From patchwork Fri Jan 4 14:43:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 154774 Delivered-To: patch@linaro.org Received: by 2002:a2e:299d:0:0:0:0:0 with SMTP id p29-v6csp690566ljp; Fri, 4 Jan 2019 06:43:45 -0800 (PST) X-Google-Smtp-Source: ALg8bN5wuR5dsstB655/5zB+sj5/jsHT/CUT8f8Q+rrSdVjl/X8SIlG7AW8+n36SKaIfpe3So8yb X-Received: by 2002:a63:1a4b:: with SMTP id a11mr1890737pgm.254.1546613025278; Fri, 04 Jan 2019 06:43:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1546613025; cv=none; d=google.com; s=arc-20160816; b=wfR+2RG+DLihj069CEk1tc8VJ/MrL8gQK6kEAV7nGtjnbZL86NzBGXCjKo/orknIj2 VEJvqTDzg5et5y1AOnlXj1w8mPI1bMV9W6qjgU8dW7F5YIdHtFYzOoCEdCjeeiL4I2X0 qvR+m82vJWYEH+iyo9Wf6MnooGihWp4MpiFRwTfr+kUAujx5nbKx7a6uHyY2j3tv1/Tc ocXKARsq4m49wAFzbeOTdnDdDCKhHjsNEhJPKycxw/KH21o8n0HxsIOjVcZBH5YH0gZO Vig/GxZgERWPwuz5L3Fl6gJc60/NWhqtYpo1jB+OjbktWBkWkoJ0gzgxS0h3ovFAuv+m L/Ow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:message-id:date:to:from:dkim-signature :delivered-to; bh=mUTRfK4X0xAZo2towyByJ+gWXF9HAjvc4LIz40LcH8A=; b=JAq1DhiM9Ok/vLKk6jNVN4BdP34+7B5Td4nf2ibhSNsl6fY57oTpMH8tv2TtUibjV3 xuchxCkZjQKxbq65USvk1iyJU3pfkbGVcALVSCZvKIoMHgdSTTBQoHuhO3T4GLQfKAsz dzARb6NAWysz93vS60i+ldB/XmNc4YU7O+IslYC6EZ87WZ6HCqhnWBCFHy5mKXUU3rtC ZINhwp465CVqrBDDDLBJE2NdXQTGnqcv33vEzBKARtghdal1CbFi+n+tBiZHnt7RpR5D n3zyWcU8yyvWIF89QTUMLfZDdHLZSGqGfqmFDBy1HNaGWC0osXV74XFkSX3YdY77Cz/l I7yw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=FQPP9C08; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from ml01.01.org (ml01.01.org. [198.145.21.10]) by mx.google.com with ESMTPS id t5si7680844pgm.79.2019.01.04.06.43.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 04 Jan 2019 06:43:45 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) client-ip=198.145.21.10; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=FQPP9C08; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 6C347211AE8D7; Fri, 4 Jan 2019 06:43:44 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2a00:1450:4864:20::542; helo=mail-ed1-x542.google.com; envelope-from=ard.biesheuvel@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-ed1-x542.google.com (mail-ed1-x542.google.com [IPv6:2a00:1450:4864:20::542]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D3A7A211AE8D3 for ; Fri, 4 Jan 2019 06:43:42 -0800 (PST) Received: by mail-ed1-x542.google.com with SMTP id f23so32000607edb.3 for ; Fri, 04 Jan 2019 06:43:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=rYSNf66LQZbOWNj2heIxB2LcEH/VonExswX2VwXWK3Q=; b=FQPP9C08nhKjCE1lPiNUAxV2CWrIDhECGjeWi3PbJYtLX4QGAwWfdeAFW4q5dvmOWl 8XIOzUG28/qGa5kvIZTNGX+Bbc8xzhRHkglQ26GmFVZNtYtHiQMSqkRjLoeWQG9Jfd55 IPPt8VJbR+6N0II6cjgfy3EWblwu3Pa1m8oP8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=rYSNf66LQZbOWNj2heIxB2LcEH/VonExswX2VwXWK3Q=; b=M9Fs7xre6YEKCb63L2S/+qhtqkTWj4d2qralrz0J7Cso9ChlwSjkIXEc3gu/ZpBJ4R x+my0+c+4IcWRpSX5vGBq5jw7RZWNXt+oXFVn7bVE0zOuz00V/emBk2Z/NOn06RIJDF8 N35tIs8Z+mS122iE+Hg3qyFus0AwPIjtIVVg4SyuqZY6RABCnjiDa5BI9M1Lm+3GwE9/ KsJfPCR0Ix5K6aha6n+iCPvIEJXJPRIHPsx7IgSOW5BoZgo9jkYJb3L/oWERMsJPe1b1 dFVv0s7M+Q78MB0KLeix7yufxFZl7WIQ7VaIuwV3Oy+c3rGXsLwcunGAk7kPXFNI6Lfh H0Gg== X-Gm-Message-State: AA+aEWbphGvESW3S/WHiqO9eLhhdzTthtzovlckn+uTDImksHrWYMXgu v3ZNb+YBbFYNgmnXXFjHlRz9eZtVqIl18w== X-Received: by 2002:a50:9665:: with SMTP id y92mr45004407eda.282.1546613020742; Fri, 04 Jan 2019 06:43:40 -0800 (PST) Received: from dogfood.home ([2a01:cb1d:112:6f00:183a:9013:d5a3:37a8]) by smtp.gmail.com with ESMTPSA id q16sm21608226eds.60.2019.01.04.06.43.39 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 04 Jan 2019 06:43:39 -0800 (PST) From: Ard Biesheuvel To: edk2-devel@lists.01.org Date: Fri, 4 Jan 2019 15:43:29 +0100 Message-Id: <20190104144336.8941-1-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 Subject: [edk2] [PATCH edk2-platforms 0/7] Silicon/SynQuacer: implement SMM based secure boot X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" Wire up the various pieces so that the authenticated variable store runs entirely in standalone MM context residing in a secure partition. This primarily involves refactoring the platform's NOR flash driver so we can build a version that can work in the standalone MM context. Beyond that, it is just a matter of enabling all the boilerplate in the .DSC and .FDF files. Note that the resulting standalone MM firmware volume needs to be wrapped in a FIP, which is not part of the build sequence. Cc: Leif Lindholm Cc: Masahisa Kojima Ard Biesheuvel (7): Silicon/SynQuacer/Fip006Dxe: drop block I/O and disk I/O routines Silicon/SynQuacer/Fip006Dxe: factor out DXE specific pieces Silicon/SynQuacer/Fip006Dxe: implement standalone MM variant Silicon/SynQuacer/Fip006Dxe: use proper accessor for unaligned access Platform/DeveloperBox: create shared .DSC include file Platform/DeveloperBox: add .DSC/.FDF description of MM components Platform/DeveloperBox: add MM based UEFI secure boot support .../Socionext/DeveloperBox/DeveloperBox.dsc | 304 +--- .../DeveloperBox/DeveloperBox.dsc.inc | 315 ++++ .../Socionext/DeveloperBox/DeveloperBox.fdf | 13 + .../Socionext/DeveloperBox/DeveloperBoxMm.dsc | 103 ++ .../Socionext/DeveloperBox/DeveloperBoxMm.fdf | 161 ++ .../SynQuacer/Drivers/Fip006Dxe/Fip006Dxe.inf | 9 +- .../Drivers/Fip006Dxe/Fip006StandaloneMm.inf | 71 + .../SynQuacer/Drivers/Fip006Dxe/NorFlash.c | 1006 +++++++++++++ .../Fip006Dxe/{NorFlashDxe.h => NorFlash.h} | 93 +- .../Drivers/Fip006Dxe/NorFlashBlockIoDxe.c | 138 -- .../SynQuacer/Drivers/Fip006Dxe/NorFlashDxe.c | 1341 ++--------------- .../{NorFlashFvbDxe.c => NorFlashFvb.c} | 197 +-- .../SynQuacer/Drivers/Fip006Dxe/NorFlashSmm.c | 182 +++ 13 files changed, 2076 insertions(+), 1857 deletions(-) create mode 100644 Platform/Socionext/DeveloperBox/DeveloperBox.dsc.inc create mode 100644 Platform/Socionext/DeveloperBox/DeveloperBoxMm.dsc create mode 100644 Platform/Socionext/DeveloperBox/DeveloperBoxMm.fdf create mode 100644 Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/Fip006StandaloneMm.inf create mode 100644 Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlash.c rename Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/{NorFlashDxe.h => NorFlash.h} (85%) delete mode 100644 Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlashBlockIoDxe.c rename Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/{NorFlashFvbDxe.c => NorFlashFvb.c} (76%) create mode 100644 Silicon/Socionext/SynQuacer/Drivers/Fip006Dxe/NorFlashSmm.c -- 2.17.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel Reviewed-by: Leif Lindholm