OvmfPkg/EmuVariableFvbRuntimeDxe: Add support for PcdSecureBootEnable

author jljusten <jljusten@6f19259b-4bc3-4df7-8a09-765794883524>

Fri, 9 Mar 2012 17:38:35 +0000 (17:38 +0000)

committer jljusten <jljusten@6f19259b-4bc3-4df7-8a09-765794883524>

Fri, 9 Mar 2012 17:38:35 +0000 (17:38 +0000)
author jljusten <jljusten@6f19259b-4bc3-4df7-8a09-765794883524>
Fri, 9 Mar 2012 17:38:35 +0000 (17:38 +0000)
committer jljusten <jljusten@6f19259b-4bc3-4df7-8a09-765794883524>
Fri, 9 Mar 2012 17:38:35 +0000 (17:38 +0000)
diff --git a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c

index ea9ffdcd61d22408671537561c9c6bb9459fd5b6..c1f46a7d9d2fb66650ed8e1b26cfd84151bd423a 100644 (file)
--- a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c
+++ b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c
@@ -34,6 +34,9 @@
  #include <Library/PlatformFvbLib.h>\r
  #include "Fvb.h"\r
  \r
+#define EFI_AUTHENTICATED_VARIABLE_GUID \\r
+{ 0xaaf32c78, 0x947b, 0x439a, { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 } }\r
+\r
  //\r
  // Virtual Address Change Event\r
  //\r
@@ -622,6 +625,9 @@ InitializeFvAndVariableStoreHeaders (
    IN  VOID   *Ptr\r
    )\r
  {\r
+  //\r
+  // Templates for standard (non-authenticated) variable FV header\r
+  //\r
    STATIC FVB_FV_HDR_AND_VARS_TEMPLATE FvAndVarTemplate = {\r
      { // EFI_FIRMWARE_VOLUME_HEADER FvHdr;\r
        // UINT8                     ZeroVector[16];\r
@@ -684,12 +690,83 @@ InitializeFvAndVariableStoreHeaders (
        0\r
      }\r
    };\r
+\r
+  //\r
+  // Templates for authenticated variable FV header\r
+  //\r
+  STATIC FVB_FV_HDR_AND_VARS_TEMPLATE FvAndAuthenticatedVarTemplate = {\r
+    { // EFI_FIRMWARE_VOLUME_HEADER FvHdr;\r
+      // UINT8                     ZeroVector[16];\r
+      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },\r
+\r
+      // EFI_GUID                  FileSystemGuid;\r
+      EFI_SYSTEM_NV_DATA_FV_GUID,\r
+\r
+      // UINT64                    FvLength;\r
+      EMU_FVB_SIZE,\r
+\r
+      // UINT32                    Signature;\r
+      EFI_FVH_SIGNATURE,\r
+\r
+      // EFI_FVB_ATTRIBUTES_2      Attributes;\r
+      0x4feff,\r
+\r
+      // UINT16                    HeaderLength;\r
+      EMU_FV_HEADER_LENGTH,\r
+\r
+      // UINT16                    Checksum;\r
+      0,\r
+\r
+      // UINT16                    ExtHeaderOffset;\r
+      0,\r
+\r
+      // UINT8                     Reserved[1];\r
+      0,\r
+\r
+      // UINT8                     Revision;\r
+      EFI_FVH_REVISION,\r
+\r
+      // EFI_FV_BLOCK_MAP_ENTRY    BlockMap[1];\r
+      { 2, // UINT32 NumBlocks;\r
+        EMU_FVB_BLOCK_SIZE  // UINT32 Length;\r
+      }\r
+    },\r
+    // EFI_FV_BLOCK_MAP_ENTRY     EndBlockMap;\r
+    { 0, 0 }, // End of block map\r
+    { // VARIABLE_STORE_HEADER      VarHdr;\r
+        // EFI_GUID  Signature;     // need authenticated variables for secure boot\r
+        EFI_AUTHENTICATED_VARIABLE_GUID,\r
+\r
+      // UINT32  Size;\r
+      (\r
+        FixedPcdGet32 (PcdVariableStoreSize) -\r
+        OFFSET_OF (FVB_FV_HDR_AND_VARS_TEMPLATE, VarHdr)\r
+      ),\r
+\r
+      // UINT8   Format;\r
+      VARIABLE_STORE_FORMATTED,\r
+\r
+      // UINT8   State;\r
+      VARIABLE_STORE_HEALTHY,\r
+\r
+      // UINT16  Reserved;\r
+      0,\r
+\r
+      // UINT32  Reserved1;\r
+      0\r
+    }\r
+  };\r
+\r
    EFI_FIRMWARE_VOLUME_HEADER  *Fv;\r
  \r
    //\r
    // Copy the template structure into the location\r
    //\r
-  CopyMem (Ptr, (VOID*)&FvAndVarTemplate, sizeof (FvAndVarTemplate));\r
+  if (FeaturePcdGet (PcdSecureBootEnable) == FALSE) {\r
+    CopyMem (Ptr, (VOID*)&FvAndVarTemplate, sizeof (FvAndVarTemplate));\r
+  } else {\r
+    CopyMem (Ptr, (VOID*)&FvAndAuthenticatedVarTemplate, sizeof (FvAndAuthenticatedVarTemplate));\r
+  }\r
  \r
    //\r
    // Update the checksum for the FV header\r
diff --git a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf

index 69b3c9972a76892f00e27908cedf3d111b35ff93..4d4827decb527ec6fb493eb305e77c5624143312 100644 (file)
--- a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
+++ b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
@@ -68,6 +68,9 @@
    gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase\r
    gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved\r
  \r
+[FeaturePcd]\r
+  gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable\r
+\r
  [Depex]\r
    TRUE\r
  \r
author	jljusten <jljusten@6f19259b-4bc3-4df7-8a09-765794883524>
	Fri, 9 Mar 2012 17:38:35 +0000 (17:38 +0000)
committer	jljusten <jljusten@6f19259b-4bc3-4df7-8a09-765794883524>
	Fri, 9 Mar 2012 17:38:35 +0000 (17:38 +0000)
OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c		patch \| blob \| blame \| history
OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf		patch \| blob \| blame \| history