summaryrefslogtreecommitdiff
path: root/MdeModulePkg/Core/Dxe
diff options
context:
space:
mode:
authorlzeng14 <lzeng14@6f19259b-4bc3-4df7-8a09-765794883524>2012-05-29 05:22:01 +0000
committerlzeng14 <lzeng14@6f19259b-4bc3-4df7-8a09-765794883524>2012-05-29 05:22:01 +0000
commit0c3a1db40f982d243b8e2c67ee4e8109a0737d34 (patch)
treeef0b32272e5084335145413bc693f7715c7945e8 /MdeModulePkg/Core/Dxe
parentb504f51998e839691e0d8c68f3f3093907575594 (diff)
downloadedk2-platforms-0c3a1db40f982d243b8e2c67ee4e8109a0737d34.tar.xz
Update DxeCore and FwVolDxe drivers to inherit authentication status for the FV image, if the image came from an FV image file and section in another firmware volume.
Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13368 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'MdeModulePkg/Core/Dxe')
-rw-r--r--MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c3
-rw-r--r--MdeModulePkg/Core/Dxe/DxeMain.h18
-rw-r--r--MdeModulePkg/Core/Dxe/FwVol/FwVol.c11
-rw-r--r--MdeModulePkg/Core/Dxe/FwVol/FwVolDriver.h1
-rw-r--r--MdeModulePkg/Core/Dxe/FwVol/FwVolRead.c9
-rw-r--r--MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c38
-rw-r--r--MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.h3
7 files changed, 75 insertions, 8 deletions
diff --git a/MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c b/MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c
index 476c8b39ad..3a7e0db37e 100644
--- a/MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c
+++ b/MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c
@@ -26,7 +26,7 @@
Depex - Dependency Expresion.
SOR - Schedule On Request - Don't schedule if this bit is set.
-Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -1039,6 +1039,7 @@ CoreProcessFvImageFile (
(EFI_PHYSICAL_ADDRESS) (UINTN) AlignedBuffer,
(UINT64)BufferSize,
FvHandle,
+ AuthenticationStatus,
NULL
);
}
diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMain.h
index 4ec895c0a2..dedb84047f 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain.h
+++ b/MdeModulePkg/Core/Dxe/DxeMain.h
@@ -2429,6 +2429,19 @@ FwVolBlockDriverInit (
IN EFI_SYSTEM_TABLE *SystemTable
);
+/**
+
+ Get FVB authentication status
+
+ @param FvbProtocol FVB protocol.
+
+ @return Authentication status.
+
+**/
+UINT32
+GetFvbAuthenticationStatus (
+ IN EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *FvbProtocol
+ );
/**
This routine produces a firmware volume block protocol on a given
@@ -2437,8 +2450,10 @@ FwVolBlockDriverInit (
@param BaseAddress base address of the firmware volume image
@param Length length of the firmware volume image
@param ParentHandle handle of parent firmware volume, if this image
- came from an FV image file in another firmware
+ came from an FV image file and section in another firmware
volume (ala capsules)
+ @param AuthenticationStatus Authentication status inherited, if this image
+ came from an FV image file and section in another firmware volume.
@param FvProtocol Firmware volume block protocol produced.
@retval EFI_VOLUME_CORRUPTED Volume corrupted.
@@ -2452,6 +2467,7 @@ ProduceFVBProtocolOnBuffer (
IN EFI_PHYSICAL_ADDRESS BaseAddress,
IN UINT64 Length,
IN EFI_HANDLE ParentHandle,
+ IN UINT32 AuthenticationStatus,
OUT EFI_HANDLE *FvProtocol OPTIONAL
);
diff --git a/MdeModulePkg/Core/Dxe/FwVol/FwVol.c b/MdeModulePkg/Core/Dxe/FwVol/FwVol.c
index 1cee6a9ba0..9355e52ab0 100644
--- a/MdeModulePkg/Core/Dxe/FwVol/FwVol.c
+++ b/MdeModulePkg/Core/Dxe/FwVol/FwVol.c
@@ -45,6 +45,8 @@ FV_DEVICE mFvDevice = {
NULL,
NULL,
{ NULL, NULL },
+ 0,
+ FALSE,
0
};
@@ -638,8 +640,15 @@ NotifyFwVolBlock (
FvDevice->Fvb = Fvb;
FvDevice->Handle = Handle;
FvDevice->FwVolHeader = FwVolHeader;
- FvDevice->Fv.ParentHandle = Fvb->ParentHandle;
FvDevice->IsFfs3Fv = CompareGuid (&FwVolHeader->FileSystemGuid, &gEfiFirmwareFileSystem3Guid);
+ FvDevice->Fv.ParentHandle = Fvb->ParentHandle;
+
+ if (Fvb->ParentHandle != NULL) {
+ //
+ // Inherit the authentication status from FVB.
+ //
+ FvDevice->AuthenticationStatus = GetFvbAuthenticationStatus (Fvb);
+ }
if (!EFI_ERROR (FvCheck (FvDevice))) {
//
diff --git a/MdeModulePkg/Core/Dxe/FwVol/FwVolDriver.h b/MdeModulePkg/Core/Dxe/FwVol/FwVolDriver.h
index 31d15120eb..4986792edd 100644
--- a/MdeModulePkg/Core/Dxe/FwVol/FwVolDriver.h
+++ b/MdeModulePkg/Core/Dxe/FwVol/FwVolDriver.h
@@ -44,6 +44,7 @@ typedef struct {
UINT8 ErasePolarity;
BOOLEAN IsFfs3Fv;
+ UINT32 AuthenticationStatus;
} FV_DEVICE;
#define FV_DEVICE_FROM_THIS(a) CR(a, FV_DEVICE, Fv, FV2_DEVICE_SIGNATURE)
diff --git a/MdeModulePkg/Core/Dxe/FwVol/FwVolRead.c b/MdeModulePkg/Core/Dxe/FwVol/FwVolRead.c
index fc1a2e5fae..b5a0d874f0 100644
--- a/MdeModulePkg/Core/Dxe/FwVol/FwVolRead.c
+++ b/MdeModulePkg/Core/Dxe/FwVol/FwVolRead.c
@@ -1,7 +1,7 @@
/** @file
Implements functions to read firmware file
-Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -484,6 +484,13 @@ FvReadFileSection (
FvDevice->IsFfs3Fv
);
+ if (!EFI_ERROR (Status)) {
+ //
+ // Inherit the authentication status.
+ //
+ *AuthenticationStatus |= FvDevice->AuthenticationStatus;
+ }
+
//
// Close of stream defered to close of FfsHeader list to allow SEP to cache data
//
diff --git a/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c b/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c
index f44310f8ef..523738d52d 100644
--- a/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c
+++ b/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.c
@@ -4,7 +4,7 @@
It consumes FV HOBs and creates read-only Firmare Volume Block protocol
instances for each of them.
-Copyright (c) 2006 - 2008, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -81,6 +81,7 @@ EFI_FW_VOL_BLOCK_DEVICE mFwVolBlock = {
0,
NULL,
0,
+ 0,
0
};
@@ -402,7 +403,31 @@ FwVolBlockGetBlockSize (
return EFI_SUCCESS;
}
+/**
+
+ Get FVB authentication status
+
+ @param FvbProtocol FVB protocol.
+ @return Authentication status.
+
+**/
+UINT32
+GetFvbAuthenticationStatus (
+ IN EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *FvbProtocol
+ )
+{
+ EFI_FW_VOL_BLOCK_DEVICE *FvbDevice;
+ UINT32 AuthenticationStatus;
+
+ AuthenticationStatus = 0;
+ FvbDevice = BASE_CR (FvbProtocol, EFI_FW_VOL_BLOCK_DEVICE, FwVolBlockInstance);
+ if (FvbDevice->Signature == FVB_DEVICE_SIGNATURE) {
+ AuthenticationStatus = FvbDevice->AuthenticationStatus;
+ }
+
+ return AuthenticationStatus;
+}
/**
This routine produces a firmware volume block protocol on a given
@@ -411,8 +436,10 @@ FwVolBlockGetBlockSize (
@param BaseAddress base address of the firmware volume image
@param Length length of the firmware volume image
@param ParentHandle handle of parent firmware volume, if this image
- came from an FV image file in another firmware
+ came from an FV image file and section in another firmware
volume (ala capsules)
+ @param AuthenticationStatus Authentication status inherited, if this image
+ came from an FV image file and section in another firmware volume.
@param FvProtocol Firmware volume block protocol produced.
@retval EFI_VOLUME_CORRUPTED Volume corrupted.
@@ -426,6 +453,7 @@ ProduceFVBProtocolOnBuffer (
IN EFI_PHYSICAL_ADDRESS BaseAddress,
IN UINT64 Length,
IN EFI_HANDLE ParentHandle,
+ IN UINT32 AuthenticationStatus,
OUT EFI_HANDLE *FvProtocol OPTIONAL
)
{
@@ -473,6 +501,9 @@ ProduceFVBProtocolOnBuffer (
FvbDev->BaseAddress = BaseAddress;
FvbDev->FvbAttributes = FwVolHeader->Attributes;
FvbDev->FwVolBlockInstance.ParentHandle = ParentHandle;
+ if (ParentHandle != NULL) {
+ FvbDev->AuthenticationStatus = AuthenticationStatus;
+ }
//
// Init the block caching fields of the device
@@ -587,7 +618,7 @@ FwVolBlockDriverInit (
//
// Produce an FVB protocol for it
//
- ProduceFVBProtocolOnBuffer (FvHob.FirmwareVolume->BaseAddress, FvHob.FirmwareVolume->Length, NULL, NULL);
+ ProduceFVBProtocolOnBuffer (FvHob.FirmwareVolume->BaseAddress, FvHob.FirmwareVolume->Length, NULL, 0, NULL);
FvHob.Raw = GET_NEXT_HOB (FvHob);
}
@@ -629,6 +660,7 @@ CoreProcessFirmwareVolume (
(EFI_PHYSICAL_ADDRESS) (UINTN) FvHeader,
(UINT64)Size,
NULL,
+ 0,
FVProtocolHandle
);
//
diff --git a/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.h b/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.h
index d269ccfbe6..7ad4e35ecb 100644
--- a/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.h
+++ b/MdeModulePkg/Core/Dxe/FwVolBlock/FwVolBlock.h
@@ -2,7 +2,7 @@
Firmware Volume Block protocol functions.
Consumes FV hobs and creates appropriate block protocols.
-Copyright (c) 2006 - 2008, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -47,6 +47,7 @@ typedef struct {
LBA_CACHE *LbaCache;
UINT32 FvbAttributes;
EFI_PHYSICAL_ADDRESS BaseAddress;
+ UINT32 AuthenticationStatus;
} EFI_FW_VOL_BLOCK_DEVICE;