From 303915fc30865823ef102d7d507103c0c2a56137 Mon Sep 17 00:00:00 2001 From: Jiewen Yao Date: Wed, 1 Nov 2017 14:40:15 +0800 Subject: Add trusted console and trusted storage. Cc: Michael A Kubacki Cc: Amy Chan Cc: Chasel Chiu Cc: Rangasai V Chaganty Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao Reviewed-by: Amy Chan --- .../DxePlatformBootManagerLib/BdsPlatform.c | 800 ++++++++++++--------- .../DxePlatformBootManagerLib/BdsPlatform.h | 3 - .../DxePlatformBootManagerLib.inf | 8 +- .../DxePlatformBootManagerLib/PlatformData.c | 96 --- Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec | 36 +- 5 files changed, 506 insertions(+), 437 deletions(-) delete mode 100644 Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/PlatformData.c diff --git a/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.c b/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.c index ef0bf0bb89..2e4eff15eb 100644 --- a/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.c +++ b/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.c @@ -26,10 +26,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include -#ifdef _MSC_VER -#pragma optimize("g", off) -#endif - #include #include @@ -40,6 +36,25 @@ GLOBAL_REMOVE_IF_UNREFERENCED EFI_BOOT_MODE gBootMode; BOOLEAN gPPRequireUIConfirm; +GLOBAL_REMOVE_IF_UNREFERENCED USB_CLASS_FORMAT_DEVICE_PATH gUsbClassKeyboardDevicePath = { + { + { + MESSAGING_DEVICE_PATH, + MSG_USB_CLASS_DP, + { + (UINT8) (sizeof (USB_CLASS_DEVICE_PATH)), + (UINT8) ((sizeof (USB_CLASS_DEVICE_PATH)) >> 8) + } + }, + 0xffff, // VendorId + 0xffff, // ProductId + CLASS_HID, // DeviceClass + SUBCLASS_BOOT, // DeviceSubClass + PROTOCOL_KEYBOARD // DeviceProtocol + }, + gEndEntire +}; + // // Internal shell mode // @@ -51,51 +66,49 @@ GLOBAL_REMOVE_IF_UNREFERENCED UINT32 mShellVerticalResolution; // BDS Platform Functions // - -/** - The handle on the path we get might be not the display device. - We must check it. - - @todo fix the parameters - - @retval TRUE PCI class type is VGA. - @retval FALSE PCI class type isn't VGA. -**/ BOOLEAN -IsVgaHandle ( - IN EFI_HANDLE Handle +IsMorBitSet ( + VOID ) { - EFI_PCI_IO_PROTOCOL *PciIo; - PCI_TYPE00 Pci; - EFI_STATUS Status; + UINTN MorControl; + EFI_STATUS Status; + UINTN DataSize; - Status = gBS->HandleProtocol ( - Handle, - &gEfiPciIoProtocolGuid, - (VOID **)&PciIo + // + // Check if the MOR bit is set. + // + DataSize = sizeof (MorControl); + Status = gRT->GetVariable ( + MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, + &gEfiMemoryOverwriteControlDataGuid, + NULL, + &DataSize, + &MorControl ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_INFO, " PlatformBootMangerLib: gEfiMemoryOverwriteControlDataGuid doesn't exist!!***\n")); + MorControl = 0; + } else { + DEBUG ((DEBUG_INFO, " PlatformBootMangerLib: Get the gEfiMemoryOverwriteControlDataGuid = %x!!***\n", MorControl)); + } - if (!EFI_ERROR (Status)) { - Status = PciIo->Pci.Read ( - PciIo, - EfiPciIoWidthUint32, - 0, - sizeof (Pci) / sizeof (UINT32), - &Pci - ); + return (BOOLEAN) (MorControl & 0x01); +} - if (!EFI_ERROR (Status)) { - DEBUG ((DEBUG_INFO, " PCI CLASS CODE = 0x%x\n", Pci.Hdr.ClassCode [2])); - DEBUG ((DEBUG_INFO, " PCI SUBCLASS CODE = 0x%x\n", Pci.Hdr.ClassCode [1])); +VOID +DumpDevicePath ( + IN CHAR16 *Name, + IN EFI_DEVICE_PATH *DevicePath + ) +{ + CHAR16 *Str; - if (IS_PCI_VGA (&Pci) || IS_PCI_OLD_VGA (&Pci)) { - DEBUG ((DEBUG_INFO, " \nPCI VGA Device Found\n")); - return TRUE; - } - } + Str = ConvertDevicePathToText(DevicePath, TRUE, TRUE); + DEBUG ((DEBUG_INFO, "%s: %s\n", Name, Str)); + if (Str != NULL) { + FreePool (Str); } - return FALSE; } /** @@ -187,18 +200,88 @@ ConnectRootBridge ( } +/** + Return whether the device is trusted console. + + @param Device The device to be tested. + + @retval TRUE The device can be trusted. + @retval FALSE The device cannot be trusted. +**/ BOOLEAN -IsGopDevicePath ( - EFI_DEVICE_PATH_PROTOCOL *DevicePath +IsTrustedConsole ( + IN CONSOLE_TYPE ConsoleType, + IN EFI_DEVICE_PATH_PROTOCOL *Device ) { - while (!IsDevicePathEndType (DevicePath)) { - if (DevicePathType (DevicePath) == ACPI_DEVICE_PATH && - DevicePathSubType (DevicePath) == ACPI_ADR_DP) { + VOID *TrustedConsoleDevicepath; + EFI_DEVICE_PATH_PROTOCOL *TempDevicePath; + EFI_DEVICE_PATH_PROTOCOL *Instance; + UINTN Size; + EFI_DEVICE_PATH_PROTOCOL *ConsoleDevice; + + if (Device == NULL) { + return FALSE; + } + + ConsoleDevice = DuplicateDevicePath(Device); + + switch (ConsoleType) { + case ConIn: + TrustedConsoleDevicepath = PcdGetPtr (PcdTrustedConsoleInputDevicePath); + break; + case ConOut: + // + // Check GOP and remove last node + // + TempDevicePath = ConsoleDevice; + while (!IsDevicePathEndType (TempDevicePath)) { + if (DevicePathType (TempDevicePath) == ACPI_DEVICE_PATH && + DevicePathSubType (TempDevicePath) == ACPI_ADR_DP) { + SetDevicePathEndNode (TempDevicePath); + break; + } + TempDevicePath = NextDevicePathNode (TempDevicePath); + } + + TrustedConsoleDevicepath = PcdGetPtr (PcdTrustedConsoleOutputDevicePath); + break; + default: + ASSERT(FALSE); + break; + } + + TempDevicePath = TrustedConsoleDevicepath; + do { + Instance = GetNextDevicePathInstance (&TempDevicePath, &Size); + if (Instance == NULL) { + break; + } + + if (CompareMem (ConsoleDevice, Instance, Size - END_DEVICE_PATH_LENGTH) == 0) { + FreePool (Instance); + FreePool (ConsoleDevice); return TRUE; } - DevicePath = NextDevicePathNode (DevicePath); + + FreePool (Instance); + } while (TempDevicePath != NULL); + + FreePool (ConsoleDevice); + + return FALSE; +} + +BOOLEAN +IsUsbShortForm ( + IN EFI_DEVICE_PATH_PROTOCOL *DevicePath + ) +{ + if ((DevicePathType (DevicePath) == MESSAGING_DEVICE_PATH) && + ((DevicePathSubType (DevicePath) == MSG_USB_CLASS_DP) || (DevicePathSubType (DevicePath) == MSG_USB_WWID_DP)) ) { + return TRUE; } + return FALSE; } @@ -231,9 +314,7 @@ ConnectUsbShortFormDevicePath ( return EFI_INVALID_PARAMETER; } - if ((DevicePathType (DevicePath) != MESSAGING_DEVICE_PATH) || - ((DevicePathSubType (DevicePath) != MSG_USB_CLASS_DP) && (DevicePathSubType (DevicePath) != MSG_USB_WWID_DP)) - ) { + if (!IsUsbShortForm (DevicePath)) { return EFI_INVALID_PARAMETER; } @@ -278,7 +359,6 @@ ConnectUsbShortFormDevicePath ( return AtLeastOneConnected ? EFI_SUCCESS : EFI_NOT_FOUND; } - /** Update the ConIn variable with USB Keyboard device path,if its not already exists in ConIn **/ @@ -287,94 +367,295 @@ EnumUsbKeyboard ( VOID ) { - UINTN DevicePathSize; - EFI_DEVICE_PATH_PROTOCOL *VarConIn; - EFI_DEVICE_PATH_PROTOCOL *DevicePathInstance; - EFI_DEVICE_PATH_PROTOCOL *Next; - BOOLEAN UsbKeyboard; - - UsbKeyboard = FALSE; - GetEfiGlobalVariable2 (L"ConIn", (VOID **) &VarConIn, NULL); - + DEBUG ((DEBUG_INFO, "[EnumUsbKeyboard]\n")); + EfiBootManagerUpdateConsoleVariable (ConIn, (EFI_DEVICE_PATH_PROTOCOL *) &gUsbClassKeyboardDevicePath, NULL); + // - // If ConIn variable is empty, need to enumerate USB keyboard device path + // Append Usb Keyboard short form DevicePath into "ConInDev" // - do { - DevicePathInstance = GetNextDevicePathInstance ( - &VarConIn, - &DevicePathSize - ); - - if (DevicePathInstance == NULL) { - // - // The instance is NULL, it means the VarConIn is null, escape the DO loop, - // and need to add USB keyboard dev path. - // - break; - } + EfiBootManagerUpdateConsoleVariable (ConInDev, (EFI_DEVICE_PATH_PROTOCOL *) &gUsbClassKeyboardDevicePath, NULL); +} - Next = DevicePathInstance; - while (!IsDevicePathEndType(Next)) { - // - // Checking the device path to see the USB keyboard existance. - // - if ((Next->Type == MESSAGING_DEVICE_PATH) && - (Next->SubType == MSG_USB_CLASS_DP) && - (((USB_CLASS_DEVICE_PATH *) Next)->DeviceClass == CLASS_HID) && - (((USB_CLASS_DEVICE_PATH *) Next)->DeviceSubClass == SUBCLASS_BOOT) && - (((USB_CLASS_DEVICE_PATH *) Next)->DeviceProtocol == PROTOCOL_KEYBOARD)) { - DEBUG ((DEBUG_INFO, "[EnumUsbKeyboard] USB keyboard path exists\n")); - UsbKeyboard = TRUE; +BOOLEAN +IsVgaHandle ( + IN EFI_HANDLE Handle + ) +{ + EFI_PCI_IO_PROTOCOL *PciIo; + PCI_TYPE00 Pci; + EFI_STATUS Status; - break; + Status = gBS->HandleProtocol ( + Handle, + &gEfiPciIoProtocolGuid, + (VOID **)&PciIo + ); + if (!EFI_ERROR (Status)) { + Status = PciIo->Pci.Read ( + PciIo, + EfiPciIoWidthUint32, + 0, + sizeof (Pci) / sizeof (UINT32), + &Pci + ); + if (!EFI_ERROR (Status)) { + if (IS_PCI_VGA (&Pci) || IS_PCI_OLD_VGA (&Pci)) { + return TRUE; } - Next = NextDevicePathNode (Next); - } // while (!IsDevicePathEndType(Next)); - - if (DevicePathInstance != NULL) { - FreePool (DevicePathInstance); } - } while (VarConIn != NULL); + } + return FALSE; +} - // - // USB keyboard device path does not exist, So add it to the ConIn - // - if (!UsbKeyboard) { - DEBUG ((DEBUG_INFO, "[EnumUsbKeyboard] Adding USB keyboard device path to ConIn.\n")); - EfiBootManagerUpdateConsoleVariable (ConIn, (EFI_DEVICE_PATH_PROTOCOL *) &gUsbClassKeyboardDevicePath, NULL); +EFI_HANDLE +IsVideoController ( + IN EFI_DEVICE_PATH_PROTOCOL *DevicePath + ) +{ + EFI_DEVICE_PATH_PROTOCOL *DupDevicePath; + EFI_DEVICE_PATH_PROTOCOL *TempDevicePath; + EFI_STATUS Status; + EFI_HANDLE DeviceHandle; + + DupDevicePath = DuplicateDevicePath (DevicePath); + ASSERT (DupDevicePath != NULL); + if (DupDevicePath == NULL) { + return NULL; + } + + TempDevicePath = DupDevicePath; + Status = gBS->LocateDevicePath ( + &gEfiDevicePathProtocolGuid, + &TempDevicePath, + &DeviceHandle + ); + FreePool (DupDevicePath); + if (EFI_ERROR (Status)) { + return NULL; } - if (VarConIn != NULL) { - FreePool (VarConIn); + if (IsVgaHandle (DeviceHandle)) { + return DeviceHandle; + } else { + return NULL; } } +BOOLEAN +IsGopDevicePath ( + IN EFI_DEVICE_PATH_PROTOCOL *DevicePath + ) +{ + while (!IsDevicePathEndType (DevicePath)) { + if (DevicePathType (DevicePath) == ACPI_DEVICE_PATH && + DevicePathSubType (DevicePath) == ACPI_ADR_DP) { + return TRUE; + } + DevicePath = NextDevicePathNode (DevicePath); + } + return FALSE; +} + /** - Return whether the device is trusted console. + Remove all GOP device path instance from DevicePath and add the Gop to the DevicePath. +**/ +EFI_DEVICE_PATH_PROTOCOL * +UpdateGopDevicePath ( + EFI_DEVICE_PATH_PROTOCOL *DevicePath, + EFI_DEVICE_PATH_PROTOCOL *Gop + ) +{ + UINTN Size; + UINTN GopSize; + EFI_DEVICE_PATH_PROTOCOL *Temp; + EFI_DEVICE_PATH_PROTOCOL *Return; + EFI_DEVICE_PATH_PROTOCOL *Instance; + BOOLEAN Exist; - @param Device The device to be tested. + Exist = FALSE; + Return = NULL; + GopSize = GetDevicePathSize (Gop); + do { + Instance = GetNextDevicePathInstance (&DevicePath, &Size); + if (Instance == NULL) { + break; + } + if (!IsGopDevicePath (Instance) || + (Size == GopSize && CompareMem (Instance, Gop, GopSize) == 0) + ) { + if (Size == GopSize && CompareMem (Instance, Gop, GopSize) == 0) { + Exist = TRUE; + } + Temp = Return; + Return = AppendDevicePathInstance (Return, Instance); + if (Temp != NULL) { + FreePool (Temp); + } + } + FreePool (Instance); + } while (DevicePath != NULL); - @retval TRUE The device can be trusted. - @retval FALSE The device cannot be trusted. + if (!Exist) { + Temp = Return; + Return = AppendDevicePathInstance (Return, Gop); + if (Temp != NULL) { + FreePool (Temp); + } + } + return Return; +} + +/** + Get Graphics Controller Handle. + + @retval GraphicsController Successfully located + @retval NULL Failed to locate **/ -BOOLEAN -IsTrustedConsole ( - EFI_DEVICE_PATH_PROTOCOL *Device +EFI_HANDLE +EFIAPI +GetGraphicsController ( + IN BOOLEAN NeedTrustedConsole ) { + EFI_STATUS Status; + UINTN Index; + EFI_HANDLE *PciHandles; + UINTN PciHandlesSize; + EFI_DEVICE_PATH_PROTOCOL *DevicePath; + VOID *TrustedConsoleDevicepath; - if(Device == NULL) { - return FALSE; + TrustedConsoleDevicepath = PcdGetPtr (PcdTrustedConsoleOutputDevicePath); + + Status = gBS->LocateHandleBuffer ( + ByProtocol, + &gEfiPciIoProtocolGuid, + NULL, + &PciHandlesSize, + &PciHandles + ); + if (EFI_ERROR (Status)) { + return NULL; } - if (CompareMem (Device, &gPlatformIGDDevice, GetDevicePathSize ((EFI_DEVICE_PATH_PROTOCOL *) &gPlatformIGDDevice) - END_DEVICE_PATH_LENGTH) == 0) { - return TRUE; + for (Index = 0; Index < PciHandlesSize; Index++) { + Status = gBS->HandleProtocol ( + PciHandles[Index], + &gEfiDevicePathProtocolGuid, + (VOID **) &DevicePath + ); + if (EFI_ERROR(Status)) { + continue; + } + if (!IsVgaHandle (PciHandles[Index])) { + continue; + } + if ((NeedTrustedConsole && IsTrustedConsole (ConOut, DevicePath)) || + ((!NeedTrustedConsole) && (!IsTrustedConsole (ConOut, DevicePath)))) { + return PciHandles[Index]; + } } - if (CompareMem (Device, &gUsbClassKeyboardDevicePath, GetDevicePathSize ((EFI_DEVICE_PATH_PROTOCOL *) &gUsbClassKeyboardDevicePath) - END_DEVICE_PATH_LENGTH) == 0) { - return TRUE; + return NULL; +} + +VOID +UpdateGraphicConOut ( + IN BOOLEAN NeedTrustedConsole + ) +{ + EFI_HANDLE GraphicsControllerHandle; + EFI_DEVICE_PATH_PROTOCOL *GopDevicePath; + EFI_DEVICE_PATH_PROTOCOL *ConOutDevicePath; + EFI_DEVICE_PATH_PROTOCOL *UpdatedConOutDevicePath; + + // + // Update ConOut variable + // + GraphicsControllerHandle = GetGraphicsController (NeedTrustedConsole); + if (GraphicsControllerHandle != NULL) { + // + // Connect the GOP driver + // + gBS->ConnectController (GraphicsControllerHandle, NULL, NULL, TRUE); + + // + // Get the GOP device path + // NOTE: We may get a device path that contains Controller node in it. + // + GopDevicePath = EfiBootManagerGetGopDevicePath (GraphicsControllerHandle); + if (GopDevicePath != NULL) { + GetEfiGlobalVariable2 (L"ConOut", &ConOutDevicePath, NULL); + UpdatedConOutDevicePath = UpdateGopDevicePath (ConOutDevicePath, GopDevicePath); + if (ConOutDevicePath != NULL) { + FreePool (ConOutDevicePath); + } + FreePool (GopDevicePath); + gRT->SetVariable ( + L"ConOut", + &gEfiGlobalVariableGuid, + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS, + GetDevicePathSize (UpdatedConOutDevicePath), + UpdatedConOutDevicePath + ); + } } - return FALSE; +} + +VOID +AddConsoleVariable ( + IN CONSOLE_TYPE ConsoleType, + IN EFI_DEVICE_PATH *ConsoleDevicePath + ) +{ + EFI_DEVICE_PATH *TempDevicePath; + EFI_DEVICE_PATH *Instance; + UINTN Size; + EFI_HANDLE GraphicsControllerHandle; + EFI_DEVICE_PATH *GopDevicePath; + + TempDevicePath = ConsoleDevicePath; + do { + Instance = GetNextDevicePathInstance (&TempDevicePath, &Size); + if (Instance == NULL) { + break; + } + + switch (ConsoleType) { + case ConIn: + if (IsUsbShortForm (Instance)) { + // + // Append Usb Keyboard short form DevicePath into "ConInDev" + // + EfiBootManagerUpdateConsoleVariable (ConInDev, Instance, NULL); + } + EfiBootManagerUpdateConsoleVariable (ConsoleType, Instance, NULL); + break; + case ConOut: + GraphicsControllerHandle = IsVideoController (Instance); + if (GraphicsControllerHandle == NULL) { + EfiBootManagerUpdateConsoleVariable (ConsoleType, Instance, NULL); + } else { + // + // Connect the GOP driver + // + gBS->ConnectController (GraphicsControllerHandle, NULL, NULL, TRUE); + // + // Get the GOP device path + // NOTE: We may get a device path that contains Controller node in it. + // + GopDevicePath = EfiBootManagerGetGopDevicePath (GraphicsControllerHandle); + if (GopDevicePath != NULL) { + EfiBootManagerUpdateConsoleVariable (ConsoleType, GopDevicePath, NULL); + } + } + break; + default: + ASSERT(FALSE); + break; + } + + FreePool (Instance); + } while (TempDevicePath != NULL); } /** @@ -394,8 +675,15 @@ ConnectTrustedConsole ( EFI_HANDLE Handle; EFI_STATUS Status; CHAR16 *ConsoleVar[] = {L"ConIn", L"ConOut"}; + VOID *TrustedConsoleDevicepath; + + TrustedConsoleDevicepath = PcdGetPtr (PcdTrustedConsoleInputDevicePath); + DumpDevicePath (L"TrustedConsoleIn", TrustedConsoleDevicepath); + TrustedConsoleDevicepath = PcdGetPtr (PcdTrustedConsoleOutputDevicePath); + DumpDevicePath (L"TrustedConsoleOut", TrustedConsoleDevicepath); for (Index = 0; Index < sizeof (ConsoleVar) / sizeof (ConsoleVar[0]); Index++) { + GetEfiGlobalVariable2 (ConsoleVar[Index], &Consoles, NULL); TempDevicePath = Consoles; @@ -404,10 +692,8 @@ ConnectTrustedConsole ( if (Instance == NULL) { break; } - if (IsTrustedConsole (Instance)) { - if ((DevicePathType (Instance) == MESSAGING_DEVICE_PATH) && - ((DevicePathSubType (Instance) == MSG_USB_CLASS_DP) || (DevicePathSubType (Instance) == MSG_USB_WWID_DP)) - ) { + if (IsTrustedConsole (Index, Instance)) { + if (IsUsbShortForm (Instance)) { ConnectUsbShortFormDevicePath (Instance); } else { for (Next = Instance; !IsDevicePathEnd (Next); Next = NextDevicePathNode (Next)) { @@ -441,6 +727,49 @@ ConnectTrustedConsole ( } } +/** + The function connects the trusted Storages. +**/ +VOID +ConnectTrustedStorage ( + VOID + ) +{ + VOID *TrustedStorageDevicepath; + EFI_DEVICE_PATH_PROTOCOL *TempDevicePath; + EFI_DEVICE_PATH_PROTOCOL *Instance; + UINTN Size; + EFI_DEVICE_PATH_PROTOCOL *TempStorageDevicePath; + EFI_STATUS Status; + EFI_HANDLE DeviceHandle; + + TrustedStorageDevicepath = PcdGetPtr (PcdTrustedStorageDevicePath); + DumpDevicePath (L"TrustedStorage", TrustedStorageDevicepath); + + TempDevicePath = TrustedStorageDevicepath; + do { + Instance = GetNextDevicePathInstance (&TempDevicePath, &Size); + if (Instance == NULL) { + break; + } + + EfiBootManagerConnectDevicePath (Instance, NULL); + + TempStorageDevicePath = Instance; + + Status = gBS->LocateDevicePath ( + &gEfiDevicePathProtocolGuid, + &TempStorageDevicePath, + &DeviceHandle + ); + if (!EFI_ERROR (Status)) { + gBS->ConnectController (DeviceHandle, NULL, NULL, FALSE); + } + + FreePool (Instance); + } while (TempDevicePath != NULL); +} + /** The function connects the trusted consoles and then call the PP processing library interface. **/ @@ -459,58 +788,19 @@ ProcessTcgPp ( } /** - Remove all GOP device path instance from DevicePath and add the Gop to the DevicePath. + The function connects the trusted storage to perform TPerReset. **/ -EFI_DEVICE_PATH_PROTOCOL * -UpdateDevicePath ( - EFI_DEVICE_PATH_PROTOCOL *DevicePath, - EFI_DEVICE_PATH_PROTOCOL *Gop +VOID +ProcessTcgMor ( + VOID ) { - UINTN Size; - UINTN GopSize; - EFI_DEVICE_PATH_PROTOCOL *Temp; - EFI_DEVICE_PATH_PROTOCOL *Return; - EFI_DEVICE_PATH_PROTOCOL *Instance; - BOOLEAN Exist; - - Exist = FALSE; - Return = NULL; - GopSize = GetDevicePathSize (Gop); - do { - Instance = GetNextDevicePathInstance (&DevicePath, &Size); - if (Instance == NULL) { - break; - } - if (!IsGopDevicePath (Instance) || - (Size == GopSize && CompareMem (Instance, Gop, GopSize) == 0) - ) { - if (Size == GopSize && CompareMem (Instance, Gop, GopSize) == 0) { - Exist = TRUE; - } - Temp = Return; - Return = AppendDevicePathInstance (Return, Instance); - if (Temp != NULL) { - FreePool (Temp); - } - } - FreePool (Instance); - } while (DevicePath != NULL); - - if (!Exist) { - Temp = Return; - Return = AppendDevicePathInstance (Return, Gop); - if (Temp != NULL) { - FreePool (Temp); - } + if (IsMorBitSet ()) { + ConnectTrustedConsole(); + ConnectTrustedStorage(); } - return Return; } -#ifdef _MSC_VER -#pragma optimize("g", off) -#endif - /** Check if current BootCurrent variable is internal shell boot option. @@ -787,69 +1077,9 @@ OnReadyToBootCallBack ( if (BootCurrentIsInternalShell ()) { ChangeModeForInternalShell (); - EfiBootManagerConnectAllDefaultConsoles(); - gDS->Dispatch (); - } -} - -/** - Get Graphics Controller Handle. - - @retval GraphicsController Successfully located - @retval NULL Failed to locate -**/ -EFI_HANDLE -EFIAPI -GetGraphicsController ( - VOID - ) -{ - EFI_STATUS Status; - UINTN Index; - EFI_HANDLE *PciHandles; - UINTN PciHandlesSize; - EFI_PCI_IO_PROTOCOL *PciIo; - EFI_HANDLE GraphicsController; - UINTN GraphicsPciSeg; - UINTN GraphicsPciBus; - UINTN GraphicsPciDev; - UINTN GraphicsPciFun; - - GraphicsController = NULL; - - Status = gBS->LocateHandleBuffer ( - ByProtocol, - &gEfiPciIoProtocolGuid, - NULL, - &PciHandlesSize, - &PciHandles - ); - if (!RETURN_ERROR (Status)) { - for (Index = 0; Index < PciHandlesSize; Index++) { - gBS->HandleProtocol ( - PciHandles[Index], - &gEfiPciIoProtocolGuid, - (VOID **) &PciIo - ); - Status = PciIo->GetLocation ( - PciIo, - &GraphicsPciSeg, - &GraphicsPciBus, - &GraphicsPciDev, - &GraphicsPciFun - ); - if (!RETURN_ERROR (Status) && - (UINT16) GraphicsPciSeg == PcdGet16 (PcdGraphicsPciSeg) && - (UINT8) GraphicsPciBus == PcdGet8 (PcdGraphicsPciBus) && - (UINT8) GraphicsPciDev == PcdGet8 (PcdGraphicsPciDev) && - (UINT8) GraphicsPciFun == PcdGet8 (PcdGraphicsPciFun)) { - GraphicsController = PciHandles[Index]; - Index = PciHandlesSize; - } - } + EfiBootManagerConnectAllDefaultConsoles(); + gDS->Dispatch (); } - - return GraphicsController; } /** @@ -863,29 +1093,13 @@ PlatformBootManagerBeforeConsole ( ) { EFI_STATUS Status; - UINTN Index; EFI_DEVICE_PATH_PROTOCOL *VarConOut; EFI_DEVICE_PATH_PROTOCOL *VarConIn; - EFI_DEVICE_PATH_PROTOCOL *GopDevicePath; - EFI_DEVICE_PATH_PROTOCOL *ConOutDevicePath; - EFI_DEVICE_PATH_PROTOCOL *UpdatedConOutDevicePath; - EFI_DEVICE_PATH_PROTOCOL *Instance; - EFI_DEVICE_PATH_PROTOCOL *Next; - EFI_HANDLE GraphicsControllerHandle; EFI_EVENT Event; - UINTN InstanceSize; DEBUG ((EFI_D_INFO, "PlatformBootManagerBeforeConsole\n")); Status = EFI_SUCCESS; - // - // Append Usb Keyboard short form DevicePath into "ConInDev" - // - EfiBootManagerUpdateConsoleVariable ( - ConInDev, - (EFI_DEVICE_PATH_PROTOCOL *) &gUsbClassKeyboardDevicePath, - NULL - ); // // Get user defined text mode for internal shell only once. @@ -924,59 +1138,24 @@ PlatformBootManagerBeforeConsole ( GetEfiGlobalVariable2 (L"ConOut", &VarConOut, NULL); if (VarConOut != NULL) { FreePool (VarConOut); } GetEfiGlobalVariable2 (L"ConIn", &VarConIn, NULL); if (VarConIn != NULL) { FreePool (VarConIn); } + // + // Only fill ConIn/ConOut when ConIn/ConOut is empty because we may drop to Full Configuration boot mode in non-first boot + // if (VarConOut == NULL || VarConIn == NULL) { - // - // Only fill ConIn/ConOut when ConIn/ConOut is empty because we may drop to Full Configuration boot mode in non-first boot - // - // - // Update ConOutDevicePath (just in case it is wrong at build phase) - // To be enabled later. - // -// PlatformPatchConOutDevicePath (); - - for (Index = 0; gPlatformConsole[Index].DevicePath != NULL; Index++) { - // - // Update the console variable with the connect type - // - if ((gPlatformConsole[Index].ConnectType & CONSOLE_IN) == CONSOLE_IN) { - EfiBootManagerUpdateConsoleVariable (ConIn, gPlatformConsole[Index].DevicePath, NULL); - } - if ((gPlatformConsole[Index].ConnectType & CONSOLE_OUT) == CONSOLE_OUT) { - EfiBootManagerUpdateConsoleVariable (ConOut, gPlatformConsole[Index].DevicePath, NULL); - } - if ((gPlatformConsole[Index].ConnectType & STD_ERROR) == STD_ERROR) { - EfiBootManagerUpdateConsoleVariable (ErrOut, gPlatformConsole[Index].DevicePath, NULL); - } + if (PcdGetSize (PcdTrustedConsoleOutputDevicePath) >= sizeof(EFI_DEVICE_PATH_PROTOCOL)) { + AddConsoleVariable (ConOut, PcdGetPtr (PcdTrustedConsoleOutputDevicePath)); } - } - else { - if (gBootMode == BOOT_WITH_DEFAULT_SETTINGS) { - - GetEfiGlobalVariable2 (L"ConIn", &VarConIn, NULL); - Instance = GetNextDevicePathInstance (&VarConIn, &InstanceSize); - InstanceSize -= END_DEVICE_PATH_LENGTH; - - while (Instance != NULL) { - Next = Instance; - while (!IsDevicePathEndType (Next)) { - Next = NextDevicePathNode (Next); - if (DevicePathType (Next) == MESSAGING_DEVICE_PATH && DevicePathSubType (Next) == MSG_VENDOR_DP) { - // - // Restoring default serial device path - // - EfiBootManagerUpdateConsoleVariable (ConIn, NULL, Instance); - EfiBootManagerUpdateConsoleVariable (ConOut, NULL, Instance); - } - } - FreePool(Instance); - Instance = GetNextDevicePathInstance (&VarConIn, &InstanceSize); - InstanceSize -= END_DEVICE_PATH_LENGTH; - } + if (PcdGetSize (PcdTrustedConsoleInputDevicePath) >= sizeof(EFI_DEVICE_PATH_PROTOCOL)) { + AddConsoleVariable (ConIn, PcdGetPtr (PcdTrustedConsoleInputDevicePath)); } } } EnumUsbKeyboard (); + // + // For trusted console it must be handled here. + // + UpdateGraphicConOut (TRUE); // // Dynamically register hot key: F2/F7/Enter @@ -984,14 +1163,10 @@ PlatformBootManagerBeforeConsole ( RegisterDefaultBootOption (); RegisterStaticHotkey (); - // - // Connect Root Bridge to make PCI BAR resource allocated. - // Then exit PM auth before Legacy OPROM run. - // PERF_START_EX(NULL,"EventRec", NULL, AsmReadTsc(), 0x7010); - ConnectRootBridge (FALSE); if (PcdGetBool (PcdTpm2Enable)) { ProcessTcgPp (); + ProcessTcgMor (); } PERF_END_EX(NULL,"EventRec", NULL, AsmReadTsc(), 0x7011); @@ -1011,36 +1186,9 @@ PlatformBootManagerBeforeConsole ( EfiBootManagerDispatchDeferredImages (); // - // Update ConOut variable + // For non-trusted console it must be handled here. // - GraphicsControllerHandle = GetGraphicsController (); - if (GraphicsControllerHandle != NULL) { - // - // Connect the GOP driver - // - gBS->ConnectController (GraphicsControllerHandle, NULL, NULL, TRUE); - - // - // Get the GOP device path - // NOTE: We may get a device path that contains Controller node in it. - // - GopDevicePath = EfiBootManagerGetGopDevicePath (GraphicsControllerHandle); - if (GopDevicePath != NULL) { - GetEfiGlobalVariable2 (L"ConOut", &ConOutDevicePath, NULL); - UpdatedConOutDevicePath = UpdateDevicePath (ConOutDevicePath, GopDevicePath); - if (ConOutDevicePath != NULL) { - FreePool (ConOutDevicePath); - } - FreePool (GopDevicePath); - Status = gRT->SetVariable ( - L"ConOut", - &gEfiGlobalVariableGuid, - EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS, - GetDevicePathSize (UpdatedConOutDevicePath), - UpdatedConOutDevicePath - ); - } - } + UpdateGraphicConOut (FALSE); } @@ -1160,11 +1308,7 @@ PlatformBootManagerAfterConsole ( Print (L"Press F7 for BootMenu!\n"); - EfiBootManagerRefreshAllBootOption (); - EfiBootManagerSortLoadOptionVariable (LoadOptionTypeBoot, CompareBootOption); - - - - + EfiBootManagerRefreshAllBootOption (); + EfiBootManagerSortLoadOptionVariable (LoadOptionTypeBoot, CompareBootOption); } diff --git a/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.h b/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.h index 128e828cba..779ba9a98d 100644 --- a/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.h +++ b/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.h @@ -142,10 +142,7 @@ typedef struct { EFI_DEVICE_PATH_PROTOCOL End; } USB_CLASS_FORMAT_DEVICE_PATH; -extern BDS_CONSOLE_CONNECT_ENTRY gPlatformConsole[]; -extern PLATFORM_ONBOARD_CONTROLLER_DEVICE_PATH gPlatformIGDDevice; extern USB_CLASS_FORMAT_DEVICE_PATH gUsbClassKeyboardDevicePath; -extern USB_CLASS_FORMAT_DEVICE_PATH gUsbClassMassStorageDevice; // // Platform BDS Functions diff --git a/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/DxePlatformBootManagerLib.inf b/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/DxePlatformBootManagerLib.inf index fb4435203e..f9d5d21e68 100644 --- a/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/DxePlatformBootManagerLib.inf +++ b/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/DxePlatformBootManagerLib.inf @@ -67,14 +67,12 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdConInConnectOnDemand ## PRODUCES gMinPlatformModuleTokenSpaceGuid.PcdPlatformMemoryCheckLevel ## CONSUMES gMinPlatformModuleTokenSpaceGuid.PcdBootToShellOnly ## CONSUMES - gMinPlatformModuleTokenSpaceGuid.PcdGraphicsPciSeg ## CONSUMES - gMinPlatformModuleTokenSpaceGuid.PcdGraphicsPciBus ## CONSUMES - gMinPlatformModuleTokenSpaceGuid.PcdGraphicsPciDev ## CONSUMES - gMinPlatformModuleTokenSpaceGuid.PcdGraphicsPciFun ## CONSUMES + gMinPlatformModuleTokenSpaceGuid.PcdTrustedConsoleInputDevicePath ## CONSUMES + gMinPlatformModuleTokenSpaceGuid.PcdTrustedConsoleOutputDevicePath ## CONSUMES + gMinPlatformModuleTokenSpaceGuid.PcdTrustedStorageDevicePath ## CONSUMES [Sources] BdsPlatform.c - PlatformData.c BdsPlatform.h PlatformBootOption.c MemoryTest.c diff --git a/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/PlatformData.c b/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/PlatformData.c deleted file mode 100644 index 47499a0a21..0000000000 --- a/Platform/Intel/MinPlatformPkg/Bds/Library/DxePlatformBootManagerLib/PlatformData.c +++ /dev/null @@ -1,96 +0,0 @@ -/** @file - Defined the platform specific device path which will be used by - platform Bbd to perform the platform policy connect. - -Copyright (c) 2017, Intel Corporation. All rights reserved.
-This program and the accompanying materials are licensed and made available under -the terms and conditions of the BSD License that accompanies this distribution. -The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php. - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include "BdsPlatform.h" - -// -// Predefined platform root bridge -// -GLOBAL_REMOVE_IF_UNREFERENCED PLATFORM_ROOT_BRIDGE_DEVICE_PATH gPlatformRootBridge0 = { - gPciRootBridge, - gEndEntire -}; - -GLOBAL_REMOVE_IF_UNREFERENCED USB_CLASS_FORMAT_DEVICE_PATH gUsbClassKeyboardDevicePath = { - { - { - MESSAGING_DEVICE_PATH, - MSG_USB_CLASS_DP, - { - (UINT8) (sizeof (USB_CLASS_DEVICE_PATH)), - (UINT8) ((sizeof (USB_CLASS_DEVICE_PATH)) >> 8) - } - }, - 0xffff, // VendorId - 0xffff, // ProductId - CLASS_HID, // DeviceClass - SUBCLASS_BOOT, // DeviceSubClass - PROTOCOL_KEYBOARD // DeviceProtocol - }, - gEndEntire -}; - -// -// Onboard VGA controller device path -// -GLOBAL_REMOVE_IF_UNREFERENCED PLATFORM_ONBOARD_CONTROLLER_DEVICE_PATH gPlatformIGDDevice = { - gPciRootBridge, - { - { - HARDWARE_DEVICE_PATH, - HW_PCI_DP, - { - (UINT8) (sizeof (PCI_DEVICE_PATH)), - (UINT8) ((sizeof (PCI_DEVICE_PATH)) >> 8) - } - }, - 0x0, - 0x2 - }, - gEndEntire -}; - -// -// Predefined platform default console device path -// -GLOBAL_REMOVE_IF_UNREFERENCED BDS_CONSOLE_CONNECT_ENTRY gPlatformConsole[] = { - { - (EFI_DEVICE_PATH_PROTOCOL *) &gUsbClassKeyboardDevicePath, - CONSOLE_IN - }, - { - NULL, - 0 - } -}; - -GLOBAL_REMOVE_IF_UNREFERENCED USB_CLASS_FORMAT_DEVICE_PATH gUsbClassMassStorageDevice = { - { - { - MESSAGING_DEVICE_PATH, - MSG_USB_CLASS_DP, - { - (UINT8) (sizeof (USB_CLASS_DEVICE_PATH)), - (UINT8) ((sizeof (USB_CLASS_DEVICE_PATH)) >> 8) - } - }, - 0xffff, // VendorId - 0xffff, // ProductId - 0x08, // DeviceClass - USB Mass Storage Class - 0x06, // DeviceSubClass - SCSI Transparent Command Set - 0xff // DeviceProtocol - Match any Device Protocol - }, - gEndEntire -}; diff --git a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec index 00650868f4..e5a0512e9c 100644 --- a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec +++ b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec @@ -180,11 +180,6 @@ gMinPlatformModuleTokenSpaceGuid.PcdTestPointIbvPlatformFeature|{0x01, 0x7F, 0x3 [PcdsDynamic] [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] - - gMinPlatformModuleTokenSpaceGuid.PcdGraphicsPciSeg|0x0|UINT16|0x00020000 - gMinPlatformModuleTokenSpaceGuid.PcdGraphicsPciBus|0x0|UINT8|0x00020001 - gMinPlatformModuleTokenSpaceGuid.PcdGraphicsPciDev|0x2|UINT8|0x00020002 - gMinPlatformModuleTokenSpaceGuid.PcdGraphicsPciFun|0x0|UINT8|0x00020003 ## ## Allocate 56 KB [0x2000..0xFFFF] of I/O space for Pci Devices @@ -223,6 +218,37 @@ gMinPlatformModuleTokenSpaceGuid.PcdTestPointIbvPlatformFeature|{0x01, 0x7F, 0x3 gMinPlatformModuleTokenSpaceGuid.PcdPlatformMemoryCheckLevel|0|UINT32|0x30000009 + ## This PCD is to control which device is the potential trusted console input device.

+ # For example:
+ # USB Short Form: UsbHID(0xFFFF,0xFFFF,0x1,0x1)
+ # //Header VendorId ProductId Class SubClass Protocol
+ # {0x03, 0x0F, 0x0B, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x03, 0x01, 0x01,
+ # //Header
+ # 0x7F, 0xFF, 0x04, 0x00}
+ gMinPlatformModuleTokenSpaceGuid.PcdTrustedConsoleInputDevicePath|{0x03, 0x0F, 0x0B, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0x03, 0x01, 0x01, 0x7F, 0xFF, 0x04, 0x00}|VOID*|0x300000A + + ## This PCD is to control which device is the potential trusted console output device.

+ # For example:
+ # Integrated Graphic: PciRoot(0x0)/Pci(0x2,0x0)
+ # //Header HID UID
+ # {0x02, 0x01, 0x0C, 0x00, 0xd0, 0x41, 0x03, 0x0A, 0x00, 0x00, 0x00, 0x00,
+ # //Header Func Dev
+ # 0x01, 0x01, 0x06, 0x00, 0x00, 0x02, + # //Header
+ # 0x7F, 0xFF, 0x04, 0x00}
+ gMinPlatformModuleTokenSpaceGuid.PcdTrustedConsoleOutputDevicePath|{0x02, 0x01, 0x0C, 0x00, 0xd0, 0x41, 0x03, 0x0A, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01, 0x06, 0x00, 0x00, 0x02, 0x7F, 0xFF, 0x04, 0x00}|VOID*|0x300000C + + ## This PCD is to control which device is the potential trusted storage device.

+ # For example:
+ # Integrated SATA: PciRoot(0x0)/Pci(0x17,0x0)
+ # //Header HID UID
+ # {0x02, 0x01, 0x0C, 0x00, 0xd0, 0x41, 0x03, 0x0A, 0x00, 0x00, 0x00, 0x00,
+ # //Header Func Dev
+ # 0x01, 0x01, 0x06, 0x00, 0x00, 0x17, + # //Header
+ # 0x7F, 0xFF, 0x04, 0x00}
+ gMinPlatformModuleTokenSpaceGuid.PcdTrustedStorageDevicePath|{0x02, 0x01, 0x0C, 0x00, 0xd0, 0x41, 0x03, 0x0A, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01, 0x06, 0x00, 0x00, 0x17, 0x7F, 0xFF, 0x04, 0x00}|VOID*|0x3000010 + [PcdsFeatureFlag] # # Stage 1 - enable debug (system deadloop after debug init) -- cgit v1.2.3