From patchwork Mon Jan 8 05:45:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: kalyan-nagabhirava X-Patchwork-Id: 123679 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2319756qgn; Sun, 7 Jan 2018 21:45:53 -0800 (PST) X-Google-Smtp-Source: ACJfBotw0wryfVqxuarHL91eVeHpXgRyeG6MEc0BCKtMptbjrTD9rXahk34Dq6AZO5fUy2BzQBpJ X-Received: by 10.159.216.151 with SMTP id s23mr5394028plp.168.1515390353640; Sun, 07 Jan 2018 21:45:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515390353; cv=none; d=google.com; s=arc-20160816; b=szUQ6nD0SbfjE4cjThmQB1iYZPr0dAApB3Q2Gwnlk/kALv4+N9l7niyQdPcNKJaFZV MtwiU5DEEifZ1Sr0EqmHfo7AtiIMmIMrZQw+FtIr0bRK2C2KGSo/zVvANCyu0QZvZtq7 EPbJsVwfbGcE4wZRa/9aDqH6KUqnJrL7WkbllBkvxceusWrZr4TjPQq7/yOp2OwMbHDf w24Rw1f0lfli2RzDbbImx1StWo2OBz6yx7B3EOGQoTilrJbCwQb9AwLW3IRt7pNZIK2g fjEtueEzQL1h8ttKIjGxC5YRBuTAuktqqDtQzDip7pm5bq8Uune6AV/dU6LnpufPJD0F FIGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:delivered-to:arc-authentication-results; bh=t67XaX6F3JbGcfI2L7fBUZQEobQ7zOjSsXIgFFcCtP0=; b=YEdz4lkpVIQhLF+xrCoIjqRtIs+dPUwwFWT33jUf6nRFj22PZ0BStZxSFcMQdJgfQ4 vNDcHX1OIUbu9KCJTuUV79vGGnB8r7tCY/zOyAkGc2pb3Nu0zYQ84/fYHP7jxrXR6byz xx2iaNuPLOmkvJUKiVg25wYNX3s3/CQt2bzAGoSlaAUpoe6a4tMGCUwqE/Cj3R1fF+lW p28zOshixvFihKO7T7ItDaDScJUDUkZh/2IxfBVnb4m1XAzFPJSlV72Ka03OI/pcaldb 2Qo9YKCjUBQQaO7KJx40FQZtEgodKycyS9oibAOQWcwOAU0hdsc1Xd6AwBYKXMGsKOTp NZdQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=afIh9LT2; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from ml01.01.org (ml01.01.org. [198.145.21.10]) by mx.google.com with ESMTPS id bb5si624920plb.236.2018.01.07.21.45.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 07 Jan 2018 21:45:53 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) client-ip=198.145.21.10; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=afIh9LT2; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id A8D82222A54D5; Sun, 7 Jan 2018 21:40:43 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:400e:c05::242; helo=mail-pg0-x242.google.com; envelope-from=kalyankumar.nagabhirava@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-pg0-x242.google.com (mail-pg0-x242.google.com [IPv6:2607:f8b0:400e:c05::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 22CDC21CB87BF for ; Sun, 7 Jan 2018 21:40:42 -0800 (PST) Received: by mail-pg0-x242.google.com with SMTP id q12so4888524pgt.7 for ; Sun, 07 Jan 2018 21:45:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=zXwXpfE2gwJBH4/BFdFz5hFswc5UMjFZtrfMYDr+v1o=; b=afIh9LT2rXPPLONOct36s1oe1Di3Ym6s6Pd+5BwZkOeKpAJ+LhR5V2n3iK3Jatj/zM 6yirJcoJ3ulXUVOltDc7tSDLHbacn5quMPLCjjpOxo344vaKYJPMGnwIzYvU7OduqmBE p4090L73feYuAHwxHZ9iO3yWrf9yUB0Geic+w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=zXwXpfE2gwJBH4/BFdFz5hFswc5UMjFZtrfMYDr+v1o=; b=QE+bT11ddjzdipHNnwfNQCI2Gcq0O8KJH7yyKZY+UEsbkwWOA8BQ2Yu1Qilz0S5zkm 5SZIIQ8GOb5u31cqaEua2rdAMK48AJ0wHWf8lFJYCDwCDpkOe2SM2t6QRnD53HGGpSR4 yG1HBaICHG0DpGdkxXfiaH27fTIaBk2ifgmAadeC5j7ldL3APwTxVLmoO8TUZwg+q7m3 8Lo/PzmEGNMWbCsCMhZoMhbGh4EhLM4QdTq29bnD8qTRfCs4kZu3aCf8G9CyrJacqdv+ UAefTRYT3Boa5yKTxNWqSARgXorIHiVAnolpfm7L9AN2ynilCtRr0N0R+9GTnuIkvHs1 kmhw== X-Gm-Message-State: AKGB3mJ7MJoq3BWKWY8ZG/EuU5vspZZyWqZ6f9pen+hm+79nS/d3Aiic ESQa2qhZhtQy6Olb7Qi7dQ8KNk0eLOU= X-Received: by 10.84.225.17 with SMTP id t17mr349400plj.269.1515390350289; Sun, 07 Jan 2018 21:45:50 -0800 (PST) Received: from localhost.localdomain ([220.225.120.129]) by smtp.gmail.com with ESMTPSA id f188sm4348648pfc.22.2018.01.07.21.45.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 07 Jan 2018 21:45:49 -0800 (PST) From: kalyan-nagabhirava To: edk2-devel@lists.01.org Date: Mon, 8 Jan 2018 11:15:10 +0530 Message-Id: <20180108054513.2279-2-kalyankumar.nagabhirava@linaro.org> X-Mailer: git-send-email 2.15.0 In-Reply-To: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org> References: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org> Subject: [edk2] [PATCH v1 1/4] edk2-platforms: created Rdk Qemu platform for RDK UEFI applications X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" Linaro and RDK are working on standardizing the boot process for RDK STB boxes using Uefi. we implmented couple of RDK UEFI apllications(secure boot and DRI ) which are tested on RDK qemu platform Cc: Ard Biesheuvel Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: kalyan-nagabhirava --- Platform/Comcast/RDKQemu/RDKQemu.dsc | 431 ++++++++++++++++++++ Platform/Comcast/RDKQemu/RDKQemu.fdf | 128 ++++++ Platform/Comcast/RDKQemu/README | 77 ++++ 3 files changed, 636 insertions(+) -- 2.15.0 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel diff --git a/Platform/Comcast/RDKQemu/RDKQemu.dsc b/Platform/Comcast/RDKQemu/RDKQemu.dsc new file mode 100644 index 000000000000..dec16c67e3e2 --- /dev/null +++ b/Platform/Comcast/RDKQemu/RDKQemu.dsc @@ -0,0 +1,431 @@ +# +# Copyright (c) 2011-2015, ARM Limited. All rights reserved. +# Copyright (c) 2014, Linaro Limited. All rights reserved. +# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# +# + +################################################################################ +# +# Defines Section - statements that will be processed to create a Makefile. +# +################################################################################ +[Defines] + PLATFORM_NAME = RdkQemu + PLATFORM_GUID = 2D89EF13-B604-4550-B080-5E2E5E382854 + PLATFORM_VERSION = 0.1 + DSC_SPECIFICATION = 0x00010005 + OUTPUT_DIRECTORY = Build/RDK-$(ARCH) + SUPPORTED_ARCHITECTURES = AARCH64|ARM + BUILD_TARGETS = DEBUG|RELEASE + SKUID_IDENTIFIER = DEFAULT + FLASH_DEFINITION = Platform/Comcast/RDKQemu/RDKQemu.fdf + + # + # Defines for default states. These can be changed on the command line. + # -D FLAG=VALUE + # + DEFINE SECURE_BOOT_ENABLE = FALSE + DEFINE HTTP_BOOT_ENABLE = FALSE + +!include ArmVirtPkg/ArmVirt.dsc.inc + +[LibraryClasses.common] + ArmLib|ArmPkg/Library/ArmLib/ArmBaseLib.inf + ArmMmuLib|ArmPkg/Library/ArmMmuLib/ArmMmuBaseLib.inf + + # Virtio Support + VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf + VirtioMmioDeviceLib|OvmfPkg/Library/VirtioMmioDeviceLib/VirtioMmioDeviceLib.inf + QemuFwCfgLib|ArmVirtPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf + QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/BaseQemuFwCfgS3LibNull.inf + + ArmPlatformLib|ArmPlatformPkg/Library/ArmPlatformLibNull/ArmPlatformLibNull.inf + + TimerLib|ArmPkg/Library/ArmArchTimerLib/ArmArchTimerLib.inf + NorFlashPlatformLib|ArmVirtPkg/Library/NorFlashQemuLib/NorFlashQemuLib.inf + + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf + BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf + PlatformBootManagerLib|ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf + CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf + QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.inf + FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf + PciPcdProducerLib|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPcdProducerLib.inf + PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf + PciHostBridgeLib|ArmVirtPkg/Library/FdtPciHostBridgeLib/FdtPciHostBridgeLib.inf + RdkBootManagerLib|Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.inf +!if $(HTTP_BOOT_ENABLE) == TRUE + HttpLib|MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.inf +!endif + +[LibraryClasses.common.PEIM] + ArmVirtMemInfoLib|ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoPeiLib.inf + +[LibraryClasses.common.UEFI_DRIVER] + UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf + +################################################################################ +# +# Pcd Section - list of all EDK II PCD Entries defined by this Platform +# +################################################################################ + +[PcdsFeatureFlag.common] + gUefiOvmfPkgTokenSpaceGuid.PcdQemuBootOrderPciTranslation|TRUE + gUefiOvmfPkgTokenSpaceGuid.PcdQemuBootOrderMmioTranslation|TRUE + + ## If TRUE, Graphics Output Protocol will be installed on virtual handle created by ConsplitterDxe. + # It could be set FALSE to save size. + gEfiMdeModulePkgTokenSpaceGuid.PcdConOutGopSupport|TRUE + gEfiMdeModulePkgTokenSpaceGuid.PcdConOutUgaSupport|FALSE + +[PcdsFixedAtBuild.common] + gArmPlatformTokenSpaceGuid.PcdCoreCount|1 +!if $(ARCH) == AARCH64 + gArmTokenSpaceGuid.PcdVFPEnabled|1 +!endif + + gArmPlatformTokenSpaceGuid.PcdCPUCoresStackBase|0x4007c000 + gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize|0x4000 + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000 + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800 + + # Size of the region used by UEFI in permanent memory (Reserved 64MB) + gArmPlatformTokenSpaceGuid.PcdSystemMemoryUefiRegionSize|0x04000000 + + ## Trustzone enable (to make the transition from EL3 to EL2 in ArmPlatformPkg/Sec) + gArmTokenSpaceGuid.PcdTrustzoneSupport|FALSE + + # + # ARM PrimeCell + # + + ## PL011 - Serial Terminal + gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate|38400 + + ## Default Terminal Type + ## 0-PCANSI, 1-VT100, 2-VT00+, 3-UTF8, 4-TTYTERM +!if $(TTY_TERMINAL) == TRUE + gEfiMdePkgTokenSpaceGuid.PcdDefaultTerminalType|4 +!else + gEfiMdePkgTokenSpaceGuid.PcdDefaultTerminalType|1 +!endif + + # + # ARM Virtual Architectural Timer -- fetch frequency from QEMU (TCG) or KVM + # + gArmTokenSpaceGuid.PcdArmArchTimerFreqInHz|0 + +!if $(HTTP_BOOT_ENABLE) == TRUE + gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections|TRUE +!endif + # System Memory Base -- fixed at 0x4000_0000 + gArmTokenSpaceGuid.PcdSystemMemoryBase|0x40000000 + + # initial location of the device tree blob passed by QEMU -- base of DRAM + gArmVirtTokenSpaceGuid.PcdDeviceTreeInitialBaseAddress|0x40000000 + + gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE + gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 } + + # + # The maximum physical I/O addressability of the processor, set with + # BuildCpuHob(). + # + gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 + + # + # RdkPkg Pcds + # + # system partition name is nothing but rootfs partition, used only in Http boot (DRI) + gRdkTokenSpaceGuid.PcdRdkSystemPartitionName|"VenHw(837DCA9E-E874-4D82-B29A-23FE0E23D1E2,003E000A00000000)" + gRdkTokenSpaceGuid.PcdRdkCmdLineArgs|"root=/dev/vda" + gRdkTokenSpaceGuid.PcdRdkConfFileName|L"Rdk.conf" + gRdkTokenSpaceGuid.PcdRdkConfFileDevicePath|L"PciRoot(0x0)/Pci(0x2,0x0)" + +[PcdsFixedAtBuild.AARCH64] + # KVM limits it IPA space to 40 bits (1 TB), so there is no need to + # support anything bigger, even if the host hardware does + gEmbeddedTokenSpaceGuid.PcdPrePiCpuMemorySize|40 + + # Clearing BIT0 in this PCD prevents installing a 32-bit SMBIOS entry point, + # if the entry point version is >= 3.0. AARCH64 OSes cannot assume the + # presence of the 32-bit entry point anyway (because many AARCH64 systems + # don't have 32-bit addressable physical RAM), and the additional allocations + # below 4 GB needlessly fragment the memory map. So expose the 64-bit entry + # point only, for entry point versions >= 3.0. + gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosEntryPointProvideMethod|0x2 + + # ACPI predates the AARCH64 architecture by 5 versions, so + # we only target OSes that support ACPI v5.0 or later + gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiExposedTableVersions|0x20 + +[PcdsDynamicDefault.common] + gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut|3 + + ## If TRUE, OvmfPkg/AcpiPlatformDxe will not wait for PCI + # enumeration to complete before installing ACPI tables. + gEfiMdeModulePkgTokenSpaceGuid.PcdPciDisableBusEnumeration|TRUE + + # System Memory Size -- 1 MB initially, actual size will be fetched from DT + gArmTokenSpaceGuid.PcdSystemMemorySize|0x00100000 + + gArmTokenSpaceGuid.PcdArmArchTimerSecIntrNum|0x0 + gArmTokenSpaceGuid.PcdArmArchTimerIntrNum|0x0 + gArmTokenSpaceGuid.PcdArmArchTimerVirtIntrNum|0x0 + gArmTokenSpaceGuid.PcdArmArchTimerHypIntrNum|0x0 + + # + # ARM General Interrupt Controller + # + gArmTokenSpaceGuid.PcdGicDistributorBase|0x0 + gArmTokenSpaceGuid.PcdGicRedistributorsBase|0x0 + gArmTokenSpaceGuid.PcdGicInterruptInterfaceBase|0x0 + + ## PL031 RealTimeClock + gArmPlatformTokenSpaceGuid.PcdPL031RtcBase|0x0 + + # set PcdPciExpressBaseAddress to MAX_UINT64, which signifies that this + # PCD and PcdPciDisableBusEnumeration above have not been assigned yet + gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|0xFFFFFFFFFFFFFFFF + + gArmTokenSpaceGuid.PcdPciIoTranslation|0x0 + + # + # Set video resolution for boot options and for text setup. + # PlatformDxe can set the former at runtime. + # + gEfiMdeModulePkgTokenSpaceGuid.PcdVideoHorizontalResolution|800 + gEfiMdeModulePkgTokenSpaceGuid.PcdVideoVerticalResolution|600 + gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoHorizontalResolution|640 + gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoVerticalResolution|480 + + # + # SMBIOS entry point version + # + gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosVersion|0x0300 + gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0 + gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE + +[PcdsDynamicHii] + gArmVirtTokenSpaceGuid.PcdForceNoAcpi|L"ForceNoAcpi"|gArmVirtVariableGuid|0x0|FALSE|NV,BS + +################################################################################ +# +# Components Section - list of all EDK II Modules needed by this Platform +# +################################################################################ +[Components.common] + # + # PEI Phase modules + # + ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf + MdeModulePkg/Core/Pei/PeiMain.inf + MdeModulePkg/Universal/PCD/Pei/Pcd.inf { + + PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + } + ArmPlatformPkg/PlatformPei/PlatformPeim.inf + ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf + ArmPkg/Drivers/CpuPei/CpuPei.inf + + MdeModulePkg/Universal/Variable/Pei/VariablePei.inf + + MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf { + + NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf + } + + # + # DXE + # + MdeModulePkg/Core/Dxe/DxeMain.inf { + + NULL|MdeModulePkg/Library/DxeCrc32GuidedSectionExtractLib/DxeCrc32GuidedSectionExtractLib.inf + } + MdeModulePkg/Universal/PCD/Dxe/Pcd.inf { + + PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf + } + + # + # Architectural Protocols + # + ArmPkg/Drivers/CpuDxe/CpuDxe.inf + MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf + MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf { + + NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf + # don't use unaligned CopyMem () on the UEFI varstore NOR flash region + BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf + } +!if $(SECURE_BOOT_ENABLE) == TRUE + MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf { + + NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf + } + SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf +!else + MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf +!endif + MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf + MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf + MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf + MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf + EmbeddedPkg/RealTimeClockRuntimeDxe/RealTimeClockRuntimeDxe.inf { + + NULL|ArmVirtPkg/Library/ArmVirtPL031FdtClientLib/ArmVirtPL031FdtClientLib.inf + } + EmbeddedPkg/MetronomeDxe/MetronomeDxe.inf + + MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf + MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf + MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf + MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf + MdeModulePkg/Universal/SerialDxe/SerialDxe.inf + + MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf + + ArmPkg/Drivers/ArmGic/ArmGicDxe.inf + ArmPkg/Drivers/TimerDxe/TimerDxe.inf { + + NULL|ArmVirtPkg/Library/ArmVirtTimerFdtClientLib/ArmVirtTimerFdtClientLib.inf + } + ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf + MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf + + # + # Platform Driver + # + ArmVirtPkg/VirtioFdtDxe/VirtioFdtDxe.inf + ArmVirtPkg/FdtClientDxe/FdtClientDxe.inf + ArmVirtPkg/HighMemDxe/HighMemDxe.inf + OvmfPkg/VirtioBlkDxe/VirtioBlk.inf + OvmfPkg/VirtioScsiDxe/VirtioScsi.inf + OvmfPkg/VirtioNetDxe/VirtioNet.inf + OvmfPkg/VirtioRngDxe/VirtioRng.inf + + # + # FAT filesystem + GPT/MBR partitioning + UDF filesystem + # + MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf + MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf + MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf + FatPkg/EnhancedFatDxe/Fat.inf + MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf + + # + # Bds + # + MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf + MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf + MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf + MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf + MdeModulePkg/Universal/BdsDxe/BdsDxe.inf + MdeModulePkg/Logo/LogoDxe.inf + MdeModulePkg/Application/UiApp/UiApp.inf { + + NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf + NULL|MdeModulePkg/Library/BootManagerUiLib/BootManagerUiLib.inf + NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanceManagerUiLib.inf + } + + # + # Networking stack + # + MdeModulePkg/Universal/Network/DpcDxe/DpcDxe.inf + MdeModulePkg/Universal/Network/ArpDxe/ArpDxe.inf + MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Dxe.inf + MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Dxe.inf + MdeModulePkg/Universal/Network/MnpDxe/MnpDxe.inf + MdeModulePkg/Universal/Network/VlanConfigDxe/VlanConfigDxe.inf + MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Dxe.inf + MdeModulePkg/Universal/Network/Tcp4Dxe/Tcp4Dxe.inf + MdeModulePkg/Universal/Network/Udp4Dxe/Udp4Dxe.inf + MdeModulePkg/Universal/Network/UefiPxeBcDxe/UefiPxeBcDxe.inf + MdeModulePkg/Universal/Network/IScsiDxe/IScsiDxe.inf +!if $(HTTP_BOOT_ENABLE) == TRUE + NetworkPkg/DnsDxe/DnsDxe.inf + NetworkPkg/HttpUtilitiesDxe/HttpUtilitiesDxe.inf + NetworkPkg/HttpDxe/HttpDxe.inf + NetworkPkg/HttpBootDxe/HttpBootDxe.inf +!endif + # + # SCSI Bus and Disk Driver + # + MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf + MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf + + # + # SMBIOS Support + # + MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf { + + NULL|OvmfPkg/Library/SmbiosVersionLib/DetectSmbiosVersionLib.inf + } + OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.inf + + # + # PCI support + # + ArmPkg/Drivers/ArmPciCpuIo2Dxe/ArmPciCpuIo2Dxe.inf { + + NULL|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPcdProducerLib.inf + } + MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf + MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf { + + NULL|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPcdProducerLib.inf + } + OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf + OvmfPkg/Virtio10Dxe/Virtio10.inf + + # + # Video support + # + OvmfPkg/VirtioGpuDxe/VirtioGpu.inf + OvmfPkg/PlatformDxe/Platform.inf + + # + # USB Support + # + MdeModulePkg/Bus/Pci/UhciDxe/UhciDxe.inf + MdeModulePkg/Bus/Pci/EhciDxe/EhciDxe.inf + MdeModulePkg/Bus/Pci/XhciDxe/XhciDxe.inf + MdeModulePkg/Bus/Usb/UsbBusDxe/UsbBusDxe.inf + MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf + MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf + + # + # ACPI Support + # + ArmVirtPkg/PlatformHasAcpiDtDxe/PlatformHasAcpiDtDxe.inf + + # + #RdkPkg + # + Platform/Comcast/Application/Dri/Dri.inf + Platform/Comcast/Application/SecureBoot/SecureBoot.inf + Platform/Comcast/Application/DriSecureBoot/DriSecureBoot.inf + +[Components.AARCH64] + MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf + OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpiPlatformDxe.inf { + + NULL|ArmVirtPkg/Library/FdtPciPcdProducerLib/FdtPciPcdProducerLib.inf + } + +[PcdsFixedAtBuild] + gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections|TRUE + +[BuildOptions] + GCC:*_*_*_CC_FLAGS = -UDISABLE_NEW_DEPRECATED_INTERFACES diff --git a/Platform/Comcast/RDKQemu/RDKQemu.fdf b/Platform/Comcast/RDKQemu/RDKQemu.fdf new file mode 100644 index 000000000000..aec06f973d82 --- /dev/null +++ b/Platform/Comcast/RDKQemu/RDKQemu.fdf @@ -0,0 +1,128 @@ +# +# Copyright (c) 2011-2015, ARM Limited. All rights reserved. +# Copyright (c) 2014, Linaro Limited. All rights reserved. +# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + +################################################################################ +# +# FD Section +# The [FD] Section is made up of the definition statements and a +# description of what goes into the Flash Device Image. Each FD section +# defines one flash "device" image. A flash device image may be one of +# the following: Removable media bootable image (like a boot floppy +# image,) an Option ROM image (that would be "flashed" into an add-in +# card,) a System "Flash" image (that would be burned into a system's +# flash) or an Update ("Capsule") image that will be used to update and +# existing system flash. +# +################################################################################ + +[FD.RDK_EFI] +BaseAddress = 0x00000000|gArmTokenSpaceGuid.PcdFdBaseAddress # QEMU assigns 0 - 0x8000000 for a BootROM +Size = 0x00200000|gArmTokenSpaceGuid.PcdFdSize # The size in bytes of the FLASH Device +ErasePolarity = 1 + +# This one is tricky, it must be: BlockSize * NumBlocks = Size +BlockSize = 0x00001000 +NumBlocks = 0x200 + +################################################################################ +# +# Following are lists of FD Region layout which correspond to the locations of different +# images within the flash device. +# +# Regions must be defined in ascending order and may not overlap. +# +# A Layout Region start with a eight digit hex offset (leading "0x" required) followed by +# the pipe "|" character, followed by the size of the region, also in hex with the leading +# "0x" characters. Like: +# Offset|Size +# PcdOffsetCName|PcdSizeCName +# RegionType +# +################################################################################ + +# +# UEFI has trouble dealing with FVs that reside at physical address 0x0. +# So instead, put a hardcoded 'jump to 0x1000' at offset 0x0, and put the +# real FV at offset 0x1000 +# +0x00000000|0x00001000 +DATA = { +!if $(ARCH) == AARCH64 + 0x00, 0x04, 0x00, 0x14 # 'b 0x1000' in AArch64 ASM +!else + 0xfe, 0x03, 0x00, 0xea # 'b 0x1000' in AArch32 ASM +!endif +} + +0x00001000|0x001ff000 +gArmTokenSpaceGuid.PcdFvBaseAddress|gArmTokenSpaceGuid.PcdFvSize +FV = FVMAIN_COMPACT + +!include ArmVirtPkg/VarStore.fdf.inc + +################################################################################ +# +# FV Section +# +# [FV] section is used to define what components or modules are placed within a flash +# device file. This section also defines order the components and modules are positioned +# within the image. The [FV] section consists of define statements, set statements and +# module statements. +# +################################################################################ + +!include ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc + +[FV.FVMAIN_COMPACT] +#FvNameGuid = 64074afe-340a-4be6-94ba-91b5b4d0d412 +FvAlignment = 16 +ERASE_POLARITY = 1 +MEMORY_MAPPED = TRUE +STICKY_WRITE = TRUE +LOCK_CAP = TRUE +LOCK_STATUS = TRUE +WRITE_DISABLED_CAP = TRUE +WRITE_ENABLED_CAP = TRUE +WRITE_STATUS = TRUE +WRITE_LOCK_CAP = TRUE +WRITE_LOCK_STATUS = TRUE +READ_DISABLED_CAP = TRUE +READ_ENABLED_CAP = TRUE +READ_STATUS = TRUE +READ_LOCK_CAP = TRUE +READ_LOCK_STATUS = TRUE + + INF ArmPlatformPkg/PrePeiCore/PrePeiCoreUniCore.inf + INF MdeModulePkg/Core/Pei/PeiMain.inf + INF ArmPlatformPkg/PlatformPei/PlatformPeim.inf + INF ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf + INF ArmPkg/Drivers/CpuPei/CpuPei.inf + INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf + INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf + INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf + + # + # FDT installation + # + # The UEFI driver is at the end of the list of the driver to be dispatched + # after the device drivers (eg: Ethernet) to ensure we have support for them. + #INF Platform/ARM/Drivers/FdtPlatformDxe/FdtPlatformDxe.inf + + FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 { + SECTION GUIDED EE4E5898-3914-4259-9D6E-DC7BD79403CF PROCESSING_REQUIRED = TRUE { + SECTION FV_IMAGE = FVMAIN + } + } + +!include ArmVirtPkg/ArmVirtRules.fdf.inc diff --git a/Platform/Comcast/RDKQemu/README b/Platform/Comcast/RDKQemu/README new file mode 100644 index 000000000000..1c78d0c6dd4c --- /dev/null +++ b/Platform/Comcast/RDKQemu/README @@ -0,0 +1,77 @@ +workspace structure: +-------------------- + +base directory + |__ edk2 + |__ edk2-platforms + |__ uefi-tools + +Prerequisites: +-------------- + +Toolchain: +# 32-bit linaro toolchain +$ wget http://releases.linaro.org/archive/15.02/components/toolchain/binaries/arm-linux-gnueabihf/gcc-linaro-4.9-2015.02-3-x86_64_arm-linux-gnueabihf.tar.xz +# 64-bit linaro toolchain +$ wget http://releases.linaro.org/archive/15.02/components/toolchain/binaries/aarch64-linux-gnu/gcc-linaro-4.9-2015.02-3-x86_64_aarch64-linux-gnu.tar.xz + +# untar each toolchain (tar.xz file) to a separate directory +# export the toolchain bin path +$ export PATH=<32-bit toolchain path>/bin:<64-bit toolchain path>/bin:$PATH + +Before building EDK-II UEFI, prepare base tools +$ cd edk2 +$ make -C BaseTools +$ cd .. + +Building the firmware: +---------------------- + +$ cd +$ ./uefi-tools/edk2-build.sh rdk64 -b -D SECURE_BOOT_ENABLE=TRUE -D HTTP_BOOT_ENABLE=TRUE + +Built firmware (RDK_EFI.fd) can be found in Build/RDK-AARCH64/RELEASE_GCC49/FV directory +and application (.efi files) found in OUTPUT directory from Build/RDK-AARCH64/RELEASE_GCC49/EmbeddedPkg/Application path + + +Application can be tested: +------------------------- +1) Secure boot +2) Disaster Recovery Image (DRI) download +3) DRI Secure boot + +above applications source code path- edk2/EmbeddedPkg/Application + +QEMU setup: +----------- +$ qemu-system-aarch64 -cpu cortex-a57 -M virt -m 512M -bios RDK_EFI.fd -nographic -no-acpi -hda bootpartition.img -hdb fat:keys -drive if=none,file=rootfs.img,format=raw,id=hd0 -device virtio-blk-device,drive=hd0 + +hdb: a directory which contains KEK.cer and PK.cer (public key) files + +hda: bootparititon.img + +$ dd if=/dev/zero bs=1M count=64 of=bootpartition.img +$ mkfs.vfat -F 32 bootpartition.img +$ sudo mount bootpartition.img /mnt +#copy kernel image file (for secure boot), Rdk.conf configuration file, server.url file +$ sudo cp /mnt +$ sudo umount /mnt + +Configuration file: + +RDK Secure boot application accepts 6 configuration +ROOTCERT - key file to validate rootfs +KEKCERT - KEK public Key +PKCERT - PK public key +URL - a text file that contains server URL where DRI image is stored +IMAGE - kernel image file +DTB - Device tree blob file + +// rdk conf file for getting PK , KEK and kernel path in flash partitions +Typical Rdk.conf file: +############################################################ +KEKCERT="PciRoot(0x0)/Pci(0x3,0x0)/HD(1,MBR,0xBE1AFDFA,0x3F,0xFBFC1)/KEK.cer" +PKCERT="PciRoot(0x0)/Pci(0x3,0x0)/HD(1,MBR,0xBE1AFDFA,0x3F,0xFBFC1)/PK.cer" +URL="PciRoot(0x0)/Pci(0x2,0x0)/server.url" +IMAGE="PciRoot(0x0)/Pci(0x2,0x0)/Image" +################################################################ From patchwork Mon Jan 8 05:45:11 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: kalyan-nagabhirava X-Patchwork-Id: 123680 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2319778qgn; Sun, 7 Jan 2018 21:45:56 -0800 (PST) X-Google-Smtp-Source: ACJfBosRakSZSjGOykOYIeYxQ30XeVPlhnBvqrc/XNcAm6st4A8G9KTkmZ/ZyeK4wde+nz3U8cek X-Received: by 10.99.176.74 with SMTP id z10mr8403125pgo.83.1515390356074; Sun, 07 Jan 2018 21:45:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515390356; cv=none; d=google.com; s=arc-20160816; b=Raa2FvKQCZeLnaVv+MppJKf4dfOsZsaEk1/Qi//i/A0KUiiyvSW3OYlyVgjzbk6fRS iyYXUPeeZaIJWBNuIRlmvTFrBmwJGiYGrlinCM9hoN5iBzpXfFQw7QTccgXHkgQkLn4G O1fizx+Jj8I9mJIbM7/LmpAOkKD/3MhlRLhxOEP/GRD4OtgNq/C7UirrW+LDJCXCA1Rv ZXhKvv+AO/SkelM48R23mRI5N/cRbPaOK2VDDaLfPaUFwdMTkUCYPbZ6guIMLjDDlUhI 5XfJd4MlTQR1LHuOFdhJ0rv7rE9XWiLB6u0KMtlZQufE5IY1+C6qEmHiJvGvxiA1hHSu ydbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:delivered-to:arc-authentication-results; bh=xYo7IxHZiubYwNHYguXB+J49GdfiGN6N+jcc/CYpj40=; b=LBBlGEpcOPoxLjkPjI4/xbp7FuabdJ1m038I1lxojfa1NG81XCld7/Mdxopg1Dj2u+ a7Vbn4OP8vMJXKgUk4M4DaOX32TK8XL32ayEa88P1P5kYaS9WYvWk+vLXSHxKr3ZJ05c Qa/TUT8NJYlCT9fcrNvSbTCxHKWDYNwEQJJAnBgynTx/TrikAxB2w7+pwxZNN210U2nq STqYTrQFrapoDodquwLHtCFOwd/ziW+ih9nVVwYcYAx50ri2guVyeeLYfKEon8g6BSMl qzlY3sxhFxGKWTfY5r5pLNQjziCn3OvaO4h72rjK8o8lZQmwR/ztzUf7/oe+Yyj/Sloj jAXA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Fx1uJOAv; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from ml01.01.org (ml01.01.org. [198.145.21.10]) by mx.google.com with ESMTPS id l14si7037472pgn.761.2018.01.07.21.45.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 07 Jan 2018 21:45:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) client-ip=198.145.21.10; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=Fx1uJOAv; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 15166222D155C; Sun, 7 Jan 2018 21:40:46 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:400e:c05::236; helo=mail-pg0-x236.google.com; envelope-from=kalyankumar.nagabhirava@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-pg0-x236.google.com (mail-pg0-x236.google.com [IPv6:2607:f8b0:400e:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id A3C4F21CB87BF for ; Sun, 7 Jan 2018 21:40:44 -0800 (PST) Received: by mail-pg0-x236.google.com with SMTP id c194so3912207pga.12 for ; Sun, 07 Jan 2018 21:45:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=YmiCIjYiQs20/0EvfDk4sIM6Ks4tmngS0vH0kpCUe9Q=; b=Fx1uJOAvK6E2uqnpof12Xc42IuDgqTdCfHIIRfDDuEPE4W5HuhO1aUOy5bn9HIelZa 9Pp70OjX2qwE80STxQkisdfXV8AUyFg9B/y2yNJ/u4djHOvtLcFNpa7ldSXgAB3TVl13 nF4/UJHlDsvYaCb0UNcjgEis5peKREOp1Ob6Q= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=YmiCIjYiQs20/0EvfDk4sIM6Ks4tmngS0vH0kpCUe9Q=; b=Vv2LWk96LXIr4h9eEYSEy6OlaLePV7edLi3TtL6RlqgVuxYdFtGtgPZ7H1BCH52o5/ jMvG6l/f98VEExK0P4gq8pKr8gnJzKyB3ju92Kplul066HNqrTjIGhAle43X+/bjbaCS GSn97ebxe12BU3xoy1/7c+bBHsn5sMnv2UXhAd30KfBhVMCgOOrNl1XMJHe0mua8U9qq Mtd18eI36a1M0Ojf98/1aTYv+xH/C0EEdGgYZLwfofahRjiQnx3SkdFic8sL3vZlYZUf cTpuRlDNOfh1eHjOBQuZD7gIaCVGJgrn/Jj61I4Jq2Tu3sHw81hMIPeqvtmx1f5aYYY6 85KA== X-Gm-Message-State: AKGB3mLN0yNdaJRoNztPf5E1xdf3Gv3CkfaXXwqpJ1gAxgbWa458xskK Y1YMIahkAInMmMgCbhAJba7EC0P0QUQ= X-Received: by 10.84.224.78 with SMTP id a14mr2513548plt.362.1515390352775; Sun, 07 Jan 2018 21:45:52 -0800 (PST) Received: from localhost.localdomain ([220.225.120.129]) by smtp.gmail.com with ESMTPSA id f188sm4348648pfc.22.2018.01.07.21.45.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 07 Jan 2018 21:45:51 -0800 (PST) From: kalyan-nagabhirava To: edk2-devel@lists.01.org Date: Mon, 8 Jan 2018 11:15:11 +0530 Message-Id: <20180108054513.2279-3-kalyankumar.nagabhirava@linaro.org> X-Mailer: git-send-email 2.15.0 In-Reply-To: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org> References: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org> Subject: [edk2] [PATCH v1 2/4] edk2-platforms:comcast: RDK boot manger Library implementation X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" Implemented features related to secure boot and DRI (downloading the image and storing on flash), library has utility of file read and write operations for fat and raw flash partition, it reads file path and load the file content using configuration file. Cc: Ard Biesheuvel Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: kalyan-nagabhirava --- Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec | 50 ++ Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.inf | 79 +++ Platform/Comcast/Library/RdkBootManagerLib/Include/DiskIo.h | 20 + Platform/Comcast/Library/RdkBootManagerLib/Include/HttpBoot.h | 7 + Platform/Comcast/Library/RdkBootManagerLib/Include/List.h | 52 ++ Platform/Comcast/Library/RdkBootManagerLib/Include/RdkBootManagerLib.h | 31 ++ Platform/Comcast/Library/RdkBootManagerLib/Include/RdkFile.h | 20 + Platform/Comcast/Library/RdkBootManagerLib/Include/SecureBoot.h | 40 ++ Platform/Comcast/Library/RdkBootManagerLib/DiskIo.c | 358 ++++++++++++++ Platform/Comcast/Library/RdkBootManagerLib/HttpBoot.c | 323 +++++++++++++ Platform/Comcast/Library/RdkBootManagerLib/RdkFile.c | 345 +++++++++++++ Platform/Comcast/Library/RdkBootManagerLib/SecureBoot.c | 506 ++++++++++++++++++++ 12 files changed, 1831 insertions(+) -- 2.15.0 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel diff --git a/Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec b/Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec new file mode 100644 index 000000000000..3f3635592325 --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec @@ -0,0 +1,50 @@ +# +# Copyright (c) 2014-2017, Linaro Limited. All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + +[Defines] + DEC_SPECIFICATION = 0x00010019 + PACKAGE_NAME = RdkPkg + PACKAGE_GUID = 2f1f2d5e-d9e1-4aa1-8eb9-fed94682e140 + PACKAGE_VERSION = 0.1 + +################################################################################ +# +# Include Section - list of Include Paths that are provided by this package. +# Comments are used for Keywords and Module Types. +# +# Supported Module Types: +# BASE SEC PEI_CORE PEIM DXE_CORE DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER DXE_SAL_DRIVER UEFI_DRIVER UEFI_APPLICATION +# +################################################################################ +[Includes.common] + Include # Root include for the package + +[Guids.common] + gRdkTokenSpaceGuid = { 0x408c1892, 0xf11a, 0x40c7, { 0xaa, 0x5f, 0x0d, 0x16, 0xc8, 0xb2, 0x52, 0x59 } } + gRdkGlobalVariableGuid = { 0xc3253c90, 0xa24f, 0x4599, { 0xa6, 0x64, 0x1f, 0x88, 0x13, 0x77, 0x8f, 0xc9 } } + +[PcdsFixedAtBuild.common] + # Rdk Library + gRdkTokenSpaceGuid.PcdRdkSystemPartitionName|""|VOID*|0x02000003 + gRdkTokenSpaceGuid.PcdRdkConfFileName|""|VOID*|0x02000004 + gRdkTokenSpaceGuid.PcdRdkCmdLineArgs|""|VOID*|0x02000013 + gRdkTokenSpaceGuid.PcdRdkConfFileDevicePath|L""|VOID*|0x02000014 + gRdkTokenSpaceGuid.PcdDtbAvailable|FALSE|BOOLEAN|0x00300014 + + # GUID of RdkSecureBootLoader + gRdkTokenSpaceGuid.PcdRdkSecureBootFile|{ 0x0f, 0x93, 0xc7, 0xb2, 0xef, 0x07, 0x05, 0x43, 0xac, 0x4e, 0x1c, 0xe2, 0x08, 0x5a, 0x70, 0x31 }|VOID*|0x00000100 + + # GUID of RdkDri + gRdkTokenSpaceGuid.PcdRdkDriFile|{ 0x8a, 0xa1, 0x1b, 0x08, 0x1e, 0xd7, 0xa7, 0x40, 0x99, 0xa9, 0xcd, 0xb8, 0x64, 0x63, 0x96, 0x6d }|VOID*|0x00001000 + + # GUID of RdkDriSecureBootLoader + gRdkTokenSpaceGuid.PcdRdkDriSecureBootFile|{ 0xd7, 0xd1, 0x52, 0xdd, 0xe2, 0x0d, 0x52, 0x45, 0x98, 0xe0, 0x8d, 0xbe, 0xe4, 0x58, 0xa5, 0x02 }|VOID*|0x00100000 diff --git a/Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.inf b/Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.inf new file mode 100644 index 000000000000..ecd9f578a580 --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.inf @@ -0,0 +1,79 @@ +# +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# Copyright (c) 2016-2017, comcast . All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + +################################################################################ +# +# Defines Section - statements that will be processed to create a Makefile. +# +################################################################################ + +[Defines] + INF_VERSION = 0x00010006 + BASE_NAME = RdkBootManagerLib + FILE_GUID = 901f54f2-9d70-9b89-9c0a-d9ca25379059 + MODULE_TYPE = DXE_DRIVER + VERSION_STRING = 1.0 + LIBRARY_CLASS = RdkBootManagerLib|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_APPLICATION UEFI_DRIVER + +[Sources] + DiskIo.c + SecureBoot.c + HttpBoot.c + RdkFile.c + +[Packages] + ArmPkg/ArmPkg.dec + ArmPlatformPkg/ArmPlatformPkg.dec + EmbeddedPkg/EmbeddedPkg.dec + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + ShellPkg/ShellPkg.dec + SecurityPkg/SecurityPkg.dec + CryptoPkg/CryptoPkg.dec + NetworkPkg/NetworkPkg.dec + Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec + +[Guids] + gEfiCertX509Guid + gEfiCertPkcs7Guid + gEfiCustomModeEnableGuid + gEfiImageSecurityDatabaseGuid + gFdtTableGuid + gRdkGlobalVariableGuid + +[Protocols] + gEfiBlockIoProtocolGuid + gEfiDevicePathToTextProtocolGuid + gEfiDevicePathFromTextProtocolGuid + gEfiLoadedImageProtocolGuid + gEfiShellProtocolGuid + gEfiDiskIoProtocolGuid + gEfiLoadFileProtocolGuid + +[Pcd] + gRdkTokenSpaceGuid.PcdRdkCmdLineArgs + gRdkTokenSpaceGuid.PcdRdkSystemPartitionName + gRdkTokenSpaceGuid.PcdRdkConfFileName + gRdkTokenSpaceGuid.PcdRdkConfFileDevicePath + gRdkTokenSpaceGuid.PcdDtbAvailable + +[LibraryClasses] + FileHandleLib + ArmLib + BaseLib + DebugLib + DevicePathLib + HobLib + PcdLib + NetLib + diff --git a/Platform/Comcast/Library/RdkBootManagerLib/Include/DiskIo.h b/Platform/Comcast/Library/RdkBootManagerLib/Include/DiskIo.h new file mode 100644 index 000000000000..003df0c0715c --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/Include/DiskIo.h @@ -0,0 +1,20 @@ +#ifndef _RDK_DISK_IO_H_ +#define _RDK_DISK_IO_H_ + +extern +EFI_STATUS +PartitionRead ( + IN CHAR8 *PartitionName, + IN VOID *Image, + IN UINTN Size + ); + +extern +EFI_STATUS +PartitionWrite ( + IN CHAR8 *PartitionName, + IN VOID *Image, + IN UINTN Size + ); + +#endif /* _RDK_DISK_IO_H_ */ diff --git a/Platform/Comcast/Library/RdkBootManagerLib/Include/HttpBoot.h b/Platform/Comcast/Library/RdkBootManagerLib/Include/HttpBoot.h new file mode 100644 index 000000000000..80f448ee4140 --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/Include/HttpBoot.h @@ -0,0 +1,7 @@ +#ifndef _RDK_HTTP_BOOT_H_ +#define _RDK_HTTP_BOOT_H_ + +extern EFI_STATUS +RdkHttpBoot ( VOID ); + +#endif /* _RDK_HTTP_BOOT_H_ */ diff --git a/Platform/Comcast/Library/RdkBootManagerLib/Include/List.h b/Platform/Comcast/Library/RdkBootManagerLib/Include/List.h new file mode 100644 index 000000000000..02a44f6699ac --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/Include/List.h @@ -0,0 +1,52 @@ +#ifndef __LIST_H__ +#define __LIST_H__ + +#define OFFSETOF(TYPE, MEMBER) ((long unsigned int) &((TYPE *)0)->MEMBER) + +/** + * container_of - cast a member of a structure out to the containing structure + * @ptr: the pointer to the member. + * @type: the type of the container struct this is embedded in. + * @member: the name of the member within the struct. + * + */ +#define CONTAINER_OF(Ptr, Type, Member) ({ \ + const typeof( ((Type *)0)->Member ) *__Mptr = (Ptr); \ + (Type *)( (char *)__Mptr - OFFSETOF(Type,Member) );}) + + + +/** + * list_entry - get the struct for this entry + * @ptr: the &LIST_HEAD pointer. + * @type: the type of the struct this is embedded in. + * @member: the name of the list_struct within the struct. + */ +#define LIST_ENTRY(Ptr, Type, Member) \ + CONTAINER_OF(Ptr, Type, Member) + +/** + * list_for_each_entry - iterate over list of given type + * @pos: the type * to use as a loop cursor. + * @head: the head for your list. + * @member: the name of the list_struct within the struct. + */ +#define LIST_FOR_EACH_ENTRY(Pos, Head, Member) \ + for (Pos = LIST_ENTRY((Head)->ForwardLink, typeof(*Pos), Member); \ + &Pos->Member != (Head); \ + Pos = LIST_ENTRY(Pos->Member.ForwardLink, typeof(*Pos), Member)) + +/** + * list_for_each_entry_safe - iterate over list of given type safe against removal of list entry + * @pos: the type * to use as a loop cursor. + * @n: another type * to use as temporary storage + * @head: the head for your list. + * @member: the name of the list_struct within the struct. + */ +#define LIST_FOR_EACH_ENTRY_SAFE(Pos, N, Head, Member) \ + for (Pos = LIST_ENTRY((Head)->ForwardLink, typeof(*Pos), Member), \ + N = LIST_ENTRY(Pos->Member.ForwardLink, typeof(*Pos), Member); \ + &Pos->Member != (Head); \ + Pos = N, N = LIST_ENTRY(N->Member.ForwardLink, typeof(*N), Member)) + +#endif /* __LIST_H__ */ diff --git a/Platform/Comcast/Library/RdkBootManagerLib/Include/RdkBootManagerLib.h b/Platform/Comcast/Library/RdkBootManagerLib/Include/RdkBootManagerLib.h new file mode 100644 index 000000000000..5b0b2b1afb79 --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/Include/RdkBootManagerLib.h @@ -0,0 +1,31 @@ +#ifndef __RDK_BOOT_MANAGER_LIB_H__ +#define __RDK_BOOT_MANAGER_LIB_H__ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "SecureBoot.h" +#include "HttpBoot.h" +#include "RdkFile.h" +#include "DiskIo.h" + +#endif /* __RDK_BOOT_MANAGER_LIB_H__ */ diff --git a/Platform/Comcast/Library/RdkBootManagerLib/Include/RdkFile.h b/Platform/Comcast/Library/RdkBootManagerLib/Include/RdkFile.h new file mode 100644 index 000000000000..c5b1d43d5f76 --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/Include/RdkFile.h @@ -0,0 +1,20 @@ +#ifndef __RDK_FILE_H__ +#define __RDK_FILE_H__ + +#include "List.h" + +#define ALLOCATE_STRING_MEM(X) AllocateZeroPool((X + 1) * sizeof(CHAR16)) +#define MAX_VAR 6 + +typedef struct { + CHAR16 *Name; + LIST_ENTRY List; +} DIR_NODE; + +extern EFI_STATUS +GetRdkVariable ( + IN CONST CHAR16 *Name, + OUT CONST CHAR16 **Value + ); + +#endif /* __RDK_FILE_H__ */ diff --git a/Platform/Comcast/Library/RdkBootManagerLib/Include/SecureBoot.h b/Platform/Comcast/Library/RdkBootManagerLib/Include/SecureBoot.h new file mode 100644 index 000000000000..3cfd687670b5 --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/Include/SecureBoot.h @@ -0,0 +1,40 @@ +#ifndef _RDK_SECURE_BOOT_H_ +#define _RDK_SECURE_BOOT_H_ + +#define FILE_HDR_SIZE 16 + +extern UINTN Str2Int ( + VOID * Str +); + +extern EFI_STATUS RdkSecureBoot ( + EFI_HANDLE ImageHandle, + EFI_BOOT_SERVICES *BootServices); + +extern EFI_STATUS RdkReadFile ( + IN CONST CHAR16 *Path, + IN OUT VOID **BufferPtr, + OUT UINTN *FileSize + ); + +extern EFI_STATUS RdkWriteFile ( + IN CONST CHAR16 *Path, + IN OUT VOID **BufferPtr, + OUT UINTN *FileSize + ); + +extern EFI_STATUS GetFileHandler ( + OUT EFI_FILE_HANDLE *FileHandle, + IN CONST CHAR16 *Path, + IN UINT64 OpenMode +); + +typedef enum KEY +{ + PK_KEY=1, + KEK_KEY, + DB_KEY, + DBX_KEY +} eKey; + +#endif /* _RDK_SECURE_BOOT_H_ */ diff --git a/Platform/Comcast/Library/RdkBootManagerLib/DiskIo.c b/Platform/Comcast/Library/RdkBootManagerLib/DiskIo.c new file mode 100644 index 000000000000..7d1952dbcca1 --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/DiskIo.c @@ -0,0 +1,358 @@ +#include + +/* See sparse_format.h in AOSP */ +#define SPARSE_HEADER_MAGIC 0xed26ff3a +#define CHUNK_TYPE_RAW 0xCAC1 +#define CHUNK_TYPE_FILL 0xCAC2 +#define CHUNK_TYPE_DONT_CARE 0xCAC3 +#define CHUNK_TYPE_CRC32 0xCAC4 + +#define PARTITION_NAME_MAX_LENGTH 72/2 + +#define FLASH_DEVICE_PATH_SIZE(DevPath) ( GetDevicePathSize (DevPath) - \ + sizeof (EFI_DEVICE_PATH_PROTOCOL)) + +#define IS_ALPHA(Char) (((Char) <= L'z' && (Char) >= L'a') || \ + ((Char) <= L'Z' && (Char) >= L'Z')) + +typedef struct _DISKIO_PARTITION_LIST { + LIST_ENTRY Link; + CHAR16 PartitionName[PARTITION_NAME_MAX_LENGTH]; + EFI_HANDLE PartitionHandle; +} DISKIO_PARTITION_LIST; + +typedef struct _SPARSE_HEADER { + UINT32 Magic; + UINT16 MajorVersion; + UINT16 MinorVersion; + UINT16 FileHeaderSize; + UINT16 ChunkHeaderSize; + UINT32 BlockSize; + UINT32 TotalBlocks; + UINT32 TotalChunks; + UINT32 ImageChecksum; +} SPARSE_HEADER; + +typedef struct _CHUNK_HEADER { + UINT16 ChunkType; + UINT16 Reserved1; + UINT32 ChunkSize; + UINT32 TotalSize; +} CHUNK_HEADER; + +STATIC LIST_ENTRY mPartitionListHead; +STATIC EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL *mTextOut; + +/* + * Helper to free the partition list + */ +STATIC +VOID +FreePartitionList ( + VOID +) +{ + DISKIO_PARTITION_LIST *Entry; + DISKIO_PARTITION_LIST *NextEntry; + + Entry = (DISKIO_PARTITION_LIST *) GetFirstNode (&mPartitionListHead); + while (!IsNull (&mPartitionListHead, &Entry->Link)) { + NextEntry = (DISKIO_PARTITION_LIST *) GetNextNode (&mPartitionListHead, &Entry->Link); + + RemoveEntryList (&Entry->Link); + FreePool (Entry); + + Entry = NextEntry; + } +} + +/* + * lists the available Block Io and adds handle of given dev path + */ +STATIC +EFI_STATUS +ListBlockIos ( + IN CHAR16 *PartitionName + ) +{ + EFI_STATUS Status; + EFI_HANDLE *AllHandles; + EFI_DEVICE_PATH_TO_TEXT_PROTOCOL *DevPathToText; + EFI_DEVICE_PATH_PROTOCOL *DevicePath; + UINTN LoopIndex; + UINTN NumHandles; + UINT16 *DeviceFullPath; + DISKIO_PARTITION_LIST *Entry; + + InitializeListHead (&mPartitionListHead); + + Status = gBS->LocateProtocol ( + &gEfiDevicePathToTextProtocolGuid, + NULL, + (VOID **) &DevPathToText + ); + ASSERT_EFI_ERROR (Status); + + // Get every Block IO protocol instance installed in the system + Status = gBS->LocateHandleBuffer ( + ByProtocol, + &gEfiBlockIoProtocolGuid, + NULL, + &NumHandles, + &AllHandles + ); + ASSERT_EFI_ERROR (Status); + DEBUG((DEBUG_INFO, "Block IO: %d handles \n", NumHandles)); + + // Get HTTP driver handle from AllHandles + for (LoopIndex = 0; LoopIndex < NumHandles; LoopIndex++) { + // Get the device path for the handle + Status = gBS->OpenProtocol ( + AllHandles[LoopIndex], + &gEfiDevicePathProtocolGuid, + (VOID **) &DevicePath, + gImageHandle, + NULL, + EFI_OPEN_PROTOCOL_GET_PROTOCOL + ); + + DeviceFullPath = DevPathToText->ConvertDevicePathToText ( + DevicePath, + FALSE, + TRUE + ); + + DEBUG((DEBUG_INFO,"Handle[%d] is %p, fullpath %s\n", LoopIndex, AllHandles[LoopIndex], DeviceFullPath)); + + if ( 0 == StrCmp ( PartitionName, DeviceFullPath ) ) { + DEBUG((DEBUG_INFO, "rootfs partition path matched\n")); + // + // Add the partition handle to the list + // + // Create entry + Entry = AllocatePool (sizeof (DISKIO_PARTITION_LIST)); + if (Entry == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } + + // Copy handle and partition name + Entry->PartitionHandle = AllHandles[LoopIndex]; + StrnCpy ( + Entry->PartitionName, + PartitionName, + PARTITION_NAME_MAX_LENGTH + ); + InsertTailList (&mPartitionListHead, &Entry->Link); + break; + } + } + FreePool(AllHandles); + ASSERT ( LoopIndex < NumHandles ); +Exit: + return Status; +} + +STATIC +EFI_STATUS +OpenPartition ( + IN CHAR8 *PartitionName, + IN VOID *Image, + IN UINTN Size, + OUT EFI_BLOCK_IO_PROTOCOL **BlockIo, + OUT EFI_DISK_IO_PROTOCOL **DiskIo + ) +{ + EFI_STATUS Status; + UINTN PartitionSize; + DISKIO_PARTITION_LIST *Entry; + SPARSE_HEADER *SparseHeader; + UINT16 UnicodePartitionName[100]; + + AsciiStrToUnicodeStr ( PartitionName, UnicodePartitionName); + DEBUG((DEBUG_INFO, "Unicode partition name %s\n", UnicodePartitionName)); + + Status = ListBlockIos (UnicodePartitionName); + ASSERT_EFI_ERROR ( Status ); + + Entry = (DISKIO_PARTITION_LIST *) GetFirstNode (&(mPartitionListHead)); + ASSERT ( NULL != Entry ); + + Status = gBS->OpenProtocol ( + Entry->PartitionHandle, + &gEfiBlockIoProtocolGuid, + (VOID **) BlockIo, + gImageHandle, + NULL, + EFI_OPEN_PROTOCOL_GET_PROTOCOL + ); + + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Unable to open Block IO protocol: %r\n", Status)); + Status = EFI_NOT_FOUND; + goto exit; + } + + SparseHeader=(SPARSE_HEADER *)Image; + + if (SparseHeader->Magic == SPARSE_HEADER_MAGIC) { + DEBUG ((DEBUG_INFO, "Sparse Magic: 0x%x Major: %d Minor: %d fhs: %d chs: %d bs: %d tbs: %d tcs: %d checksum: %d \n", + SparseHeader->Magic, SparseHeader->MajorVersion, SparseHeader->MinorVersion, SparseHeader->FileHeaderSize, + SparseHeader->ChunkHeaderSize, SparseHeader->BlockSize, SparseHeader->TotalBlocks, + SparseHeader->TotalChunks, SparseHeader->ImageChecksum)); + + if (SparseHeader->MajorVersion != 1) { + DEBUG ((DEBUG_ERROR, "Sparse image version %d.%d not supported.\n", + SparseHeader->MajorVersion, SparseHeader->MinorVersion)); + Status = EFI_INVALID_PARAMETER; + goto exit; + } + + Size = SparseHeader->BlockSize * SparseHeader->TotalBlocks; + } + + // Check image will fit on device + PartitionSize = (BlockIo[0]->Media->LastBlock + 1) * BlockIo[0]->Media->BlockSize; + if (PartitionSize < Size) { + DEBUG ((DEBUG_ERROR, "Partition not big enough.\n")); + DEBUG ((DEBUG_ERROR, "Partition Size:\t%ld\nImage Size:\t%ld\n", PartitionSize, Size)); + + Status = EFI_VOLUME_FULL; + goto exit; + } + + Status = gBS->OpenProtocol ( + Entry->PartitionHandle, + &gEfiDiskIoProtocolGuid, + (VOID **) DiskIo, + gImageHandle, + NULL, + EFI_OPEN_PROTOCOL_GET_PROTOCOL + ); + +exit: + FreePartitionList(); + return Status; +} + +EFI_STATUS +PartitionRead ( + IN CHAR8 *PartitionName, + IN VOID *Image, + IN UINTN Size + ) +{ + EFI_STATUS Status; + EFI_BLOCK_IO_PROTOCOL *BlockIo; + EFI_DISK_IO_PROTOCOL *DiskIo; + UINT32 MediaId; + + Status = OpenPartition (PartitionName, Image, Size, &BlockIo, &DiskIo); + if (EFI_ERROR (Status)) { + goto exit; + } + + MediaId = BlockIo->Media->MediaId; + + Status = DiskIo->ReadDisk (DiskIo, MediaId, 0, Size, Image); + if (EFI_ERROR (Status)) { + goto exit; + } + + BlockIo->FlushBlocks(BlockIo); + +exit: + return Status; +} + +EFI_STATUS +PartitionWrite ( + IN CHAR8 *PartitionName, + IN VOID *Image, + IN UINTN Size + ) +{ + EFI_STATUS Status; + EFI_BLOCK_IO_PROTOCOL *BlockIo; + EFI_DISK_IO_PROTOCOL *DiskIo; + UINT32 MediaId; + SPARSE_HEADER *SparseHeader; + CHUNK_HEADER *ChunkHeader; + UINT32 Chunk; + UINTN Offset; + + Status = OpenPartition (PartitionName, Image, Size, &BlockIo, &DiskIo); + if (EFI_ERROR (Status)) { + goto exit; + } + + Offset = 0; + MediaId = BlockIo->Media->MediaId; + SparseHeader = (SPARSE_HEADER *)Image; + + if (SparseHeader->Magic == SPARSE_HEADER_MAGIC) { + CHAR16 OutputString[64]; + UINTN ChunkPrintDensity = + SparseHeader->TotalChunks > 1600 ? SparseHeader->TotalChunks / 200 : 32; + + Image += SparseHeader->FileHeaderSize; + for (Chunk = 0; Chunk < SparseHeader->TotalChunks; Chunk++) { + UINTN WriteSize; + ChunkHeader = (CHUNK_HEADER *)Image; + + // Show progress. Don't do it for every packet as outputting text + // might be time consuming. ChunkPrintDensity is calculated to + // provide an update every half percent change for large + // downloads. + if (Chunk % ChunkPrintDensity == 0) { + UnicodeSPrint(OutputString, sizeof(OutputString), + L"\r%5d / %5d chunks written (%d%%)", Chunk, + SparseHeader->TotalChunks, + (Chunk * 100) / SparseHeader->TotalChunks); + mTextOut->OutputString(mTextOut, OutputString); + } + + DEBUG ((DEBUG_INFO, "Chunk #%d - Type: 0x%x Size: %d TotalSize: %d Offset %d\n", + (Chunk+1), ChunkHeader->ChunkType, ChunkHeader->ChunkSize, + ChunkHeader->TotalSize, Offset)); + Image += sizeof(CHUNK_HEADER); + WriteSize=(SparseHeader->BlockSize) * ChunkHeader->ChunkSize; + switch (ChunkHeader->ChunkType) { + case CHUNK_TYPE_RAW: + DEBUG ((DEBUG_INFO, "Writing %d at Offset %d\n", WriteSize, Offset)); + Status = DiskIo->WriteDisk (DiskIo, MediaId, Offset, WriteSize, Image); + if (EFI_ERROR (Status)) { + goto exit; + } + Image+=WriteSize; + break; + case CHUNK_TYPE_DONT_CARE: + break; + case CHUNK_TYPE_CRC32: + break; + default: + DEBUG ((DEBUG_ERROR, "Unknown Chunk Type: 0x%x", ChunkHeader->ChunkType)); + Status = EFI_PROTOCOL_ERROR; + goto exit; + } + Offset += WriteSize; + } + + UnicodeSPrint(OutputString, sizeof(OutputString), + L"\r%5d / %5d chunks written (100%%)\r\n", + SparseHeader->TotalChunks, SparseHeader->TotalChunks); + mTextOut->OutputString(mTextOut, OutputString); + + } else { + + Status = DiskIo->WriteDisk (DiskIo, MediaId, 0, Size, Image); + if (EFI_ERROR (Status)) { + goto exit; + } + } + + BlockIo->FlushBlocks(BlockIo); + +exit: + return Status; +} diff --git a/Platform/Comcast/Library/RdkBootManagerLib/HttpBoot.c b/Platform/Comcast/Library/RdkBootManagerLib/HttpBoot.c new file mode 100644 index 000000000000..f3298c149593 --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/HttpBoot.c @@ -0,0 +1,323 @@ +/* +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# +*/ +#include + +STATIC EFI_LOAD_FILE_PROTOCOL *LoadFile = NULL; +STATIC HTTP_BOOT_PRIVATE_DATA *Private = NULL; + +STATIC +VOID +HttpPrivateFromLoadFile ( + IN EFI_LOAD_FILE_PROTOCOL *LoadFile, + OUT HTTP_BOOT_PRIVATE_DATA **Private + ) +{ + HTTP_BOOT_VIRTUAL_NIC *Ip4Nic = NULL; + +#if defined (MDE_CPU_AARCH64) + INT64 Offset = (INT64)&Ip4Nic->LoadFile; +#else //if defined (MDE_CPU_ARM) + INT32 Offset = (INT32)&Ip4Nic->LoadFile; +#endif + Ip4Nic = (VOID *)((char *)LoadFile - Offset); + ASSERT (Ip4Nic->Signature == HTTP_BOOT_VIRTUAL_NIC_SIGNATURE); + *Private = Ip4Nic->Private; +} + +STATIC +VOID +HttpGetLoadFileHandle ( + OUT EFI_LOAD_FILE_PROTOCOL **LoadFile + ) +{ + EFI_STATUS Status; + UINTN LoopIndex; + UINTN NumHandles; + EFI_HANDLE *AllHandles; + EFI_HANDLE Handle; + EFI_DEVICE_PATH_PROTOCOL *DevicePath; + EFI_DEVICE_PATH_TO_TEXT_PROTOCOL *DevPathToText; + UINT16 *DeviceFullPath; + + Status = gBS->LocateProtocol ( + &gEfiDevicePathToTextProtocolGuid, + NULL, + (VOID **) &DevPathToText + ); + ASSERT_EFI_ERROR (Status); + + // Get every LoadFile protocol instance installed in the system + Status = gBS->LocateHandleBuffer ( + ByProtocol, + &gEfiLoadFileProtocolGuid, + NULL, + &NumHandles, + &AllHandles + ); + ASSERT_EFI_ERROR (Status); + + // Get HTTP driver handle from AllHandles + for (LoopIndex = 0; LoopIndex < NumHandles; LoopIndex++) { + + Handle = AllHandles[LoopIndex]; + + // Get the device path for the handle + Status = gBS->OpenProtocol ( + Handle, + &gEfiDevicePathProtocolGuid, + (VOID **) &DevicePath, + gImageHandle, + NULL, + EFI_OPEN_PROTOCOL_GET_PROTOCOL + ); + ASSERT_EFI_ERROR (Status); + + DeviceFullPath = DevPathToText->ConvertDevicePathToText ( + DevicePath, + FALSE, + TRUE + ); + + ASSERT(DeviceFullPath != NULL); + + if(StrStr(DeviceFullPath, L"IPv4") != NULL) { + DEBUG((DEBUG_INFO, "IPv4 protocol found\n")); + Status = gBS->OpenProtocol ( + Handle, + &gEfiLoadFileProtocolGuid, + (VOID **) LoadFile, + gImageHandle, + NULL, + EFI_OPEN_PROTOCOL_GET_PROTOCOL + ); + ASSERT_EFI_ERROR (Status); + + FreePool (AllHandles); + break; + } + } + + ASSERT ( LoopIndex < NumHandles ); +} + +STATIC +EFI_STATUS +HttpUpdatePath ( + IN CHAR16 *Uri, + OUT EFI_DEVICE_PATH_PROTOCOL **NewDevicePath + ) +{ + EFI_DEV_PATH *Node; + EFI_DEVICE_PATH_PROTOCOL *TmpDevicePath; + EFI_STATUS Status; + UINTN Index; + UINTN Length; + CHAR8 AsciiUri[URI_STR_MAX_SIZE]; + + Node = NULL; + TmpDevicePath = NULL; + Status = EFI_SUCCESS; + + // Convert the scheme to all lower case. + for (Index = 0; Index < StrLen (Uri); Index++) { + if (Uri[Index] == L':') { + break; + } + if (Uri[Index] >= L'A' && Uri[Index] <= L'Z') { + Uri[Index] -= (CHAR16)(L'A' - L'a'); + } + } + + // Only accept empty URI, or http and https URI. + if ((StrLen (Uri) != 0) && (StrnCmp (Uri, L"http://", 7) != 0) && (StrnCmp (Uri, L"https://", 8) != 0)) { + return EFI_INVALID_PARAMETER; + } + + // Create a new device path by appending the IP node and URI node to + // the driver's parent device path + Node = AllocateZeroPool (sizeof (IPv4_DEVICE_PATH)); + if (Node == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto ON_EXIT; + } + Node->Ipv4.Header.Type = MESSAGING_DEVICE_PATH; + Node->Ipv4.Header.SubType = MSG_IPv4_DP; + SetDevicePathNodeLength (Node, sizeof (IPv4_DEVICE_PATH)); + TmpDevicePath = AppendDevicePathNode (Private->ParentDevicePath, (EFI_DEVICE_PATH_PROTOCOL*) Node); + FreePool (Node); + if (TmpDevicePath == NULL) { + return EFI_OUT_OF_RESOURCES; + } + + // Update the URI node with the input boot file URI. + UnicodeStrToAsciiStrS (Uri, AsciiUri, sizeof (AsciiUri)); + Length = sizeof (EFI_DEVICE_PATH_PROTOCOL) + AsciiStrSize (AsciiUri); + Node = AllocatePool (Length); + if (Node == NULL) { + Status = EFI_OUT_OF_RESOURCES; + FreePool (TmpDevicePath); + goto ON_EXIT; + } + Node->DevPath.Type = MESSAGING_DEVICE_PATH; + Node->DevPath.SubType = MSG_URI_DP; + SetDevicePathNodeLength (Node, Length); + CopyMem ((UINT8*) Node + sizeof (EFI_DEVICE_PATH_PROTOCOL), AsciiUri, AsciiStrSize (AsciiUri)); + *NewDevicePath = AppendDevicePathNode (TmpDevicePath, (EFI_DEVICE_PATH_PROTOCOL*) Node); + FreePool (Node); + FreePool (TmpDevicePath); + if (*NewDevicePath == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto ON_EXIT; + } + +ON_EXIT: + + return Status; +} + +STATIC +EFI_STATUS +HttpGetImage ( + IN CHAR16 *Uri, + OUT UINT8 **FileBuffer, + OUT UINTN *FileSize + ) +{ + EFI_DEVICE_PATH_PROTOCOL *NewDevicePath; + EFI_STATUS Status; + + *FileBuffer = NULL; + NewDevicePath = NULL; + *FileSize = 0; + + // Get the LoadFile Handle and + // Private structure of HTTP driver + if (LoadFile == NULL) { + HttpGetLoadFileHandle (&LoadFile); + HttpPrivateFromLoadFile (LoadFile, &Private); + } + + // Update URI path + Status = HttpUpdatePath (Uri, &NewDevicePath); + if (EFI_ERROR (Status)) { + goto ON_EXIT; + } + + // Get the HTTP image from server + Status = LoadFile->LoadFile (LoadFile, NewDevicePath, TRUE, FileSize, *FileBuffer); + if((Status != EFI_WARN_FILE_SYSTEM) && (Status != EFI_BUFFER_TOO_SMALL)) { + goto ON_EXIT; + } + + *FileBuffer = AllocatePool (*FileSize); + if (*FileBuffer == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto ON_EXIT; + } + + Status = LoadFile->LoadFile (LoadFile, NewDevicePath, TRUE, FileSize, *FileBuffer); + if (EFI_ERROR (Status)) { + FreePool (FileBuffer); + goto ON_EXIT; + } + +ON_EXIT: + + if (NewDevicePath != NULL) { + FreePool (NewDevicePath); + } + + return Status; +} + + +EFI_STATUS +RdkHttpBoot ( + VOID + ) +{ + EFI_STATUS Status; + VOID *FilePtr; + UINT8 *FileBuffer; + UINT16 *Uri; + UINTN FileSize; + UINTN LoopIndex; + UINTN Size; + CONST CHAR16 *DtbPath; + CONST CHAR16 *ImagePath; + CONST CHAR16 *ServerUrlPath; + + Status = GetRdkVariable(L"URL", &ServerUrlPath); + ASSERT_EFI_ERROR (Status); + + // Get the Server name stored in file Server.url + Status = RdkReadFile(ServerUrlPath, (VOID **)&FileBuffer, &FileSize); + ASSERT_EFI_ERROR (Status); + + Uri = AllocateZeroPool (sizeof(*Uri) * (FileSize+1)); + if (Uri == NULL) { + Status = EFI_OUT_OF_RESOURCES; + ASSERT_EFI_ERROR (Status); + } + + for(LoopIndex=0; LoopIndexSetWatchdogTimer (0, 0x10000, 0, NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, "HttpBoot: Couldn't disable watchdog timer: %r\n", Status)); + } + + // Get the File from server using it's URI + Status = HttpGetImage (Uri, &FileBuffer, &FileSize); + ASSERT_EFI_ERROR (Status); + + // Write the received image to flash + FilePtr = FileBuffer; + Size = Str2Int(FilePtr); + FilePtr += FILE_HDR_SIZE; + Status = PartitionWrite((CHAR8 *) FixedPcdGetPtr (PcdRdkSystemPartitionName), FilePtr, Size); + ASSERT_EFI_ERROR (Status); + + FilePtr += Size; + Size = Str2Int(FilePtr); + FilePtr += FILE_HDR_SIZE; + Status = GetRdkVariable(L"IMAGE", &ImagePath); + ASSERT_EFI_ERROR (Status); + Status = RdkWriteFile(ImagePath, &FilePtr, &Size); + ASSERT_EFI_ERROR (Status); + + if ( FixedPcdGetBool ( PcdDtbAvailable ) ) { + FilePtr += Size; + Size = Str2Int(FilePtr); + FilePtr += FILE_HDR_SIZE; + Status = GetRdkVariable(L"DTB", &DtbPath); + ASSERT_EFI_ERROR (Status); + Status = RdkWriteFile(DtbPath, &FilePtr, &Size); + ASSERT_EFI_ERROR (Status); + } + + FreePool (FileBuffer); + FreePool (Uri); + + return Status; +} diff --git a/Platform/Comcast/Library/RdkBootManagerLib/RdkFile.c b/Platform/Comcast/Library/RdkBootManagerLib/RdkFile.c new file mode 100644 index 000000000000..e590468b195d --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/RdkFile.c @@ -0,0 +1,345 @@ +#include + +STATIC UINT8 VarablesInitialzed = 0; +STATIC CHAR16 *VarResult[MAX_VAR][2]; + +STATIC +VOID +SaveString ( + OUT CHAR16 **Dest, + IN CHAR16 *String1, + IN CHAR16 *String2 + ) +{ + *Dest = ALLOCATE_STRING_MEM(StrLen(String1) + StrLen(String2)); + ASSERT( NULL != Dest ); + StrCat(*Dest, String1); + StrCat(*Dest, String2); +} + +STATIC +EFI_STATUS +LsFiles ( + IN CONST CHAR16 *DirPath, + IN CONST CHAR16 *TargetFile, + OUT CHAR16 **Result, + IN LIST_ENTRY *Head + ) +{ + EFI_STATUS Status; + EFI_FILE_INFO *FileInfo; + EFI_FILE_PROTOCOL *FileHandle; + BOOLEAN NoFile; + CHAR16 *TempPath; + DIR_NODE *Node; + + NoFile = FALSE; + TempPath = ALLOCATE_STRING_MEM(StrLen(DirPath) + 1); + StrCat(TempPath, DirPath); + StrCat(TempPath, L"/"); + + Status = GetFileHandler(&FileHandle, DirPath, EFI_FILE_MODE_READ); + ASSERT_EFI_ERROR(Status); + + for ( Status = FileHandleFindFirstFile(FileHandle, &FileInfo) + ; !EFI_ERROR(Status) && !NoFile + ; Status = FileHandleFindNextFile(FileHandle, FileInfo, &NoFile) + ) { + if((FileInfo->Attribute & EFI_FILE_DIRECTORY) && + (StrCmp(FileInfo->FileName, L".") != 0) && + (StrCmp(FileInfo->FileName, L"..") != 0)) { + Node = AllocateZeroPool(sizeof (DIR_NODE)); + SaveString(&Node->Name, TempPath, FileInfo->FileName); + InsertHeadList(Head,&Node->List); + } + else if(StrCmp(FileInfo->FileName, TargetFile) == 0) { + SaveString(Result, TempPath, FileInfo->FileName); + Status = EFI_SUCCESS; + goto ON_EXIT; + } + } + + Status = EFI_NOT_FOUND; + +ON_EXIT: + FreePool(TempPath); + return Status; +} + +STATIC +VOID +DelDirList ( + IN LIST_ENTRY *Head + ) +{ + DIR_NODE *Node; + DIR_NODE *Temp; + + LIST_FOR_EACH_ENTRY_SAFE (Node, Temp, Head, List) { + RemoveEntryList(&Node->List); + FreePool(Node->Name); + FreePool(Node); + } +} + +STATIC +EFI_STATUS +FindFileInDir ( + IN CONST CHAR16 *DevPath, + IN CONST CHAR16 *TargetFile, + OUT CHAR16 **Result + ) +{ + UINT8 Current; + UINT8 Next; + DIR_NODE *Temp; + LIST_ENTRY DirList[2]; + + *Result = NULL; + EFI_STATUS Status = EFI_NOT_FOUND; + + InitializeListHead(&DirList[0]); + InitializeListHead(&DirList[1]); + + for (Current = Next = 0, Status=LsFiles(DevPath, TargetFile, Result, &DirList[Current]); + !IsListEmpty(&DirList[Current]); + Current = Next) { + Next = Current ^ 1; + DelDirList(&DirList[Next]); + + LIST_FOR_EACH_ENTRY(Temp, &DirList[Current], List) { + Status = LsFiles(Temp->Name, TargetFile, Result, &DirList[Next]); + if(!EFI_ERROR(Status)) { + DelDirList(&DirList[Current]); + break; + } + } + } + + DelDirList(&DirList[Next]); + return Status; +} + +STATIC +UINTN +StrSpn ( + IN CHAR8 *String, + IN CHAR8 *CharSet + ) +{ + UINTN Count; + + for(Count=0; String[Count] && !(String[Count] == CharSet[0]); Count++); + return Count; +} + +STATIC +CHAR16 * +Ascii2Uefi ( + IN CHAR8 *String + ) +{ + CHAR16 *Result; + UINTN Size; + + Size = AsciiStrLen(String); + Result = ALLOCATE_STRING_MEM(Size); + + while(Size--) { + Result[Size] = String[Size]; + } + + return Result; +} + +STATIC +EFI_STATUS +InitVarList ( + IN CHAR8 *FileData, + IN UINTN FileSize + ) +{ + UINTN InnerLoopIndex; + UINTN OuterLoopIndex; + UINTN Current; + UINTN Next; + CHAR8 *VarDelimiter[2]; + EFI_STATUS Status; + + VarDelimiter[0] = "="; + VarDelimiter[1] = "\""; + Status = EFI_SUCCESS; + + //Initialize to NULL + for(OuterLoopIndex=0; OuterLoopIndex < MAX_VAR; OuterLoopIndex++) { + VarResult[OuterLoopIndex][0] = VarResult[OuterLoopIndex][1] = NULL; + } + + for(OuterLoopIndex=0, Next=0; OuterLoopIndex < MAX_VAR && Next < FileSize; OuterLoopIndex++) { + for(InnerLoopIndex=0; InnerLoopIndex < 2; InnerLoopIndex++) { + Current = Next; + Next += StrSpn(&FileData[Next], VarDelimiter[InnerLoopIndex]); + FileData[Next] = '\0'; + VarResult[OuterLoopIndex][InnerLoopIndex] = Ascii2Uefi(&FileData[Current]); + //skip new line + Next += 2; + } + } + + return Status; +} + +STATIC +EFI_STATUS +InitRdkVariables ( + VOID + ) +{ + EFI_STATUS Status; + UINTN RdkSize; + UINT8 *RdkData; + CHAR16 *Result; + CONST CHAR16 *DevPath; + CONST CHAR16 *RdkFileName; + + DevPath = (CONST CHAR16 *)FixedPcdGetPtr (PcdRdkConfFileDevicePath); + RdkFileName = (CONST CHAR16 *)FixedPcdGetPtr (PcdRdkConfFileName); + + Status = FindFileInDir(DevPath, RdkFileName, &Result); + if(EFI_ERROR(Status)) { + DEBUG((DEBUG_ERROR, "Failed to find file %s in %s\n", RdkFileName, DevPath)); + return Status; + } + + Status = RdkReadFile ((CONST CHAR16 *)Result, (VOID**) &RdkData, &RdkSize); + if(EFI_ERROR(Status)) { + DEBUG((DEBUG_ERROR, "Failed to read file %s\n", RdkFileName)); + return Status; + } + + Status = InitVarList ((CHAR8 *)RdkData, RdkSize); + return Status; +} + +STATIC +EFI_STATUS +GetVarValue ( + IN CONST CHAR16 *Name, + OUT CONST CHAR16 **Value + ) +{ + UINTN Count; + EFI_STATUS Status; + + if(!VarablesInitialzed) { + Status = InitRdkVariables(); + if(EFI_ERROR(Status)) { + return Status; + } + + VarablesInitialzed = 1; + } + + //Initialize to NULL + *Value = NULL; + + for(Count=0; CountSetPosition (FileHandle, (UINT64) -1); + if (EFI_ERROR (Status)) { + goto ON_EXIT; + } + + Status = FileHandle->GetPosition (FileHandle, &SourceFileSize); + if (EFI_ERROR (Status)) { + goto ON_EXIT; + } + + Status = FileHandle->SetPosition (FileHandle, 0); + if (EFI_ERROR (Status)) { + goto ON_EXIT; + } + + BufferSize = (UINTN) SourceFileSize; + Buffer = AllocateZeroPool(BufferSize); + if (Buffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } + + if (FileSize != NULL) *FileSize = BufferSize; + + Status = FileHandle->Read (FileHandle, &BufferSize, Buffer); + if (EFI_ERROR (Status) || BufferSize != SourceFileSize) { + FreePool (Buffer); + Buffer = NULL; + Status = EFI_BAD_BUFFER_SIZE; + goto ON_EXIT; + } + +ON_EXIT: + + *BufferPtr = Buffer; + return Status; +} + +EFI_STATUS +RdkWriteFile ( + IN CONST CHAR16 *Path, + IN OUT VOID **BufferPtr, + OUT UINTN *FileSize +) +{ + EFI_STATUS Status; + EFI_FILE_HANDLE FileHandle; + + if (FileSize == NULL) { + return EFI_INVALID_PARAMETER; + } + + Status = GetFileHandler(&FileHandle, Path, EFI_FILE_MODE_READ|EFI_FILE_MODE_WRITE|EFI_FILE_MODE_CREATE); + ASSERT_EFI_ERROR(Status); + + Status = FileHandle->Write (FileHandle, FileSize, *BufferPtr); + ASSERT_EFI_ERROR (Status); + + return Status; +} diff --git a/Platform/Comcast/Library/RdkBootManagerLib/SecureBoot.c b/Platform/Comcast/Library/RdkBootManagerLib/SecureBoot.c new file mode 100644 index 000000000000..3d593361e6e8 --- /dev/null +++ b/Platform/Comcast/Library/RdkBootManagerLib/SecureBoot.c @@ -0,0 +1,506 @@ +#include + +STATIC +EFI_STATUS +OpenFileByDevicePath( + IN OUT EFI_DEVICE_PATH_PROTOCOL **FilePath, + OUT EFI_FILE_HANDLE *FileHandle, + IN UINT64 OpenMode, + IN UINT64 Attributes +) +{ + EFI_STATUS Status; + EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *EfiSimpleFileSystemProtocol; + EFI_FILE_PROTOCOL *Handle1; + EFI_FILE_PROTOCOL *Handle2; + EFI_HANDLE DeviceHandle; + + if ((FilePath == NULL )) { + return EFI_INVALID_PARAMETER; + } + + Status = gBS->LocateDevicePath ( + &gEfiSimpleFileSystemProtocolGuid, + FilePath, + &DeviceHandle + ); + if (EFI_ERROR (Status)) { + return Status; + } + + Status = gBS->OpenProtocol( + DeviceHandle, + &gEfiSimpleFileSystemProtocolGuid, + (VOID**)&EfiSimpleFileSystemProtocol, + gImageHandle, + NULL, + EFI_OPEN_PROTOCOL_GET_PROTOCOL + ); + if (EFI_ERROR (Status)) { + return Status; + } + + Status = EfiSimpleFileSystemProtocol->OpenVolume(EfiSimpleFileSystemProtocol, &Handle1); + if (EFI_ERROR (Status)) { + FileHandle = NULL; + return Status; + } + + // + // go down directories one node at a time. + // + while (!IsDevicePathEnd (*FilePath)) { + // + // For file system access each node should be a file path component + // + if (DevicePathType (*FilePath) != MEDIA_DEVICE_PATH || + DevicePathSubType (*FilePath) != MEDIA_FILEPATH_DP + ) { + FileHandle = NULL; + return (EFI_INVALID_PARAMETER); + } + // + // Open this file path node + // + Handle2 = Handle1; + Handle1 = NULL; + + // + // Try to test opening an existing file + // + Status = Handle2->Open ( + Handle2, + &Handle1, + ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName, + OpenMode &~EFI_FILE_MODE_CREATE, + 0 + ); + + // + // see if the error was that it needs to be created + // + if ((EFI_ERROR (Status)) && (OpenMode != (OpenMode &~EFI_FILE_MODE_CREATE))) { + Status = Handle2->Open ( + Handle2, + &Handle1, + ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName, + OpenMode, + Attributes + ); + } + // + // Close the last node + // + Handle2->Close (Handle2); + + if (EFI_ERROR(Status)) { + return (Status); + } + + // + // Get the next node + // + *FilePath = NextDevicePathNode (*FilePath); + } + + // + // This is a weak spot since if the undefined SHELL_FILE_HANDLE format changes this must change also! + // + *FileHandle = (VOID*)Handle1; + + return EFI_SUCCESS; +} + +EFI_STATUS +GetFileHandler ( + OUT EFI_FILE_HANDLE *FileHandle, + IN CONST CHAR16 *Path, + IN UINT64 OpenMode +) +{ + EFI_STATUS Status; + EFI_DEVICE_PATH_PROTOCOL *KeyFileDevicePath; + EFI_DEVICE_PATH_FROM_TEXT_PROTOCOL *DevicePathFromTextProtocol; + + Status = EFI_SUCCESS; + KeyFileDevicePath = NULL; + + Status = gBS->LocateProtocol ( + &gEfiDevicePathFromTextProtocolGuid, + NULL, + (VOID**)&DevicePathFromTextProtocol + ); + ASSERT_EFI_ERROR(Status); + + KeyFileDevicePath = DevicePathFromTextProtocol->ConvertTextToDevicePath(Path); + if(KeyFileDevicePath != NULL) + { + Status = OpenFileByDevicePath(&KeyFileDevicePath,FileHandle,OpenMode,0); + if(Status != EFI_SUCCESS) + { + DEBUG ((DEBUG_ERROR, "Getting FileHandle of %s Failed\n",Path)); + } + } + return Status; +} + +UINTN +Str2Int ( + VOID * Str +) +{ + UINTN i, Size; + UINT8 *Ptr = Str; + + for(i=0, Size=0; iGetTime (&Time, NULL); + if (EFI_ERROR (Status)) { + FreePool(NewData); + return Status; + } + Time.Pad1 = 0; + Time.Nanosecond = 0; + Time.TimeZone = 0; + Time.Daylight = 0; + Time.Pad2 = 0; + CopyMem (&DescriptorData->TimeStamp, &Time, sizeof (EFI_TIME)); + + DescriptorData->AuthInfo.Hdr.dwLength = OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData); + DescriptorData->AuthInfo.Hdr.wRevision = 0x0200; + DescriptorData->AuthInfo.Hdr.wCertificateType = WIN_CERT_TYPE_EFI_GUID; + CopyGuid (&DescriptorData->AuthInfo.CertType, &gEfiCertPkcs7Guid); + + if (Payload != NULL) { + FreePool(Payload); + } + + *DataSize = DescriptorSize + PayloadSize; + *Data = NewData; + return EFI_SUCCESS; +} + +STATIC +EFI_STATUS +SetBootMode ( + IN UINT8 SecureBootMode +) +{ + return gRT->SetVariable ( + EFI_CUSTOM_MODE_NAME, + &gEfiCustomModeEnableGuid, + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS, + sizeof (UINT8), + &SecureBootMode + ); +} + +STATIC +EFI_STATUS +SetVariable ( + IN EFI_SIGNATURE_LIST *PkCert, + IN UINTN DataSize, + IN eKey KeyType +) +{ + UINT32 Attr; + EFI_STATUS Status=EFI_SUCCESS ; + Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS + | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS; + if(KeyType == PK_KEY) + { + DEBUG ((DEBUG_INFO, "Setting PK Key\n")); + Status = gRT->SetVariable ( + EFI_PLATFORM_KEY_NAME, + &gEfiGlobalVariableGuid, + Attr, + DataSize, + PkCert + ); + } + else if( KeyType == KEK_KEY) + { + DEBUG ((DEBUG_INFO, "Setting KEK Key\n")); + Status = gRT->SetVariable ( + EFI_KEY_EXCHANGE_KEY_NAME, + &gEfiGlobalVariableGuid, + Attr, + DataSize, + PkCert + ); + + Status = gRT->SetVariable ( + EFI_IMAGE_SECURITY_DATABASE, + &gEfiImageSecurityDatabaseGuid, + Attr, + DataSize, + PkCert + ); + } + else + { + ASSERT(FALSE); + } + return Status; + +} + +STATIC +VOID +PopulateCert ( + OUT EFI_SIGNATURE_LIST **Cert, + IN UINTN DataSize, + IN UINT8 *Data +) +{ + EFI_SIGNATURE_DATA *CertData = NULL; + + if( (*Cert) == NULL) + { + (*Cert) = (EFI_SIGNATURE_LIST*) AllocateZeroPool ( sizeof(EFI_SIGNATURE_LIST) + + sizeof(EFI_SIGNATURE_DATA) - 1 + + DataSize ); + + ASSERT ((*Cert) != NULL); + } + (*Cert)->SignatureListSize = (UINT32) (sizeof(EFI_SIGNATURE_LIST) + + sizeof(EFI_SIGNATURE_DATA) - 1 + + DataSize); + (*Cert)->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + DataSize); + (*Cert)->SignatureHeaderSize = 0; + CopyGuid (&(*Cert)->SignatureType, &gEfiCertX509Guid); + + + CertData = (EFI_SIGNATURE_DATA*) ((UINTN)(*Cert) + sizeof(EFI_SIGNATURE_LIST) + (*Cert)->SignatureHeaderSize); + ASSERT (CertData != NULL); + + CopyGuid (&CertData->SignatureOwner, &gEfiGlobalVariableGuid); + CopyMem (&CertData->SignatureData, Data, DataSize); +} + +STATIC +EFI_STATUS +RegisterCert ( + IN UINT8 *KeyData, + IN UINTN KeySize, + IN eKey KeyType +) +{ + EFI_STATUS Status; + EFI_SIGNATURE_LIST *Cert = NULL; + + Status = SetBootMode(CUSTOM_SECURE_BOOT_MODE); + ASSERT_EFI_ERROR (Status); + + PopulateCert(&Cert, KeySize, KeyData); + + KeySize = Cert->SignatureListSize; + + Status = CreateTimeBasedPayload (&KeySize, (UINT8**) &Cert); + ASSERT_EFI_ERROR (Status); + + Status = SetVariable(Cert,KeySize,KeyType); + return Status; +} + +STATIC +VOID +RdkSetVariable ( + VOID +) +{ + CONST CHAR16 *KeyPath = NULL; + EFI_STATUS Status; + + Status = GetRdkVariable(L"ROOTCERT", &KeyPath); + + //set only if the Kek Crt file mentioned in the configuration file + if ( NULL != KeyPath ) { + UINT8 *KekCrtData = NULL; + UINTN KekCrtSize; + + Status = RdkReadFile ( + KeyPath, + (VOID **)&KekCrtData, + &KekCrtSize + ); + ASSERT_EFI_ERROR (Status); + + Status = gRT->SetVariable ( + L"RdkRootCertificate", + &gRdkGlobalVariableGuid, + EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS, + KekCrtSize, + KekCrtData + ); + ASSERT_EFI_ERROR(Status); + + if ( KekCrtData ) FreePool(KekCrtData); + } + + Status = GetRdkVariable(L"KEKCERT", &KeyPath); + ASSERT_EFI_ERROR (Status); + + UINT8 *KekKey = NULL; + UINTN KekKeySize = 0; + Status = RdkReadFile ( + KeyPath, + (VOID **)&KekKey, + &KekKeySize + ); + ASSERT_EFI_ERROR (Status); + + Status = GetRdkVariable(L"PKCERT", &KeyPath); + ASSERT_EFI_ERROR (Status); + + UINT8 *PkKey = NULL; + UINTN PkKeySize = 0; + Status = RdkReadFile ( + KeyPath, + (VOID **)&PkKey, + &PkKeySize + ); + ASSERT_EFI_ERROR (Status); + + INT8* SetupMode = NULL; + eKey KeyType; + KeyType = PK_KEY; + Status = RegisterCert(PkKey,PkKeySize,KeyType); + GetEfiGlobalVariable2 (L"SetupMode", (VOID**)&SetupMode, NULL); + + if (*SetupMode == 0) + { + DEBUG ((DEBUG_INFO, "PK Key Got Registered. Now System in User Mode\n")); + KeyType = KEK_KEY; + Status = RegisterCert(KekKey,KekKeySize,KeyType); + } + else if(*SetupMode == 1) + { + DEBUG ((DEBUG_INFO, "System in Standard System Mode ::: Secure Boot Not enabled\n")); + ASSERT_EFI_ERROR(Status); + } + + if ( PkKey ) FreePool(PkKey); + if ( KekKey ) FreePool(KekKey); +} + +EFI_STATUS +RdkSecureBoot ( + EFI_HANDLE ImageHandle, + EFI_BOOT_SERVICES *BootServices +) +{ + UINTN ExitDataSize; + CHAR16 *ExitData; + CHAR16 LoadOption[128]; + CONST CHAR8 *CmdLine; + CHAR16 *ImagePath; + EFI_STATUS Status; + EFI_HANDLE Handle; + EFI_DEVICE_PATH_PROTOCOL *FilePath; + EFI_LOADED_IMAGE_PROTOCOL *ImageInfo; + EFI_DEVICE_PATH_FROM_TEXT_PROTOCOL *DevicePathFromTextProtocol; + + FilePath = NULL; + ExitData = NULL; + CmdLine = (CONST CHAR8 *)FixedPcdGetPtr (PcdRdkCmdLineArgs); + + if ( FixedPcdGetBool ( PcdDtbAvailable ) ) { + UINT8 *FdtData = NULL; + CONST CHAR16 *DtbPath = NULL; + + Status = GetRdkVariable(L"DTB", &DtbPath); + ASSERT_EFI_ERROR (Status); + + Status = RdkReadFile (DtbPath, (VOID**) &FdtData, NULL); + ASSERT_EFI_ERROR (Status); + + Status = gBS->InstallConfigurationTable (&gFdtTableGuid,(VOID*)FdtData); + ASSERT_EFI_ERROR (Status); + } + + RdkSetVariable(); + + Status = GetRdkVariable(L"IMAGE", (CONST CHAR16**)&ImagePath); + ASSERT_EFI_ERROR (Status); + + Status = gBS->LocateProtocol ( + &gEfiDevicePathFromTextProtocolGuid, + NULL, + (VOID**)&DevicePathFromTextProtocol + ); + ASSERT_EFI_ERROR(Status); + + FilePath = DevicePathFromTextProtocol->ConvertTextToDevicePath(ImagePath); + ASSERT( NULL != FilePath); + + Status = BootServices->LoadImage ( + TRUE, + ImageHandle, + FilePath, + NULL, + 0, + &Handle + ); + ASSERT_EFI_ERROR (Status); + + UnicodeSPrintAsciiFormat (LoadOption, sizeof(LoadOption), CmdLine); + + Status = BootServices->HandleProtocol (Handle, &gEfiLoadedImageProtocolGuid, (VOID **) &ImageInfo); + ASSERT_EFI_ERROR (Status); + ImageInfo->LoadOptionsSize = sizeof(LoadOption); + ImageInfo->LoadOptions = LoadOption; + + Status = BootServices->StartImage (Handle, &ExitDataSize, &ExitData); + ASSERT_EFI_ERROR (Status); + + return Status; +} From patchwork Mon Jan 8 05:45:12 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: kalyan-nagabhirava X-Patchwork-Id: 123681 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2319806qgn; Sun, 7 Jan 2018 21:45:58 -0800 (PST) X-Google-Smtp-Source: ACJfBotSlvsPwffOhQ9/SCCF8R0cgy1fRMS5taVetCfqAV1CKF4FB9WIFNBJ7VYg8rUqvCcP/Cmp X-Received: by 10.84.128.98 with SMTP id 89mr6869492pla.419.1515390358617; Sun, 07 Jan 2018 21:45:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515390358; cv=none; d=google.com; s=arc-20160816; b=aUf6L6leIBzW915JcSb+3G9BYvkFRWFOvm7etqdpf3SbSFggKBibhMMMcQHB865fN9 lK+uhQW1USIR31/wU7OsHBP5rZmffVQ6jQtHUZDMCpLKse6m2msKbYaH9C6DT0XULlrr H31WQjAgcc9xiOifnxmUUXxTMJ19rfrsrVsqnE5Jsm+ukegCaTEf9KT/n3FwfAAQCzI3 0PGtXIOT8M8woI3GzGHkasVMBpw4E09Dui8mNENIBRtcpRKAUJ2uP8FqlrPqitl/QZiH +v/GWXBjepY45k+BR2b/fkOKLKvGlTQ/2fDCEqmE/bVKmGZR+0ZhKTQaup/PiuwMNKyx KTiw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:delivered-to:arc-authentication-results; bh=57UImRmUyfeI3/j+mRXPoEd+Od77C8FdvCrK3qY8w0U=; b=A8HV0SDDyA2LsYNEKEQUsSuVth3KKzpLpRXa6R6WOrfQTtJOOH7ykgYA6mfumiGYE5 PHAmTq6aGt2+ZQXLWv+SGxfTal+CZZkWo/7Ra6CVhGULwQxNwbkO3BMs1BL7fIil9+14 EePN2CnDWc3+Ah4QJzo6ACGh5iEHj5Ra0S3llamsf3Wucw0sgNuPKo4AIjkWsgsWcWH4 Rd+1t9YqcCRgtwAire2MxJ3Gp1TaDDuS6ZaQg88BmA3NLXCqcD+0rQYvLwDb6xrbtqz+ jAjhG7qvWqkc+2ycPxsBFZVZlClOCAPoLj3j5gs0F/rgTa7r2jo/oMLHOqFzxzssPSDI JwtQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=P6V3mX9m; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from ml01.01.org (ml01.01.org. [198.145.21.10]) by mx.google.com with ESMTPS id z24si8086435plo.108.2018.01.07.21.45.58 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 07 Jan 2018 21:45:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) client-ip=198.145.21.10; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=P6V3mX9m; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 7EE83222A54FC; Sun, 7 Jan 2018 21:40:47 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:400e:c00::241; helo=mail-pf0-x241.google.com; envelope-from=kalyankumar.nagabhirava@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-pf0-x241.google.com (mail-pf0-x241.google.com [IPv6:2607:f8b0:400e:c00::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 0C423222A54FC for ; Sun, 7 Jan 2018 21:40:45 -0800 (PST) Received: by mail-pf0-x241.google.com with SMTP id y5so1373973pff.13 for ; Sun, 07 Jan 2018 21:45:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=0eTMizm4Vzk0pq10+sVpL9r5aqVb1saz1mpKjAuy6cw=; b=P6V3mX9moj/crvaxx9T3Onv4yEXh+qrwKqlIQg+zz4a4A4x/Vm7GX9KGhNq46DUZzp z+/4+y8fo8plcUioxh7OiKocTATWGOGUhVa6vdEnxLLCxo/lj5WDC1ymfpPeTeLXGfxx beCv4CM3g28MvhX62Pc90khnPAZn0I7HvOwXI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=0eTMizm4Vzk0pq10+sVpL9r5aqVb1saz1mpKjAuy6cw=; b=VXmwu5H8TOkTXU4HoAaGZwRaMwDethZE0f/2erjCrJro/DdnkW+1FYzV5n6bl5Z6+H 7UPsQ+/fKMbIUUHE5qCEreSIAB8Ya4WV8qeCYwyejFopnNDUBnUsaZxpG10AkXa7h0uC KxGvg/JRkxIUMfr7LC0hHcw3gAGv0tCZyLdrDy+OytPxSgyv/WEuSU7LSzOMP+Br8KkQ s6h3OVfjvfrJFaqdr8cnRyhdC+hSiOimHkXP9VXqaoAvatn3bloHm/zXp7wNHYqWWDlF I0WqQ9o+BzdXYQMZX0nA7dnG6SAmXGFc8d5BTh1Q+/NMJFwznicQBIAxmwppGOXHWFiW EBLA== X-Gm-Message-State: AKGB3mIizFhkrCzUMxCQfykvR4ZYEXG9+xCjt9moq0XX1w0ny2rTcGsc hSwpuYe1MlZi/WNmNMVE1QCibPRLkQ8= X-Received: by 10.98.182.4 with SMTP id j4mr9726723pff.220.1515390354763; Sun, 07 Jan 2018 21:45:54 -0800 (PST) Received: from localhost.localdomain ([220.225.120.129]) by smtp.gmail.com with ESMTPSA id f188sm4348648pfc.22.2018.01.07.21.45.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 07 Jan 2018 21:45:53 -0800 (PST) From: kalyan-nagabhirava To: edk2-devel@lists.01.org Date: Mon, 8 Jan 2018 11:15:12 +0530 Message-Id: <20180108054513.2279-4-kalyankumar.nagabhirava@linaro.org> X-Mailer: git-send-email 2.15.0 In-Reply-To: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org> References: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org> Subject: [edk2] [PATCH v1 3/4] edk2-platforms:comcast: RDK secure boot Application X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" Application will get file path of PK key and KEK key using rdk.conf file, once keys are Available, application will enable secure boot and validates the signed kernel Image. Cc: Ard Biesheuvel Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: kalyan-nagabhirava --- Platform/Comcast/Application/SecureBoot/SecureBoot.inf | 57 ++++++++++++++++++++ Platform/Comcast/Application/SecureBoot/SecureBoot.c | 30 +++++++++++ 2 files changed, 87 insertions(+) -- 2.15.0 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.inf b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf new file mode 100644 index 000000000000..e7a3bb3afbb6 --- /dev/null +++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf @@ -0,0 +1,57 @@ +# +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# Copyright (c) 2016-2017, comcast . All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + +################################################################################ +# +# Defines Section - statements that will be processed to create a Makefile. +# +################################################################################ + +[Defines] + INF_VERSION = 0x00010006 + BASE_NAME = RdkSecureLoader + FILE_GUID = b2c7930f-07ef-4305-ac4e-1ce2085a7031 + MODULE_TYPE = UEFI_APPLICATION + VERSION_STRING = 1.0 + ENTRY_POINT = SecureBootEntryPoint + +[Sources] + SecureBoot.c + +[Packages] + ArmPkg/ArmPkg.dec + ArmPlatformPkg/ArmPlatformPkg.dec + EmbeddedPkg/EmbeddedPkg.dec + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + ShellPkg/ShellPkg.dec + SecurityPkg/SecurityPkg.dec + CryptoPkg/CryptoPkg.dec + NetworkPkg/NetworkPkg.dec + Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec + +[Guids] + gEfiCertX509Guid + gEfiCertPkcs7Guid + gEfiCustomModeEnableGuid + gEfiImageSecurityDatabaseGuid + gFdtTableGuid + gRdkGlobalVariableGuid + +[LibraryClasses] + RdkBootManagerLib + UefiApplicationEntryPoint + +[Protocols] + gEfiBlockIoProtocolGuid + gEfiDevicePathToTextProtocolGuid diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.c b/Platform/Comcast/Application/SecureBoot/SecureBoot.c new file mode 100644 index 000000000000..51ac75835fd0 --- /dev/null +++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.c @@ -0,0 +1,30 @@ +/* +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + */ +#include + +EFI_STATUS +EFIAPI +SecureBootEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + + Status = RdkSecureBoot ( + ImageHandle, + SystemTable->BootServices + ); + + return Status; +} From patchwork Mon Jan 8 05:45:13 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: kalyan-nagabhirava X-Patchwork-Id: 123682 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp2319828qgn; Sun, 7 Jan 2018 21:46:01 -0800 (PST) X-Google-Smtp-Source: ACJfBostLuykWtESsTquSt93kvoVkFwvAdwXoGErVvuTRMNDp1DFxOgMZv1y66mRvyUl4oNQiQoP X-Received: by 10.99.115.89 with SMTP id d25mr2017198pgn.218.1515390361344; Sun, 07 Jan 2018 21:46:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1515390361; cv=none; d=google.com; s=arc-20160816; b=vbe8W33SFzYaYVazQcl399ziPoDtGylHedS4sGmXU332hL2AYfDvfZ+cLwGhxhzYQG gWPhCF3vm1AztU5sBuOC516w1FN66jlHk5UUO6eUNfNLGwYtnyUJiFjJjuDZvSaMMli9 VVcel9PY7vgwyw2S1hX3NsNaUqWWrTAk9aouh2u3wCjZBA8t619uoR24ikBxfgPJGafE 2BF3UWO1t458zKHo5zIDw+Oc6+chkeILoCmj5GvtGI2m2GZ3ZCHWeP8EY1wohcwb3kEx aRAhOjxNmsVmN9zwJxchhN3qSQpaZ6A8t+BOz6yhOXznzZyDC2Pno8Ait+UFO/yEMnZm +Tvw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:delivered-to:arc-authentication-results; bh=wDJwv6touVpB7nFntAUrx+gmUGfs7n/kMfySGMnTHl8=; b=G/qhPHz2cfWydyd9GFjIWhcIU1ALS42xkNSJCqQ9PACFZCrrmyGmHFnMxcJjAVmVLz uwC6JWLo2q83SLCR5XNLegaP7BfIcFM/4RjhUxyYDg7bmcTni7xCvku8BKwTV4gGIzwM njDEQWJ8GIIsEe53q5fO9juDeK6TRjZ0/+LeCB+ZDGrRQdBwHVcFGg6qgF7khe4y3GQ4 SN3/qY5HoWhjxxygwcIBXKOleCDP+abRPW/Zy0ZjHZ8Vcxd/K1uMtonYuQ5/EmwtXMQO yS21yLrgvd3a5HDOclVJ/F2rV82VDapmJaqwR04xkoakDPYDVnLJxZ0lHsSPDSpjZdXl kJlQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=bR/cSxVt; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from ml01.01.org (ml01.01.org. [2001:19d0:306:5::1]) by mx.google.com with ESMTPS id j16si8144577pli.331.2018.01.07.21.46.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 07 Jan 2018 21:46:01 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) client-ip=2001:19d0:306:5::1; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=bR/cSxVt; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id D4E10222CB31E; Sun, 7 Jan 2018 21:40:49 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:400e:c05::242; helo=mail-pg0-x242.google.com; envelope-from=kalyankumar.nagabhirava@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-pg0-x242.google.com (mail-pg0-x242.google.com [IPv6:2607:f8b0:400e:c05::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 2CB7621CB87BF for ; Sun, 7 Jan 2018 21:40:48 -0800 (PST) Received: by mail-pg0-x242.google.com with SMTP id q12so4888651pgt.7 for ; Sun, 07 Jan 2018 21:45:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=a5J5ojSOtawLHHQxMxWDGXsW3rOybrokF+DBYDu/J50=; b=bR/cSxVtaW841LeCl29779w/4AAzQTPMKBGscsTmODYHwnebZvpEgvj+DHuOJLphBw vRYU5EvtQ6WoaFOo5J6oeq4QxqVUvsSecRY9DkLS2IwicFViVmCzJZF+Gr2JcAnyhL5M h02c1XHHtb/U4xhycQwLCnfHLCAseq2vcfMR8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=a5J5ojSOtawLHHQxMxWDGXsW3rOybrokF+DBYDu/J50=; b=phaJJYgZ30RNJNot7MkoBVb2roaVkLsIFQQAEpNAIubN8oSyHILkG4kh2MmHV2CDRL OpvTR+VPh30VQC6437RVRZONeuj1GkLwu3LbjIZ/PwboYgPGZPvPOwDYOMW4L/O96D3A cSlbcYWB95qOet9QRGvYCJXwUpWBaVSgwWh+qOjDyJUXf/tVtiR2MT760GEcce8lK8jN JuErf1cDDGoXkqjJkcWLS9vR4GaEQ1kbH9izrbhcVVBfdXYlSKUDkKTmvmTVX2/5taOX yP3w0dQItoSOkUK4PYj80s/vKcqesEiIfkNe770bdaToUh/O7oLkSSTrMD9Yy1TkbbtL AUfw== X-Gm-Message-State: AKGB3mLwykuWyxBNC9Zad6mhuosI3D9HcSdVarV8zGAQTgwodVnIhxI6 dKtSoTCTTpbPRcRtKJgYHgPmu8OJdos= X-Received: by 10.98.193.132 with SMTP id i126mr9661520pfg.155.1515390356821; Sun, 07 Jan 2018 21:45:56 -0800 (PST) Received: from localhost.localdomain ([220.225.120.129]) by smtp.gmail.com with ESMTPSA id f188sm4348648pfc.22.2018.01.07.21.45.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 07 Jan 2018 21:45:55 -0800 (PST) From: kalyan-nagabhirava To: edk2-devel@lists.01.org Date: Mon, 8 Jan 2018 11:15:13 +0530 Message-Id: <20180108054513.2279-5-kalyankumar.nagabhirava@linaro.org> X-Mailer: git-send-email 2.15.0 In-Reply-To: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org> References: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org> Subject: [edk2] [PATCH v1 4/4] edk2-platforms:comcast: RDK DRI Application X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" Application will Download platform code Image (kernel + DTB+ rootfs) and writes into Flash partition. Cc: Ard Biesheuvel Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: kalyan-nagabhirava --- Platform/Comcast/Application/Dri/Dri.inf | 56 +++++++++++++++++++ Platform/Comcast/Application/DriSecureBoot/DriSecureBoot.inf | 57 ++++++++++++++++++++ Platform/Comcast/Application/Dri/Dri.c | 26 +++++++++ Platform/Comcast/Application/DriSecureBoot/DriSecureBoot.c | 32 +++++++++++ 4 files changed, 171 insertions(+) -- 2.15.0 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel diff --git a/Platform/Comcast/Application/Dri/Dri.inf b/Platform/Comcast/Application/Dri/Dri.inf new file mode 100644 index 000000000000..0f603ff989dc --- /dev/null +++ b/Platform/Comcast/Application/Dri/Dri.inf @@ -0,0 +1,56 @@ +# +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# Copyright (c) 2016-2017, comcast . All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + +################################################################################ +# +# Defines Section - statements that will be processed to create a Makefile. +# +################################################################################ + +[Defines] + INF_VERSION = 0x00010006 + BASE_NAME = RdkDriLoader + FILE_GUID = 081ba18a-d71e-40a7-99a9-cdb86463966d + MODULE_TYPE = UEFI_APPLICATION + VERSION_STRING = 1.0 + ENTRY_POINT = DriEntryPoint + +[Sources] + Dri.c + +[Packages] + ArmPkg/ArmPkg.dec + ArmPlatformPkg/ArmPlatformPkg.dec + EmbeddedPkg/EmbeddedPkg.dec + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + ShellPkg/ShellPkg.dec + SecurityPkg/SecurityPkg.dec + CryptoPkg/CryptoPkg.dec + NetworkPkg/NetworkPkg.dec + Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec + +[Guids] + gEfiCertX509Guid + gEfiCertPkcs7Guid + gEfiCustomModeEnableGuid + gEfiImageSecurityDatabaseGuid + gFdtTableGuid + +[LibraryClasses] + RdkBootManagerLib + UefiApplicationEntryPoint + +[Protocols] + gEfiBlockIoProtocolGuid + gEfiDevicePathToTextProtocolGuid diff --git a/Platform/Comcast/Application/DriSecureBoot/DriSecureBoot.inf b/Platform/Comcast/Application/DriSecureBoot/DriSecureBoot.inf new file mode 100644 index 000000000000..4c795584f448 --- /dev/null +++ b/Platform/Comcast/Application/DriSecureBoot/DriSecureBoot.inf @@ -0,0 +1,57 @@ +# +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# Copyright (c) 2016-2017, comcast . All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + +################################################################################ +# +# Defines Section - statements that will be processed to create a Makefile. +# +################################################################################ + +[Defines] + INF_VERSION = 0x00010006 + BASE_NAME = RdkDriSecureLoader + FILE_GUID = dd52d1d7-0de2-4552-98e0-8dbee458a502 + MODULE_TYPE = UEFI_APPLICATION + VERSION_STRING = 1.0 + ENTRY_POINT = DriSecureBootEntryPoint + +[Sources] + DriSecureBoot.c + +[Packages] + ArmPkg/ArmPkg.dec + ArmPlatformPkg/ArmPlatformPkg.dec + EmbeddedPkg/EmbeddedPkg.dec + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + ShellPkg/ShellPkg.dec + SecurityPkg/SecurityPkg.dec + CryptoPkg/CryptoPkg.dec + NetworkPkg/NetworkPkg.dec + Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec + +[Guids] + gEfiCertX509Guid + gEfiCertPkcs7Guid + gEfiCustomModeEnableGuid + gEfiImageSecurityDatabaseGuid + gFdtTableGuid + +[LibraryClasses] + RdkBootManagerLib + UefiApplicationEntryPoint + +[Protocols] + gEfiBlockIoProtocolGuid + gEfiDevicePathToTextProtocolGuid + gEfiDevicePathFromTextProtocolGuid diff --git a/Platform/Comcast/Application/Dri/Dri.c b/Platform/Comcast/Application/Dri/Dri.c new file mode 100644 index 000000000000..affbac08b602 --- /dev/null +++ b/Platform/Comcast/Application/Dri/Dri.c @@ -0,0 +1,26 @@ +/* +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + */ +#include + +EFI_STATUS +EFIAPI +DriEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + + Status = RdkHttpBoot (); + return Status; +} diff --git a/Platform/Comcast/Application/DriSecureBoot/DriSecureBoot.c b/Platform/Comcast/Application/DriSecureBoot/DriSecureBoot.c new file mode 100644 index 000000000000..9a36075e85a7 --- /dev/null +++ b/Platform/Comcast/Application/DriSecureBoot/DriSecureBoot.c @@ -0,0 +1,32 @@ +/* +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + */ +#include + +EFI_STATUS +EFIAPI +DriSecureBootEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + + Status = RdkHttpBoot (); + + Status = RdkSecureBoot( + ImageHandle, + SystemTable->BootServices + ); + + return Status; +}