Main SEC phase code. Transitions to PEI.\r
\r
Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.<BR>\r
+ (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>\r
\r
- This program and the accompanying materials\r
- are licensed and made available under the terms and conditions of the BSD License\r
- which accompanies this distribution. The full text of the license may be found at\r
- http://opensource.org/licenses/bsd-license.php\r
-\r
- THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+ SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
\r
//\r
//\r
-// \r
+//\r
EFI_PEI_TEMPORARY_RAM_SUPPORT_PPI mTemporaryRamSupportPpi = {\r
TemporaryRamMigration\r
};\r
0x0, // Reserved_0\r
IA32_IDT_GATE_TYPE_INTERRUPT_32, // GateType\r
0xffff // OffsetHigh\r
- } \r
+ }\r
};\r
\r
/**\r
EFI_PHYSICAL_ADDRESS EndOfFile;\r
\r
if (Fv->Signature != EFI_FVH_SIGNATURE) {\r
- DEBUG ((EFI_D_ERROR, "FV at %p does not have FV header signature\n", Fv));\r
+ DEBUG ((DEBUG_ERROR, "FV at %p does not have FV header signature\n", Fv));\r
return EFI_VOLUME_CORRUPTED;\r
}\r
\r
}\r
\r
File = (EFI_FFS_FILE_HEADER*)(UINTN) CurrentAddress;\r
- Size = *(UINT32*) File->Size & 0xffffff;\r
+ Size = FFS_FILE_SIZE (File);\r
if (Size < (sizeof (*File) + sizeof (EFI_COMMON_SECTION_HEADER))) {\r
return EFI_VOLUME_CORRUPTED;\r
}\r
UINT32 AuthenticationStatus;\r
VOID *OutputBuffer;\r
VOID *ScratchBuffer;\r
- EFI_FIRMWARE_VOLUME_IMAGE_SECTION *FvSection;\r
+ EFI_COMMON_SECTION_HEADER *FvSection;\r
EFI_FIRMWARE_VOLUME_HEADER *PeiMemFv;\r
EFI_FIRMWARE_VOLUME_HEADER *DxeMemFv;\r
+ UINT32 FvHeaderSize;\r
+ UINT32 FvSectionSize;\r
\r
- FvSection = (EFI_FIRMWARE_VOLUME_IMAGE_SECTION*) NULL;\r
+ FvSection = (EFI_COMMON_SECTION_HEADER*) NULL;\r
\r
Status = FindFfsFileAndSection (\r
*Fv,\r
(EFI_COMMON_SECTION_HEADER**) &Section\r
);\r
if (EFI_ERROR (Status)) {\r
- DEBUG ((EFI_D_ERROR, "Unable to find GUID defined section\n"));\r
+ DEBUG ((DEBUG_ERROR, "Unable to find GUID defined section\n"));\r
return Status;\r
}\r
\r
&SectionAttribute\r
);\r
if (EFI_ERROR (Status)) {\r
- DEBUG ((EFI_D_ERROR, "Unable to GetInfo for GUIDed section\n"));\r
+ DEBUG ((DEBUG_ERROR, "Unable to GetInfo for GUIDed section\n"));\r
return Status;\r
}\r
\r
OutputBuffer = (VOID*) ((UINT8*)(UINTN) PcdGet32 (PcdOvmfDxeMemFvBase) + SIZE_1MB);\r
ScratchBuffer = ALIGN_POINTER ((UINT8*) OutputBuffer + OutputBufferSize, SIZE_1MB);\r
\r
- DEBUG ((EFI_D_VERBOSE, "%a: OutputBuffer@%p+0x%x ScratchBuffer@%p+0x%x "\r
+ DEBUG ((DEBUG_VERBOSE, "%a: OutputBuffer@%p+0x%x ScratchBuffer@%p+0x%x "\r
"PcdOvmfDecompressionScratchEnd=0x%x\n", __FUNCTION__, OutputBuffer,\r
OutputBufferSize, ScratchBuffer, ScratchBufferSize,\r
PcdGet32 (PcdOvmfDecompressionScratchEnd)));\r
&AuthenticationStatus\r
);\r
if (EFI_ERROR (Status)) {\r
- DEBUG ((EFI_D_ERROR, "Error during GUID section decode\n"));\r
+ DEBUG ((DEBUG_ERROR, "Error during GUID section decode\n"));\r
return Status;\r
}\r
\r
OutputBufferSize,\r
EFI_SECTION_FIRMWARE_VOLUME_IMAGE,\r
0,\r
- (EFI_COMMON_SECTION_HEADER**) &FvSection\r
+ &FvSection\r
);\r
if (EFI_ERROR (Status)) {\r
- DEBUG ((EFI_D_ERROR, "Unable to find PEI FV section\n"));\r
+ DEBUG ((DEBUG_ERROR, "Unable to find PEI FV section\n"));\r
return Status;\r
}\r
\r
CopyMem (PeiMemFv, (VOID*) (FvSection + 1), PcdGet32 (PcdOvmfPeiMemFvSize));\r
\r
if (PeiMemFv->Signature != EFI_FVH_SIGNATURE) {\r
- DEBUG ((EFI_D_ERROR, "Extracted FV at %p does not have FV header signature\n", PeiMemFv));\r
+ DEBUG ((DEBUG_ERROR, "Extracted FV at %p does not have FV header signature\n", PeiMemFv));\r
CpuDeadLoop ();\r
return EFI_VOLUME_CORRUPTED;\r
}\r
OutputBufferSize,\r
EFI_SECTION_FIRMWARE_VOLUME_IMAGE,\r
1,\r
- (EFI_COMMON_SECTION_HEADER**) &FvSection\r
+ &FvSection\r
);\r
if (EFI_ERROR (Status)) {\r
- DEBUG ((EFI_D_ERROR, "Unable to find DXE FV section\n"));\r
+ DEBUG ((DEBUG_ERROR, "Unable to find DXE FV section\n"));\r
return Status;\r
}\r
\r
ASSERT (FvSection->Type == EFI_SECTION_FIRMWARE_VOLUME_IMAGE);\r
- ASSERT (SECTION_SIZE (FvSection) ==\r
- (PcdGet32 (PcdOvmfDxeMemFvSize) + sizeof (*FvSection)));\r
+\r
+ if (IS_SECTION2 (FvSection)) {\r
+ FvSectionSize = SECTION2_SIZE (FvSection);\r
+ FvHeaderSize = sizeof (EFI_COMMON_SECTION_HEADER2);\r
+ } else {\r
+ FvSectionSize = SECTION_SIZE (FvSection);\r
+ FvHeaderSize = sizeof (EFI_COMMON_SECTION_HEADER);\r
+ }\r
+\r
+ ASSERT (FvSectionSize == (PcdGet32 (PcdOvmfDxeMemFvSize) + FvHeaderSize));\r
\r
DxeMemFv = (EFI_FIRMWARE_VOLUME_HEADER*)(UINTN) PcdGet32 (PcdOvmfDxeMemFvBase);\r
- CopyMem (DxeMemFv, (VOID*) (FvSection + 1), PcdGet32 (PcdOvmfDxeMemFvSize));\r
+ CopyMem (DxeMemFv, (VOID*) ((UINTN)FvSection + FvHeaderSize), PcdGet32 (PcdOvmfDxeMemFvSize));\r
\r
if (DxeMemFv->Signature != EFI_FVH_SIGNATURE) {\r
- DEBUG ((EFI_D_ERROR, "Extracted FV at %p does not have FV header signature\n", DxeMemFv));\r
+ DEBUG ((DEBUG_ERROR, "Extracted FV at %p does not have FV header signature\n", DxeMemFv));\r
CpuDeadLoop ();\r
return EFI_VOLUME_CORRUPTED;\r
}\r
&Section\r
);\r
if (EFI_ERROR (Status)) {\r
- DEBUG ((EFI_D_ERROR, "Unable to find PEI Core image\n"));\r
+ DEBUG ((DEBUG_ERROR, "Unable to find PEI Core image\n"));\r
return Status;\r
}\r
}\r
OUT EFI_PHYSICAL_ADDRESS *PeiCoreImageBase\r
)\r
{\r
+ BOOLEAN S3Resume;\r
+\r
*PeiCoreImageBase = 0;\r
\r
- if (IsS3Resume ()) {\r
- DEBUG ((EFI_D_VERBOSE, "SEC: S3 resume\n"));\r
+ S3Resume = IsS3Resume ();\r
+ if (S3Resume && !FeaturePcdGet (PcdSmmSmramRequire)) {\r
+ //\r
+ // A malicious runtime OS may have injected something into our previously\r
+ // decoded PEI FV, but we don't care about that unless SMM/SMRAM is required.\r
+ //\r
+ DEBUG ((DEBUG_VERBOSE, "SEC: S3 resume\n"));\r
GetS3ResumePeiFv (BootFv);\r
} else {\r
- DEBUG ((EFI_D_VERBOSE, "SEC: Normal boot\n"));\r
+ //\r
+ // We're either not resuming, or resuming "securely" -- we'll decompress\r
+ // both PEI FV and DXE FV from pristine flash.\r
+ //\r
+ DEBUG ((DEBUG_VERBOSE, "SEC: %a\n",\r
+ S3Resume ? "S3 resume (with PEI decompression)" : "Normal boot"));\r
FindMainFv (BootFv);\r
\r
DecompressMemFvs (BootFv);\r
}\r
\r
File = (EFI_FFS_FILE_HEADER*)(UINTN) CurrentAddress;\r
- Size = *(UINT32*) File->Size & 0xffffff;\r
+ Size = FFS_FILE_SIZE (File);\r
if (Size < sizeof (*File)) {\r
return EFI_NOT_FOUND;\r
}\r
CurrentAddress = (EndOfSection + 3) & 0xfffffffffffffffcULL;\r
Section = (EFI_COMMON_SECTION_HEADER*)(UINTN) CurrentAddress;\r
\r
- Size = *(UINT32*) Section->Size & 0xffffff;\r
+ Size = SECTION_SIZE (Section);\r
if (Size < sizeof (*Section)) {\r
return EFI_NOT_FOUND;\r
}\r
/*\r
Find and return Pei Core entry point.\r
\r
- It also find SEC and PEI Core file debug inforamtion. It will report them if\r
+ It also find SEC and PEI Core file debug information. It will report them if\r
remote debug is enabled.\r
\r
**/\r
ASSERT_EFI_ERROR (Status);\r
\r
FindPeiCoreImageBase (BootFirmwareVolumePtr, &PeiCoreImageBase);\r
- \r
+\r
ZeroMem ((VOID *) &ImageContext, sizeof (PE_COFF_LOADER_IMAGE_CONTEXT));\r
//\r
// Report SEC Core debug information when remote debug is enabled\r
\r
ProcessLibraryConstructorList (NULL, NULL);\r
\r
- DEBUG ((EFI_D_INFO,\r
+ DEBUG ((DEBUG_INFO,\r
"SecCoreStartupWithStack(0x%x, 0x%x)\n",\r
(UINT32)(UINTN)BootFv,\r
(UINT32)(UINTN)TopOfCurrentStack\r
\r
//\r
// Initialize IDT\r
- // \r
+ //\r
IdtTableInStack.PeiService = NULL;\r
for (Index = 0; Index < SEC_IDT_ENTRY_COUNT; Index ++) {\r
CopyMem (&IdtTableInStack.IdtTable[Index], &mIdtEntryTemplate, sizeof (mIdtEntryTemplate));\r
//\r
InitializeApicTimer (0, MAX_UINT32, TRUE, 5);\r
DisableApicTimerInterrupt ();\r
- \r
+\r
//\r
// Initialize Debug Agent to support source level debug in SEC/PEI phases before memory ready.\r
//\r
InitializeDebugAgent (DEBUG_AGENT_INIT_PREMEM_SEC, &SecCoreData, SecStartupPhase2);\r
}\r
- \r
+\r
/**\r
Caller provided function to be invoked at the end of InitializeDebugAgent().\r
\r
EFI_SEC_PEI_HAND_OFF *SecCoreData;\r
EFI_FIRMWARE_VOLUME_HEADER *BootFv;\r
EFI_PEI_CORE_ENTRY_POINT PeiCoreEntryPoint;\r
- \r
+\r
SecCoreData = (EFI_SEC_PEI_HAND_OFF *) Context;\r
- \r
+\r
//\r
// Find PEI Core entry point. It will report SEC and Pei Core debug information if remote debug\r
// is enabled.\r
// Transfer the control to the PEI core\r
//\r
(*PeiCoreEntryPoint) (SecCoreData, (EFI_PEI_PPI_DESCRIPTOR *)&mPrivateDispatchTable);\r
- \r
+\r
//\r
// If we get here then the PEI Core returned, which is not recoverable.\r
//\r
DEBUG_AGENT_CONTEXT_POSTMEM_SEC DebugAgentContext;\r
BOOLEAN OldStatus;\r
BASE_LIBRARY_JUMP_BUFFER JumpBuffer;\r
- \r
- DEBUG ((EFI_D_INFO,\r
+\r
+ DEBUG ((DEBUG_INFO,\r
"TemporaryRamMigration(0x%Lx, 0x%Lx, 0x%Lx)\n",\r
TemporaryMemoryBase,\r
PermanentMemoryBase,\r
(UINT64)CopySize\r
));\r
- \r
+\r
OldHeap = (VOID*)(UINTN)TemporaryMemoryBase;\r
NewHeap = (VOID*)((UINTN)PermanentMemoryBase + (CopySize >> 1));\r
- \r
+\r
OldStack = (VOID*)((UINTN)TemporaryMemoryBase + (CopySize >> 1));\r
NewStack = (VOID*)(UINTN)PermanentMemoryBase;\r
\r
DebugAgentContext.HeapMigrateOffset = (UINTN)NewHeap - (UINTN)OldHeap;\r
DebugAgentContext.StackMigrateOffset = (UINTN)NewStack - (UINTN)OldStack;\r
- \r
+\r
OldStatus = SaveAndSetDebugTimerInterrupt (FALSE);\r
InitializeDebugAgent (DEBUG_AGENT_INIT_POSTMEM_SEC, (VOID *) &DebugAgentContext, NULL);\r
\r
// Migrate Stack\r
//\r
CopyMem (NewStack, OldStack, CopySize >> 1);\r
- \r
+\r
//\r
// Rebase IDT table in permanent memory\r
//\r
\r
//\r
// Use SetJump()/LongJump() to switch to a new stack.\r
- // \r
+ //\r
if (SetJump (&JumpBuffer) == 0) {\r
#if defined (MDE_CPU_IA32)\r
JumpBuffer.Esp = JumpBuffer.Esp + DebugAgentContext.StackMigrateOffset;\r
-#endif \r
+ JumpBuffer.Ebp = JumpBuffer.Ebp + DebugAgentContext.StackMigrateOffset;\r
+#endif\r
#if defined (MDE_CPU_X64)\r
JumpBuffer.Rsp = JumpBuffer.Rsp + DebugAgentContext.StackMigrateOffset;\r
-#endif \r
+ JumpBuffer.Rbp = JumpBuffer.Rbp + DebugAgentContext.StackMigrateOffset;\r
+#endif\r
LongJump (&JumpBuffer, (UINTN)-1);\r
}\r
\r