回复: [edk2-devel] [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support in FitGen.c
gaoliming via groups.io
gaoliming=byosoft.com.cn at groups.io
Wed Oct 26 02:18:17 UTC 2022
Pavamana:
The code change looks good. Now, is FIT spec 1.4 public to be downloaded?
Thanks
Liming
发件人: devel at edk2.groups.io <devel at edk2.groups.io> 代表 Hv, Pavamana
发送时间: 2022年10月26日 5:50
收件人: devel at edk2.groups.io; Gao, Liming <gaoliming at byosoft.com.cn>
抄送: Feng, Bob C <bob.c.feng at intel.com>; Holland, Michael
<michael.holland at intel.com>
主题: Re: [edk2-devel] [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record
types support in FitGen.c
重要性: 高
Hi Liming,
Any update on this? Please treat this with urgency as we have a release
coming up and needs this change.
-Pavamana
From: Hv, Pavamana
Sent: Monday, October 24, 2022 10:05 AM
To: devel at edk2.groups.io <mailto:devel at edk2.groups.io> ; Gao, Liming
<gaoliming at byosoft.com.cn <mailto:gaoliming at byosoft.com.cn> >
Subject: RE: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types
support in FitGen.c
<mailto:gaoliming at byosoft.com.cn> @Gao, Liming,
Can you please review the patch and let me know if this can be merged?
Thanks in advance for your help.
Regards,
Pavamana
-----Original Message-----
From: Hv, Pavamana <pavamana.hv at intel.com <mailto:pavamana.hv at intel.com> >
Sent: Wednesday, October 19, 2022 8:57 PM
To: devel at edk2.groups.io <mailto:devel at edk2.groups.io>
Cc: Hv, Pavamana <pavamana.hv at intel.com <mailto:pavamana.hv at intel.com> >
Subject: [PATCH v2] edk2Platforms-Silicon:Add VAB FIT record types support
in FitGen.c
REF: <https://bugzilla.tianocore.org/show_bug.cgi?id=4086>
https://bugzilla.tianocore.org/show_bug.cgi?id=4086
This commit adds support for new FIT record type for Vendor Authorized Boot
(VAB) security technology(FIT spec revision 1.4).
VAB defines 3 new following types
Vendor Authorized Boot Provisioning Table (Type 0x1A) Vendor Authorized Boot
Image Manifest (Type 0x1B) Vendor Authorized Boot Key Manifest (Type 0x1C)
The code has been updated to align these binaries on 64 byte boundary and
not to overlap with other regions, similar to Key manifest, Boot Policy
manifest and other optional types.
Also added macros to define FIT spec Major and Minor version numbers and
print the same instead of hardcoded string.
Signed-off-by: Pavamana Holavanahalli < <mailto:pavamana.hv at intel.com>
pavamana.hv at intel.com>
---
Silicon/Intel/Tools/FitGen/FitGen.c | 61 +++++++++++++++++++----------
Silicon/Intel/Tools/FitGen/FitGen.h | 5 ++-
2 files changed, 44 insertions(+), 22 deletions(-)
diff --git a/Silicon/Intel/Tools/FitGen/FitGen.c
b/Silicon/Intel/Tools/FitGen/FitGen.c
index 21dfcf1ebb..87123f9922 100644
--- a/Silicon/Intel/Tools/FitGen/FitGen.c
+++ b/Silicon/Intel/Tools/FitGen/FitGen.c
@@ -234,20 +234,24 @@ typedef struct {
#define FLASH_TO_MEMORY(Address, FvBuffer, FvSize) \ (VOID
*)(UINTN)((UINTN)(FvBuffer) + (UINTN)(FvSize) - (TOP_FLASH_ADDRESS -
(UINTN)(Address))) -#define FIT_TABLE_TYPE_HEADER 0-#define
FIT_TABLE_TYPE_MICROCODE 1-#define FIT_TABLE_TYPE_STARTUP_ACM
2-#define FIT_TABLE_TYPE_DIAGNST_ACM 3-#define
FIT_TABLE_TYPE_BIOS_MODULE 7-#define FIT_TABLE_TYPE_TPM_POLICY
8-#define FIT_TABLE_TYPE_BIOS_POLICY 9-#define
FIT_TABLE_TYPE_TXT_POLICY 10-#define FIT_TABLE_TYPE_KEY_MANIFEST
11-#define FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST 12-#define
FIT_TABLE_TYPE_BIOS_DATA_AREA 13-#define
FIT_TABLE_TYPE_CSE_SECURE_BOOT 16-#define
FIT_TABLE_SUBTYPE_FIT_PATCH_MANIFEST 12-#define
FIT_TABLE_SUBTYPE_ACM_MANIFEST 13+#define FIT_TABLE_TYPE_HEADER
0+#define FIT_TABLE_TYPE_MICROCODE 1+#define
FIT_TABLE_TYPE_STARTUP_ACM 2+#define
FIT_TABLE_TYPE_DIAGNST_ACM 3+#define
FIT_TABLE_TYPE_BIOS_MODULE 7+#define
FIT_TABLE_TYPE_TPM_POLICY 8+#define
FIT_TABLE_TYPE_BIOS_POLICY 9+#define
FIT_TABLE_TYPE_TXT_POLICY 10+#define
FIT_TABLE_TYPE_KEY_MANIFEST 11+#define
FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST 12+#define
FIT_TABLE_TYPE_BIOS_DATA_AREA 13+#define
FIT_TABLE_TYPE_CSE_SECURE_BOOT 16+#define
FIT_TABLE_SUBTYPE_FIT_PATCH_MANIFEST 12+#define
FIT_TABLE_SUBTYPE_ACM_MANIFEST 13+#define
FIT_TABLE_TYPE_VAB_PROVISION_TABLE 26+#define
FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST 27+#define
FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST 28+ // // With OptionalModule
Address isn't known until free space has been@@ -322,8 +326,10 @@ Returns:
--*/ { printf (- "%s - Tiano IA32/X64 FIT table generation Utility for
FIT spec revision 1.2."" Version %i.%i\n\n",+ "%s - Tiano IA32/X64 FIT
table generation Utility for FIT spec revision %i.%i."" Version %i.%i\n\n",
UTILITY_NAME,+ FIT_SPEC_VERSION_MAJOR,+ FIT_SPEC_VERSION_MINOR,
UTILITY_MAJOR_VERSION, UTILITY_MINOR_VERSION );@@ -1956,7 +1962,10
@@ Returns:
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_KEY_MANIFEST) ||
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_CSE_SECURE_BOOT)) {+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST)) { // NOTE: It might be virtual
address now. Just put a place holder. FitEntryNumber ++; }@@
-2154,8 +2163,11 @@ Returns:
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_KEY_MANIFEST) ||
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_CSE_SECURE_BOOT)) {- // Let it 64 byte align+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST)) {+ // Let it 64 byte align
AlignedSize += BIOS_MODULE_ALIGNMENT; AlignedSize &=
~BIOS_MODULE_ALIGNMENT; }@@ -2166,8 +2178,11 @@ Returns:
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_KEY_MANIFEST) ||
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_CSE_SECURE_BOOT)) {- // Let it 64 byte align+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST)) {+ // Let it 64 byte align
OptionalModuleAddress = (UINT8 *)((UINTN)OptionalModuleAddress &
~BIOS_MODULE_ALIGNMENT); } @@ -2201,7 +2216,11 @@ Returns:
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_KEY_MANIFEST) ||
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_BIOS_DATA_AREA) ||-
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_CSE_SECURE_BOOT)) {+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||+
(gFitTableContext.OptionalModule[Index].Type ==
FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST)) {+ CheckOverlap
(gFitTableContext.OptionalModule[Index].Address, AlignedSize); } }diff
--git a/Silicon/Intel/Tools/FitGen/FitGen.h
b/Silicon/Intel/Tools/FitGen/FitGen.h
index 80a1423ceb..511ab652ab 100644
--- a/Silicon/Intel/Tools/FitGen/FitGen.h
+++ b/Silicon/Intel/Tools/FitGen/FitGen.h
@@ -31,9 +31,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
// Utility version information // #define UTILITY_MAJOR_VERSION 0-#define
UTILITY_MINOR_VERSION 66+#define UTILITY_MINOR_VERSION 67 #define
UTILITY_DATE __DATE__ +#define FIT_SPEC_VERSION_MAJOR 1+#define
FIT_SPEC_VERSION_MINOR 4+ // // The minimum number of arguments accepted
from the command line. //--
2.26.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#95588): https://edk2.groups.io/g/devel/message/95588
Mute This Topic: https://groups.io/mt/94573864/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/edk2-devel-archive/attachments/20221026/0d274be8/attachment-0001.htm>
More information about the edk2-devel-archive
mailing list