From nobody Fri May 10 08:04:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+83329+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+83329+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1636025899; cv=none; d=zohomail.com; s=zohoarc; b=lKuqDrfAvF+jjr9T7EIqRyXJ8UcAQS91E9xXj1cz6W3SyvKfbfLPcN+n+mUXd244w6uclfvvNjrlECGq/R+MeUx8EiHBqYhTHCf947zu92j3V0R2h8/kLL9XSc26ZCGMJkXjyhFxx3lJ5WqJKm0FekhFhUZHJf3JYS/GiUkO/wI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1636025899; h=Cc:Date:From:List-Subscribe:List-Id:List-Help:List-Unsubscribe:Message-ID:Reply-To:Sender:Subject:To; bh=Xrku0JoH4S0IDeAZp93Jb1gGYIoAhrT57qwkpXlrk90=; b=oHlCO2oXlHQPrQzV7hV8CBefzHl2rEc9fSrCOzQtPD8SCUY+GvZJeYctmDN1DRnb0ZG/wTNkmfkBrNHP7tx5bhKvPAx1Xb2gp+Xr0W3C/lsa8xmsm9g/s+sg7WH76cRc7vdVT8XUjWY7FWf6lYXHkkDc1a43qSp0c2rKv9V8lUE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+83329+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 16360258997462.1381160064493088; Thu, 4 Nov 2021 04:38:19 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id M6SFYY1788612xuZcW3GiODq; Thu, 04 Nov 2021 04:38:19 -0700 X-Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web09.10264.1636024331511300470 for ; Thu, 04 Nov 2021 04:12:11 -0700 X-IronPort-AV: E=McAfee;i="6200,9189,10157"; a="231531356" X-IronPort-AV: E=Sophos;i="5.87,208,1631602800"; d="scan'208";a="231531356" X-Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Nov 2021 04:12:10 -0700 X-IronPort-AV: E=Sophos;i="5.87,208,1631602800"; d="scan'208";a="501504940" X-Received: from shnpi001.sh.intel.com (HELO 37272a2678b0.sh.intel.com) ([10.239.146.220]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Nov 2021 04:12:09 -0700 From: "Chen Lin Z" To: devel@edk2.groups.io Cc: Chen Lin Z , Bob Feng , Liming Gao Subject: [edk2-devel] [PATCH] BaseTools: Add authenticated variable store support Date: Thu, 4 Nov 2021 11:28:53 +0000 Message-Id: <20211104112853.24929-1-lin.z.chen@intel.com> Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,lin.z.chen@intel.com X-Gm-Message-State: ONJaERiDFqZsbXpJGEgNvVqfx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1636025899; bh=dICHFWXX+LsHns9338nHZT9H1GgvmHs0fOugxZZL9a4=; h=Cc:Date:From:Reply-To:Subject:To; b=MfbJyEHGCp+Hln8rkWd7O24GQnxmybiJyL+0ULsKDX6YmyBWI1uVqSV0UpYfRkM6g53 G12AbeCu/tZ/okv1quq7IvfoMMSfDNIqM94suRgF3nAIfFqvqlf2+w7qy312Z4s6c3Ngz ZbgZKRgPQAncTCVy2uwaQ8TTK3bU7m8qU7A= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1636025901454100001 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" In order to support secure boot with authenticated type variable store and non secure boot with normal type variable store, add one flag to switch them. User can append '-D VPD_AUTHENTICATED_VARIABLE_STORE' to build command to enable authenticated type varaible store. Also, user can add 'VPD_AUTHENTICATED_VARIABLE_STORE =3D TRUE/FALSE' to the defines section of Dsc file to switch authenticated/normal type variable store. VPD_AUTHENTICATED_VARIABLE_STORE is a new reserved key word for this functi= on. Signed-off-by: Chen Lin Z Cc: Bob Feng Cc: Liming Gao Reviewed-by: Bob Feng --- BaseTools/Source/Python/AutoGen/GenVar.py | 57 ++++++++++++++++++- BaseTools/Source/Python/Common/DataType.py | 1 + .../Source/Python/Workspace/DscBuildData.py | 4 ++ 3 files changed, 59 insertions(+), 3 deletions(-) diff --git a/BaseTools/Source/Python/AutoGen/GenVar.py b/BaseTools/Source/P= ython/AutoGen/GenVar.py index 591ef3df55..3f3dc69e90 100644 --- a/BaseTools/Source/Python/AutoGen/GenVar.py +++ b/BaseTools/Source/Python/AutoGen/GenVar.py @@ -15,6 +15,7 @@ from Common.VariableAttributes import VariableAttributes from Common.Misc import * import collections import Common.DataType as DataType +import Common.GlobalData as GlobalData =20 var_info =3D collections.namedtuple("uefi_var", "pcdindex,pcdname,defaults= toragename,skuname,var_name, var_guid, var_offset,var_attribute,pcd_default= _value, default_value, data_type,PcdDscLine,StructurePcd") NvStorageHeaderSize =3D 28 @@ -173,11 +174,16 @@ class VariableMgr(object): offset +=3D VariableHeaderSize + len(default_info.var_name.spl= it(",")) var_data_offset[default_info.pcdindex] =3D offset offset +=3D data_size - len(default_info.var_name.split(",")) - - var_header_buffer =3D VariableMgr.PACK_VARIABLE_HEADER(var_att= r_value, len(default_info.var_name.split(",")), len (default_data), vendorg= uid) + if GlobalData.gCommandLineDefines.get(TAB_DSC_DEFINES_VPD_AUTH= ENTICATED_VARIABLE_STORE,"FALSE").upper() =3D=3D "TRUE": + var_header_buffer =3D VariableMgr.PACK_AUTHENTICATED_VARIA= BLE_HEADER(var_attr_value, len(default_info.var_name.split(",")), len (defa= ult_data), vendorguid) + else: + var_header_buffer =3D VariableMgr.PACK_VARIABLE_HEADER(var= _attr_value, len(default_info.var_name.split(",")), len (default_data), ven= dorguid) NvStoreDataBuffer +=3D (var_header_buffer + DataBuffer) =20 - variable_storage_header_buffer =3D VariableMgr.PACK_VARIABLE_STORE= _HEADER(len(NvStoreDataBuffer) + 28) + if GlobalData.gCommandLineDefines.get(TAB_DSC_DEFINES_VPD_AUTHENTI= CATED_VARIABLE_STORE,"FALSE").upper() =3D=3D "TRUE": + variable_storage_header_buffer =3D VariableMgr.PACK_AUTHENTICA= TED_VARIABLE_STORE_HEADER(len(NvStoreDataBuffer) + 28) + else: + variable_storage_header_buffer =3D VariableMgr.PACK_VARIABLE_S= TORE_HEADER(len(NvStoreDataBuffer) + 28) =20 nv_default_part =3D VariableMgr.AlignData(VariableMgr.PACK_DEFAULT= _DATA(0, 0, VariableMgr.unpack_data(variable_storage_header_buffer+NvStoreD= ataBuffer)), 8) =20 @@ -252,6 +258,20 @@ class VariableMgr(object): =20 return GuidBuffer + SizeBuffer + FormatBuffer + StateBuffer + rese= rvedBuffer =20 + def PACK_AUTHENTICATED_VARIABLE_STORE_HEADER(size): + #Signature: gEfiAuthenticatedVariableGuid + Guid =3D "{ 0xaaf32c78, 0x947b, 0x439a, { 0xa1, 0x80, 0x2e, 0x14, = 0x4e, 0xc3, 0x77, 0x92 }}" + Guid =3D GuidStructureStringToGuidString(Guid) + GuidBuffer =3D PackGUID(Guid.split('-')) + + SizeBuffer =3D pack('=3DL', size) + FormatBuffer =3D pack('=3DB', 0x5A) + StateBuffer =3D pack('=3DB', 0xFE) + reservedBuffer =3D pack('=3DH', 0) + reservedBuffer +=3D pack('=3DL', 0) + + return GuidBuffer + SizeBuffer + FormatBuffer + StateBuffer + rese= rvedBuffer + @staticmethod def PACK_NV_STORE_DEFAULT_HEADER(size, maxsize): Signature =3D pack('=3DB', ord('N')) @@ -279,6 +299,37 @@ class VariableMgr(object): =20 return Buffer =20 + @staticmethod + def PACK_AUTHENTICATED_VARIABLE_HEADER(attribute, namesize, datasize, = vendorguid): + + Buffer =3D pack('=3DH', 0x55AA) # pack StartID + Buffer +=3D pack('=3DB', 0x3F) # pack State + Buffer +=3D pack('=3DB', 0) # pack reserved + + Buffer +=3D pack('=3DL', attribute) + + Buffer +=3D pack('=3DQ', 0) # pack MonotonicCount + Buffer +=3D pack('=3DHBBBBBBLhBB', # pack TimeStamp + 0, # UINT16 Year + 0, # UINT8 Month + 0, # UINT8 Day + 0, # UINT8 Hour + 0, # UINT8 Minute + 0, # UINT8 Second + 0, # UINT8 Pad1 + 0, # UINT32 Nanosecond + 0, # INT16 TimeZone + 0, # UINT8 Daylight + 0) # UINT8 Pad2 + Buffer +=3D pack('=3DL', 0) # pack PubKeyIndex + + Buffer +=3D pack('=3DL', namesize) + Buffer +=3D pack('=3DL', datasize) + + Buffer +=3D PackGUID(vendorguid) + + return Buffer + @staticmethod def PACK_VARIABLES_DATA(var_value,data_type, tail =3D None): Buffer =3D bytearray() diff --git a/BaseTools/Source/Python/Common/DataType.py b/BaseTools/Source/= Python/Common/DataType.py index 4e9c9e34af..dc49623333 100644 --- a/BaseTools/Source/Python/Common/DataType.py +++ b/BaseTools/Source/Python/Common/DataType.py @@ -406,6 +406,7 @@ TAB_DSC_DEFINES_SKUID_IDENTIFIER =3D 'SKUID_IDENTIFIER' TAB_DSC_DEFINES_PCD_INFO_GENERATION =3D 'PCD_INFO_GENERATION' TAB_DSC_DEFINES_PCD_DYNAMIC_AS_DYNAMICEX =3D 'PCD_DYNAMIC_AS_DYNAMICEX' TAB_DSC_DEFINES_PCD_VAR_CHECK_GENERATION =3D 'PCD_VAR_CHECK_GENERATION' +TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE =3D 'VPD_AUTHENTICATED_VA= RIABLE_STORE' TAB_DSC_DEFINES_FLASH_DEFINITION =3D 'FLASH_DEFINITION' TAB_DSC_DEFINES_BUILD_NUMBER =3D 'BUILD_NUMBER' TAB_DSC_DEFINES_MAKEFILE_NAME =3D 'MAKEFILE_NAME' diff --git a/BaseTools/Source/Python/Workspace/DscBuildData.py b/BaseTools/= Source/Python/Workspace/DscBuildData.py index d1ee0ccaea..35ec5b37ff 100644 --- a/BaseTools/Source/Python/Workspace/DscBuildData.py +++ b/BaseTools/Source/Python/Workspace/DscBuildData.py @@ -387,6 +387,10 @@ class DscBuildData(PlatformBuildClassObject): for i in range(0, len(LanguageCodes), 3): LanguageList.append(LanguageCodes[i:i + 3]) self._ISOLanguages =3D LanguageList + elif Name =3D=3D TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_ST= ORE: + if TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE not in= gCommandLineDefines: + gCommandLineDefines[TAB_DSC_DEFINES_VPD_AUTHENTICATED_= VARIABLE_STORE] =3D Record[2].strip() + elif Name =3D=3D TAB_DSC_DEFINES_VPD_TOOL_GUID: # # try to convert GUID to a real UUID value to see whether = the GUID is format --=20 2.17.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#83329): https://edk2.groups.io/g/devel/message/83329 Mute This Topic: https://groups.io/mt/86813506/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-