From bdf93df85673c61e25e2b53b082c30aa87eec7a7 Mon Sep 17 00:00:00 2001 From: jljusten Date: Fri, 9 Mar 2012 17:38:35 +0000 Subject: [PATCH] OvmfPkg/EmuVariableFvbRuntimeDxe: Add support for PcdSecureBootEnable When PcdSecureBootEnable is true, the authenticated variable FV is created. Otherwise the standard FV is created. Signed-off-by: lgrosenb Reviewed-by: jljusten Reviewed-by: mdkinney git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13092 6f19259b-4bc3-4df7-8a09-765794883524 --- OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c | 79 +++++++++++++++++++++++- OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf | 3 + 2 files changed, 81 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c index ea9ffdcd61..c1f46a7d9d 100644 --- a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c +++ b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c @@ -34,6 +34,9 @@ #include #include "Fvb.h" +#define EFI_AUTHENTICATED_VARIABLE_GUID \ +{ 0xaaf32c78, 0x947b, 0x439a, { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 } } + // // Virtual Address Change Event // @@ -622,6 +625,9 @@ InitializeFvAndVariableStoreHeaders ( IN VOID *Ptr ) { + // + // Templates for standard (non-authenticated) variable FV header + // STATIC FVB_FV_HDR_AND_VARS_TEMPLATE FvAndVarTemplate = { { // EFI_FIRMWARE_VOLUME_HEADER FvHdr; // UINT8 ZeroVector[16]; @@ -684,12 +690,83 @@ InitializeFvAndVariableStoreHeaders ( 0 } }; + + // + // Templates for authenticated variable FV header + // + STATIC FVB_FV_HDR_AND_VARS_TEMPLATE FvAndAuthenticatedVarTemplate = { + { // EFI_FIRMWARE_VOLUME_HEADER FvHdr; + // UINT8 ZeroVector[16]; + { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, + + // EFI_GUID FileSystemGuid; + EFI_SYSTEM_NV_DATA_FV_GUID, + + // UINT64 FvLength; + EMU_FVB_SIZE, + + // UINT32 Signature; + EFI_FVH_SIGNATURE, + + // EFI_FVB_ATTRIBUTES_2 Attributes; + 0x4feff, + + // UINT16 HeaderLength; + EMU_FV_HEADER_LENGTH, + + // UINT16 Checksum; + 0, + + // UINT16 ExtHeaderOffset; + 0, + + // UINT8 Reserved[1]; + 0, + + // UINT8 Revision; + EFI_FVH_REVISION, + + // EFI_FV_BLOCK_MAP_ENTRY BlockMap[1]; + { 2, // UINT32 NumBlocks; + EMU_FVB_BLOCK_SIZE // UINT32 Length; + } + }, + // EFI_FV_BLOCK_MAP_ENTRY EndBlockMap; + { 0, 0 }, // End of block map + { // VARIABLE_STORE_HEADER VarHdr; + // EFI_GUID Signature; // need authenticated variables for secure boot + EFI_AUTHENTICATED_VARIABLE_GUID, + + // UINT32 Size; + ( + FixedPcdGet32 (PcdVariableStoreSize) - + OFFSET_OF (FVB_FV_HDR_AND_VARS_TEMPLATE, VarHdr) + ), + + // UINT8 Format; + VARIABLE_STORE_FORMATTED, + + // UINT8 State; + VARIABLE_STORE_HEALTHY, + + // UINT16 Reserved; + 0, + + // UINT32 Reserved1; + 0 + } + }; + EFI_FIRMWARE_VOLUME_HEADER *Fv; // // Copy the template structure into the location // - CopyMem (Ptr, (VOID*)&FvAndVarTemplate, sizeof (FvAndVarTemplate)); + if (FeaturePcdGet (PcdSecureBootEnable) == FALSE) { + CopyMem (Ptr, (VOID*)&FvAndVarTemplate, sizeof (FvAndVarTemplate)); + } else { + CopyMem (Ptr, (VOID*)&FvAndAuthenticatedVarTemplate, sizeof (FvAndAuthenticatedVarTemplate)); + } // // Update the checksum for the FV header diff --git a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf index 69b3c9972a..4d4827decb 100644 --- a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf +++ b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf @@ -68,6 +68,9 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved +[FeaturePcd] + gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable + [Depex] TRUE -- 2.39.2