/** @file\r
Main SEC phase code. Transitions to PEI.\r
\r
- Copyright (c) 2008 - 2013, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
#include <Library/PeCoffGetEntryPointLib.h>\r
#include <Library/PeCoffExtraActionLib.h>\r
#include <Library/ExtractGuidedSectionLib.h>\r
+#include <Library/LocalApicLib.h>\r
\r
#include <Ppi/TemporaryRamSupport.h>\r
\r
\r
OutputBuffer = (VOID*) ((UINT8*)(UINTN) PcdGet32 (PcdOvmfDxeMemFvBase) + SIZE_1MB);\r
ScratchBuffer = ALIGN_POINTER ((UINT8*) OutputBuffer + OutputBufferSize, SIZE_1MB);\r
+\r
+ DEBUG ((EFI_D_VERBOSE, "%a: OutputBuffer@%p+0x%x ScratchBuffer@%p+0x%x "\r
+ "PcdOvmfDecompressionScratchEnd=0x%x\n", __FUNCTION__, OutputBuffer,\r
+ OutputBufferSize, ScratchBuffer, ScratchBufferSize,\r
+ PcdGet32 (PcdOvmfDecompressionScratchEnd)));\r
+ ASSERT ((UINTN)ScratchBuffer + ScratchBufferSize ==\r
+ PcdGet32 (PcdOvmfDecompressionScratchEnd));\r
+\r
Status = ExtractGuidedSectionDecode (\r
Section,\r
&OutputBuffer,\r
OUT EFI_PHYSICAL_ADDRESS *PeiCoreImageBase\r
)\r
{\r
+ BOOLEAN S3Resume;\r
+\r
*PeiCoreImageBase = 0;\r
\r
- if (IsS3Resume ()) {\r
+ S3Resume = IsS3Resume ();\r
+ if (S3Resume && !FeaturePcdGet (PcdSmmSmramRequire)) {\r
+ //\r
+ // A malicious runtime OS may have injected something into our previously\r
+ // decoded PEI FV, but we don't care about that unless SMM/SMRAM is required.\r
+ //\r
DEBUG ((EFI_D_VERBOSE, "SEC: S3 resume\n"));\r
GetS3ResumePeiFv (BootFv);\r
} else {\r
- DEBUG ((EFI_D_VERBOSE, "SEC: Normal boot\n"));\r
+ //\r
+ // We're either not resuming, or resuming "securely" -- we'll decompress\r
+ // both PEI FV and DXE FV from pristine flash.\r
+ //\r
+ DEBUG ((EFI_D_VERBOSE, "SEC: %a\n",\r
+ S3Resume ? "S3 resume (with PEI decompression)" : "Normal boot"));\r
FindMainFv (BootFv);\r
\r
DecompressMemFvs (BootFv);\r
SEC_IDT_TABLE IdtTableInStack;\r
IA32_DESCRIPTOR IdtDescriptor;\r
UINT32 Index;\r
+ volatile UINT8 *Table;\r
+\r
+ //\r
+ // To ensure SMM can't be compromised on S3 resume, we must force re-init of\r
+ // the BaseExtractGuidedSectionLib. Since this is before library contructors\r
+ // are called, we must use a loop rather than SetMem.\r
+ //\r
+ Table = (UINT8*)(UINTN)FixedPcdGet64 (PcdGuidedExtractHandlerTableAddress);\r
+ for (Index = 0;\r
+ Index < FixedPcdGet32 (PcdGuidedExtractHandlerTableSize);\r
+ ++Index) {\r
+ Table[Index] = 0;\r
+ }\r
\r
ProcessLibraryConstructorList (NULL, NULL);\r
\r
//\r
IoWrite8 (0x21, 0xff);\r
IoWrite8 (0xA1, 0xff);\r
+\r
+ //\r
+ // Initialize Local APIC Timer hardware and disable Local APIC Timer\r
+ // interrupts before initializing the Debug Agent and the debug timer is\r
+ // enabled.\r
+ //\r
+ InitializeApicTimer (0, MAX_UINT32, TRUE, 5);\r
+ DisableApicTimerInterrupt ();\r
\r
//\r
// Initialize Debug Agent to support source level debug in SEC/PEI phases before memory ready.\r