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
+!endif

!if gMinPlatformPkgTokenSpaceGuid.PcdTpm2Enable == TRUE
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
--
2.27.0.windows.1

11861 - 11880 of 90923