[edk2] [PATCH 5/5] IntelFrameworkModulePkg FwVolDxe: Get FV auth status propagated from PEI

Star Zeng posted 5 patches 7 years, 2 months ago
[edk2] [PATCH 5/5] IntelFrameworkModulePkg FwVolDxe: Get FV auth status propagated from PEI
Posted by Star Zeng 7 years, 2 months ago
FV3 HOB was introduced by new (>= 1.5) PI spec, it is intended to
be used to propagate PEI-phase FV authentication status to DXE.
This patch is to update FwVolDxe to get the authentication status
propagated from PEI-phase to DXE by FV3 HOB when producing FV
protocol.

Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
---
 .../Universal/FirmwareVolume/FwVolDxe/FwVol.c      | 73 ++++++++++++++++------
 .../FirmwareVolume/FwVolDxe/FwVolDriver.h          |  3 +-
 .../Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf |  4 +-
 3 files changed, 57 insertions(+), 23 deletions(-)

diff --git a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c
index 65a292db6b91..91fcd4721244 100644
--- a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c
+++ b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVol.c
@@ -4,7 +4,7 @@
   Layers on top of Firmware Block protocol to produce a file abstraction
   of FV based files.
 
-  Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions
@@ -195,7 +195,7 @@ FreeFvDeviceResource (
 /**
 
   Firmware volume inherits authentication status from the FV image file and section(in another firmware volume)
-  where it came from.
+  where it came from or propagated from PEI-phase.
 
   @param  FvDevice              A pointer to the FvDevice.
 
@@ -205,26 +205,30 @@ FwVolInheritAuthenticationStatus (
   IN FV_DEVICE  *FvDevice
   )
 {
-  EFI_STATUS                        Status;
-  EFI_FIRMWARE_VOLUME_HEADER        *CachedFvHeader;
-  EFI_FIRMWARE_VOLUME_EXT_HEADER    *CachedFvExtHeader;
-  EFI_FIRMWARE_VOLUME2_PROTOCOL     *ParentFvProtocol;
-  UINTN                             Key;
-  EFI_GUID                          FileNameGuid;
-  EFI_FV_FILETYPE                   FileType;
-  EFI_FV_FILE_ATTRIBUTES            FileAttributes;
-  UINTN                             FileSize;
-  EFI_SECTION_TYPE                  SectionType;
-  UINT32                            AuthenticationStatus;
-  EFI_FIRMWARE_VOLUME_HEADER        *FvHeader;
-  EFI_FIRMWARE_VOLUME_EXT_HEADER    *FvExtHeader;
-  UINTN                             BufferSize;
-
-  CachedFvHeader = (EFI_FIRMWARE_VOLUME_HEADER *) (UINTN) FvDevice->CachedFv;
+  EFI_STATUS                            Status;
+  EFI_FIRMWARE_VOLUME_HEADER            *CachedFvHeader;
+  EFI_FIRMWARE_VOLUME_EXT_HEADER        *CachedFvExtHeader;
+  EFI_FIRMWARE_VOLUME2_PROTOCOL         *ParentFvProtocol;
+  UINTN                                 Key;
+  EFI_GUID                              FileNameGuid;
+  EFI_FV_FILETYPE                       FileType;
+  EFI_FV_FILE_ATTRIBUTES                FileAttributes;
+  UINTN                                 FileSize;
+  EFI_SECTION_TYPE                      SectionType;
+  UINT32                                AuthenticationStatus;
+  EFI_FIRMWARE_VOLUME_HEADER            *FvHeader;
+  EFI_FIRMWARE_VOLUME_EXT_HEADER        *FvExtHeader;
+  UINTN                                 BufferSize;
+  EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL    *Fvb;
+  EFI_FVB_ATTRIBUTES_2                  FvbAttributes;
+  EFI_PHYSICAL_ADDRESS                  BaseAddress;
+  EFI_PEI_HOB_POINTERS                  Fv3Hob;
 
   if (FvDevice->Fv.ParentHandle != NULL) {
+    CachedFvHeader = (EFI_FIRMWARE_VOLUME_HEADER *) (UINTN) FvDevice->CachedFv;
+
     //
-    // By Parent Handle, find out the FV image file and section(in another firmware volume) where the firmware volume came from 
+    // By Parent Handle, find out the FV image file and section(in another firmware volume) where the firmware volume came from
     //
     Status = gBS->HandleProtocol (FvDevice->Fv.ParentHandle, &gEfiFirmwareVolume2ProtocolGuid, (VOID **) &ParentFvProtocol);
     if (!EFI_ERROR (Status) && (ParentFvProtocol != NULL)) {
@@ -258,7 +262,7 @@ FwVolInheritAuthenticationStatus (
         if (!EFI_ERROR (Status)) {
           if ((FvHeader->FvLength == CachedFvHeader->FvLength) &&
               (FvHeader->ExtHeaderOffset == CachedFvHeader->ExtHeaderOffset)) {
-            if (FvHeader->ExtHeaderOffset !=0) {
+            if (FvHeader->ExtHeaderOffset != 0) {
               //
               // Both FVs contain extension header, then compare their FV Name GUID
               //
@@ -292,6 +296,35 @@ FwVolInheritAuthenticationStatus (
         }
       } while (TRUE);
     }
+  } else {
+    Fvb = FvDevice->Fvb;
+
+    Status  = Fvb->GetAttributes (Fvb, &FvbAttributes);
+    if (EFI_ERROR (Status)) {
+      return;
+    }
+
+    if ((FvbAttributes & EFI_FVB2_MEMORY_MAPPED) != 0) {
+      //
+      // Get volume base address
+      //
+      Status = Fvb->GetPhysicalAddress (Fvb, &BaseAddress);
+      if (EFI_ERROR (Status)) {
+        return;
+      }
+
+      //
+      // Get the authentication status propagated from PEI-phase to DXE.
+      //
+      Fv3Hob.Raw = GetHobList ();
+      while ((Fv3Hob.Raw = GetNextHob (EFI_HOB_TYPE_FV3, Fv3Hob.Raw)) != NULL) {
+        if (Fv3Hob.FirmwareVolume3->BaseAddress == BaseAddress) {
+          FvDevice->AuthenticationStatus = Fv3Hob.FirmwareVolume3->AuthenticationStatus;
+          return;
+        }
+        Fv3Hob.Raw = GET_NEXT_HOB (Fv3Hob);
+      }
+    }
   }
 }
 
diff --git a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h
index b1646dd39edf..b14a488ead88 100644
--- a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h
+++ b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDriver.h
@@ -1,7 +1,7 @@
 /** @file
   Common defines and definitions for a FwVolDxe driver.
 
-  Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions
@@ -33,6 +33,7 @@
 #include <Library/BaseMemoryLib.h>
 #include <Library/MemoryAllocationLib.h>
 #include <Library/UefiBootServicesTableLib.h>
+#include <Library/HobLib.h>
 
 #define FV_DEVICE_SIGNATURE           SIGNATURE_32 ('_', 'F', 'V', '_')
 
diff --git a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf
index 057266bb2b68..6844afb063e7 100644
--- a/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf
+++ b/IntelFrameworkModulePkg/Universal/FirmwareVolume/FwVolDxe/FwVolDxe.inf
@@ -4,7 +4,7 @@
 #  This driver produces Firmware Volume2 protocol with full services
 #  (read/write, get/set) based on Firmware Volume Block protocol.
 #
-# Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
 #
 # This program and the accompanying materials are
 # licensed and made available under the terms and conditions of the BSD License
@@ -55,7 +55,7 @@ [LibraryClasses]
   UefiLib
   UefiDriverEntryPoint
   DebugLib
-
+  HobLib
 
 [Guids]
   gEfiFirmwareVolumeTopFileGuid                ## CONSUMES ## File # VTF file
-- 
2.13.3.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel