diff --git a/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc b/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc index eb3ed7470b3..8a650a700c9 100644 --- a/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc +++ b/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc @@ -14,15 +14,13 @@ #include #include +#include "HostFwInfo.h" + #define PACKAGE_VERSION 0xFFFFFFFF #define PACKAGE_VERSION_STRING L"Unknown" -#define CURRENT_FIRMWARE_VERSION 0x7E841A00 // YearMonthDayBuild (0xYYYMDDBB) -#define CURRENT_FIRMWARE_VERSION_STRING L"2024.04.26.00" -#define LOWEST_SUPPORTED_FIRMWARE_VERSION 0x0204640C - #define IMAGE_ID SIGNATURE_64('A', 'A', 'D', 'P', '_', 'F', 'W', ' ') -#define IMAGE_ID_STRING L"ADLINK AADP System Firmware" +#define IMAGE_ID_STRING L"ADLINK AADP Host Firmware" // PcdSystemFmpCapsuleImageTypeIdGuid #define IMAGE_TYPE_ID_GUID { 0xcdcdd0b7, 0x8afb, 0x4883, { 0x85, 0x3a, 0xae, 0x93, 0x98, 0x07, 0x7a, 0x0e } } @@ -35,7 +33,7 @@ typedef struct { CHAR16 PackageVersionNameStr[sizeof(PACKAGE_VERSION_STRING)/sizeof(CHAR16)]; } IMAGE_DESCRIPTOR; -STATIC IMAGE_DESCRIPTOR mImageDescriptor = +STATIC IMAGE_DESCRIPTOR mHostImageDescriptor = { { EDKII_SYSTEM_FIRMWARE_IMAGE_DESCRIPTOR_SIGNATURE, @@ -43,7 +41,7 @@ STATIC IMAGE_DESCRIPTOR mImageDescriptor = sizeof(IMAGE_DESCRIPTOR), PACKAGE_VERSION, // PackageVersion OFFSET_OF (IMAGE_DESCRIPTOR, PackageVersionNameStr), // PackageVersionName - 1, // ImageIndex; + 0, // ImageIndex; {0x0}, // Reserved IMAGE_TYPE_ID_GUID, // ImageTypeId; IMAGE_ID, // ImageId; @@ -51,15 +49,17 @@ STATIC IMAGE_DESCRIPTOR mImageDescriptor = CURRENT_FIRMWARE_VERSION, // Version; OFFSET_OF (IMAGE_DESCRIPTOR, VersionNameStr), // VersionName; {0x0}, // Reserved2 - 0, // Size; + 0xA00000, // Size; IMAGE_ATTRIBUTE_IMAGE_UPDATABLE | IMAGE_ATTRIBUTE_RESET_REQUIRED | IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED | - IMAGE_ATTRIBUTE_IN_USE, // AttributesSupported; + IMAGE_ATTRIBUTE_IN_USE | + IMAGE_ATTRIBUTE_UEFI_IMAGE, // AttributesSupported; IMAGE_ATTRIBUTE_IMAGE_UPDATABLE | IMAGE_ATTRIBUTE_RESET_REQUIRED | IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED | - IMAGE_ATTRIBUTE_IN_USE, // AttributesSetting; + IMAGE_ATTRIBUTE_IN_USE | + IMAGE_ATTRIBUTE_UEFI_IMAGE, // AttributesSetting; 0x0, // Compatibilities; LOWEST_SUPPORTED_FIRMWARE_VERSION, // LowestSupportedImageVersion; 0x00000000, // LastAttemptVersion; @@ -73,4 +73,4 @@ STATIC IMAGE_DESCRIPTOR mImageDescriptor = PACKAGE_VERSION_STRING, }; -VOID* CONST ReferenceAcpiTable = &mImageDescriptor; +VOID* CONST ReferenceAcpiTable = &mHostImageDescriptor; diff --git a/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf b/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf index 792a28aaff6..22faf63ba2a 100644 --- a/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf +++ b/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf @@ -32,8 +32,6 @@ PeiServicesLib PeimEntryPoint -[FixedPcd] - [Pcd] gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor diff --git a/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini b/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/TfaUefiFirmwareUpdateConfig.ini similarity index 70% rename from Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini rename to Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/TfaUefiFirmwareUpdateConfig.ini index 721fbff4552..1471fa729a1 100644 --- a/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini +++ b/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/TfaUefiFirmwareUpdateConfig.ini @@ -10,12 +10,12 @@ [Head] NumOfUpdate = 1 NumOfRecovery = 0 -Update0 = AADP_UEFI_TFA +Update0 = AADP_TFA_UEFI -[AADP_UEFI_TFA] -FirmwareType = 2147483650 # SystemFirmware: 0x80000002 - OEM UEFI and ARM Trusted Firmware +[AADP_TFA_UEFI] +FirmwareType = 2147483650 # SystemFirmware: 0x80000002 - ARM Trusted Firmware and OEM UEFI AddressType = 1 # 0 - relative address, 1 - absolute address. BaseAddress = 0x00000000 # Base address offset on flash Length = 0x00D10000 # Length ImageOffset = 0x00000000 # Image offset of this SystemFirmware image -FileGuid = c07b0079-b3a2-448d-8c9c-46ba3c42b33e # PcdEdkiiSystemFirmwareFileGuid +FileGuid = 074c21e5-7d17-48e9-808d-f0c85e52a7db # PcdEdkiiSystemFirmwareFileGuid diff --git a/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/SCPFirmwareUpdateConfig.ini b/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/UefiFirmwareUpdateConfig.ini similarity index 77% rename from Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/SCPFirmwareUpdateConfig.ini rename to Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/UefiFirmwareUpdateConfig.ini index eeccd5be0de..0ff55feb4f3 100644 --- a/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/SCPFirmwareUpdateConfig.ini +++ b/Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/UefiFirmwareUpdateConfig.ini @@ -10,12 +10,12 @@ [Head] NumOfUpdate = 1 NumOfRecovery = 0 -Update0 = AltraSCP +Update0 = AADP_UEFI -[AltraSCP] -FirmwareType = 2147483649 # 0x80000001: SMpro/PMpro Firmware +[AADP_UEFI] +FirmwareType = 2147483651 # SystemFirmware: 0x80000003 - OEM UEFI AddressType = 1 # 0 - relative address, 1 - absolute address. BaseAddress = 0x00000000 # Base address offset on flash -Length = 0x00050000 # Length +Length = 0x00A10000 # Length ImageOffset = 0x00000000 # Image offset of this SystemFirmware image FileGuid = c07b0079-b3a2-448d-8c9c-46ba3c42b33e # PcdEdkiiSystemFirmwareFileGuid diff --git a/Platform/ADLINK/ComHpcAltPkg/ComHpcAlt.dsc b/Platform/ADLINK/ComHpcAltPkg/ComHpcAlt.dsc index 11ab759d2cb..82485e277b6 100644 --- a/Platform/ADLINK/ComHpcAltPkg/ComHpcAlt.dsc +++ b/Platform/ADLINK/ComHpcAltPkg/ComHpcAlt.dsc @@ -55,9 +55,13 @@ DEFINE DEBUG_PRINT_ERROR_LEVEL = 0x8000004F !endif - DEFINE FIRMWARE_VER = 2024.01.01-01 + DEFINE FIRMWARE_VER = 00.01.01-00 + DEFINE FIRMWARE_VER_HEX = 0x00010100 + DEFINE CAPSULE_ENABLE = TRUE + DEFINE INCLUDE_TFA_FW = TRUE DEFINE SECURE_BOOT_ENABLE = TRUE DEFINE TPM2_ENABLE = TRUE + DEFINE SHELL_ENABLE = TRUE DEFINE INCLUDE_TFTP_COMMAND = TRUE DEFINE PLATFORM_CONFIG_UUID = 0690C53C-01B5-40AD-A65B-5399AC0B1E9B @@ -73,31 +77,10 @@ DEFINE PERFORMANCE_MEASUREMENT_ENABLE = FALSE DEFINE HEAP_GUARD_ENABLE = FALSE -# How to enable Secure Boot support -# From https://github.com/edk2-porting/edk2-rk3588/issues/69 - -# In case you haven't seen how we do it on the Pi, this is relatively -# easy to add during the EDK2 build process. -# -# Basically you want to first get all the needed Secure Boot certificates -# and dbx, most of which can be downloaded directly: -# https://github.com/pftf/RPi4/blob/master/.github/workflows/linux_edk2.yml#L50-L58 -# -# Note that, because we sure don't want any third party (including -# ourselves) to have control over somebody else's machine when it comes -# to Secure Boot, we always generate a new PK as part of the build process and then discard the private key altogether. -# -# Then, at EDK2 build time, you just need to feed the -# -D SECURE_BOOT_ENABLE=TRUE option along with something like -# -D DEFAULT_KEYS=TRUE -D PK_DEFAULT_FILE=$WORKSPACE/keys/pk.cer -# -D KEK_DEFAULT_FILE1=$WORKSPACE/keys/ms_kek.cer -# -D DB_DEFAULT_FILE1=$WORKSPACE/keys/ms_db1.cer -# -D DB_DEFAULT_FILE2=$WORKSPACE/keys/ms_db2.cer -# -D DBX_DEFAULT_FILE1=$WORKSPACE/keys/arm64_dbx.bin: -# https://github.com/pftf/RPi4/blob/master/.github/workflows/linux_edk2.yml#L64-L65 -# -# And with this, you should have a UEFI firmware that both Windows and -# Linux are happy with when it comes to Secure Boot. +!if $(CAPSULE_ENABLE) == TRUE + DEFINE UEFI_IMAGE = Build/ComHpcAlt/comhpcalt_uefi.bin + DEFINE TFA_UEFI_IMAGE = Build/ComHpcAlt/comhpcalt_tfa_uefi.bin +!endif !include MdePkg/MdeLibs.dsc.inc @@ -112,6 +95,7 @@ [LibraryClasses] OemMiscLib|Platform/ADLINK/ComHpcAltPkg/Library/OemMiscLib/OemMiscLib.inf + JedecJep106Lib|MdePkg/Library/JedecJep106Lib/JedecJep106Lib.inf # # ACPI Libraries @@ -169,6 +153,8 @@ # gAmpereTokenSpaceGuid.PcdPcieHotPlugPortMapTable.UseDefaultConfig|FALSE + gEfiMdeModulePkgTokenSpaceGuid.PcdSupportUpdateCapsuleReset|TRUE + [PcdsFixedAtBuild] gAmpereTokenSpaceGuid.PcdPcieHotPlugGpioResetMap|0x3F @@ -198,6 +184,17 @@ gAmpereTokenSpaceGuid.PcdSmbusI2cBusSpeed|100000 + # We should support CoD in future, since it provides a nicer + # upgrade experience (e.g. a progress bar). + gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleOnDiskSupport|FALSE + +!if $(SECURE_BOOT_ENABLE) == TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0} + !include Platform/ADLINK/ComHpcAltPkg/root.cer.gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer.inc +!endif + + gAmpereTokenSpaceGuid.PcdFirmwareVersionNumber|$(FIRMWARE_VER_HEX) + gPostCodeDebugFeaturePkgTokenSpaceGuid.PcdStatusCodeUsePostCode|TRUE [PcdsFixedAtBuild.common] @@ -289,8 +286,19 @@ [PcdsDynamicExDefault.common.DEFAULT] gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100 - gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0xf6, 0xc8, 0x4a, 0x70, 0x39, 0xcb, 0xb7, 0x47, 0x8f, 0x26, 0x39, 0x6c, 0xe9, 0xdb, 0x69, 0x71} - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0x79, 0x00, 0x7b, 0xc0, 0xa2, 0xb3, 0x8d, 0x44, 0x8c, 0x9c, 0x46, 0xba, 0x3c, 0x42, 0xb3, 0x3e} + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{GUID("cdcdd0b7-8afb-4883-853a-ae9398077a0e")}|VOID*|0x10 + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{GUID("074c21e5-7d17-48e9-808d-f0c85e52a7db")}|VOID*|0x10 + + # Default Video Resolution + gEfiMdeModulePkgTokenSpaceGuid.PcdVideoHorizontalResolution|0 # 0 - Maximum + gEfiMdeModulePkgTokenSpaceGuid.PcdVideoVerticalResolution|0 # 0 - Maximum + gEfiMdeModulePkgTokenSpaceGuid.PcdConOutColumn|0 # 0 - Maximum + gEfiMdeModulePkgTokenSpaceGuid.PcdConOutRow|0 # 0 - Maximum + # Setup Video Resolution + gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoHorizontalResolution|0 # 0 - Maximum + gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoVerticalResolution|0 # 0 - Maximum + gEfiMdeModulePkgTokenSpaceGuid.PcdSetupConOutColumn|0 # 0 - Maximum + gEfiMdeModulePkgTokenSpaceGuid.PcdSetupConOutRow|0 # 0 - Maximum [PcdsPatchableInModule] # @@ -357,15 +365,6 @@ ManageabilityPkg/Universal/IpmiBlobTransferDxe/IpmiBlobTransferDxe.inf Features/ManageabilityPkg/Universal/IpmiProtocol/Dxe/IpmiProtocolDxe.inf - # - # Firmware Capsule Update - # - Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf - MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf - MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf - # # HII # @@ -377,6 +376,32 @@ Silicon/Ampere/AmpereAltraPkg/Drivers/RootComplexConfigDxe/RootComplexConfigDxe.inf Silicon/Ampere/AmpereSiliconPkg/Drivers/BmcConfigDxe/BmcConfigDxe.inf + # + # Firmware Capsule Update + # +!if $(CAPSULE_ENABLE) == TRUE + Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf + MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf + MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf { + + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf + } + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf { + + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf + } + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf { + + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf + } + + # + # System Firmware Update + # + Silicon/Ampere/AmpereAltraPkg/Drivers/SystemFirmwareUpdateDxe/SystemFirmwareUpdateDxe.inf +!endif + # Redfish # !if $(NETWORK_ENABLE) == TRUE @@ -416,10 +441,17 @@ !if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.inf MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTableDxe/FirmwarePerformanceDxe.inf - ShellPkg/DynamicCommand/DpDynamicCommand/DpDynamicCommand.inf +!if $(SHELL_ENABLE) == TRUE + ShellPkg/DynamicCommand/DpDynamicCommand/DpDynamicCommand.inf { + + gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE + } +!endif !endif # # OpRom emulator # +!if $(X86_EMULATOR_ENABLE) == TRUE Emulator/X86EmulatorDxe/X86EmulatorDxe.inf +!endif diff --git a/Platform/ADLINK/ComHpcAltPkg/ComHpcAlt.fdf b/Platform/ADLINK/ComHpcAltPkg/ComHpcAlt.fdf index 7ff6570cfa4..cfecffec673 100644 --- a/Platform/ADLINK/ComHpcAltPkg/ComHpcAlt.fdf +++ b/Platform/ADLINK/ComHpcAltPkg/ComHpcAlt.fdf @@ -20,8 +20,11 @@ # ################################################################################ -# Note: We actually have 26MB (0x01A0'0000 bytes) for UEFI. -# A smaller size of 8MB is used to reduce time for flashing etc. +# Note: We have 10MB (0x00A0'0000 bytes) for UEFI. +# +# If this 10MB is ever changed, ComHpcAltCapsule.fdf and +# Capsule/HostFirmwareDescriptor/HostFirmwareDescriptor.aslc need +# updated too. [FD.BL33_COMHPCALT_UEFI] BaseAddress = 0x92000000|gArmTokenSpaceGuid.PcdFdBaseAddress # The base address of the Firmware in NOR Flash. @@ -51,18 +54,18 @@ NumBlocks = 0xA0 # # FV MAIN # Offset: 0x00000000 -# Size: 0x00970000 +# Size: 0x00900000 # -0x00000000|0x00970000 +0x00000000|0x00900000 gArmTokenSpaceGuid.PcdFvBaseAddress|gArmTokenSpaceGuid.PcdFvSize FV = FVMAIN_COMPACT # # NV Variables -# Offset: 0x00970000 -# Size: 0x00030000 +# Offset: 0x00900000 +# Size: 0x00100000 # -0x00970000|0x00030000 +0x00900000|0x00070000 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize DATA = { ## This is the EFI_FIRMWARE_VOLUME_HEADER @@ -80,8 +83,8 @@ DATA = { 0x5f, 0x46, 0x56, 0x48, 0xff, 0xfe, 0x04, 0x00, # HeaderLength # CheckSum # ExtHeaderOffset #Reserved #Revision 0x48, 0x00, 0x2D, 0x09, 0x00, 0x00, 0x00, 0x02, - # Blockmap[0]: 0x3 Blocks * 0x10000 Bytes / Block - 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, + # Blockmap[0]: 0x7 Blocks * 0x10000 Bytes / Block + 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, # Blockmap[1]: End 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ## This is the VARIABLE_STORE_HEADER @@ -91,15 +94,15 @@ DATA = { # { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 }} 0x78, 0x2c, 0xf3, 0xaa, 0x7b, 0x94, 0x9a, 0x43, 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92, - # Size: 0x30000 (gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize) - - # 0x48 (size of EFI_FIRMWARE_VOLUME_HEADER) = 0x2FFB8 + # Size: 0xB0000 (gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize) - + # 0x48 (size of EFI_FIRMWARE_VOLUME_HEADER) = 0xAFFB8 # This can speed up the Variable Dispatch a bit. - 0xB8, 0xFF, 0x02, 0x00, + 0xB8, 0xFF, 0x06, 0x00, # FORMATTED: 0x5A #HEALTHY: 0xFE #Reserved: UINT16 #Reserved1: UINT32 0x5A, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -0x009A0000|0x00010000 +0x00970000|0x00020000 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize DATA = { # EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER->Signature = gEdkiiWorkingBlockSignatureGuid = @@ -109,16 +112,12 @@ DATA = { # Crc:UINT32 #WorkingBlockValid:1, WorkingBlockInvalid:1, Reserved 0x2c, 0xaf, 0x2c, 0x64, 0xFE, 0xFF, 0xFF, 0xFF, # WriteQueueSize: UINT64 Size: 0x10000 - 0x20 (FTW_WORKING_HEADER) = 0xFFE0 - 0xE0, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + 0xE0, 0xFF, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00 } -0x009B0000|0x00040000 +0x00990000|0x00070000 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize -# Leave 0x10000 (64KB) at the end for VPD data -# 0x009F0000|0x00010000 -# Absolute SPI-NOR flash address: 0xFF0000 - ################################################################################ # # FV Section @@ -160,21 +159,27 @@ APRIORI PEI { INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf } +!if $(CAPSULE_ENABLE) == TRUE + INF RuleOverride = FMP_IMAGE_DESC Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf +!endif + INF ArmPlatformPkg/Sec/Sec.inf INF MdeModulePkg/Core/Pei/PeiMain.inf INF UefiCpuPkg/CpuIoPei/CpuIoPei.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE + INF MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.inf +!endif INF ArmPlatformPkg/PlatformPei/PlatformPeim.inf INF Silicon/Ampere/AmpereAltraPkg/Drivers/ATFHobPei/ATFHobPeim.inf INF ArmPlatformPkg/MemoryInitPei/MemoryInitPeim.inf INF Silicon/Ampere/AmpereAltraPkg/Drivers/FlashPei/FlashPei.inf -!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE - INF MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTablePei/FirmwarePerformancePei.inf -!endif INF Silicon/Ampere/AmpereAltraPkg/Drivers/BootProgress/BootProgressPeim/BootProgressPeim.inf INF ArmPkg/Drivers/CpuPei/CpuPei.inf INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf INF MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf + INF MdeModulePkg/Universal/CapsuleOnDiskLoadPei/CapsuleOnDiskLoadPei.inf + INF MdeModulePkg/Universal/CapsulePei/CapsulePei.inf INF MdeModulePkg/Universal/ReportStatusCodeRouter/Pei/ReportStatusCodeRouterPei.inf INF MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf INF Silicon/Ampere/AmpereAltraPkg/Drivers/PcieInitPei/PcieInitPei.inf @@ -192,8 +197,6 @@ APRIORI PEI { INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf - INF RuleOverride = FMP_IMAGE_DESC Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf - FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 { SECTION GUIDED EE4E5898-3914-4259-9D6E-DC7BD79403CF PROCESSING_REQUIRED = TRUE { SECTION FV_IMAGE = FVMAIN @@ -250,6 +253,8 @@ APRIORI DXE { !if $(SECURE_BOOT_ENABLE) == TRUE INF SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf INF SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf + + !include ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc !endif INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf INF MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf @@ -367,6 +372,7 @@ APRIORI DXE { # # UEFI application (Shell Embedded Boot Loader) # +!if $(SHELL_ENABLE) == TRUE INF ShellPkg/Application/Shell/Shell.inf !if $(INCLUDE_TFTP_COMMAND) == TRUE INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf @@ -374,6 +380,7 @@ APRIORI DXE { !if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE INF ShellPkg/DynamicCommand/DpDynamicCommand/DpDynamicCommand.inf !endif +!endif !if $(TPM2_ENABLE) == TRUE INF Silicon/Ampere/AmpereAltraPkg/Drivers/Tcg2Dxe/Tcg2Dxe.inf @@ -391,6 +398,9 @@ APRIORI DXE { INF MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf INF MdeModulePkg/Application/UiApp/UiApp.inf + INF MdeModulePkg/Universal/BootManagerPolicyDxe/BootManagerPolicyDxe.inf + INF Silicon/Ampere/AmpereSiliconPkg/Drivers/PlatformBootManagerDxe/PlatformBootManagerDxe.inf + INF Silicon/Ampere/AmpereSiliconPkg/Drivers/IpmiBootDxe/IpmiBootDxe.inf # # Networking stack @@ -404,6 +414,7 @@ APRIORI DXE { # INF MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf INF Platform/Ampere/JadePkg/Drivers/AcpiPlatformDxe/AcpiPlatformDxe.inf + INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf INF RuleOverride=ACPITABLE Silicon/Ampere/AmpereAltraPkg/AcpiCommonTables/AcpiCommonTables.inf INF RuleOverride=ACPITABLE Platform/ADLINK/ComHpcAltPkg/Ac01AcpiTables/Ac01AcpiTables.inf INF RuleOverride=ACPITABLE Platform/ADLINK/ComHpcAltPkg/Ac02AcpiTables/Ac02AcpiTables.inf @@ -412,21 +423,19 @@ APRIORI DXE { # SMBIOS # INF MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf - INF ArmPkg/Universal/Smbios/ProcessorSubClassDxe/ProcessorSubClassDxe.inf INF ArmPkg/Universal/Smbios/SmbiosMiscDxe/SmbiosMiscDxe.inf + INF ArmPkg/Universal/Smbios/ProcessorSubClassDxe/ProcessorSubClassDxe.inf INF Platform/ADLINK/ComHpcAltPkg/Drivers/SmbiosPlatformDxe/SmbiosPlatformDxe.inf INF ManageabilityPkg/Universal/IpmiBlobTransferDxe/IpmiBlobTransferDxe.inf # # Firmware Capsule Update # - INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf - INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf - - FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) { - SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer - SECTION UI = "Pkcs7TestRoot" - } +!if $(CAPSULE_ENABLE) == TRUE + INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf + INF MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf +!endif # # HII @@ -439,10 +448,14 @@ APRIORI DXE { INF Silicon/Ampere/AmpereAltraPkg/Drivers/RootComplexConfigDxe/RootComplexConfigDxe.inf INF Silicon/Ampere/AmpereSiliconPkg/Drivers/BmcConfigDxe/BmcConfigDxe.inf + INF MdeModulePkg/Logo/LogoDxe.inf + # # Emulator for x64 OpRoms, etc. # +!if $(X86_EMULATOR_ENABLE) == TRUE INF Emulator/X86EmulatorDxe/X86EmulatorDxe.inf +!endif # # set MMC power off type diff --git a/Platform/ADLINK/ComHpcAltPkg/ComHpcAltBoardSetting.cfg b/Platform/ADLINK/ComHpcAltPkg/ComHpcAltBoardSetting.cfg index 676beaf7eb5..bb061cccc69 100644 --- a/Platform/ADLINK/ComHpcAltPkg/ComHpcAltBoardSetting.cfg +++ b/Platform/ADLINK/ComHpcAltPkg/ComHpcAltBoardSetting.cfg @@ -1,27 +1,30 @@ +## +# @file # COM-HPC-ALT board setting # -# Settings between #(, #) are provided by EE team, -# DO NOT change without consault EE while upgrade to -# Ampere Altra reference design. +# BOARD_VENDOR 0x5F13 (24339) refers to "ADLINK TECHNOLOGY INC." in +# https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers # -# BOARD_VENDOR 0x5F13()=24339) is refer to "ADLINK TECHNOLOGY INC." of https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers # BOARD_TYPE is COM=1 # BOARD_REV=1 will go with HW. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + # # Name, offset (hex), value # value can be hex or decimal # -#( NV_SI_RO_BOARD_VENDOR, 0x0000, 0x00005F13 NV_SI_RO_BOARD_TYPE, 0x0008, 0x00000001 NV_SI_RO_BOARD_REV, 0x0010, 0x00000001 NV_SI_RO_BOARD_CFG, 0x0018, 0x00000000 -NV_SI_RO_BOARD_S0_DIMM_AVAIL, 0x0020, 0x00001515 +NV_SI_RO_BOARD_S0_DIMM_AVAIL, 0x0020, 0x0000ffff NV_SI_RO_BOARD_S1_DIMM_AVAIL, 0x0028, 0x00000000 NV_SI_RO_BOARD_SPI0CS0_FREQ_KHZ, 0x0030, 0x00004E20 NV_SI_RO_BOARD_SPI0CS1_FREQ_KHZ, 0x0038, 0x00004E20 -#) NV_SI_RO_BOARD_SPI1CS0_FREQ_KHZ, 0x0040, 0x00002710 NV_SI_RO_BOARD_SPI1CS1_FREQ_KHZ, 0x0048, 0x00002710 NV_SI_RO_BOARD_TPM_LOC, 0x0050, 0x00000000 @@ -30,24 +33,17 @@ NV_SI_RO_BOARD_I2C1_FREQ_KHZ, 0x0060, 0x00000190 NV_SI_RO_BOARD_I2C2_10_FREQ_KHZ, 0x0068, 0x00000190 NV_SI_RO_BOARD_I2C3_FREQ_KHZ, 0x0070, 0x00000190 NV_SI_RO_BOARD_I2C9_FREQ_KHZ, 0x0078, 0x00000190 -#( NV_SI_RO_BOARD_2P_CFG, 0x0080, 0xFFFFFF00 NV_SI_RO_BOARD_S0_RCA0_CFG, 0x0088, 0x00000004 NV_SI_RO_BOARD_S0_RCA1_CFG, 0x0090, 0x00000004 NV_SI_RO_BOARD_S0_RCA2_CFG, 0x0098, 0x00000000 -#) NV_SI_RO_BOARD_S0_RCA3_CFG, 0x00A0, 0x00000004 -#( -#x8 BCM575 = 0x00000003 +# x8 BCM575 = 0x00000003 NV_SI_RO_BOARD_S0_RCB0_LO_CFG, 0x00A8, 0x00000003 NV_SI_RO_BOARD_S0_RCB0_HI_CFG, 0x00B0, 0x00000003 -#) -#( NV_SI_RO_BOARD_S0_RCB1_LO_CFG, 0x00B8, 0x00000000 NV_SI_RO_BOARD_S0_RCB1_HI_CFG, 0x00C0, 0x00000000 -#) -#( -#x1:USB3 x1:VGA = 0x00020002 +# x1:USB3 x1:VGA = 0x00020002 NV_SI_RO_BOARD_S0_RCB2_LO_CFG, 0x00C8, 0x00020002 # x0:NULL x1:i210 = 0x00000002 NV_SI_RO_BOARD_S0_RCB2_HI_CFG, 0x00D0, 0x00000002 @@ -55,10 +51,8 @@ NV_SI_RO_BOARD_S0_RCB2_HI_CFG, 0x00D0, 0x00000002 NV_SI_RO_BOARD_S0_RCB3_LO_CFG, 0x00D8, 0x00020002 # x4:M2.1 x4:M2.2 = 0x00020002 NV_SI_RO_BOARD_S0_RCB3_HI_CFG, 0x00E0, 0x00020002 -#) NV_SI_RO_BOARD_S1_RCA0_CFG, 0x00E8, 0x00000000 NV_SI_RO_BOARD_S1_RCA1_CFG, 0x00F0, 0x00000000 -#( NV_SI_RO_BOARD_S1_RCA2_CFG, 0x00F8, 0x00000000 NV_SI_RO_BOARD_S1_RCA3_CFG, 0x0100, 0x00000000 NV_SI_RO_BOARD_S1_RCB0_LO_CFG, 0x0108, 0x00000000 @@ -69,7 +63,6 @@ NV_SI_RO_BOARD_S1_RCB2_LO_CFG, 0x0128, 0x00000000 NV_SI_RO_BOARD_S1_RCB2_HI_CFG, 0x0130, 0x00000000 NV_SI_RO_BOARD_S1_RCB3_LO_CFG, 0x0138, 0x00000000 NV_SI_RO_BOARD_S1_RCB3_HI_CFG, 0x0140, 0x00000000 -#) NV_SI_RO_BOARD_T_LTLM_DELTA_P0, 0x0148, 0x00000001 NV_SI_RO_BOARD_T_LTLM_DELTA_P1, 0x0150, 0x00000002 NV_SI_RO_BOARD_T_LTLM_DELTA_P2, 0x0158, 0x00000003 @@ -86,17 +79,11 @@ NV_SI_RO_BOARD_P_LM_EXP_SMOOTH_CONST, 0x01A8, 0x00000000 NV_SI_RO_BOARD_TPM_ALG_ID, 0x01B0, 0x00000002 NV_SI_RO_BOARD_DDR_SPEED_GRADE, 0x01B8, 0x00000C80 NV_SI_RO_BOARD_DDR_S0_RTT_WR, 0x01C0, 0x20020000 -#( NV_SI_RO_BOARD_DDR_S1_RTT_WR, 0x01C8, 0x00000000 -#) NV_SI_RO_BOARD_DDR_S0_RTT_NOM, 0x01D0, 0x31060177 -#( NV_SI_RO_BOARD_DDR_S1_RTT_NOM, 0x01D8, 0x00000000 -#) NV_SI_RO_BOARD_DDR_S0_RTT_PARK, 0x01E0, 0x30060070 -#( NV_SI_RO_BOARD_DDR_S1_RTT_PARK, 0x01E8, 0x00000000 -#) NV_SI_RO_BOARD_DDR_CS0_RDODT_MASK_1DPC, 0x01F0, 0x00000000 NV_SI_RO_BOARD_DDR_CS1_RDODT_MASK_1DPC, 0x01F8, 0x00000000 NV_SI_RO_BOARD_DDR_CS2_RDODT_MASK_1DPC, 0x0200, 0x00000000 @@ -135,22 +122,16 @@ NV_SI_RO_BOARD_DDR_PHY_VREF_ADJ, 0x0300, 0x00000000 NV_SI_RO_BOARD_DDR_DRAM_VREF_ADJ, 0x0308, 0x00000000 NV_SI_RO_BOARD_DDR_WR_PREAMBLE_CYCLE, 0x0310, 0x02010201 NV_SI_RO_BOARD_DDR_ADCMD_2T_MODE, 0x0318, 0x00000000 -#( NV_SI_RO_BOARD_I2C_VRD_CONFIG_INFO, 0x0320, 0x6A685860 -#) NV_SI_RO_BOARD_DDR_PHY_FEATURE_CTRL, 0x0328, 0x00000000 NV_SI_RO_BOARD_BMC_HANDSHAKE_SPI_ACCESS, 0x0330, 0x01050106 NV_SI_RO_BOARD_DIMM_TEMP_THRESHOLD, 0x0338, 0x000005F4 NV_SI_RO_BOARD_DIMM_SPD_COMPARE_DISABLE, 0x0340, 0x00000000 NV_SI_RO_BOARD_S0_PCIE_CLK_CFG, 0x0348, 0x00000000 -#( NV_SI_RO_BOARD_S0_RCA4_CFG, 0x0350, 0x00030003 NV_SI_RO_BOARD_S0_RCA5_CFG, 0x0358, 0x00000000 -#) NV_SI_RO_BOARD_S0_RCA6_CFG, 0x0360, 0x02020202 -#( NV_SI_RO_BOARD_S0_RCA7_CFG, 0x0368, 0x02020202 -#) NV_SI_RO_BOARD_S0_RCA0_TXRX_G3PRESET, 0x0370, 0x00000000 NV_SI_RO_BOARD_S0_RCA1_TXRX_G3PRESET, 0x0378, 0x00000000 NV_SI_RO_BOARD_S0_RCA2_TXRX_G3PRESET, 0x0380, 0x00000000 @@ -184,12 +165,10 @@ NV_SI_RO_BOARD_S0_RCA5_TXRX_G4PRESET, 0x0458, 0x57575757 NV_SI_RO_BOARD_S0_RCA6_TXRX_G4PRESET, 0x0460, 0x57575757 NV_SI_RO_BOARD_S0_RCA7_TXRX_G4PRESET, 0x0468, 0x57575757 NV_SI_RO_BOARD_S1_PCIE_CLK_CFG, 0x0470, 0x00000000 -#( NV_SI_RO_BOARD_S1_RCA4_CFG, 0x0478, 0x00000000 NV_SI_RO_BOARD_S1_RCA5_CFG, 0x0480, 0x00000000 NV_SI_RO_BOARD_S1_RCA6_CFG, 0x0488, 0x00000000 NV_SI_RO_BOARD_S1_RCA7_CFG, 0x0490, 0x00000000 -#) NV_SI_RO_BOARD_S1_RCA2_TXRX_G3PRESET, 0x0498, 0x00000000 NV_SI_RO_BOARD_S1_RCA3_TXRX_G3PRESET, 0x04A0, 0x00000000 NV_SI_RO_BOARD_S1_RCB0A_TXRX_G3PRESET, 0x04A8, 0x00000000 @@ -243,9 +222,7 @@ NV_SI_RO_BOARD_TPM_DISABLE, 0x0620, 0x00000000 NV_SI_RO_BOARD_MESH_S0_CXG_RC_STRONG_ORDERING_EN, 0x0628, 0x00000000 NV_SI_RO_BOARD_MESH_S1_CXG_RC_STRONG_ORDERING_EN, 0x0630, 0x00000000 NV_SI_RO_BOARD_GPIO_SW_WATCHDOG_EN, 0x0638, 0x00000000 -#( NV_SI_RO_BOARD_PCIE_HP_DISABLE, 0x0640, 0x00000001 -#) NV_SI_RO_BOARD_I2C_VRD_VOUT_FORMAT, 0x0648, 0x00000000 NV_SI_RO_BOARD_I2C_VRD_SMBUS_CMD_FLAGS, 0x0650, 0x00000000 NV_SI_RO_BOARD_CUST_SPM_LOCATION, 0x0658, 0x00000000 @@ -295,3 +272,9 @@ NV_SI_RO_BOARD_BMC_HANDSHAKE_SPI_TO1, 0x7B0, 0x00000000 NV_SI_RO_BOARD_BMC_HANDSHAKE_SPI_TO2, 0x7B8, 0x00000000 NV_SI_RO_BOARD_PCIE_AER_CE_THRESHOLD, 0x7C0, 0x00000001 NV_SI_RO_BOARD_PCIE_AER_CE_INTERVAL, 0x7C8, 0x00000000 +NV_SI_RO_BOARD_I2C_RCA_VRD_VOUT_FORMAT,0x7D0, 0x00000000 +NV_SI_RO_BOARD_CCIX_MODE_OVERWRITE, 0x7D8, 0x00000000 +NV_SI_RO_BOARD_DVFS_VOLT_READ_BACK_MARGIN_MV, 0x07E0, 0x00000000 +NV_SI_RO_BOARD_2P_DPLL, 0x7E8, 0x00000000 +NV_SI_RO_BOARD_RC_DOMAIN_CTRL, 0x7F0, 0x00000000 +NV_SI_RO_BOARD_PCIE_SRIS_MODE, 0x7F8, 0x00000000 diff --git a/Platform/ADLINK/ComHpcAltPkg/ComHpcAltCapsule.dsc b/Platform/ADLINK/ComHpcAltPkg/ComHpcAltCapsule.dsc index 6520c1e4320..ea9d49f9eb5 100644 --- a/Platform/ADLINK/ComHpcAltPkg/ComHpcAltCapsule.dsc +++ b/Platform/ADLINK/ComHpcAltPkg/ComHpcAltCapsule.dsc @@ -26,5 +26,6 @@ # Defines for default states. These can be changed on the command line. # -D FLAG=VALUE # - DEFINE UEFI_TFA_IMAGE = Build/ComHpcAlt/comhpcalt_tfa_uefi.bin - DEFINE SCP_IMAGE = altra_scp_signed_2.10.20230517.slim + DEFINE INCLUDE_TFA_FW = TRUE + DEFINE UEFI_IMAGE = Build/ComHpcAlt/comhpcalt_uefi.bin + DEFINE TFA_UEFI_IMAGE = Build/ComHpcAlt/comhpcalt_tfa_uefi.bin diff --git a/Platform/ADLINK/ComHpcAltPkg/ComHpcAltCapsule.fdf b/Platform/ADLINK/ComHpcAltPkg/ComHpcAltCapsule.fdf index 39ed2b55832..65e44fdefda 100644 --- a/Platform/ADLINK/ComHpcAltPkg/ComHpcAltCapsule.fdf +++ b/Platform/ADLINK/ComHpcAltPkg/ComHpcAltCapsule.fdf @@ -20,27 +20,25 @@ # ################################################################################ -[FD.ALTRA_SCP_FIRMWARE_CAPSULE] +[FD.COMHPCALT_HOST_FIRMWARE_CAPSULE] BaseAddress = 0x00000000 # The base address of the Firmware in NOR Flash. -Size = 0x00050000 # The size in bytes of the FLASH Device +!if $(INCLUDE_TFA_FW) == TRUE + Size = 0x00C10000 # The size in bytes of the FLASH Device +!else + Size = 0x00A10000 +!endif ErasePolarity = 1 0x00000000|0x00010000 FILE = $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv -0x00010000|0x00040000 -FILE = $(SCP_IMAGE) - -[FD.COMHPCALT_UEFI_TFA_FIRMWARE_CAPSULE] -BaseAddress = 0x00000000 # The base address of the Firmware in NOR Flash. -Size = 0x00D10000 # The size in bytes of the FLASH Device -ErasePolarity = 1 - -0x00000000|0x00010000 -FILE = $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv - -0x00010000|0x00D00000 -FILE = $(UEFI_TFA_IMAGE) +!if $(INCLUDE_TFA_FW) == TRUE + 0x00010000|0x00C00000 + FILE = $(TFA_UEFI_IMAGE) +!else + 0x00010000|0x00A00000 + FILE = $(UEFI_IMAGE) +!endif ################################################################################ # @@ -53,7 +51,7 @@ FILE = $(UEFI_TFA_IMAGE) # ################################################################################ -[FV.SystemScpFirmwareUpdateCargo] +[FV.HostFirmwareUpdateCargo] FvAlignment = 16 ERASE_POLARITY = 1 MEMORY_MAPPED = TRUE @@ -71,8 +69,8 @@ READ_STATUS = TRUE READ_LOCK_CAP = TRUE READ_LOCK_STATUS = TRUE -FILE RAW = c07b0079-b3a2-448d-8c9c-46ba3c42b33e { # PcdEdkiiSystemFirmwareFileGuid - FD = ALTRA_SCP_FIRMWARE_CAPSULE +FILE RAW = 074c21e5-7d17-48e9-808d-f0c85e52a7db { # PcdEdkiiSystemFirmwareFileGuid + FD = COMHPCALT_HOST_FIRMWARE_CAPSULE } FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid @@ -80,69 +78,28 @@ FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriver } FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid - Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/SCPFirmwareUpdateConfig.ini +!if $(INCLUDE_TFA_FW) + Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/TfaUefiFirmwareUpdateConfig.ini +!else + Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/UefiFirmwareUpdateConfig.ini +!endif } -[FmpPayload.FmpPayloadScpSystemFirmwarePkcs7] -IMAGE_HEADER_INIT_VERSION = 0x02 +[FmpPayload.FmpPayloadHostFirmwarePkcs7] +IMAGE_HEADER_INIT_VERSION = 0x03 IMAGE_TYPE_ID = cdcdd0b7-8afb-4883-853a-ae9398077a0e # PcdSystemFmpCapsuleImageTypeIdGuid IMAGE_INDEX = 0x1 HARDWARE_INSTANCE = 0x0 MONOTONIC_COUNT = 0x1 CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7 -FV = SystemScpFirmwareUpdateCargo +FV = HostFirmwareUpdateCargo -[Capsule.ComHpcAltScpFirmwareUpdateCapsuleFmpPkcs7] +[Capsule.ComHpcAltHostFirmware] CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid CAPSULE_HEADER_SIZE = 0x20 CAPSULE_HEADER_INIT_VERSION = 0x1 +#CAPSULE_FLAGS = PersistAcrossReset,InitiateReset -FMP_PAYLOAD = FmpPayloadScpSystemFirmwarePkcs7 - -[FV.SystemFirmwareUpdateCargo] -FvAlignment = 16 -ERASE_POLARITY = 1 -MEMORY_MAPPED = TRUE -STICKY_WRITE = TRUE -LOCK_CAP = TRUE -LOCK_STATUS = TRUE -WRITE_DISABLED_CAP = TRUE -WRITE_ENABLED_CAP = TRUE -WRITE_STATUS = TRUE -WRITE_LOCK_CAP = TRUE -WRITE_LOCK_STATUS = TRUE -READ_DISABLED_CAP = TRUE -READ_ENABLED_CAP = TRUE -READ_STATUS = TRUE -READ_LOCK_CAP = TRUE -READ_LOCK_STATUS = TRUE - -FILE RAW = c07b0079-b3a2-448d-8c9c-46ba3c42b33e { # PcdEdkiiSystemFirmwareFileGuid - FD = COMHPCALT_UEFI_TFA_FIRMWARE_CAPSULE - } - -FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid - $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSULEDISPATCHFV.Fv - } - -FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid - Platform/ADLINK/ComHpcAltPkg/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini - } - -[FmpPayload.FmpPayloadSystemFirmwarePkcs7] -IMAGE_HEADER_INIT_VERSION = 0x02 -IMAGE_TYPE_ID = cdcdd0b7-8afb-4883-853a-ae9398077a0e # PcdSystemFmpCapsuleImageTypeIdGuid -IMAGE_INDEX = 0x1 -HARDWARE_INSTANCE = 0x0 -MONOTONIC_COUNT = 0x1 -CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7 - -FV = SystemFirmwareUpdateCargo - -[Capsule.ComHpcAltUefiAtfFirmwareUpdateCapsuleFmpPkcs7] -CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid -CAPSULE_HEADER_SIZE = 0x20 -CAPSULE_HEADER_INIT_VERSION = 0x1 +FMP_PAYLOAD = FmpPayloadHostFirmwarePkcs7 -FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7 diff --git a/Platform/ADLINK/ComHpcAltPkg/Drivers/SmbiosPlatformDxe/SmbiosPlatformDxe.inf b/Platform/ADLINK/ComHpcAltPkg/Drivers/SmbiosPlatformDxe/SmbiosPlatformDxe.inf index 96e678477ae..e66ff74d81a 100644 --- a/Platform/ADLINK/ComHpcAltPkg/Drivers/SmbiosPlatformDxe/SmbiosPlatformDxe.inf +++ b/Platform/ADLINK/ComHpcAltPkg/Drivers/SmbiosPlatformDxe/SmbiosPlatformDxe.inf @@ -51,6 +51,7 @@ BaseMemoryLib DebugLib HiiLib + JedecJep106Lib MemoryAllocationLib NVParamLib UefiBootServicesTableLib diff --git a/Platform/ADLINK/ComHpcAltPkg/Drivers/SmbiosPlatformDxe/Type17/PlatformMemoryDeviceFunction.c b/Platform/ADLINK/ComHpcAltPkg/Drivers/SmbiosPlatformDxe/Type17/PlatformMemoryDeviceFunction.c index eaf418bd2c3..eb3ab747d44 100644 --- a/Platform/ADLINK/ComHpcAltPkg/Drivers/SmbiosPlatformDxe/Type17/PlatformMemoryDeviceFunction.c +++ b/Platform/ADLINK/ComHpcAltPkg/Drivers/SmbiosPlatformDxe/Type17/PlatformMemoryDeviceFunction.c @@ -11,6 +11,7 @@ #include #include #include +#include #include #include @@ -25,18 +26,6 @@ #define SPD_MEMORY_TYPE_OFFSET 0x02 #define SPD_CONTINUATION_CHARACTER 0x7F -#define DDR2_SPD_MANUFACTURER_MEMORY_TYPE 0x08 -#define DDR2_SPD_MANUFACTURER_ID_CODE_LENGTH 8 -#define DDR2_SPD_MANUFACTURER_ID_CODE_OFFSET 64 -#define DDR2_SPD_MANUFACTURER_PART_NUMBER_OFFSET 73 -#define DDR2_SPD_MANUFACTURER_SERIAL_NUMBER_OFFSET 95 - -#define DDR3_SPD_MANUFACTURER_MEMORY_TYPE 0x0B -#define DDR3_SPD_MANUFACTURER_ID_BANK_OFFSET 117 -#define DDR3_SPD_MANUFACTURER_ID_CODE_OFFSET 118 -#define DDR3_SPD_MANUFACTURER_PART_NUMBER_OFFSET 128 -#define DDR3_SPD_MANUFACTURER_SERIAL_NUMBER_OFFSET 122 - #define DDR4_SPD_MANUFACTURER_MEMORY_TYPE 0x0C #define DDR4_SPD_MANUFACTURER_ID_BANK_OFFSET 320 #define DDR4_SPD_MANUFACTURER_ID_CODE_OFFSET 321 @@ -56,183 +45,68 @@ typedef enum { PART_NUMBER_TOKEN_INDEX } MEMORY_DEVICE_TOKEN_INDEX; -#pragma pack(1) -typedef struct { - UINT8 VendorId; - CHAR16 *ManufacturerString; -} JEDEC_MF_ID; -#pragma pack() - -JEDEC_MF_ID Bank0Table[] = { - { 0x01, L"AMD\0" }, - { 0x04, L"Fujitsu\0" }, - { 0x07, L"Hitachi\0" }, - { 0x89, L"Intel\0" }, - { 0x10, L"NEC\0" }, - { 0x97, L"Texas Instrument\0" }, - { 0x98, L"Toshiba\0" }, - { 0x1C, L"Mitsubishi\0" }, - { 0x1F, L"Atmel\0" }, - { 0x20, L"STMicroelectronics\0" }, - { 0xA4, L"IBM\0" }, - { 0x2C, L"Micron Technology\0" }, - { 0xAD, L"SK Hynix\0" }, - { 0xB0, L"Sharp\0" }, - { 0xB3, L"IDT\0" }, - { 0x3E, L"Oracle\0" }, - { 0xBF, L"SST\0" }, - { 0x40, L"ProMos/Mosel\0" }, - { 0xC1, L"Infineon\0" }, - { 0xC2, L"Macronix\0" }, - { 0x45, L"SanDisk\0" }, - { 0xCE, L"Samsung\0" }, - { 0xDA, L"Winbond\0" }, - { 0xE0, L"LG Semi\0" }, - { 0x62, L"Sanyo\0" }, - { NULL_TERMINATED_ID, L"Undefined\0" } -}; - -JEDEC_MF_ID Bank1Table[] = { - { 0x98, L"Kingston\0" }, - { 0xBA, L"PNY\0" }, - { 0x4F, L"Transcend\0" }, - { 0x7A, L"Apacer\0" }, - { NULL_TERMINATED_ID, L"Undefined\0" } -}; - -JEDEC_MF_ID Bank2Table[] = { - { 0x9E, L"Corsair\0" }, - { 0xFE, L"Elpida\0" }, - { NULL_TERMINATED_ID, L"Undefined\0" } -}; - -JEDEC_MF_ID Bank3Table[] = { - { 0x0B, L"Nanya\0" }, - { 0x94, L"Mushkin\0" }, - { 0x25, L"Kingmax\0" }, - { NULL_TERMINATED_ID, L"Undefined\0" } -}; - -JEDEC_MF_ID Bank4Table[] = { - { 0xB0, L"OCZ\0" }, - { 0xCB, L"A-DATA\0" }, - { 0xCD, L"G Skill\0" }, - { 0xEF, L"Team\0" }, - { NULL_TERMINATED_ID, L"Undefined\0" } -}; - -JEDEC_MF_ID Bank5Table[] = { - { 0x02, L"Patriot\0" }, - { 0x9B, L"Crucial\0" }, - { 0x51, L"Qimonda\0" }, - { 0x57, L"AENEON\0" }, - { 0xF7, L"Avant\0" }, - { NULL_TERMINATED_ID, L"Undefined\0" } -}; - -JEDEC_MF_ID Bank6Table[] = { - { 0x34, L"Super Talent\0" }, - { 0xD3, L"Silicon Power\0" }, - { NULL_TERMINATED_ID, L"Undefined\0" } -}; - -JEDEC_MF_ID Bank7Table[] = { - { NULL_TERMINATED_ID, L"Undefined\0" } -}; - -JEDEC_MF_ID *ManufacturerJedecIdBankTable[] = { - Bank0Table, - Bank1Table, - Bank2Table, - Bank3Table, - Bank4Table, - Bank5Table, - Bank6Table, - Bank7Table -}; - VOID UpdateManufacturer ( - IN UINT8 *SpdData, - IN UINT16 ManufacturerToken + IN UINT8 *SpdData, + IN UINT16 ManufacturerToken ) { - UINTN Index; - UINT8 VendorId; - UINT8 MemType; - UINT8 NumberOfJedecIdBankTables; - JEDEC_MF_ID *IdTblPtr = NULL; + UINTN Index; + UINT8 VendorId; + UINT8 MemType; + CONST CHAR8 *ManufacturerString; + CHAR16 *UnicodeManufacturerString; + UINTN Length; MemType = SpdData[SPD_MEMORY_TYPE_OFFSET]; switch (MemType) { - case DDR2_SPD_MANUFACTURER_MEMORY_TYPE: - for (Index = 0; Index < DDR2_SPD_MANUFACTURER_ID_CODE_LENGTH; Index++) { - VendorId = SpdData[DDR2_SPD_MANUFACTURER_ID_CODE_OFFSET + Index]; - if (VendorId != SPD_CONTINUATION_CHARACTER) { - break; - } - } - - break; - - case DDR3_SPD_MANUFACTURER_MEMORY_TYPE: - Index = SpdData[DDR3_SPD_MANUFACTURER_ID_BANK_OFFSET] & (~SPD_PARITY_BIT_MASK); // Remove parity bit - VendorId = SpdData[DDR4_SPD_MANUFACTURER_ID_CODE_OFFSET]; - break; - - case DDR4_SPD_MANUFACTURER_MEMORY_TYPE: - Index = SpdData[DDR4_SPD_MANUFACTURER_ID_BANK_OFFSET] & (~SPD_PARITY_BIT_MASK); // Remove parity bit - VendorId = SpdData[DDR4_SPD_MANUFACTURER_ID_CODE_OFFSET]; - break; - - default: // Not supported - return; + case DDR4_SPD_MANUFACTURER_MEMORY_TYPE: + Index = SpdData[DDR4_SPD_MANUFACTURER_ID_BANK_OFFSET] & (~SPD_PARITY_BIT_MASK); // Remove parity bit + VendorId = SpdData[DDR4_SPD_MANUFACTURER_ID_CODE_OFFSET]; + break; + + default: // Not supported + DEBUG ((DEBUG_ERROR, "Unsupported/unknown DDR memory type encountered: %d\n", MemType)); + return; } - NumberOfJedecIdBankTables = ARRAY_SIZE (ManufacturerJedecIdBankTable) - 1; // Exclude NULL-terminated table - if (Index > NumberOfJedecIdBankTables) { - Index = NumberOfJedecIdBankTables; + ManufacturerString = Jep106GetManufacturerName (VendorId, Index); + if (ManufacturerString == NULL) { + DEBUG ((DEBUG_WARN, "Failed to get JEDEC JEP107 manufacturer from VendorID %d, Index %d\n", VendorId, Index)); + return; } - IdTblPtr = ManufacturerJedecIdBankTable[Index]; - - // Search in Manufacturer table and update vendor name accordingly in HII Database - while (IdTblPtr->VendorId != NULL_TERMINATED_ID) { - if (IdTblPtr->VendorId == VendorId) { - HiiSetString (mSmbiosPlatformDxeHiiHandle, ManufacturerToken, IdTblPtr->ManufacturerString, NULL); - break; - } - - IdTblPtr++; + Length = AsciiStrSize (ManufacturerString); + UnicodeManufacturerString = AllocateZeroPool (Length * sizeof (CHAR16)); + if (UnicodeManufacturerString == NULL) { + DEBUG ((DEBUG_WARN, "Failed to allocate memory for DDR manufacturer string.\n")); + return; } + + AsciiStrToUnicodeStrS (ManufacturerString, UnicodeManufacturerString, Length); + HiiSetString (mSmbiosPlatformDxeHiiHandle, ManufacturerToken, UnicodeManufacturerString, NULL); + FreePool (UnicodeManufacturerString); } VOID UpdateSerialNumber ( - IN UINT8 *SpdData, - IN UINT16 SerialNumberToken + IN UINT8 *SpdData, + IN UINT16 SerialNumberToken ) { - UINT8 MemType; - UINTN Offset; - CHAR16 SerialNumberStr[SMBIOS_UNICODE_STRING_MAX_LENGTH]; + UINT8 MemType; + UINTN Offset; + CHAR16 SerialNumberStr[SMBIOS_UNICODE_STRING_MAX_LENGTH]; MemType = SpdData[SPD_MEMORY_TYPE_OFFSET]; switch (MemType) { - case DDR2_SPD_MANUFACTURER_MEMORY_TYPE: - Offset = DDR2_SPD_MANUFACTURER_SERIAL_NUMBER_OFFSET; - break; - - case DDR3_SPD_MANUFACTURER_MEMORY_TYPE: - Offset = DDR3_SPD_MANUFACTURER_SERIAL_NUMBER_OFFSET; - break; - - case DDR4_SPD_MANUFACTURER_MEMORY_TYPE: - Offset = DDR4_SPD_MANUFACTURER_SERIAL_NUMBER_OFFSET; - break; + case DDR4_SPD_MANUFACTURER_MEMORY_TYPE: + Offset = DDR4_SPD_MANUFACTURER_SERIAL_NUMBER_OFFSET; + break; - default: // Not supported - return; + default: // Not supported + DEBUG ((DEBUG_ERROR, "Unsupported/unknown DDR memory type encountered: %d\n", MemType)); + return; } UnicodeSPrint ( @@ -249,30 +123,23 @@ UpdateSerialNumber ( VOID UpdatePartNumber ( - IN UINT8 *SpdData, - IN UINT16 PartNumberToken + IN UINT8 *SpdData, + IN UINT16 PartNumberToken ) { - UINT8 MemType; - UINTN Offset; - CHAR16 PartNumberStr[SMBIOS_UNICODE_STRING_MAX_LENGTH]; + UINT8 MemType; + UINTN Offset; + CHAR16 PartNumberStr[SMBIOS_UNICODE_STRING_MAX_LENGTH]; MemType = SpdData[SPD_MEMORY_TYPE_OFFSET]; switch (MemType) { - case DDR2_SPD_MANUFACTURER_MEMORY_TYPE: - Offset = DDR2_SPD_MANUFACTURER_PART_NUMBER_OFFSET; - break; - - case DDR3_SPD_MANUFACTURER_MEMORY_TYPE: - Offset = DDR3_SPD_MANUFACTURER_PART_NUMBER_OFFSET; - break; + case DDR4_SPD_MANUFACTURER_MEMORY_TYPE: + Offset = DDR4_SPD_MANUFACTURER_PART_NUMBER_OFFSET; + break; - case DDR4_SPD_MANUFACTURER_MEMORY_TYPE: - Offset = DDR4_SPD_MANUFACTURER_PART_NUMBER_OFFSET; - break; - - default: // Not supported - return; + default: // Not supported + DEBUG ((DEBUG_ERROR, "Unsupported/unknown DDR memory type encountered: %d\n", MemType)); + return; } UnicodeSPrint ( @@ -312,20 +179,20 @@ UpdatePartNumber ( **/ SMBIOS_PLATFORM_DXE_TABLE_FUNCTION (PlatformMemoryDevice) { - UINT8 Index; - UINT8 SlotIndex; - UINTN HandleCount; - UINTN MemorySize; - UINT16 *HandleArray; - CHAR16 UnicodeStr[SMBIOS_UNICODE_STRING_MAX_LENGTH]; - EFI_STATUS Status; - SMBIOS_HANDLE MemoryArrayHandle; - PLATFORM_DIMM *Dimm; - STR_TOKEN_INFO *InputStrToken; - PLATFORM_DIMM_LIST *DimmList; - PLATFORM_DRAM_INFO *DramInfo; - SMBIOS_TABLE_TYPE17 *InputData; - SMBIOS_TABLE_TYPE17 *Type17Record; + UINTN Index; + UINTN SlotIndex; + UINTN HandleCount; + UINTN MemorySize; + UINT16 *HandleArray; + CHAR16 UnicodeStr[SMBIOS_UNICODE_STRING_MAX_LENGTH]; + EFI_STATUS Status; + SMBIOS_HANDLE MemoryArrayHandle; + PLATFORM_DIMM *Dimm; + STR_TOKEN_INFO *InputStrToken; + PLATFORM_DIMM_LIST *DimmList; + PLATFORM_DRAM_INFO *DramInfo; + SMBIOS_TABLE_TYPE17 *InputData; + SMBIOS_TABLE_TYPE17 *Type17Record; HandleCount = 0; HandleArray = NULL; @@ -361,7 +228,7 @@ SMBIOS_PLATFORM_DXE_TABLE_FUNCTION (PlatformMemoryDevice) { return EFI_OUT_OF_RESOURCES; } - if (HandleCount != GetNumberOfSupportedSockets ()) { + if (HandleCount < 1) { DEBUG (( DEBUG_ERROR, "[%a]:[%dL] Failed to get Memory Array Handle\n", @@ -372,110 +239,124 @@ SMBIOS_PLATFORM_DXE_TABLE_FUNCTION (PlatformMemoryDevice) { return EFI_NOT_FOUND; } - for (Index = 0; Index < GetNumberOfSupportedSockets (); Index++) { - InputData = (SMBIOS_TABLE_TYPE17 *)RecordData; - InputStrToken = (STR_TOKEN_INFO *)StrToken; - MemoryArrayHandle = HandleArray[Index]; - - while (InputData->Hdr.Type != NULL_TERMINATED_TYPE) { - for (SlotIndex = 0; SlotIndex < DimmList->BoardDimmSlots; SlotIndex++) { - // - // Prepare additional strings for SMBIOS Table. - // - Dimm = &DimmList->Dimm[SlotIndex]; - if (Dimm->NodeId != Index) { - continue; - } - - Status = SmbiosPlatformDxeSaveHiiDefaultString (InputStrToken); - if (EFI_ERROR (Status)) { - FreePool (HandleArray); - return Status; - } - - if (Dimm->Info.DimmStatus == DIMM_INSTALLED_OPERATIONAL) { - UpdateManufacturer (Dimm->SpdData.Data, InputStrToken->TokenArray[MANUFACTURER_TOKEN_INDEX]); - UpdateSerialNumber (Dimm->SpdData.Data, InputStrToken->TokenArray[SERIAL_NUMBER_TOKEN_INDEX]); - UpdatePartNumber (Dimm->SpdData.Data, InputStrToken->TokenArray[PART_NUMBER_TOKEN_INDEX]); - } - - UnicodeSPrint (UnicodeStr, sizeof (UnicodeStr), L"Socket %d DIMM %d", Index, SlotIndex); - HiiSetString (mSmbiosPlatformDxeHiiHandle, InputStrToken->TokenArray[DEVICE_LOCATOR_TOKEN_INDEX], UnicodeStr, NULL); - UnicodeSPrint (UnicodeStr, sizeof (UnicodeStr), L"Bank %d", SlotIndex); - HiiSetString (mSmbiosPlatformDxeHiiHandle, InputStrToken->TokenArray[BANK_LOCATOR_TOKEN_INDEX], UnicodeStr, NULL); - UnicodeSPrint (UnicodeStr, sizeof (UnicodeStr), L"Array %d Asset Tag %d", Index, SlotIndex); - HiiSetString (mSmbiosPlatformDxeHiiHandle, InputStrToken->TokenArray[ASSET_TAG_TOKEN_INDEX], UnicodeStr, NULL); - - // - // Create Table and fill up information. - // - SmbiosPlatformDxeCreateTable ( - (VOID *)&Type17Record, - (VOID *)&InputData, - sizeof (SMBIOS_TABLE_TYPE17), - InputStrToken - ); - if (Type17Record == NULL) { - FreePool (HandleArray); - return EFI_OUT_OF_RESOURCES; - } - - if (Dimm->Info.DimmStatus == DIMM_INSTALLED_OPERATIONAL) { - MemorySize = Dimm->Info.DimmSize * 1024; - if (MemorySize >= 0x7FFF) { - Type17Record->Size = 0x7FFF; - Type17Record->ExtendedSize = MemorySize; - } else { - Type17Record->Size = (UINT16)MemorySize; - Type17Record->ExtendedSize = 0; - } - - Type17Record->MemoryType = 0x1A; // DDR4 - Type17Record->Speed = (UINT16)DramInfo->MaxSpeed; - Type17Record->ConfiguredMemoryClockSpeed = (UINT16)DramInfo->MaxSpeed; - Type17Record->Attributes = Dimm->Info.DimmNrRank & 0x0F; - Type17Record->ConfiguredVoltage = 1200; - Type17Record->MinimumVoltage = 1140; - Type17Record->MaximumVoltage = 1260; - Type17Record->DeviceSet = 0; // None - - if ((Dimm->Info.DimmType == UDIMM) || (Dimm->Info.DimmType == SODIMM)) { - Type17Record->TypeDetail.Unbuffered = 1; // BIT 14: unregistered - } else if ( (Dimm->Info.DimmType == RDIMM) - || (Dimm->Info.DimmType == LRDIMM) - || (Dimm->Info.DimmType == RSODIMM)) - { - Type17Record->TypeDetail.Registered = 1; // BIT 13: registered - } - - /* FIXME: Determine if need to set technology to NVDIMM-* when supported */ - Type17Record->MemoryTechnology = 0x3; // DRAM - } - - // Update Type 16 handle - Type17Record->MemoryArrayHandle = MemoryArrayHandle; - - // - // Add Table record and free pool. - // - Status = SmbiosPlatformDxeAddRecord ((UINT8 *)Type17Record, NULL); - if (EFI_ERROR (Status)) { - FreePool (HandleArray); - FreePool (Type17Record); - return Status; - } - - FreePool (Type17Record); - Status = SmbiosPlatformDxeRestoreHiiDefaultString (InputStrToken); - if (EFI_ERROR (Status)) { - FreePool (HandleArray); - return Status; - } + InputData = (SMBIOS_TABLE_TYPE17 *)RecordData; + InputStrToken = (STR_TOKEN_INFO *)StrToken; + MemoryArrayHandle = HandleArray[0]; + + SlotIndex = 0; + + // Divide the PLATFORM_DIMM_INFO_MAX_SLOT by 2 since we only have + // 1 socket on this platform. + for (Index = 0; Index < (PLATFORM_DIMM_INFO_MAX_SLOT / 2); Index++) { + + if (SlotIndex > 5) { + break; + } + + if ((Index == 6) || (Index == 7) || (Index >= 14) || (((Index + 1) % 2) == 0)) { + continue; + } + + // + // Prepare additional strings for SMBIOS Table. + // + Dimm = &DimmList->Dimm[Index]; + if (Dimm->NodeId != 0) { + continue; + } + + Status = SmbiosPlatformDxeSaveHiiDefaultString (InputStrToken); + if (EFI_ERROR (Status)) { + FreePool (HandleArray); + return Status; + } + if (Dimm->Info.DimmStatus == DIMM_INSTALLED_OPERATIONAL) { + UpdateManufacturer (Dimm->SpdData.Data, InputStrToken->TokenArray[MANUFACTURER_TOKEN_INDEX]); + UpdateSerialNumber (Dimm->SpdData.Data, InputStrToken->TokenArray[SERIAL_NUMBER_TOKEN_INDEX]); + UpdatePartNumber (Dimm->SpdData.Data, InputStrToken->TokenArray[PART_NUMBER_TOKEN_INDEX]); + } + UnicodeSPrint (UnicodeStr, sizeof (UnicodeStr), L"DIMM %d", SlotIndex + 1); + HiiSetString (mSmbiosPlatformDxeHiiHandle, InputStrToken->TokenArray[DEVICE_LOCATOR_TOKEN_INDEX], UnicodeStr, NULL); + + // + // Create Table and fill up information. + // + SmbiosPlatformDxeCreateTable ( + (VOID *)&Type17Record, + (VOID *)&InputData, + sizeof (SMBIOS_TABLE_TYPE17), + InputStrToken + ); + if (Type17Record == NULL) { + FreePool (HandleArray); + return EFI_OUT_OF_RESOURCES; + } + + if (Dimm->Info.DimmStatus != DIMM_NOT_INSTALLED) { + DEBUG ((DEBUG_INFO, "DIMM %d (Memory Controller %d Channel %d): \n", SlotIndex, Index / 2, (Index % 2))); + DEBUG ((DEBUG_INFO, "\tStatus (1=Installed-Operational, 2=Installed-NonOperational, 3=Installed-Failed): %d\n", Dimm->Info.DimmStatus)); + DEBUG ((DEBUG_INFO, "\tPart Number: %a\n", Dimm->Info.PartNumber)); + DEBUG ((DEBUG_INFO, "\tDimmSize: %llu\n", Dimm->Info.DimmSize)); + DEBUG ((DEBUG_INFO, "\tDimmMfcId: %d\n", Dimm->Info.DimmMfcId)); + DEBUG ((DEBUG_INFO, "\tDimmNrRank: %d\n", Dimm->Info.DimmNrRank)); + DEBUG ((DEBUG_INFO, "\tDimmType: %d\n", Dimm->Info.DimmType)); + DEBUG ((DEBUG_INFO, "\tDimmDevType: %d\n", Dimm->Info.DimmDevType)); + } else { + DEBUG ((DEBUG_INFO, "DIMM %d (Memory Controller %d Channel %d): not installed\n", SlotIndex, Index / 2, (Index % 2))); + } + + if (Dimm->Info.DimmStatus == DIMM_INSTALLED_OPERATIONAL) { + MemorySize = Dimm->Info.DimmSize * 1024; + + if (MemorySize >= 0x7FFF) { + Type17Record->Size = 0x7FFF; + Type17Record->ExtendedSize = MemorySize; + } else { + Type17Record->Size = (UINT16)MemorySize; + Type17Record->ExtendedSize = 0; + } + + Type17Record->MemoryType = MemoryTypeDdr4; + Type17Record->Speed = (UINT16)DramInfo->MaxSpeed; + Type17Record->ConfiguredMemoryClockSpeed = (UINT16)DramInfo->MaxSpeed; + Type17Record->Attributes = Dimm->Info.DimmNrRank & 0x0F; + Type17Record->ConfiguredVoltage = 1200; + Type17Record->MinimumVoltage = 1140; + Type17Record->MaximumVoltage = 1260; + Type17Record->DeviceSet = 0; // None + + if (Dimm->Info.DimmType == UDIMM || Dimm->Info.DimmType == SODIMM) { + Type17Record->TypeDetail.Unbuffered = 1; // BIT 14: unregistered + } else if (Dimm->Info.DimmType == RDIMM || + Dimm->Info.DimmType == LRDIMM || + Dimm->Info.DimmType == RSODIMM) + { + Type17Record->TypeDetail.Registered = 1; // BIT 13: registered } + /* FIXME: Determine if need to set technology to NVDIMM-* when supported */ + Type17Record->MemoryTechnology = MemoryTechnologyDram; + } + // Update Type 16 handle + Type17Record->MemoryArrayHandle = MemoryArrayHandle; + + // + // Add Table record and free pool. + // + Status = SmbiosPlatformDxeAddRecord ((UINT8 *)Type17Record, NULL); + if (EFI_ERROR (Status)) { + FreePool (HandleArray); + FreePool (Type17Record); + return Status; + } - InputData++; - InputStrToken++; + FreePool (Type17Record); + Status = SmbiosPlatformDxeRestoreHiiDefaultString (InputStrToken); + if (EFI_ERROR (Status)) { + FreePool (HandleArray); + return Status; } + + SlotIndex++; } FreePool (HandleArray); diff --git a/Platform/ADLINK/ComHpcAltPkg/Library/MmcLib/MmcLib.c b/Platform/ADLINK/ComHpcAltPkg/Library/MmcLib/MmcLib.c index 8e0694c61c0..ad944ed4d68 100644 --- a/Platform/ADLINK/ComHpcAltPkg/Library/MmcLib/MmcLib.c +++ b/Platform/ADLINK/ComHpcAltPkg/Library/MmcLib/MmcLib.c @@ -74,7 +74,10 @@ GetFirmwareMajorVersion ( Status = NVParamGet (NV_SI_RO_BOARD_I2C_VRD_CONFIG_INFO, ACLRd, &Val); if (!EFI_ERROR (Status)) { - DEBUG ((DEBUG_ERROR, " I2C brd config info 0x%X (%d)\n", Val, Val)); + DEBUG ((DEBUG_INFO, " I2C brd config info %r 0x%X (%d)\n", Status, Val, Val)); + } else { + DEBUG ((DEBUG_ERROR, "Failed to fetch I2C board config info. Defaulting to A2\n")); + return 0xA2; } if (Val == 0x6A685860) { diff --git a/Platform/ADLINK/ComHpcAltPkg/firmware.metainfo.xml b/Platform/ADLINK/ComHpcAltPkg/firmware.metainfo.xml new file mode 100644 index 00000000000..cb66feb6fc8 --- /dev/null +++ b/Platform/ADLINK/ComHpcAltPkg/firmware.metainfo.xml @@ -0,0 +1,48 @@ + + + com.adlinktech.ComHpcAlt.firmware + + X-System + + COM-HPC-ALT + Ampere Altra Developer Platform/Dev Kit/AVA Developer Platform/Developer Rugged + Firmware for ADLINK Ampere Altra Boards + +

+ Updating the firmware on your Ampere Altra Developer Platform + improves performance and adds new features. +

+ + + cdcdd0b7-8afb-4883-853a-ae9398077a0e + + https://www.adlinktech.com + BSD-2-Clause-Patent + BSD-2-Clause-Patent + + + + https://github.com/tianocore/edk2-platforms + + {RELEASE_NOTES} + + + + + + + + org.freedesktop.fwupd + + + + number + org.uefi.capsule + signed + + + + bios + + diff --git a/Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc b/Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc index eb3a3c731bc..c80bc31438b 100644 --- a/Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc +++ b/Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.aslc @@ -12,15 +12,13 @@ #include #include +#include "HostFwInfo.h" + #define PACKAGE_VERSION 0xFFFFFFFF #define PACKAGE_VERSION_STRING L"Unknown" -#define CURRENT_FIRMWARE_VERSION 0x00000001 -#define CURRENT_FIRMWARE_VERSION_STRING L"0x00000001" -#define LOWEST_SUPPORTED_FIRMWARE_VERSION 0x00000001 - #define IMAGE_ID SIGNATURE_64('J', 'A', 'D', 'E', '_', 'F', 'W', ' ') -#define IMAGE_ID_STRING L"Jade System Firmware" +#define IMAGE_ID_STRING L"Jade Host Firmware" // PcdSystemFmpCapsuleImageTypeIdGuid #define IMAGE_TYPE_ID_GUID { 0xf08bca31, 0x542e, 0x4cea, { 0x8b, 0x48, 0x8e, 0x54, 0xf9, 0x42, 0x25, 0x94 } } @@ -49,15 +47,17 @@ STATIC IMAGE_DESCRIPTOR mImageDescriptor = CURRENT_FIRMWARE_VERSION, // Version; OFFSET_OF (IMAGE_DESCRIPTOR, VersionNameStr), // VersionName; {0x0}, // Reserved2 - 0, // Size; + 0xA00000, // Size; IMAGE_ATTRIBUTE_IMAGE_UPDATABLE | IMAGE_ATTRIBUTE_RESET_REQUIRED | IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED | - IMAGE_ATTRIBUTE_IN_USE, // AttributesSupported; + IMAGE_ATTRIBUTE_IN_USE | + IMAGE_ATTRIBUTE_UEFI_IMAGE, // AttributesSupported; IMAGE_ATTRIBUTE_IMAGE_UPDATABLE | IMAGE_ATTRIBUTE_RESET_REQUIRED | IMAGE_ATTRIBUTE_AUTHENTICATION_REQUIRED | - IMAGE_ATTRIBUTE_IN_USE, // AttributesSetting; + IMAGE_ATTRIBUTE_IN_USE | + IMAGE_ATTRIBUTE_UEFI_IMAGE, // AttributesSetting; 0x0, // Compatibilities; LOWEST_SUPPORTED_FIRMWARE_VERSION, // LowestSupportedImageVersion; 0x00000000, // LastAttemptVersion; diff --git a/Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf b/Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf index 8d77cf4e264..4fa129da224 100644 --- a/Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf +++ b/Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf @@ -31,8 +31,6 @@ PeiServicesLib PeimEntryPoint -[FixedPcd] - [Pcd] gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor diff --git a/Platform/Ampere/JadePkg/Capsule/SystemFirmwareUpdateConfig/SCPFirmwareUpdateConfig.ini b/Platform/Ampere/JadePkg/Capsule/SystemFirmwareUpdateConfig/SCPFirmwareUpdateConfig.ini deleted file mode 100644 index 050463a46f6..00000000000 --- a/Platform/Ampere/JadePkg/Capsule/SystemFirmwareUpdateConfig/SCPFirmwareUpdateConfig.ini +++ /dev/null @@ -1,20 +0,0 @@ -## @file -# -# Copyright (c) 2024, Ampere Computing LLC. All rights reserved.
-# -# SPDX-License-Identifier: BSD-2-Clause-Patent -# -## - -[Head] -NumOfUpdate = 1 -NumOfRecovery = 0 -Update0 = JadeSCP - -[JadeSCP] -FirmwareType = 2147483649 # 0x80000001: SMpro/PMpro Firmware -AddressType = 1 # 0 - relative address, 1 - absolute address. -BaseAddress = 0x00000000 # Base address offset on flash -Length = 0x00050000 # Length -ImageOffset = 0x00000000 # Image offset of this SystemFirmware image -FileGuid = 431c06ed-4fe2-438f-98a3-a9b1fd923019 # PcdEdkiiSystemFirmwareFileGuid diff --git a/Platform/Ampere/JadePkg/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini b/Platform/Ampere/JadePkg/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini index 253005d1b71..0972b5937cb 100644 --- a/Platform/Ampere/JadePkg/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini +++ b/Platform/Ampere/JadePkg/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini @@ -15,6 +15,6 @@ Update0 = JadeUEFIATF FirmwareType = 2147483650 # SystemFirmware: 0x80000002 - OEM UEFI and ARM Trusted Firmware AddressType = 1 # 0 - relative address, 1 - absolute address. BaseAddress = 0x00000000 # Base address offset on flash -Length = 0x00D10000 # Length +Length = 0x00A10000 # Length ImageOffset = 0x00000000 # Image offset of this SystemFirmware image FileGuid = 431c06ed-4fe2-438f-98a3-a9b1fd923019 # PcdEdkiiSystemFirmwareFileGuid diff --git a/Platform/Ampere/JadePkg/Jade.dsc b/Platform/Ampere/JadePkg/Jade.dsc index 8c6a72baa74..2c4fd5c3dfb 100644 --- a/Platform/Ampere/JadePkg/Jade.dsc +++ b/Platform/Ampere/JadePkg/Jade.dsc @@ -52,9 +52,13 @@ !else DEFINE DEBUG_PRINT_ERROR_LEVEL = 0x8000000F !endif - DEFINE FIRMWARE_VER = 0.01.001 + DEFINE FIRMWARE_VER = 00.01.01-01 + DEFINE FIRMWARE_VER_HEX = 0x00010100 + DEFINE CAPSULE_ENABLE = TRUE + DEFINE INCLUDE_TFA_FW = TRUE DEFINE SECURE_BOOT_ENABLE = TRUE DEFINE TPM2_ENABLE = TRUE + DEFINE SHELL_ENABLE = TRUE DEFINE INCLUDE_TFTP_COMMAND = TRUE DEFINE PLATFORM_CONFIG_UUID = 84BC921F-9D4A-4D1D-A1A1-1AE13EDD07E5 @@ -67,6 +71,11 @@ DEFINE NETWORK_TLS_ENABLE = TRUE DEFINE REDFISH_ENABLE = TRUE +!if $(CAPSULE_ENABLE) == TRUE + DEFINE UEFI_IMAGE = Build/Jade/jade_uefi.bin + DEFINE TFA_UEFI_IMAGE = BUild/Jade/jade_tfa_uefi.bin +!endif + !include MdePkg/MdeLibs.dsc.inc # Include default Ampere Platform DSC file @@ -123,6 +132,8 @@ # gAmpereTokenSpaceGuid.PcdPcieHotPlugPortMapTable.UseDefaultConfig|TRUE + gEfiMdeModulePkgTokenSpaceGuid.PcdSupportUpdateCapsuleReset|TRUE + [PcdsFixedAtBuild] gAmpereTokenSpaceGuid.PcdPcieHotPlugGpioResetMap|0x3F @@ -185,6 +196,17 @@ gAmpereTokenSpaceGuid.PcdPcieHotPlugPortMapTable.PortMap[35]|{ 35, 1, 7, 6, 0, 0x24, 0x70, 0x4, 0, 11, 8 } # S1 RCB3.6 - SSD8 gAmpereTokenSpaceGuid.PcdPcieHotPlugPortMapTable.PortMap[36]|{ 0xFF, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF } # Require if no fully structure used + # We should support CoD in future, since it provides a nicer + # upgrade experience (e.g. a progress bar). + gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleOnDiskSupport|FALSE + +!if $(SECURE_BOOT_ENABLE) == TRUE + gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0} + !include Platform/Ampere/JadePkg/root.cer.gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer.inc +!endif + + gAmpereTokenSpaceGuid.PcdFirmwareVersionNumber|$(FIRMWARE_VER_HEX) + [PcdsFixedAtBuild.common] # # Platform config UUID @@ -211,8 +233,8 @@ [PcdsDynamicExDefault.common.DEFAULT] gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareImageDescriptor|{0x0}|VOID*|0x100 - gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x31, 0xca, 0x8b, 0xf0, 0x2e, 0x54, 0xea, 0x4c, 0x8b, 0x48, 0x8e, 0x54, 0xf9, 0x42, 0x25, 0x94} - gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{0xed, 0x06, 0x1c, 0x43, 0xe2, 0x4f, 0x8f, 0x43, 0x98, 0xa3, 0xa9, 0xb1, 0xfd, 0x92, 0x30, 0x19} + gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{GUID("f08bca31-542e-4cea-8b48-8e54f9422594")}|VOID*|0x10 + gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiSystemFirmwareFileGuid|{GUID("431c06ed-4fe2-438f-98a3-a9b1fd923019")}|VOID*|0x10 [PcdsPatchableInModule] # @@ -274,16 +296,28 @@ # # Firmware Capsule Update # +!if $(CAPSULE_ENABLE) == TRUE Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf - SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf - MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf + MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf { + + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf + } + SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareUpdateDxe.inf { + + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf + } + MdeModulePkg/Application/CapsuleApp/CapsuleApp.inf { + + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf + } # # System Firmware Update # Silicon/Ampere/AmpereAltraPkg/Drivers/SystemFirmwareUpdateDxe/SystemFirmwareUpdateDxe.inf +!endif # # In-band NVPARAM Access diff --git a/Platform/Ampere/JadePkg/Jade.fdf b/Platform/Ampere/JadePkg/Jade.fdf index e16500a26e4..6865ad7f3a3 100644 --- a/Platform/Ampere/JadePkg/Jade.fdf +++ b/Platform/Ampere/JadePkg/Jade.fdf @@ -22,12 +22,12 @@ [FD.BL33_JADE_UEFI] BaseAddress = 0x92000000|gArmTokenSpaceGuid.PcdFdBaseAddress # The base address of the Firmware in NOR Flash. -Size = 0x007C0000|gArmTokenSpaceGuid.PcdFdSize # The size in bytes of the FLASH Device +Size = 0x00A00000|gArmTokenSpaceGuid.PcdFdSize # The size in bytes of the FLASH Device ErasePolarity = 1 # This one is tricky, it must be: BlockSize * NumBlocks = Size BlockSize = 0x10000|gAmpereTokenSpaceGuid.PcdFvBlockSize -NumBlocks = 0x7C +NumBlocks = 0xA0 ################################################################################ # @@ -48,18 +48,18 @@ NumBlocks = 0x7C # # FV MAIN # Offset: 0x00000000 -# Size: 0x00740000 +# Size: 0x00900000 # -0x00000000|0x00740000 +0x00000000|0x00900000 gArmTokenSpaceGuid.PcdFvBaseAddress|gArmTokenSpaceGuid.PcdFvSize FV = FVMAIN_COMPACT # # NV Variables -# Offset: 0x00740000 -# Size: 0x00080000 +# Offset: 0x00900000 +# Size: 0x00100000 # -0x00740000|0x00030000 +0x00900000|0x00070000 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize DATA = { ## This is the EFI_FIRMWARE_VOLUME_HEADER @@ -76,9 +76,9 @@ DATA = { # Signature "_FVH" # Attributes 0x5f, 0x46, 0x56, 0x48, 0xff, 0xfe, 0x04, 0x00, # HeaderLength # CheckSum # ExtHeaderOffset #Reserved #Revision - 0x48, 0x00, 0x2A, 0x09, 0x00, 0x00, 0x00, 0x02, - # Blockmap[0]: 0x8 Blocks * 0x10000 Bytes / Block - 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, + 0x48, 0x00, 0x2D, 0x09, 0x00, 0x00, 0x00, 0x02, + # Blockmap[0]: 0x7 Blocks * 0x10000 Bytes / Block + 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, # Blockmap[1]: End 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ## This is the VARIABLE_STORE_HEADER @@ -88,15 +88,15 @@ DATA = { # { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 }} 0x78, 0x2c, 0xf3, 0xaa, 0x7b, 0x94, 0x9a, 0x43, 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92, - # Size: 0x30000 (gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize) - - # 0x48 (size of EFI_FIRMWARE_VOLUME_HEADER) = 0x2FFB8 + # Size: 0xB0000 (gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize) - + # 0x48 (size of EFI_FIRMWARE_VOLUME_HEADER) = 0xAFFB8 # This can speed up the Variable Dispatch a bit. - 0xB8, 0xFF, 0x02, 0x00, + 0xB8, 0xFF, 0x06, 0x00, # FORMATTED: 0x5A #HEALTHY: 0xFE #Reserved: UINT16 #Reserved1: UINT32 0x5A, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } -0x00770000|0x00010000 +0x00970000|0x00020000 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase64|gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize DATA = { # EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER->Signature = gEdkiiWorkingBlockSignatureGuid = @@ -106,10 +106,10 @@ DATA = { # Crc:UINT32 #WorkingBlockValid:1, WorkingBlockInvalid:1, Reserved 0x2c, 0xaf, 0x2c, 0x64, 0xFE, 0xFF, 0xFF, 0xFF, # WriteQueueSize: UINT64 Size: 0x10000 - 0x20 (FTW_WORKING_HEADER) = 0xFFE0 - 0xE0, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + 0xE0, 0xFF, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00 } -0x00780000|0x00040000 +0x00990000|0x00070000 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase64|gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize ################################################################################ @@ -153,6 +153,10 @@ APRIORI PEI { INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf } +!if $(CAPSULE_ENABLE) == TRUE + INF RuleOverride = FMP_IMAGE_DESC Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf +!endif + INF ArmPlatformPkg/Sec/Sec.inf INF MdeModulePkg/Core/Pei/PeiMain.inf INF UefiCpuPkg/CpuIoPei/CpuIoPei.inf @@ -165,6 +169,8 @@ APRIORI PEI { INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf INF MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf INF MdeModulePkg/Universal/Variable/Pei/VariablePei.inf + INF MdeModulePkg/Universal/CapsuleOnDiskLoadPei/CapsuleOnDiskLoadPei.inf + INF MdeModulePkg/Universal/CapsulePei/CapsulePei.inf INF MdeModulePkg/Universal/ReportStatusCodeRouter/Pei/ReportStatusCodeRouterPei.inf INF MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf INF Silicon/Ampere/AmpereAltraPkg/Drivers/PcieInitPei/PcieInitPei.inf @@ -182,8 +188,6 @@ APRIORI PEI { INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf - INF RuleOverride = FMP_IMAGE_DESC Platform/Ampere/JadePkg/Capsule/SystemFirmwareDescriptor/SystemFirmwareDescriptor.inf - FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 { SECTION GUIDED EE4E5898-3914-4259-9D6E-DC7BD79403CF PROCESSING_REQUIRED = TRUE { SECTION FV_IMAGE = FVMAIN @@ -340,10 +344,12 @@ APRIORI DXE { # # UEFI application (Shell Embedded Boot Loader) # +!if $(SHELL_ENABLE) == TRUE INF ShellPkg/Application/Shell/Shell.inf !if $(INCLUDE_TFTP_COMMAND) == TRUE INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf !endif +!endif !if $(TPM2_ENABLE) == TRUE INF Silicon/Ampere/AmpereAltraPkg/Drivers/Tcg2Dxe/Tcg2Dxe.inf @@ -402,18 +408,11 @@ APRIORI DXE { # # Firmware Capsule Update # - INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf - INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf - - FILE FREEFORM = PCD(gEfiSignedCapsulePkgTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid) { - SECTION RAW = BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer - SECTION UI = "Pkcs7TestRoot" - } - - # - # System Firmware Update - # - INF Silicon/Ampere/AmpereAltraPkg/Drivers/SystemFirmwareUpdateDxe/SystemFirmwareUpdateDxe.inf +!if $(CAPSULE_ENABLE) == TRUE + INF MdeModulePkg/Universal/EsrtDxe/EsrtDxe.inf + INF MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf + INF SignedCapsulePkg/Universal/SystemFirmwareUpdate/SystemFirmwareReportDxe.inf +!endif # # In-band NVPARAM Access diff --git a/Platform/Ampere/JadePkg/JadeCapsule.dsc b/Platform/Ampere/JadePkg/JadeCapsule.dsc index c79581c9e5a..4e850010fb4 100755 --- a/Platform/Ampere/JadePkg/JadeCapsule.dsc +++ b/Platform/Ampere/JadePkg/JadeCapsule.dsc @@ -26,5 +26,7 @@ # Defines for default states. These can be changed on the command line. # -D FLAG=VALUE # - DEFINE UEFI_ATF_IMAGE = Build/Jade/jade_tfa_uefi.bin - DEFINE SCP_IMAGE = Build/Jade/altra_scp.slim + DEFINE INCLUDE_TFA_FW = TRUE + DEFINE UEFI_IMAGE = Build/Jade/jade_uefi.bin + DEFINE TFA_UEFI_IMAGE = Build/Jade/jade_tfa_uefi.bin + diff --git a/Platform/Ampere/JadePkg/JadeCapsule.fdf b/Platform/Ampere/JadePkg/JadeCapsule.fdf index b9536b171bf..6c26ef3ca4d 100755 --- a/Platform/Ampere/JadePkg/JadeCapsule.fdf +++ b/Platform/Ampere/JadePkg/JadeCapsule.fdf @@ -20,27 +20,25 @@ # ################################################################################ -[FD.JADE_SCP_FIRMWARE_CAPSULE] +[FD.JADE_HOST_FIRMWARE_CAPSULE] BaseAddress = 0x00000000 # The base address of the Firmware in NOR Flash. -Size = 0x00050000 # The size in bytes of the FLASH Device +!if $(INCLUDE_TFA_FW) == TRUE + Size = 0x00C10000 +!else + Size = 0x00A10000 +!endif ErasePolarity = 1 0x00000000|0x00010000 FILE = $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv -0x00010000|0x00040000 -FILE = $(SCP_IMAGE) - -[FD.JADE_UEFI_ATF_FIRMWARE_CAPSULE] -BaseAddress = 0x00000000 # The base address of the Firmware in NOR Flash. -Size = 0x00D10000 # The size in bytes of the FLASH Device -ErasePolarity = 1 - -0x00000000|0x00010000 -FILE = $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/SYSTEMFIRMWAREDESCRIPTOR.Fv - -0x00010000|0x00D00000 -FILE = $(UEFI_ATF_IMAGE) +!if $(INCLUDE_TFA_FW) == TRUE + 0x00010000|0x00C00000 + FILE = $(TFA_UEFI_IMAGE) +!else + 0x00010000|0x00A00000 + FILE = $(UEFI_IMAGE) +!endif ################################################################################ # @@ -53,53 +51,6 @@ FILE = $(UEFI_ATF_IMAGE) # ################################################################################ -[FV.SystemScpFirmwareUpdateCargo] -FvAlignment = 16 -ERASE_POLARITY = 1 -MEMORY_MAPPED = TRUE -STICKY_WRITE = TRUE -LOCK_CAP = TRUE -LOCK_STATUS = TRUE -WRITE_DISABLED_CAP = TRUE -WRITE_ENABLED_CAP = TRUE -WRITE_STATUS = TRUE -WRITE_LOCK_CAP = TRUE -WRITE_LOCK_STATUS = TRUE -READ_DISABLED_CAP = TRUE -READ_ENABLED_CAP = TRUE -READ_STATUS = TRUE -READ_LOCK_CAP = TRUE -READ_LOCK_STATUS = TRUE - -FILE RAW = 431C06ED-4FE2-438F-98A3-A9B1FD923019 { # PcdEdkiiSystemFirmwareFileGuid - FD = JADE_SCP_FIRMWARE_CAPSULE - } - -FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid - $(WORKSPACE)/$(OUTPUT_DIRECTORY)/$(TARGET)_$(TOOL_CHAIN_TAG)/FV/CAPSULEDISPATCHFV.Fv - } - -FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfigFileGuid - Platform/Ampere/JadePkg/Capsule/SystemFirmwareUpdateConfig/SCPFirmwareUpdateConfig.ini - } - -[FmpPayload.FmpPayloadScpSystemFirmwarePkcs7] -IMAGE_HEADER_INIT_VERSION = 0x02 -IMAGE_TYPE_ID = f08bca31-542e-4cea-8b48-8e54f9422594 # PcdSystemFmpCapsuleImageTypeIdGuid -IMAGE_INDEX = 0x1 -HARDWARE_INSTANCE = 0x0 -MONOTONIC_COUNT = 0x1 -CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7 - -FV = SystemScpFirmwareUpdateCargo - -[Capsule.JadeScpFirmwareUpdateCapsuleFmpPkcs7] -CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid -CAPSULE_HEADER_SIZE = 0x20 -CAPSULE_HEADER_INIT_VERSION = 0x1 - -FMP_PAYLOAD = FmpPayloadScpSystemFirmwarePkcs7 - [FV.SystemFirmwareUpdateCargo] FvAlignment = 16 ERASE_POLARITY = 1 @@ -119,7 +70,7 @@ READ_LOCK_CAP = TRUE READ_LOCK_STATUS = TRUE FILE RAW = 431C06ED-4FE2-438F-98A3-A9B1FD923019 { # PcdEdkiiSystemFirmwareFileGuid - FD = JADE_UEFI_ATF_FIRMWARE_CAPSULE + FD = JADE_HOST_FIRMWARE_CAPSULE } FILE RAW = ce57b167-b0e4-41e8-a897-5f4feb781d40 { # gEdkiiSystemFmpCapsuleDriverFvFileGuid @@ -130,8 +81,8 @@ FILE RAW = 812136D3-4D3A-433A-9418-29BB9BF78F6E { # gEdkiiSystemFmpCapsuleConfig Platform/Ampere/JadePkg/Capsule/SystemFirmwareUpdateConfig/SystemFirmwareUpdateConfig.ini } -[FmpPayload.FmpPayloadSystemFirmwarePkcs7] -IMAGE_HEADER_INIT_VERSION = 0x02 +[FmpPayload.FmpPayloadHostFirmwarePkcs7] +IMAGE_HEADER_INIT_VERSION = 0x03 IMAGE_TYPE_ID = f08bca31-542e-4cea-8b48-8e54f9422594 # PcdSystemFmpCapsuleImageTypeIdGuid IMAGE_INDEX = 0x1 HARDWARE_INSTANCE = 0x0 @@ -140,9 +91,9 @@ CERTIFICATE_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 # PKCS7 FV = SystemFirmwareUpdateCargo -[Capsule.JadeUefiAtfFirmwareUpdateCapsuleFmpPkcs7] +[Capsule.JadeHostFirmware] CAPSULE_GUID = 6dcbd5ed-e82d-4c44-bda1-7194199ad92a # gEfiFmpCapsuleGuid CAPSULE_HEADER_SIZE = 0x20 CAPSULE_HEADER_INIT_VERSION = 0x1 -FMP_PAYLOAD = FmpPayloadSystemFirmwarePkcs7 +FMP_PAYLOAD = FmpPayloadHostFirmwarePkcs7 diff --git a/Platform/Ampere/Tools/GenerateSecureBootKeys.sh b/Platform/Ampere/Tools/GenerateSecureBootKeys.sh new file mode 100755 index 00000000000..24850633995 --- /dev/null +++ b/Platform/Ampere/Tools/GenerateSecureBootKeys.sh @@ -0,0 +1,119 @@ +#!/usr/bin/env bash + +## +# @file +# Script to download and generate keys/certificates/information +# for Secure Boot. +# +# Copyright (c) 2024, Rebecca Cran . All rights reserved.
+# Copyright (c) 2024, Ampere Computing LLC. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +set -o errexit + +cleanup () { + rm keys/dbx.priv >/dev/null 2>&1 || true + rm keys/intermediate.priv >/dev/null 2>&1 || true + rm keys/user.priv >/dev/null 2>&1 || true + rm certs/??.pem >/dev/null 2>&1 || true + rm certs/user.pfx >/dev/null 2>&1 || true + rm certs/root.crt >/dev/null 2>&1 || true + rm certs/intermediate.csr >/dev/null 2>&1 || true + rm certs/intermediate.crt >/dev/null 2>&1 || true + rm certs/user.csr >/dev/null 2>&1 || true + rm certs/user.crt >/dev/null 2>&1 || true + rm serial serial.* index.* >/dev/null 2>&1 || true +} + +if [ -z "${CERT_PASSWORD}" ]; then + CERT_PASSWORD=password +fi + +if [ -z "${SECUREBOOT_DIR}" ]; then + SECUREBOOT_DIR="${PWD}/secureboot_objects/" +fi + +if [ ! -d "${SECUREBOOT_DIR}" ]; then + mkdir "${SECUREBOOT_DIR}" +fi + +pushd "${SECUREBOOT_DIR}" || exit 1 + +if [ -z "${USE_EXISTING_SB_KEYS}" ]; then + mkdir keys || true + mkdir certs || true + cleanup + + if [ ! -f "openssl.cnf" ]; then + cp -vf "${WORKSPACE}/edk2-platforms/Platform/Ampere/Tools/openssl.cnf" . + fi + + echo "unique_subject = no" > index.txt.attr + openssl req -config openssl.cnf -new -x509 -newkey rsa:2048 -subj "/CN=${BOARD_NAME} Platform Key/" -keyout keys/platform_key.priv -outform DER -out certs/platform_key.der -days 7300 -nodes -sha256 + openssl req -config openssl.cnf -new -x509 -newkey rsa:2048 -subj "/CN=${BOARD_NAME} Update Key/" -keyout keys/update_key.priv -outform DER -out certs/update_key.cer -days 7300 -nodes -sha256 + + # Root Certificate + openssl req -config openssl.cnf -batch -new -x509 -days 3650 -key keys/update_key.priv -out certs/root.crt + openssl x509 -in certs/root.crt -out certs/root.der -outform DER + openssl x509 -inform DER -in certs/root.der -outform PEM -out certs/root.pub.pem + + # Intermediate Certificate + openssl genrsa -aes256 -out keys/intermediate.priv -passout pass:"${CERT_PASSWORD}" 2048 + openssl req -config openssl.cnf -batch -new -key keys/intermediate.priv -out certs/intermediate.csr -passin pass:"${CERT_PASSWORD}" -passout pass:"${CERT_PASSWORD}" + + truncate -s0 index.txt + echo 01 > serial + + openssl ca -config openssl.cnf -batch -extensions v3_ca -in certs/intermediate.csr -days 3650 -out certs/intermediate.crt -cert certs/root.crt -keyfile keys/update_key.priv + openssl x509 -in certs/intermediate.crt -out certs/intermediate.der -outform DER + openssl x509 -inform DER -in certs/intermediate.der -outform PEM -out certs/intermediate.pub.pem + + # User Certificate + openssl genrsa -aes256 -out keys/user.priv -passout pass:"${CERT_PASSWORD}" 2048 + openssl req -config openssl.cnf -batch -new -key keys/user.priv -out certs/user.csr -passin pass:"${CERT_PASSWORD}" -passout pass:"${CERT_PASSWORD}" + openssl ca -config openssl.cnf -batch -in certs/user.csr -days 3650 -out certs/user.crt -cert certs/intermediate.crt -keyfile keys/intermediate.priv -passin pass:"${CERT_PASSWORD}" + openssl x509 -in certs/user.crt -out certs/user.der -outform DER + openssl x509 -inform DER -in certs/user.der -outform PEM -out certs/user.pub.pem + + openssl pkcs12 -export -out certs/user.pfx -inkey keys/user.priv -in certs/user.crt -passin pass:"${CERT_PASSWORD}" -passout pass:"${CERT_PASSWORD}" + openssl pkcs12 -in certs/user.pfx -nodes -out certs/user.pem -passin pass:"${CERT_PASSWORD}" +fi + +python3 ${WORKSPACE}/edk2/BaseTools/Scripts/BinToPcd.py -i certs/root.der -p gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer -o ${WORKSPACE}/edk2-platforms/Platform/${MANUFACTURER}/${BOARD_NAME}Pkg/root.cer.gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer.inc + +pushd certs +if [ ! -f "ms_kek1.der" ] || [ -n "${DOWNLOAD_MS_SB_KEYS}" ]; then + curl -L "https://go.microsoft.com/fwlink/?LinkId=321185" -o ms_kek1.der +fi +if [ ! -f "ms_kek2.der" ] || [ -n "${DOWNLOAD_MS_SB_KEYS}" ]; then + curl -L "https://go.microsoft.com/fwlink/?linkid=2239775" -o ms_kek2.der +fi +if [ ! -f "ms_db1.der" ] || [ -n "${DOWNLOAD_MS_SB_KEYS}" ]; then + curl -L "https://go.microsoft.com/fwlink/?linkid=321192" -o ms_db1.der +fi +if [ ! -f "ms_db2.der" ] || [ -n "${DOWNLOAD_MS_SB_KEYS}" ]; then + curl -L "https://go.microsoft.com/fwlink/?linkid=321194" -o ms_db2.der +fi +if [ ! -f "ms_db3.der" ] || [ -n "${DOWNLOAD_MS_SB_KEYS}" ]; then + curl -L "https://go.microsoft.com/fwlink/?linkid=2239776" -o ms_db3.der +fi +if [ ! -f "ms_db4.der" ] || [ -n "${DOWNLOAD_MS_SB_KEYS}" ]; then + curl -L "https://go.microsoft.com/fwlink/?linkid=2239872" -o ms_db4.der +fi +if [ ! -f "ms_db5.der" ] || [ -n "${DOWNLOAD_MS_SB_KEYS}" ]; then + curl -L "https://go.microsoft.com/fwlink/?linkid=2284009" -o ms_db5.der +fi +popd || exit 1 + +if [ ! -f "certs/dummy_dbx.der" ]; then + # Generate a random certificate to place in the DBX. Otherwise, Linux won't try and update + # the dbx variable when running `fwupgmgr`. + openssl req -config openssl.cnf -new -x509 -newkey rsa:2048 -subj "/CN=Dummy DBX/" -keyout keys/dbx.priv -outform DER -out certs/dummy_dbx.der -days 7300 -nodes -sha256 +fi + +cleanup + +popd || exit 1 \ No newline at end of file diff --git a/Platform/Ampere/Tools/fw_ver.sh b/Platform/Ampere/Tools/fw_ver.sh index caf5dcbea56..1b09a56565a 100644 --- a/Platform/Ampere/Tools/fw_ver.sh +++ b/Platform/Ampere/Tools/fw_ver.sh @@ -11,4 +11,10 @@ fi MAJOR_VER="$(date +%y)" MINOR_VER="$(date +%m)" -VER="$(date +%Y.%m.%d)" +MICRO_VER="$(date +%d)" +VER="${MAJOR_VER}.${MINOR_VER}.${MICRO_VER}-$(printf '%02d' ${BUILD})" +YHEX=$(printf '%03x' $(date +%y)) +MHEX=$(printf '%01x' $(date +%m)) +DHEX=$(printf '%02x' $(date +%e)) +BHEX=$(printf '%02x' ${BUILD}) +VER_HEX=0x${YHEX}${MHEX}${DHEX}${BHEX} diff --git a/Platform/Ampere/Tools/fwflash.sh b/Platform/Ampere/Tools/fwflash.sh index 5c666de3a75..91568f8d140 100755 --- a/Platform/Ampere/Tools/fwflash.sh +++ b/Platform/Ampere/Tools/fwflash.sh @@ -5,7 +5,7 @@ set -e -BMC_ENV_FILE=bmc.sh +BMC_ENV_FILE=bmc.conf usage () { echo "Copies firmware to the BMC (running OpenBMC) and runs ampere_flash_bios.sh to flash the host." diff --git a/Platform/Ampere/Tools/openssl.cnf b/Platform/Ampere/Tools/openssl.cnf new file mode 100644 index 00000000000..92e2a7aa810 --- /dev/null +++ b/Platform/Ampere/Tools/openssl.cnf @@ -0,0 +1,130 @@ +HOME = . +openssl_conf = openssl_init +config_diagnostics = 1 +oid_section = new_oids + +[ new_oids ] +tsa_policy1 = 1.2.3.4.1 +tsa_policy2 = 1.2.3.4.5.6 +tsa_policy3 = 1.2.3.4.5.7 + +[openssl_init] +providers = provider_sect +ssl_conf = ssl_module + +[ evp_properties ] +[provider_sect] +default = default_sect + +[default_sect] +activate = 1 + +[ ssl_module ] +system_default = crypto_policy + +[ crypto_policy ] +.include = /etc/crypto-policies/back-ends/opensslcnf.config + +[ ca ] +default_ca = CA_default # The default ca section + +[ CA_default ] + +dir = . # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +unique_subject = no # Set to 'no' to allow creation of + # several certs with same subject. +new_certs_dir = $dir/certs # default place for new certs. + +certificate = $dir/cacert.pem # The CA certificate +serial = $dir/serial # The current serial number +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/cakey.pem # The private key + +x509_extensions = codesign_reqext # The extensions to add to the cert + +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +default_days = 365 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = default # use public key default MD +preserve = no # keep passed DN ordering + +policy = policy_match + +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ req ] +default_bits = 2048 +default_md = sha256 +utf8 = yes +string_mask = utf8only +default_keyfile = privkey.pem +distinguished_name = codesign_dn +x509_extensions = v3_ca # The extensions to add to the self signed cert +req_extensions = codesign_reqext +attributes = req_attributes + +# Passwords for private keys if not present they will be prompted for +input_password = secret +output_password = secret + +[ codesign_dn ] +countryName = Country Name (2 letter code) +countryName_default = US +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = California + +localityName = San Jose + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Example Corp + +organizationalUnitName = Organizational Unit Name (eg, section) + +commonName = Common Name (e.g. server FQDN or YOUR name) +commonName_default = example.com +commonName_max = 64 + +emailAddress = Email Address +emailAddress_max = 64 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 + +unstructuredName = An optional company name + +[ codesign_reqext ] +keyUsage = critical,digitalSignature +extendedKeyUsage = critical,codeSigning +subjectKeyIdentifier = hash + +[ v3_ca ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer +basicConstraints = critical,CA:true diff --git a/Platform/Ampere/Tools/tools_def.txt.patch b/Platform/Ampere/Tools/tools_def.txt.patch new file mode 100644 index 00000000000..d4e77030b4f --- /dev/null +++ b/Platform/Ampere/Tools/tools_def.txt.patch @@ -0,0 +1,10 @@ +--- BaseTools/Conf/tools_def.template 2024-11-26 08:55:42.209038055 -0700 ++++ Conf/tools_def.txt 2024-11-26 08:56:30.666355277 -0700 +@@ -2414,6 +2414,7 @@ + ################## + *_*_*_PKCS7SIGN_PATH = Pkcs7Sign + *_*_*_PKCS7SIGN_GUID = 4AAFD29D-68DF-49EE-8AA9-347D375665A7 ++*_*_*_PKCS7SIGN_FLAGS = --signer-private-cert ENV(SECUREBOOT_DIR)/certs/user.pem --other-public-cert ENV(SECUREBOOT_DIR)/certs/intermediate.pub.pem --trusted-public-cert ENV(SECUREBOOT_DIR)/certs/root.pub.pem + + ################## + # NASM tool definitions diff --git a/Platform/Ampere/buildfw.sh b/Platform/Ampere/buildfw.sh index 21eb8641198..ed0d0b7a816 100755 --- a/Platform/Ampere/buildfw.sh +++ b/Platform/Ampere/buildfw.sh @@ -1,5 +1,15 @@ #!/usr/bin/env bash +## +# @file +# Build script for platforms with an Altra(R) CPU from Ampere(R). +# +# Copyright (c) 2024, Ampere Computing LLC. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + set -o errexit tfa_usage () { @@ -41,7 +51,15 @@ usage () { echo " Available platforms:" echo " ADLINK -> ComHpcAlt" echo " Ampere -> Jade" - echo " ASRockRack -> Altrad8ud2" + echo " ASRockRack -> Altra1L2Q" + echo " ASRockRack -> Altra1L2T" + echo "" + echo "Environment Variables:" + echo " SECUREBOOT_DIR - directory to store SecureBoot keys, certs etc." + echo " USE_EXISTING_SB_KEYS - use existing Secure Boot Platform and Update keys" + echo " DOWNLOAD_MS_SB_KEYS - force re-download of Microsoft Secure Boot KEK and DB certificates" + echo " CERT_PASSWORD - password to use when generating Platform and Update Keys and certificates" + echo " defaults to \"password\" if not specified." exit 1 } @@ -75,6 +93,11 @@ BUILD_THREADS=$(getconf _NPROCESSORS_ONLN) export PYTHON_COMMAND=python3 export WORKSPACE=$PWD +if [ -z "${SECUREBOOT_DIR}" ]; then + SECUREBOOT_DIR="${WORKSPACE}/secureboot_objects/" + export SECUREBOOT_DIR +fi + if [ "$(uname -o)" = "FreeBSD" ]; then MAKE_COMMAND=gmake GETOPT_COMMAND=/usr/local/bin/getopt @@ -89,6 +112,13 @@ if [ "$(uname -o)" = "FreeBSD" ]; then mkdir bin || true ln -sfv /usr/local/bin/gmake bin/make export PATH=$PWD/bin:$PATH +elif [ "$(uname -o)" = "Darwin" ]; then + MAKE_COMMAND=gmake + GETOPT_COMMAND=/opt/homebrew/opt/gnu-getopt/bin/getopt + if ! command -v ${GETOPT_COMMAND} >/dev/null 2>&1; then + echo "GNU getopt is required. Please install the gnu-getopt homebrew package." + exit 1 + fi else MAKE_COMMAND=make GETOPT_COMMAND=getopt @@ -173,6 +203,15 @@ ${MAKE_COMMAND} -C edk2/BaseTools -j ${BUILD_THREADS} . "${WORKSPACE}/edk2-platforms/Platform/Ampere/Tools/fw_ver.sh" UPDATE . edk2/edksetup.sh +if [ -e "${WORKSPACE}/build.conf" ]; then + . "${WORKSPACE}/build.conf" +fi + +pushd edk2 +cp -vf BaseTools/Conf/tools_def.template Conf/tools_def.txt +patch -p0 < "${WORKSPACE}/edk2-platforms/Platform/Ampere/Tools/tools_def.txt.patch" +popd + EDK2_SECURE_BOOT_ENABLE=${EDK2_SECURE_BOOT_ENABLE:-TRUE} EDK2_NETWORK_ENABLE=${EDK2_NETWORK_ENABLE:-TRUE} EDK2_INCLUDE_TFTP_COMMAND=${EDK2_INCLUDE_TFTP_COMMAND:-TRUE} @@ -180,13 +219,38 @@ EDK2_NETWORK_IP6_ENABLE=${EDK2_NETWORK_IP6_ENABLE:-TRUE} EDK2_NETWORK_ALLOW_HTTP_CONNECTIONS=${EDK2_NETWORK_ALLOW_HTTP_CONNECTIONS:-TRUE} EDK2_NETWORK_TLS_ENABLE=${EDK2_NETWORK_TLS_ENABLE:-TRUE} EDK2_REDFISH_ENABLE=${EDK2_REDFISH_ENABLE:-TRUE} -EDK2_PERFORMANCE_MEASUREMENT_ENABLE=${EDK2_PERFORMANCE_MEASUREMENT_ENABLE:-TRUE} +EDK2_PERFORMANCE_MEASUREMENT_ENABLE=${EDK2_PERFORMANCE_MEASUREMENT_ENABLE:-FALSE} EDK2_TPM2_ENABLE=${EDK2_TPM2_ENABLE:-TRUE} +EDK2_HEAP_GUARD_ENABLE=${EDK2_HEAP_GUARD_ENABLE:-FALSE} +EDK2_X86_EMULATOR_ENABLE=${EDK2_X86_EMULATOR_ENABLE:-TRUE} +EDK2_SHELL_ENABLE=${EDK2_SHELL_ENABLE:-TRUE} if [ "${BLDTYPE}" = "RELEASE" ]; then - EDK2_HEAP_GUARD_ENABLE=FALSE + EDK2_SHELL_ENABLE=${EDK2_SHELL_ENABLE:-FALSE} else - EDK2_HEAP_GUARD_ENABLE=TRUE + EDK2_SHELL_ENABLE=${EDK2_SHELL_ENABLE:-TRUE} +fi + +if [ "${EDK2_HEAP_GUARD_ENABLE}" = "TRUE" ] && [ "${EDK2_X86_EMULATOR_ENABLE}" = "TRUE" ]; then + echo "Error: HeapGuard and X86 emulator are incompatible. Only one may be enabled at a time." + exit 1 +fi + +if [ "${EDK2_SECURE_BOOT_ENABLE}" = "TRUE" ]; then + export MANUFACTURER + export BOARD_NAME + "${WORKSPACE}/edk2-platforms/Platform/Ampere/Tools/GenerateSecureBootKeys.sh" + + EXTRA_BUILD_FLAGS+=" -D DEFAULT_KEYS=TRUE" + EXTRA_BUILD_FLAGS+=" -D PK_DEFAULT_FILE=${SECUREBOOT_DIR}/certs/platform_key.der" + EXTRA_BUILD_FLAGS+=" -D KEK_DEFAULT_FILE1=${SECUREBOOT_DIR}/certs/ms_kek1.der" + EXTRA_BUILD_FLAGS+=" -D KEK_DEFAULT_FILE2=${SECUREBOOT_DIR}/certs/ms_kek2.der" + EXTRA_BUILD_FLAGS+=" -D DB_DEFAULT_FILE1=${SECUREBOOT_DIR}/certs/ms_db1.der" + EXTRA_BUILD_FLAGS+=" -D DB_DEFAULT_FILE2=${SECUREBOOT_DIR}/certs/ms_db2.der" + EXTRA_BUILD_FLAGS+=" -D DB_DEFAULT_FILE3=${SECUREBOOT_DIR}/certs/ms_db3.der" + EXTRA_BUILD_FLAGS+=" -D DB_DEFAULT_FILE4=${SECUREBOOT_DIR}/certs/ms_db4.der" + EXTRA_BUILD_FLAGS+=" -D DB_DEFAULT_FILE5=${SECUREBOOT_DIR}/certs/ms_db5.der" + EXTRA_BUILD_FLAGS+=" -D DBX_DEFAULT_FILE1=${SECUREBOOT_DIR}/certs/dummy_dbx.der" fi UPD720202_ROM_FILE="K2026090.mem" @@ -198,9 +262,25 @@ if [ -e "${WORKSPACE}/IntelUndiBin/Release/AARCH64/GigUndiDxe.efi" ]; then EXTRA_BUILD_FLAGS+=" -D INTEL_UNDI_BIN=TRUE" fi +echo "EXTRA_BUILD_FLAGS=${EXTRA_BUILD_FLAGS}" + +# YearMonthDayBuild (0xYYMMDDBB) +echo "#define CURRENT_FIRMWARE_VERSION ${VER_HEX}" > "${WORKSPACE}/edk2-platforms/Platform/${MANUFACTURER}/${BOARD_NAME}Pkg/Capsule/SystemFirmwareDescriptor/HostFwInfo.h" +echo "#define CURRENT_FIRMWARE_VERSION_STRING L\"${FW_STR}\"" >> "${WORKSPACE}/edk2-platforms/Platform/${MANUFACTURER}/${BOARD_NAME}Pkg/Capsule/SystemFirmwareDescriptor/HostFwInfo.h" +echo "#define LOWEST_SUPPORTED_FIRMWARE_VERSION 0x00000000" >> "${WORKSPACE}/edk2-platforms/Platform/${MANUFACTURER}/${BOARD_NAME}Pkg/Capsule/SystemFirmwareDescriptor/HostFwInfo.h" + +if [ -f "${SCP_SLIM}" ]; then + cp -vf "${SCP_SLIM}" "Build/${BOARD_NAME}/altra_scp.slim" +fi +if [ -f "${TFA_SLIM}" ]; then + cp -vf "${TFA_SLIM}" "Build/${BOARD_NAME}/altra_atf.slim" +fi + build -a AARCH64 -t ${TOOLCHAIN} -b ${BLDTYPE} -n ${BUILD_THREADS} \ - -D FIRMWARE_VER="${VER}-${BUILD} TF-A ${TFA_VERSION}" \ - -D MAJOR_VER=${MAJOR_VER} -D MINOR_VER=${MINOR_VER} \ + -D FIRMWARE_VER_FULL="${VER} TF-A ${TFA_VERSION}" \ + -D FIRMWARE_VER="${VER}" \ + -D FIRMWARE_VER_HEX="${VER_HEX}" \ + -D MAJOR_VER=${MAJOR_VER} -D MINOR_VER=${MINOR_VER} \ -D SECURE_BOOT_ENABLE=${EDK2_SECURE_BOOT_ENABLE} \ -D NETWORK_ENABLE=${EDK2_NETWORK_ENABLE} \ -D INCLUDE_TFTP_COMMAND=${EDK2_INCLUDE_TFTP_COMMAND} \ @@ -211,17 +291,20 @@ build -a AARCH64 -t ${TOOLCHAIN} -b ${BLDTYPE} -n ${BUILD_THREADS} \ -D PERFORMANCE_MEASUREMENT_ENABLE=${EDK2_PERFORMANCE_MEASUREMENT_ENABLE} \ -D TPM2_ENABLE=${EDK2_TPM2_ENABLE} \ -D HEAP_GUARD_ENABLE=${EDK2_HEAP_GUARD_ENABLE} \ - -Y COMPILE_INFO -y BuildReport.log \ + -D X86_EMULATOR_ENABLE=${EDK2_X86_EMULATOR_ENABLE} \ + -D SHELL_ENABLE=${EDK2_SHELL_ENABLE} \ + -Y COMPILE_INFO -y BuildReport.log \ -p Platform/${MANUFACTURER}/${BOARD_NAME}Pkg/${BOARD_NAME}${LINUXBOOT}.dsc \ ${EXTRA_BUILD_FLAGS} -OUTPUT_BASENAME=${OUTPUT_BIN_DIR}/${BOARD_NAME,,}_tfa_uefi_${BLDTYPE,,}_${VER}-${BUILD} +OUTPUT_BASENAME=${OUTPUT_BIN_DIR}/${BOARD_NAME,,}_tfa_uefi_${BLDTYPE,,}_${VER} -OUTPUT_UEFI_IMAGE=Build/${BOARD_NAME}/${BOARD_NAME,,}_uefi_${BLDTYPE,,}_${VER}-${BUILD}.bin -OUTPUT_TFA_UEFI_IMAGE=Build/${BOARD_NAME}/${BOARD_NAME,,}_tfa_uefi_${BLDTYPE,,}_${VER}-${BUILD}.bin -OUTPUT_SPINOR_IMAGE=Build/${BOARD_NAME}/${BOARD_NAME,,}_rom_${BLDTYPE,,}_${VER}-${BUILD}.bin +OUTPUT_UEFI_IMAGE=Build/${BOARD_NAME}/${BOARD_NAME,,}_uefi_${BLDTYPE,,}_${VER}.bin +OUTPUT_TFA_UEFI_IMAGE=Build/${BOARD_NAME}/${BOARD_NAME,,}_tfa_uefi_${BLDTYPE,,}_${VER}.bin +OUTPUT_SPINOR_IMAGE=Build/${BOARD_NAME}/${BOARD_NAME,,}_rom_${BLDTYPE,,}_${VER}.bin cp -v "Build/${BOARD_NAME}/${BLDTYPE}_${TOOLCHAIN}/FV/BL33_${BOARD_NAME^^}_UEFI.fd" "${OUTPUT_UEFI_IMAGE}" +cp -vf "${OUTPUT_UEFI_IMAGE}" "Build/${BOARD_NAME}/${BOARD_NAME,,}_uefi.bin" if [ -f "${TFA_SLIM}" ]; then # Create a 2MB file with 0xff @@ -245,21 +328,39 @@ if [ -f "${TFA_SLIM}" ]; then cp -vf "${OUTPUT_TFA_UEFI_IMAGE}" "Build/${BOARD_NAME}/${BOARD_NAME,,}_tfa_uefi.bin" fi +if [ -f "${TFA_SLIM}" ]; then + INCLUDE_TFA_FW=TRUE +else + INCLUDE_TFA_FW=FALSE +fi + # LinuxBoot doesn't support capsule updates if [ -z "${LINUXBOOT}" ] && [ -f "${TFA_SLIM}" ] && [ -f "${SCP_SLIM}" ]; then - cp -vf "${SCP_SLIM}" "Build/${BOARD_NAME}/altra_scp.slim" - cp -vf "${TFA_SLIM}" "Build/${BOARD_NAME}/altra_atf.slim" # Build the capsule (for upgrading from the UEFI Shell or Linux) build -a AARCH64 -t ${TOOLCHAIN} -b ${BLDTYPE} -n ${BUILD_THREADS} \ - -D FIRMWARE_VER="${VER}-${BUILD} TF-A ${TFA_VERSION}" \ - -D MAJOR_VER=${MAJOR_VER} \ - -D MINOR_VER=${MINOR_VER} \ - -D SECURE_BOOT_ENABLE \ - -p Platform/${MANUFACTURER}/${BOARD_NAME}Pkg/${BOARD_NAME}Capsule.dsc - - cp -vf "Build/${BOARD_NAME}/${BLDTYPE}_${TOOLCHAIN}/FV/${BOARD_NAME^^}UEFIATFFIRMWAREUPDATECAPSULEFMPPKCS7.Cap" "${OUTPUT_BASENAME}.cap" - cp -vf "Build/${BOARD_NAME}/${BLDTYPE}_${TOOLCHAIN}/FV/${BOARD_NAME^^}SCPFIRMWAREUPDATECAPSULEFMPPKCS7.Cap" "${OUTPUT_BIN_DIR}/${BOARD_NAME,,}_scp_${SCP_VERSION}.cap" + -D FIRMWARE_VER_FULL="${VER} TF-A ${TFA_VERSION}" \ + -D FIRMWARE_VER="${VER}" \ + -D FIRMWARE_VER_HEX="${VER_HEX}" \ + -D MAJOR_VER=${MAJOR_VER} \ + -D MINOR_VER=${MINOR_VER} \ + -D INCLUDE_TFA_FW=${INCLUDE_TFA_FW} \ + -p Platform/${MANUFACTURER}/${BOARD_NAME}Pkg/${BOARD_NAME}Capsule.dsc + + cp -vf "Build/${BOARD_NAME}/${BLDTYPE}_${TOOLCHAIN}/FV/${BOARD_NAME^^}HOSTFIRMWARE.Cap" "Build/${BOARD_NAME}/${BOARD_NAME,,}_host_${BLDTYPE,,}_${VER}.cap" + cp -vf "Build/${BOARD_NAME}/${BLDTYPE}_${TOOLCHAIN}/AARCH64/CapsuleApp.efi" "Build/${BOARD_NAME}/" + mkdir Build/${BOARD_NAME}/Cab || true + rm -f Build/${BOARD_NAME}/Cab/* + METAINFO_FILE="Build/${BOARD_NAME}/Cab/firmware.metainfo.xml" + cp -vf "${WORKSPACE}/edk2-platforms/Platform/${MANUFACTURER}/${BOARD_NAME}Pkg/firmware.metainfo.xml" "${METAINFO_FILE}" + cp -vf "Build/${BOARD_NAME}/${BOARD_NAME,,}_host_${BLDTYPE,,}_${VER}.cap" "Build/${BOARD_NAME}/Cab/firmware.bin" + sed -i "s/{URGENCY}/high/g" "${METAINFO_FILE}" + sed -i "s/{FW_VERSION}/$(printf '%d' ${VER_HEX})/g" "${METAINFO_FILE}" + sed -i "s/{FW_DATE}/$(date +%Y-%m-%d)/g" "${METAINFO_FILE}" + sed -i "s/{RELEASE_NOTES}//g" "${METAINFO_FILE}" + pushd "Build/${BOARD_NAME}/Cab" + lcab -q ./* "../${BOARD_NAME,,}_host_${BLDTYPE,,}_${VER}.cab" + popd fi if [ "${BOARD_NAME}" = "ComHpcAlt" ] && [ ! -e "${WORKSPACE}/${UPD720202_ROM_FILE}" ]; then diff --git a/Silicon/Ampere/AmpereAltraPkg/AmpereAltraLinuxBootPkg.dsc.inc b/Silicon/Ampere/AmpereAltraPkg/AmpereAltraLinuxBootPkg.dsc.inc index 1585ff798bb..2d9ef70503f 100755 --- a/Silicon/Ampere/AmpereAltraPkg/AmpereAltraLinuxBootPkg.dsc.inc +++ b/Silicon/Ampere/AmpereAltraPkg/AmpereAltraLinuxBootPkg.dsc.inc @@ -129,7 +129,9 @@ MemoryAllocationLib|EmbeddedPkg/Library/PrePiMemoryAllocationLib/PrePiMemoryAllocationLib.inf HobLib|EmbeddedPkg/Library/PrePiHobLib/PrePiHobLib.inf PrePiHobListPointerLib|ArmPlatformPkg/Library/PrePiHobListPointerLib/PrePiHobListPointerLib.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/PeiPerformanceLib/PeiPerformanceLib.inf +!endif ArmGicArchLib|ArmPkg/Library/ArmGicArchSecLib/ArmGicArchSecLib.inf # ARM platforms have SEC modules with standard entry points, so we can generically link StackCheckLib @@ -140,7 +142,9 @@ PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf PeiCoreEntryPoint|MdePkg/Library/PeiCoreEntryPoint/PeiCoreEntryPoint.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/PeiPerformanceLib/PeiPerformanceLib.inf +!endif ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf ExtractGuidedSectionLib|MdePkg/Library/PeiExtractGuidedSectionLib/PeiExtractGuidedSectionLib.inf @@ -155,7 +159,9 @@ PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/PeiPerformanceLib/PeiPerformanceLib.inf +!endif ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf PeiResourcePublicationLib|MdePkg/Library/PeiResourcePublicationLib/PeiResourcePublicationLib.inf @@ -178,23 +184,31 @@ DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtractGuidedSectionLib.inf DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/DxeCorePerformanceLib/DxeCorePerformanceLib.inf +!endif [LibraryClasses.common.DXE_DRIVER] DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf +!endif MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf [LibraryClasses.common.UEFI_APPLICATION] UefiDecompressLib|MdePkg/Library/BaseUefiDecompressLib/BaseUefiTianoCustomDecompressLib.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf +!endif MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf [LibraryClasses.common.UEFI_DRIVER] ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtractGuidedSectionLib.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf +!endif DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf @@ -252,7 +266,7 @@ [PcdsFixedAtBuild.common] !ifdef $(FIRMWARE_VER) - gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString|L"$(FIRMWARE_VER)" + gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString|L"$(FIRMWARE_VER_FULL)" !endif gEfiMdePkgTokenSpaceGuid.PcdMaximumUnicodeStringLength|1000000 @@ -439,7 +453,7 @@ # # SMBIOS PCDs # - gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString|L"$(FIRMWARE_VER)" + gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString|L"$(FIRMWARE_VER_FULL)" gAmpereTokenSpaceGuid.PcdSmbiosTables0MajorVersion|$(MAJOR_VER) gAmpereTokenSpaceGuid.PcdSmbiosTables0MinorVersion|$(MINOR_VER) gArmTokenSpaceGuid.PcdProcessorManufacturer|L"Ampere(R)" diff --git a/Silicon/Ampere/AmpereAltraPkg/AmpereAltraPkg.dsc.inc b/Silicon/Ampere/AmpereAltraPkg/AmpereAltraPkg.dsc.inc index df5ebef6893..66cb0968573 100644 --- a/Silicon/Ampere/AmpereAltraPkg/AmpereAltraPkg.dsc.inc +++ b/Silicon/Ampere/AmpereAltraPkg/AmpereAltraPkg.dsc.inc @@ -121,6 +121,12 @@ PlatformBootManagerLib|Silicon/Ampere/AmpereSiliconPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf +!if $(CAPSULE_ENABLE) == TRUE + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf +!else + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf +!endif + # # UEFI Shell libraries # @@ -143,26 +149,31 @@ SecureBootVariableProvisionLib|SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariableProvisionLib.inf PlatformPKProtectionLib|SecurityPkg/Library/PlatformPKProtectionLibVarPolicy/PlatformPKProtectionLibVarPolicy.inf + # + # re-use the UserPhysicalPresent() dummy implementation from the ovmf tree + # + PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf +!else + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf + AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf +!endif + # # Capsule Update requirements # BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf DisplayUpdateProgressLib|MdeModulePkg/Library/DisplayUpdateProgressLibGraphics/DisplayUpdateProgressLibGraphics.inf - CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf EdkiiSystemCapsuleLib|SignedCapsulePkg/Library/EdkiiSystemCapsuleLib/EdkiiSystemCapsuleLib.inf - FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf + FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf + FmpDependencyLib|FmpDevicePkg/Library/FmpDependencyLib/FmpDependencyLib.inf + FmpDependencyCheckLib|FmpDevicePkg/Library/FmpDependencyCheckLibNull/FmpDependencyCheckLibNull.inf + FmpDependencyDeviceLib|FmpDevicePkg/Library/FmpDependencyDeviceLibNull/FmpDependencyDeviceLibNull.inf + FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLibV1.inf + CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleUpdatePolicyLibNull.inf IniParsingLib|SignedCapsulePkg/Library/IniParsingLib/IniParsingLib.inf PlatformFlashAccessLib|Silicon/Ampere/AmpereAltraPkg/Library/PlatformFlashAccessLib/PlatformFlashAccessLib.inf ShellCEntryLib|ShellPkg/Library/UefiShellCEntryLib/UefiShellCEntryLib.inf - # - # re-use the UserPhysicalPresent() dummy implementation from the ovmf tree - # - PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf -!else - TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf - AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf -!endif VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf @@ -195,7 +206,9 @@ MemoryAllocationLib|EmbeddedPkg/Library/PrePiMemoryAllocationLib/PrePiMemoryAllocationLib.inf HobLib|EmbeddedPkg/Library/PrePiHobLib/PrePiHobLib.inf PrePiHobListPointerLib|ArmPlatformPkg/Library/PrePiHobListPointerLib/PrePiHobListPointerLib.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/PeiPerformanceLib/PeiPerformanceLib.inf +!endif ArmGicArchLib|ArmPkg/Library/ArmGicArchSecLib/ArmGicArchSecLib.inf [LibraryClasses.common.PEI_CORE] @@ -203,7 +216,9 @@ PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf PeiCoreEntryPoint|MdePkg/Library/PeiCoreEntryPoint/PeiCoreEntryPoint.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/PeiPerformanceLib/PeiPerformanceLib.inf +!endif ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf ExtractGuidedSectionLib|MdePkg/Library/PeiExtractGuidedSectionLib/PeiExtractGuidedSectionLib.inf @@ -218,7 +233,9 @@ PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/PeiPerformanceLib/PeiPerformanceLib.inf +!endif ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf PeiResourcePublicationLib|MdePkg/Library/PeiResourcePublicationLib/PeiResourcePublicationLib.inf @@ -245,26 +262,34 @@ DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtractGuidedSectionLib.inf DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/DxeCorePerformanceLib/DxeCorePerformanceLib.inf +!endif [LibraryClasses.common.DXE_DRIVER] DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf +!endif MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf PciHostBridgeLib|Silicon/Ampere/AmpereAltraPkg/Library/PciHostBridgeLib/PciHostBridgeLib.inf PciSegmentLib|Silicon/Ampere/AmpereAltraPkg/Library/PciSegmentLibPci/PciSegmentLibPci.inf [LibraryClasses.common.UEFI_APPLICATION] UefiDecompressLib|MdePkg/Library/BaseUefiDecompressLib/BaseUefiTianoCustomDecompressLib.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf +!endif MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf [LibraryClasses.common.UEFI_DRIVER] ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtractGuidedSectionLib.inf +!if $(PERFORMANCE_MEASUREMENT_ENABLE) == TRUE PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf +!endif DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf @@ -272,14 +297,16 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf +!if $(CAPSULE_ENABLE) == TRUE CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf +!else + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf +!endif ReportStatusCodeLib|MdeModulePkg/Library/RuntimeDxeReportStatusCodeLib/RuntimeDxeReportStatusCodeLib.inf !if $(SECURE_BOOT_ENABLE) == TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf !endif -!if $(TARGET) != RELEASE DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf -!endif VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf ArmSmcLib|ArmPkg/Library/ArmSmcLib/ArmSmcLib.inf @@ -334,6 +361,10 @@ gEfiMdePkgTokenSpaceGuid.PcdPostCodePropertyMask|0 gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|320 + # With PcdPerformanceLibraryPropertyMask set to 1, we need to + # increase the memory allocated for the FPDT boot records. + gEfiMdeModulePkgTokenSpaceGuid.PcdExtFpdtBootRecordPadSize|0x300000 + # DEBUG_ASSERT_ENABLED 0x01 # DEBUG_PRINT_ENABLED 0x02 # DEBUG_CODE_ENABLED 0x04 @@ -401,8 +432,8 @@ gArmTokenSpaceGuid.PcdArmPrimaryCore|0x0 - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000 - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800 + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x5000 + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x5000 gArmPlatformTokenSpaceGuid.PcdCPUCoresStackBase|0x91100000 gArmPlatformTokenSpaceGuid.PcdCPUCorePrimaryStackSize|0x20000 @@ -446,13 +477,6 @@ gArmPlatformTokenSpaceGuid.PcdSerialDbgRegisterBase|0x100002620000 gArmPlatformTokenSpaceGuid.PcdSerialDbgUartBaudRate|115200 - # - # We want to use the Shell Libraries but don't want it to initialise - # automatically. We initialise the libraries when the command is called by the - # Shell. - # - gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE - gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE # @@ -520,12 +544,13 @@ # # SMBIOS PCDs # - gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString|L"$(FIRMWARE_VER)" + gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString|L"$(FIRMWARE_VER_FULL)" gAmpereTokenSpaceGuid.PcdSmbiosTables0MajorVersion|$(MAJOR_VER) gAmpereTokenSpaceGuid.PcdSmbiosTables0MinorVersion|$(MINOR_VER) gArmTokenSpaceGuid.PcdProcessorManufacturer|L"Ampere(R)" gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVendor|L"Ampere(R)" gArmTokenSpaceGuid.PcdProcessorAssetTag|L"Not Set" + gArmTokenSpaceGuid.PcdFdSize|0x2000000 # # Increasing the maximum size of capsule is to cover ARM Trusted Firmware binaries @@ -533,7 +558,7 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxSizeNonPopulateCapsule|0xE00000 [PcdsDynamicHii.common.DEFAULT] - gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut|L"Timeout"|gEfiGlobalVariableGuid|0x0|10 + gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut|L"Timeout"|gEfiGlobalVariableGuid|0x0|5 # Possible values are: # 0: Connect Minimal Devices # 1: Connect Network Devices @@ -626,6 +651,8 @@ } MdeModulePkg/Universal/ReportStatusCodeRouter/RuntimeDxe/ReportStatusCodeRouterRuntimeDxe.inf Silicon/Ampere/AmpereAltraPkg/Drivers/BootProgress/BootProgressDxe/BootProgressDxe.inf + MdeModulePkg/Logo/LogoDxe.inf + MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf # # PCD @@ -656,6 +683,8 @@ SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf !endif MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf + MdeModulePkg/Universal/CapsuleOnDiskLoadPei/CapsuleOnDiskLoadPei.inf + MdeModulePkg/Universal/CapsulePei/CapsulePei.inf MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf EmbeddedPkg/RealTimeClockRuntimeDxe/RealTimeClockRuntimeDxe.inf @@ -780,7 +809,15 @@ MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf - MdeModulePkg/Universal/BdsDxe/BdsDxe.inf + MdeModulePkg/Universal/BdsDxe/BdsDxe.inf { + +!if $(CAPSULE_ENABLE) == TRUE + FmpAuthenticationLib|SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf +!else + FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf +!endif + } + MdeModulePkg/Application/UiApp/UiApp.inf { NULL|MdeModulePkg/Library/BootDiscoveryPolicyUiLib/BootDiscoveryPolicyUiLib.inf @@ -809,6 +846,7 @@ MdeModulePkg/Universal/SmbiosMeasurementDxe/SmbiosMeasurementDxe.inf !endif +!if $(SHELL_ENABLE) == TRUE # # UEFI application (Shell Embedded Boot Loader) # @@ -832,8 +870,12 @@ gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000 } !ifdef $(INCLUDE_TFTP_COMMAND) - ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf + ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf { + + gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE + } !endif #$(INCLUDE_TFTP_COMMAND) +!endif #$(EDK2_SHELL_ENABLE) EmbeddedPkg/Drivers/MemoryAttributeManagerDxe/MemoryAttributeManagerDxe.inf Silicon/Ampere/AmpereSiliconPkg/Drivers/PlatformBootManagerDxe/PlatformBootManagerDxe.inf diff --git a/Silicon/Ampere/AmpereAltraPkg/Drivers/FlashFvbDxe/FlashFvbDxe.c b/Silicon/Ampere/AmpereAltraPkg/Drivers/FlashFvbDxe/FlashFvbDxe.c index c9161f30bbe..94ed9a0993e 100644 --- a/Silicon/Ampere/AmpereAltraPkg/Drivers/FlashFvbDxe/FlashFvbDxe.c +++ b/Silicon/Ampere/AmpereAltraPkg/Drivers/FlashFvbDxe/FlashFvbDxe.c @@ -495,7 +495,7 @@ FlashFvbDxeInitialize ( return EFI_DEVICE_ERROR; } - if (mNvFlashSize >= (mNvStorageSize * 2)) { + if (mNvFlashSize > mNvStorageSize) { DEBUG ((DEBUG_INFO, "%a: NV store on Flash is valid\n", __func__)); } else { DEBUG ((DEBUG_ERROR, "%a: NV store on Flash is invalid\n", __func__)); diff --git a/Silicon/Ampere/AmpereAltraPkg/Drivers/FlashPei/FlashPei.c b/Silicon/Ampere/AmpereAltraPkg/Drivers/FlashPei/FlashPei.c index f96958bfc20..4cfb3ba605b 100644 --- a/Silicon/Ampere/AmpereAltraPkg/Drivers/FlashPei/FlashPei.c +++ b/Silicon/Ampere/AmpereAltraPkg/Drivers/FlashPei/FlashPei.c @@ -111,6 +111,7 @@ FlashPeiEntryPoint ( UINT32 FWNvRamSize; UINTN NvRamAddress; UINT32 NvRamSize; + UINT32 UuidOffset; BOOLEAN ClearUserConfig; CopyMem ((VOID *)BuildUuid, PcdGetPtr (PcdPlatformConfigUuid), sizeof (BuildUuid)); @@ -134,35 +135,32 @@ FlashPeiEntryPoint ( return Status; } - if (FWNvRamSize < (NvRamSize * 2 + sizeof (BuildUuid))) { - // - // NVRAM size provided by FW is not enough - // - return EFI_INVALID_PARAMETER; - } - // - // We stored BUILD UUID build at the offset NVRAM_SIZE * 2 + // We stored BUILD UUID build just after the NVRAM // + UuidOffset = FWNvRamStartOffset + NvRamSize; + DEBUG ((DEBUG_INFO, "UUID Offset: %08x\n", UuidOffset)); Status = FlashReadCommand ( - FWNvRamStartOffset + NvRamSize * 2, + UuidOffset, (UINT8 *)StoredUuid, sizeof (StoredUuid) ); if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: Failed to read UUID from flash: %r\n", __func__, Status)); return Status; } ClearUserConfig = IsIpmiClearCmosSet (); if (CompareMem ((VOID *)StoredUuid, (VOID *)BuildUuid, sizeof (BuildUuid)) != 0) { - DEBUG ((DEBUG_INFO, "BUILD UUID Changed, Update Storage with NVRAM FV\n")); + DEBUG ((DEBUG_INFO, "BUILD UUID changed: resetting NVRAM region.\n")); ClearUserConfig = TRUE; } if (ClearUserConfig) { - Status = FlashEraseCommand (FWNvRamStartOffset, NvRamSize * 2 + sizeof (BuildUuid)); + Status = FlashEraseCommand (FWNvRamStartOffset, NvRamSize); if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: Failed to erase NVRAM area: %r\n", __func__, Status)); return Status; } @@ -172,23 +170,26 @@ FlashPeiEntryPoint ( NvRamSize ); if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: Failed to write NVRAM area: %r\n", __func__, Status)); return Status; } // // Write new BUILD UUID to the Flash // - Status = FlashEraseCommand (FWNvRamStartOffset + (NvRamSize * 2), sizeof (BuildUuid)); + Status = FlashEraseCommand (UuidOffset, sizeof (BuildUuid)); if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: Failed to erase UUID area: %r\n", __func__, Status)); return Status; } Status = FlashWriteCommand ( - FWNvRamStartOffset + NvRamSize * 2, + UuidOffset, (UINT8 *)BuildUuid, sizeof (BuildUuid) ); if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: Failed to write UUID: %r\n", __func__, Status)); return Status; } @@ -200,7 +201,7 @@ FlashPeiEntryPoint ( ResetCold (); } } else { - DEBUG ((DEBUG_INFO, "Identical UUID, copy stored NVRAM to RAM\n")); + DEBUG ((DEBUG_INFO, "Identical UUID: copying stored NVRAM to RAM\n")); Status = FlashReadCommand ( FWNvRamStartOffset, @@ -208,6 +209,7 @@ FlashPeiEntryPoint ( NvRamSize ); if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: Failed to read NVRAM from flash: %r\n", __func__, Status)); return Status; } } diff --git a/Silicon/Ampere/AmpereAltraPkg/Library/PlatformFlashAccessLib/PlatformFlashAccessLib.c b/Silicon/Ampere/AmpereAltraPkg/Library/PlatformFlashAccessLib/PlatformFlashAccessLib.c index d279637be37..8e9ba695238 100644 --- a/Silicon/Ampere/AmpereAltraPkg/Library/PlatformFlashAccessLib/PlatformFlashAccessLib.c +++ b/Silicon/Ampere/AmpereAltraPkg/Library/PlatformFlashAccessLib/PlatformFlashAccessLib.c @@ -177,7 +177,7 @@ MmFlashUpdate ( // Return data in the first double word of payload MmFwuStatus = (EFI_MM_COMMUNICATE_FWU_RES *)mEfiMmSysFwuReq.PayLoad.Data; if (MmFwuStatus->Status == FWU_MM_RES_IN_PROGRESS) { - if (NULL != Progress) { + if (Progress != NULL) { Progress (ProgressUpdate); } diff --git a/Silicon/Ampere/AmpereSiliconPkg/AmpereSiliconPkg.dec b/Silicon/Ampere/AmpereSiliconPkg/AmpereSiliconPkg.dec index 28c1c1905e7..c11c490f3b8 100644 --- a/Silicon/Ampere/AmpereSiliconPkg/AmpereSiliconPkg.dec +++ b/Silicon/Ampere/AmpereSiliconPkg/AmpereSiliconPkg.dec @@ -90,6 +90,8 @@ gAmpereTokenSpaceGuid.PcdSmbiosTables0MajorVersion|0xFF|UINT8|0x00000005 gAmpereTokenSpaceGuid.PcdSmbiosTables0MinorVersion|0xFF|UINT8|0x00000006 + gAmpereTokenSpaceGuid.PcdFirmwareVersionNumber|0x00000000|UINT32|0x00000012 + # # I2C PCDs for SMBUS # diff --git a/Silicon/Ampere/AmpereSiliconPkg/Drivers/PlatformBootManagerDxe/PlatformBootManagerDxe.c b/Silicon/Ampere/AmpereSiliconPkg/Drivers/PlatformBootManagerDxe/PlatformBootManagerDxe.c index 01abd52b0e9..cf2a393b48e 100644 --- a/Silicon/Ampere/AmpereSiliconPkg/Drivers/PlatformBootManagerDxe/PlatformBootManagerDxe.c +++ b/Silicon/Ampere/AmpereSiliconPkg/Drivers/PlatformBootManagerDxe/PlatformBootManagerDxe.c @@ -20,6 +20,7 @@ #include #include +#include #include #include #include @@ -79,6 +80,153 @@ CONST UINT16 UsbEnglishLang = 0x0409; extern EFI_GUID mBmAutoCreateBootOptionGuid; +/** + Remove all MemoryMapped(...)/FvFile(...) and Fv(...)/FvFile(...) boot options + whose device paths do not resolve exactly to an FvFile in the system. + + This removes any boot options that point to binaries built into the firmware + and have become stale due to any of the following: + - FvMain's base address or size changed (historical), + - FvMain's FvNameGuid changed, + - the FILE_GUID of the pointed-to binary changed, + - the referenced binary is no longer built into the firmware. + + EfiBootManagerFindLoadOption() used in PlatformRegisterFvBootOption() only + avoids exact duplicates. + + Copied from OvmfPkg/Library/PlatformBootManagerLibLight/PlatformBm.c +**/ +static +VOID +RemoveStaleFvFileOptions ( + VOID + ) +{ + EFI_BOOT_MANAGER_LOAD_OPTION *BootOptions; + UINTN BootOptionCount; + UINTN Index; + + BootOptions = EfiBootManagerGetLoadOptions ( + &BootOptionCount, + LoadOptionTypeBoot + ); + + for (Index = 0; Index < BootOptionCount; ++Index) { + EFI_DEVICE_PATH_PROTOCOL *Node1, *Node2, *SearchNode; + EFI_STATUS Status; + EFI_HANDLE FvHandle; + + // + // If the device path starts with neither MemoryMapped(...) nor Fv(...), + // then keep the boot option. + // + Node1 = BootOptions[Index].FilePath; + if (!((DevicePathType (Node1) == HARDWARE_DEVICE_PATH) && + (DevicePathSubType (Node1) == HW_MEMMAP_DP)) && + !((DevicePathType (Node1) == MEDIA_DEVICE_PATH) && + (DevicePathSubType (Node1) == MEDIA_PIWG_FW_VOL_DP))) + { + continue; + } + + // + // If the second device path node is not FvFile(...), then keep the boot + // option. + // + Node2 = NextDevicePathNode (Node1); + if ((DevicePathType (Node2) != MEDIA_DEVICE_PATH) || + (DevicePathSubType (Node2) != MEDIA_PIWG_FW_FILE_DP)) + { + continue; + } + + // + // Locate the Firmware Volume2 protocol instance that is denoted by the + // boot option. If this lookup fails (i.e., the boot option references a + // firmware volume that doesn't exist), then we'll proceed to delete the + // boot option. + // + SearchNode = Node1; + Status = gBS->LocateDevicePath ( + &gEfiFirmwareVolume2ProtocolGuid, + &SearchNode, + &FvHandle + ); + + if (!EFI_ERROR (Status)) { + // + // The firmware volume was found; now let's see if it contains the FvFile + // identified by GUID. + // + EFI_FIRMWARE_VOLUME2_PROTOCOL *FvProtocol; + MEDIA_FW_VOL_FILEPATH_DEVICE_PATH *FvFileNode; + UINTN BufferSize; + EFI_FV_FILETYPE FoundType; + EFI_FV_FILE_ATTRIBUTES FileAttributes; + UINT32 AuthenticationStatus; + + Status = gBS->HandleProtocol ( + FvHandle, + &gEfiFirmwareVolume2ProtocolGuid, + (VOID **)&FvProtocol + ); + ASSERT_EFI_ERROR (Status); + + FvFileNode = (MEDIA_FW_VOL_FILEPATH_DEVICE_PATH *)Node2; + // + // Buffer==NULL means we request metadata only: BufferSize, FoundType, + // FileAttributes. + // + Status = FvProtocol->ReadFile ( + FvProtocol, + &FvFileNode->FvFileName, // NameGuid + NULL, // Buffer + &BufferSize, + &FoundType, + &FileAttributes, + &AuthenticationStatus + ); + if (!EFI_ERROR (Status)) { + // + // The FvFile was found. Keep the boot option. + // + continue; + } + } + + // + // Delete the boot option. + // + Status = EfiBootManagerDeleteLoadOptionVariable ( + BootOptions[Index].OptionNumber, + LoadOptionTypeBoot + ); + DEBUG_CODE_BEGIN (); + CHAR16 *DevicePathString; + + DevicePathString = ConvertDevicePathToText ( + BootOptions[Index].FilePath, + FALSE, + FALSE + ); + DEBUG (( + EFI_ERROR (Status) ? DEBUG_WARN : DEBUG_VERBOSE, + "%a: removing stale Boot#%04x %s: %r\n", + __func__, + (UINT32)BootOptions[Index].OptionNumber, + DevicePathString == NULL ? L"" : DevicePathString, + Status + )); + if (DevicePathString != NULL) { + FreePool (DevicePathString); + } + + DEBUG_CODE_END (); + } + + EfiBootManagerFreeLoadOptions (BootOptions, BootOptionCount); +} + /** Append a Boot Option to a Boot Options list. If the description and the device path are null, this function will copy data from @@ -894,6 +1042,8 @@ RefreshAllBootOptions ( BootOptionTemp[Index].OptionalDataSize = sizeof (EFI_GUID); } + RemoveStaleFvFileOptions (); + return Status; }