BaseTools/Source/Python/AutoGen/GenVar.py | 57 ++++++++++++++++++- BaseTools/Source/Python/Common/DataType.py | 1 + .../Source/Python/Workspace/DscBuildData.py | 4 ++ 3 files changed, 59 insertions(+), 3 deletions(-)
In order to support secure boot with authenticated type variable store
and non secure boot with normal type variable store, add one flag to
switch them.
User can append '-D VPD_AUTHENTICATED_VARIABLE_STORE' to build command
to enable authenticated type varaible store.
Also, user can add 'VPD_AUTHENTICATED_VARIABLE_STORE = TRUE/FALSE' to the
defines section of Dsc file to switch authenticated/normal type variable
store.
VPD_AUTHENTICATED_VARIABLE_STORE is a new reserved key word for this function.
Signed-off-by: Chen Lin Z <lin.z.chen@intel.com>
Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
---
BaseTools/Source/Python/AutoGen/GenVar.py | 57 ++++++++++++++++++-
BaseTools/Source/Python/Common/DataType.py | 1 +
.../Source/Python/Workspace/DscBuildData.py | 4 ++
3 files changed, 59 insertions(+), 3 deletions(-)
diff --git a/BaseTools/Source/Python/AutoGen/GenVar.py b/BaseTools/Source/Python/AutoGen/GenVar.py
index 591ef3df55..3f3dc69e90 100644
--- a/BaseTools/Source/Python/AutoGen/GenVar.py
+++ b/BaseTools/Source/Python/AutoGen/GenVar.py
@@ -15,6 +15,7 @@ from Common.VariableAttributes import VariableAttributes
from Common.Misc import *
import collections
import Common.DataType as DataType
+import Common.GlobalData as GlobalData
var_info = collections.namedtuple("uefi_var", "pcdindex,pcdname,defaultstoragename,skuname,var_name, var_guid, var_offset,var_attribute,pcd_default_value, default_value, data_type,PcdDscLine,StructurePcd")
NvStorageHeaderSize = 28
@@ -173,11 +174,16 @@ class VariableMgr(object):
offset += VariableHeaderSize + len(default_info.var_name.split(","))
var_data_offset[default_info.pcdindex] = offset
offset += data_size - len(default_info.var_name.split(","))
-
- var_header_buffer = VariableMgr.PACK_VARIABLE_HEADER(var_attr_value, len(default_info.var_name.split(",")), len (default_data), vendorguid)
+ if GlobalData.gCommandLineDefines.get(TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE,"FALSE").upper() == "TRUE":
+ var_header_buffer = VariableMgr.PACK_AUTHENTICATED_VARIABLE_HEADER(var_attr_value, len(default_info.var_name.split(",")), len (default_data), vendorguid)
+ else:
+ var_header_buffer = VariableMgr.PACK_VARIABLE_HEADER(var_attr_value, len(default_info.var_name.split(",")), len (default_data), vendorguid)
NvStoreDataBuffer += (var_header_buffer + DataBuffer)
- variable_storage_header_buffer = VariableMgr.PACK_VARIABLE_STORE_HEADER(len(NvStoreDataBuffer) + 28)
+ if GlobalData.gCommandLineDefines.get(TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE,"FALSE").upper() == "TRUE":
+ variable_storage_header_buffer = VariableMgr.PACK_AUTHENTICATED_VARIABLE_STORE_HEADER(len(NvStoreDataBuffer) + 28)
+ else:
+ variable_storage_header_buffer = VariableMgr.PACK_VARIABLE_STORE_HEADER(len(NvStoreDataBuffer) + 28)
nv_default_part = VariableMgr.AlignData(VariableMgr.PACK_DEFAULT_DATA(0, 0, VariableMgr.unpack_data(variable_storage_header_buffer+NvStoreDataBuffer)), 8)
@@ -252,6 +258,20 @@ class VariableMgr(object):
return GuidBuffer + SizeBuffer + FormatBuffer + StateBuffer + reservedBuffer
+ def PACK_AUTHENTICATED_VARIABLE_STORE_HEADER(size):
+ #Signature: gEfiAuthenticatedVariableGuid
+ Guid = "{ 0xaaf32c78, 0x947b, 0x439a, { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 }}"
+ Guid = GuidStructureStringToGuidString(Guid)
+ GuidBuffer = PackGUID(Guid.split('-'))
+
+ SizeBuffer = pack('=L', size)
+ FormatBuffer = pack('=B', 0x5A)
+ StateBuffer = pack('=B', 0xFE)
+ reservedBuffer = pack('=H', 0)
+ reservedBuffer += pack('=L', 0)
+
+ return GuidBuffer + SizeBuffer + FormatBuffer + StateBuffer + reservedBuffer
+
@staticmethod
def PACK_NV_STORE_DEFAULT_HEADER(size, maxsize):
Signature = pack('=B', ord('N'))
@@ -279,6 +299,37 @@ class VariableMgr(object):
return Buffer
+ @staticmethod
+ def PACK_AUTHENTICATED_VARIABLE_HEADER(attribute, namesize, datasize, vendorguid):
+
+ Buffer = pack('=H', 0x55AA) # pack StartID
+ Buffer += pack('=B', 0x3F) # pack State
+ Buffer += pack('=B', 0) # pack reserved
+
+ Buffer += pack('=L', attribute)
+
+ Buffer += pack('=Q', 0) # pack MonotonicCount
+ Buffer += pack('=HBBBBBBLhBB', # pack TimeStamp
+ 0, # UINT16 Year
+ 0, # UINT8 Month
+ 0, # UINT8 Day
+ 0, # UINT8 Hour
+ 0, # UINT8 Minute
+ 0, # UINT8 Second
+ 0, # UINT8 Pad1
+ 0, # UINT32 Nanosecond
+ 0, # INT16 TimeZone
+ 0, # UINT8 Daylight
+ 0) # UINT8 Pad2
+ Buffer += pack('=L', 0) # pack PubKeyIndex
+
+ Buffer += pack('=L', namesize)
+ Buffer += pack('=L', datasize)
+
+ Buffer += PackGUID(vendorguid)
+
+ return Buffer
+
@staticmethod
def PACK_VARIABLES_DATA(var_value,data_type, tail = None):
Buffer = bytearray()
diff --git a/BaseTools/Source/Python/Common/DataType.py b/BaseTools/Source/Python/Common/DataType.py
index 4e9c9e34af..dc49623333 100644
--- a/BaseTools/Source/Python/Common/DataType.py
+++ b/BaseTools/Source/Python/Common/DataType.py
@@ -406,6 +406,7 @@ TAB_DSC_DEFINES_SKUID_IDENTIFIER = 'SKUID_IDENTIFIER'
TAB_DSC_DEFINES_PCD_INFO_GENERATION = 'PCD_INFO_GENERATION'
TAB_DSC_DEFINES_PCD_DYNAMIC_AS_DYNAMICEX = 'PCD_DYNAMIC_AS_DYNAMICEX'
TAB_DSC_DEFINES_PCD_VAR_CHECK_GENERATION = 'PCD_VAR_CHECK_GENERATION'
+TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE = 'VPD_AUTHENTICATED_VARIABLE_STORE'
TAB_DSC_DEFINES_FLASH_DEFINITION = 'FLASH_DEFINITION'
TAB_DSC_DEFINES_BUILD_NUMBER = 'BUILD_NUMBER'
TAB_DSC_DEFINES_MAKEFILE_NAME = 'MAKEFILE_NAME'
diff --git a/BaseTools/Source/Python/Workspace/DscBuildData.py b/BaseTools/Source/Python/Workspace/DscBuildData.py
index d1ee0ccaea..35ec5b37ff 100644
--- a/BaseTools/Source/Python/Workspace/DscBuildData.py
+++ b/BaseTools/Source/Python/Workspace/DscBuildData.py
@@ -387,6 +387,10 @@ class DscBuildData(PlatformBuildClassObject):
for i in range(0, len(LanguageCodes), 3):
LanguageList.append(LanguageCodes[i:i + 3])
self._ISOLanguages = LanguageList
+ elif Name == TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE:
+ if TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE not in gCommandLineDefines:
+ gCommandLineDefines[TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE] = Record[2].strip()
+
elif Name == TAB_DSC_DEFINES_VPD_TOOL_GUID:
#
# try to convert GUID to a real UUID value to see whether the GUID is format
--
2.17.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83329): https://edk2.groups.io/g/devel/message/83329
Mute This Topic: https://groups.io/mt/86813506/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
This patch looks good to me.
Liming, do you have any comments?
Reviewed-by: Bob Feng <bob.c.feng@intel.com>
-----Original Message-----
From: Chen, Lin Z <lin.z.chen@intel.com>
Sent: Thursday, November 4, 2021 7:29 PM
To: devel@edk2.groups.io
Cc: Chen, Lin Z <lin.z.chen@intel.com>; Feng, Bob C <bob.c.feng@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>
Subject: [PATCH] BaseTools: Add authenticated variable store support
In order to support secure boot with authenticated type variable store and non secure boot with normal type variable store, add one flag to switch them.
User can append '-D VPD_AUTHENTICATED_VARIABLE_STORE' to build command to enable authenticated type varaible store.
Also, user can add 'VPD_AUTHENTICATED_VARIABLE_STORE = TRUE/FALSE' to the defines section of Dsc file to switch authenticated/normal type variable store.
VPD_AUTHENTICATED_VARIABLE_STORE is a new reserved key word for this function.
Signed-off-by: Chen Lin Z <lin.z.chen@intel.com>
Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
---
BaseTools/Source/Python/AutoGen/GenVar.py | 57 ++++++++++++++++++-
BaseTools/Source/Python/Common/DataType.py | 1 +
.../Source/Python/Workspace/DscBuildData.py | 4 ++
3 files changed, 59 insertions(+), 3 deletions(-)
diff --git a/BaseTools/Source/Python/AutoGen/GenVar.py b/BaseTools/Source/Python/AutoGen/GenVar.py
index 591ef3df55..3f3dc69e90 100644
--- a/BaseTools/Source/Python/AutoGen/GenVar.py
+++ b/BaseTools/Source/Python/AutoGen/GenVar.py
@@ -15,6 +15,7 @@ from Common.VariableAttributes import VariableAttributes from Common.Misc import * import collections import Common.DataType as DataType
+import Common.GlobalData as GlobalData
var_info = collections.namedtuple("uefi_var", "pcdindex,pcdname,defaultstoragename,skuname,var_name, var_guid, var_offset,var_attribute,pcd_default_value, default_value, data_type,PcdDscLine,StructurePcd")
NvStorageHeaderSize = 28
@@ -173,11 +174,16 @@ class VariableMgr(object):
offset += VariableHeaderSize + len(default_info.var_name.split(","))
var_data_offset[default_info.pcdindex] = offset
offset += data_size - len(default_info.var_name.split(","))
-
- var_header_buffer = VariableMgr.PACK_VARIABLE_HEADER(var_attr_value, len(default_info.var_name.split(",")), len (default_data), vendorguid)
+ if GlobalData.gCommandLineDefines.get(TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE,"FALSE").upper() == "TRUE":
+ var_header_buffer = VariableMgr.PACK_AUTHENTICATED_VARIABLE_HEADER(var_attr_value, len(default_info.var_name.split(",")), len (default_data), vendorguid)
+ else:
+ var_header_buffer =
+ VariableMgr.PACK_VARIABLE_HEADER(var_attr_value,
+ len(default_info.var_name.split(",")), len (default_data), vendorguid)
NvStoreDataBuffer += (var_header_buffer + DataBuffer)
- variable_storage_header_buffer = VariableMgr.PACK_VARIABLE_STORE_HEADER(len(NvStoreDataBuffer) + 28)
+ if GlobalData.gCommandLineDefines.get(TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE,"FALSE").upper() == "TRUE":
+ variable_storage_header_buffer = VariableMgr.PACK_AUTHENTICATED_VARIABLE_STORE_HEADER(len(NvStoreDataBuffer) + 28)
+ else:
+ variable_storage_header_buffer =
+ VariableMgr.PACK_VARIABLE_STORE_HEADER(len(NvStoreDataBuffer) + 28)
nv_default_part = VariableMgr.AlignData(VariableMgr.PACK_DEFAULT_DATA(0, 0, VariableMgr.unpack_data(variable_storage_header_buffer+NvStoreDataBuffer)), 8)
@@ -252,6 +258,20 @@ class VariableMgr(object):
return GuidBuffer + SizeBuffer + FormatBuffer + StateBuffer + reservedBuffer
+ def PACK_AUTHENTICATED_VARIABLE_STORE_HEADER(size):
+ #Signature: gEfiAuthenticatedVariableGuid
+ Guid = "{ 0xaaf32c78, 0x947b, 0x439a, { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 }}"
+ Guid = GuidStructureStringToGuidString(Guid)
+ GuidBuffer = PackGUID(Guid.split('-'))
+
+ SizeBuffer = pack('=L', size)
+ FormatBuffer = pack('=B', 0x5A)
+ StateBuffer = pack('=B', 0xFE)
+ reservedBuffer = pack('=H', 0)
+ reservedBuffer += pack('=L', 0)
+
+ return GuidBuffer + SizeBuffer + FormatBuffer + StateBuffer +
+ reservedBuffer
+
@staticmethod
def PACK_NV_STORE_DEFAULT_HEADER(size, maxsize):
Signature = pack('=B', ord('N')) @@ -279,6 +299,37 @@ class VariableMgr(object):
return Buffer
+ @staticmethod
+ def PACK_AUTHENTICATED_VARIABLE_HEADER(attribute, namesize, datasize, vendorguid):
+
+ Buffer = pack('=H', 0x55AA) # pack StartID
+ Buffer += pack('=B', 0x3F) # pack State
+ Buffer += pack('=B', 0) # pack reserved
+
+ Buffer += pack('=L', attribute)
+
+ Buffer += pack('=Q', 0) # pack MonotonicCount
+ Buffer += pack('=HBBBBBBLhBB', # pack TimeStamp
+ 0, # UINT16 Year
+ 0, # UINT8 Month
+ 0, # UINT8 Day
+ 0, # UINT8 Hour
+ 0, # UINT8 Minute
+ 0, # UINT8 Second
+ 0, # UINT8 Pad1
+ 0, # UINT32 Nanosecond
+ 0, # INT16 TimeZone
+ 0, # UINT8 Daylight
+ 0) # UINT8 Pad2
+ Buffer += pack('=L', 0) # pack PubKeyIndex
+
+ Buffer += pack('=L', namesize)
+ Buffer += pack('=L', datasize)
+
+ Buffer += PackGUID(vendorguid)
+
+ return Buffer
+
@staticmethod
def PACK_VARIABLES_DATA(var_value,data_type, tail = None):
Buffer = bytearray()
diff --git a/BaseTools/Source/Python/Common/DataType.py b/BaseTools/Source/Python/Common/DataType.py
index 4e9c9e34af..dc49623333 100644
--- a/BaseTools/Source/Python/Common/DataType.py
+++ b/BaseTools/Source/Python/Common/DataType.py
@@ -406,6 +406,7 @@ TAB_DSC_DEFINES_SKUID_IDENTIFIER = 'SKUID_IDENTIFIER'
TAB_DSC_DEFINES_PCD_INFO_GENERATION = 'PCD_INFO_GENERATION'
TAB_DSC_DEFINES_PCD_DYNAMIC_AS_DYNAMICEX = 'PCD_DYNAMIC_AS_DYNAMICEX'
TAB_DSC_DEFINES_PCD_VAR_CHECK_GENERATION = 'PCD_VAR_CHECK_GENERATION'
+TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE = 'VPD_AUTHENTICATED_VARIABLE_STORE'
TAB_DSC_DEFINES_FLASH_DEFINITION = 'FLASH_DEFINITION'
TAB_DSC_DEFINES_BUILD_NUMBER = 'BUILD_NUMBER'
TAB_DSC_DEFINES_MAKEFILE_NAME = 'MAKEFILE_NAME'
diff --git a/BaseTools/Source/Python/Workspace/DscBuildData.py b/BaseTools/Source/Python/Workspace/DscBuildData.py
index d1ee0ccaea..35ec5b37ff 100644
--- a/BaseTools/Source/Python/Workspace/DscBuildData.py
+++ b/BaseTools/Source/Python/Workspace/DscBuildData.py
@@ -387,6 +387,10 @@ class DscBuildData(PlatformBuildClassObject):
for i in range(0, len(LanguageCodes), 3):
LanguageList.append(LanguageCodes[i:i + 3])
self._ISOLanguages = LanguageList
+ elif Name == TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE:
+ if TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE not in gCommandLineDefines:
+
+ gCommandLineDefines[TAB_DSC_DEFINES_VPD_AUTHENTICATED_VARIABLE_STORE]
+ = Record[2].strip()
+
elif Name == TAB_DSC_DEFINES_VPD_TOOL_GUID:
#
# try to convert GUID to a real UUID value to see whether the GUID is format
--
2.17.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83423): https://edk2.groups.io/g/devel/message/83423
Mute This Topic: https://groups.io/mt/86813506/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2024 Red Hat, Inc.