1. Patchew
  2. EDK2
  3. View series

[edk2-devel] [PATCH] edk2Platforms-Silicon:Add VAB FIT record types support in FitGen.c

Hv, Pavamana posted 1 patch 1 year, 6 months ago
Failed in applying to current master (apply log)
There is a newer version of this series
Silicon/Intel/Tools/FitGen/FitGen.c | 57 +++++++++++++++++++----------
1 file changed, 37 insertions(+), 20 deletions(-)
[edk2-devel] [PATCH] edk2Platforms-Silicon:Add VAB FIT record types support in FitGen.c
Posted by Hv, Pavamana 1 year, 6 months ago 
Hi All,
Attached is the patch for the issue reported here.
https://bugzilla.tianocore.org/show_bug.cgi?id=4086
Request you all to please review and provide feedback.
Let me know if you need any more details from me.

Regards,
Pavamana



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94777): https://edk2.groups.io/g/devel/message/94777
Mute This Topic: https://groups.io/mt/94150644/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-


From 91be981d80ce060b4a2716823833a097c88e2609 Mon Sep 17 00:00:00 2001
Message-Id: <91be981d80ce060b4a2716823833a097c88e2609.1664992599.git.pavamana.hv@intel.com>
From: Pavamana Holavanahalli <pavamana.hv@intel.com>
Date: Wed, 5 Oct 2022 09:41:53 -0700
Subject: [PATCH] edk2Platforms-Silicon:Add VAB FIT record types support in
 FitGen.c

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4086

This commit adds support for new FIT record type for
Vendor Authorized Boot (VAB) security technology.
VAB defines 3 new following types
Vendor Authorized Boot Provisioning Table (Type 0x1A)
Vendor Authorized Boot Image Manifest (Type 0x1B)
Vendor Authorized Boot Key Manifest (Type 0x1C)
The code has been updated to align these binaries on 64 byte boundary
and not to overlap with other regions, similar to Key manifest,
Boot Policy manifest and other optional types.

Signed-off-by: Pavamana Holavanahalli <pavamana.hv@intel.com>
---
 Silicon/Intel/Tools/FitGen/FitGen.c | 57 +++++++++++++++++++----------
 1 file changed, 37 insertions(+), 20 deletions(-)

diff --git a/Silicon/Intel/Tools/FitGen/FitGen.c b/Silicon/Intel/Tools/FitGen/FitGen.c
index 21dfcf1ebb..7a333fc8e6 100644
--- a/Silicon/Intel/Tools/FitGen/FitGen.c
+++ b/Silicon/Intel/Tools/FitGen/FitGen.c
@@ -234,20 +234,24 @@ typedef struct {
 #define FLASH_TO_MEMORY(Address, FvBuffer, FvSize)  \
                  (VOID *)(UINTN)((UINTN)(FvBuffer) + (UINTN)(FvSize) - (TOP_FLASH_ADDRESS - (UINTN)(Address)))
 
-#define FIT_TABLE_TYPE_HEADER                 0
-#define FIT_TABLE_TYPE_MICROCODE              1
-#define FIT_TABLE_TYPE_STARTUP_ACM            2
-#define FIT_TABLE_TYPE_DIAGNST_ACM            3
-#define FIT_TABLE_TYPE_BIOS_MODULE            7
-#define FIT_TABLE_TYPE_TPM_POLICY             8
-#define FIT_TABLE_TYPE_BIOS_POLICY            9
-#define FIT_TABLE_TYPE_TXT_POLICY             10
-#define FIT_TABLE_TYPE_KEY_MANIFEST           11
-#define FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST   12
-#define FIT_TABLE_TYPE_BIOS_DATA_AREA         13
-#define FIT_TABLE_TYPE_CSE_SECURE_BOOT        16
-#define FIT_TABLE_SUBTYPE_FIT_PATCH_MANIFEST  12
-#define FIT_TABLE_SUBTYPE_ACM_MANIFEST        13
+#define FIT_TABLE_TYPE_HEADER                      0
+#define FIT_TABLE_TYPE_MICROCODE                   1
+#define FIT_TABLE_TYPE_STARTUP_ACM                 2
+#define FIT_TABLE_TYPE_DIAGNST_ACM                 3
+#define FIT_TABLE_TYPE_BIOS_MODULE                 7
+#define FIT_TABLE_TYPE_TPM_POLICY                  8
+#define FIT_TABLE_TYPE_BIOS_POLICY                 9
+#define FIT_TABLE_TYPE_TXT_POLICY                  10
+#define FIT_TABLE_TYPE_KEY_MANIFEST                11
+#define FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST        12
+#define FIT_TABLE_TYPE_BIOS_DATA_AREA              13
+#define FIT_TABLE_TYPE_CSE_SECURE_BOOT             16
+#define FIT_TABLE_SUBTYPE_FIT_PATCH_MANIFEST       12
+#define FIT_TABLE_SUBTYPE_ACM_MANIFEST             13
+#define FIT_TABLE_TYPE_VAB_PROVISION_TABLE         26
+#define FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST     27
+#define FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST       28
+
 
 //
 // With OptionalModule Address isn't known until free space has been
@@ -1956,7 +1960,10 @@ Returns:
         (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_KEY_MANIFEST) ||
         (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||
         (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_BIOS_DATA_AREA) ||
-        (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_CSE_SECURE_BOOT)) {
+        (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||
+        (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||
+        (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||
+        (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST)) {
       // NOTE: It might be virtual address now. Just put a place holder.
       FitEntryNumber ++;
     }
@@ -2154,8 +2161,11 @@ Returns:
           (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_KEY_MANIFEST) ||
           (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||
           (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_BIOS_DATA_AREA) ||
-          (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_CSE_SECURE_BOOT)) {
-        // Let it 64 byte align
+          (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||
+          (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||
+          (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||
+          (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST)) {
+          // Let it 64 byte align
         AlignedSize += BIOS_MODULE_ALIGNMENT;
         AlignedSize &= ~BIOS_MODULE_ALIGNMENT;
       }
@@ -2166,8 +2176,11 @@ Returns:
           (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_KEY_MANIFEST) ||
           (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||
           (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_BIOS_DATA_AREA) ||
-          (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_CSE_SECURE_BOOT)) {
-        // Let it 64 byte align
+          (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||
+          (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||
+          (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||
+          (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST)) {
+          // Let it 64 byte align
         OptionalModuleAddress = (UINT8 *)((UINTN)OptionalModuleAddress & ~BIOS_MODULE_ALIGNMENT);
       }
 
@@ -2201,7 +2214,11 @@ Returns:
         (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_KEY_MANIFEST) ||
         (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_BOOT_POLICY_MANIFEST) ||
         (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_BIOS_DATA_AREA) ||
-        (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_CSE_SECURE_BOOT)) {
+        (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_CSE_SECURE_BOOT) ||
+        (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_PROVISION_TABLE) ||
+        (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_BOOT_IMAGE_MANIFEST) ||
+        (gFitTableContext.OptionalModule[Index].Type == FIT_TABLE_TYPE_VAB_BOOT_KEY_MANIFEST)) {
+
       CheckOverlap (gFitTableContext.OptionalModule[Index].Address, AlignedSize);
     }
   }
-- 
2.26.2.windows.1

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.