Add SecCore module that uses the PlatformSecLib class for platform specific actions. The SecCore module also uses a new PCD to configure the size of the stack used in the SEC phase. If the stack size PCD is set to 0, the stack is configured to use half of the available temporary RAM.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kin...@intel.com> --- UefiCpuPkg/Include/Library/PlatformSecLib.h | 70 +++++ .../PlatformSecLibNull/PlatformSecLibNull.c | 90 +++++++ .../PlatformSecLibNull/PlatformSecLibNull.inf | 37 +++ .../PlatformSecLibNull/PlatformSecLibNull.uni | Bin 0 -> 1646 bytes UefiCpuPkg/SecCore/FindPeiCore.c | 198 ++++++++++++++ UefiCpuPkg/SecCore/Ia32/ResetVec.asm16 | 106 ++++++++ UefiCpuPkg/SecCore/Ia32/ResetVec.nasmb | 103 +++++++ UefiCpuPkg/SecCore/SecCore.inf | 72 +++++ UefiCpuPkg/SecCore/SecCore.uni | Bin 0 -> 2908 bytes UefiCpuPkg/SecCore/SecCoreExtra.uni | Bin 0 -> 1320 bytes UefiCpuPkg/SecCore/SecMain.c | 295 +++++++++++++++++++++ UefiCpuPkg/SecCore/SecMain.h | 109 ++++++++ UefiCpuPkg/UefiCpuPkg.dec | 9 + UefiCpuPkg/UefiCpuPkg.dsc | 8 +- UefiCpuPkg/UefiCpuPkg.uni | Bin 6628 -> 7222 bytes 15 files changed, 1096 insertions(+), 1 deletion(-) create mode 100644 UefiCpuPkg/Include/Library/PlatformSecLib.h create mode 100644 UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.c create mode 100644 UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf create mode 100644 UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.uni create mode 100644 UefiCpuPkg/SecCore/FindPeiCore.c create mode 100644 UefiCpuPkg/SecCore/Ia32/ResetVec.asm16 create mode 100644 UefiCpuPkg/SecCore/Ia32/ResetVec.nasmb create mode 100644 UefiCpuPkg/SecCore/SecCore.inf create mode 100644 UefiCpuPkg/SecCore/SecCore.uni create mode 100644 UefiCpuPkg/SecCore/SecCoreExtra.uni create mode 100644 UefiCpuPkg/SecCore/SecMain.c create mode 100644 UefiCpuPkg/SecCore/SecMain.h diff --git a/UefiCpuPkg/Include/Library/PlatformSecLib.h b/UefiCpuPkg/Include/Library/PlatformSecLib.h new file mode 100644 index 0000000..826e042 --- /dev/null +++ b/UefiCpuPkg/Include/Library/PlatformSecLib.h @@ -0,0 +1,70 @@ +/** @file +This library class defines interface for platform to perform platform +specific initialization in SEC phase. + +Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR> +This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef __PLATFORM_SEC_LIB_H__ +#define __PLATFORM_SEC_LIB_H__ + +/** + A developer supplied function to perform platform specific operations. + + It's a developer supplied function to perform any operations appropriate to a + given platform. It's invoked just before passing control to PEI core by SEC + core. Platform developer may modify the SecCoreData passed to PEI Core. + It returns a platform specific PPI list that platform wishes to pass to PEI core. + The Generic SEC core module will merge this list to join the final list passed to + PEI core. + + @param SecCoreData The same parameter as passing to PEI core. It + could be overridden by this function. + + @return The platform specific PPI list to be passed to PEI core or + NULL if there is no need of such platform specific PPI list. + +**/ +EFI_PEI_PPI_DESCRIPTOR * +EFIAPI +SecPlatformMain ( + IN OUT EFI_SEC_PEI_HAND_OFF *SecCoreData + ); + +/** + This interface conveys state information out of the Security (SEC) phase into PEI. + + @param PeiServices Pointer to the PEI Services Table. + @param StructureSize Pointer to the variable describing size of the input buffer. + @param PlatformInformationRecord Pointer to the EFI_SEC_PLATFORM_INFORMATION_RECORD. + + @retval EFI_SUCCESS The data was successfully returned. + @retval EFI_BUFFER_TOO_SMALL The buffer was too small. + +**/ +EFI_STATUS +EFIAPI +SecPlatformInformation ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN OUT UINT64 *StructureSize, + OUT EFI_SEC_PLATFORM_INFORMATION_RECORD *PlatformInformationRecord + ); + +/** + This interface disables temporary memory in SEC Phase. +**/ +VOID +EFIAPI +SecPlatformDisableTemporaryMemory ( + VOID + ); + +#endif diff --git a/UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.c b/UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.c new file mode 100644 index 0000000..a4f8b37 --- /dev/null +++ b/UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.c @@ -0,0 +1,90 @@ +/** @file +Null instance of Platform Sec Lib. + +Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR> +This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include <PiPei.h> + +#include <Ppi/SecPlatformInformation.h> + +/** + A developer supplied function to perform platform specific operations. + + It's a developer supplied function to perform any operations appropriate to a + given platform. It's invoked just before passing control to PEI core by SEC + core. Platform developer may modify the SecCoreData passed to PEI Core. + It returns a platform specific PPI list that platform wishes to pass to PEI core. + The Generic SEC core module will merge this list to join the final list passed to + PEI core. + + @param SecCoreData The same parameter as passing to PEI core. It + could be overridden by this function. + + @return The platform specific PPI list to be passed to PEI core or + NULL if there is no need of such platform specific PPI list. + +**/ +EFI_PEI_PPI_DESCRIPTOR * +EFIAPI +SecPlatformMain ( + IN OUT EFI_SEC_PEI_HAND_OFF *SecCoreData + ) +{ + return NULL; +} + +/** + This interface conveys state information out of the Security (SEC) phase into PEI. + + @param PeiServices Pointer to the PEI Services Table. + @param StructureSize Pointer to the variable describing size of the input buffer. + @param PlatformInformationRecord Pointer to the EFI_SEC_PLATFORM_INFORMATION_RECORD. + + @retval EFI_SUCCESS The data was successfully returned. + @retval EFI_BUFFER_TOO_SMALL The buffer was too small. + +**/ +EFI_STATUS +EFIAPI +SecPlatformInformation ( + IN CONST EFI_PEI_SERVICES **PeiServices, + IN OUT UINT64 *StructureSize, + OUT EFI_SEC_PLATFORM_INFORMATION_RECORD *PlatformInformationRecord + ) +{ + return EFI_SUCCESS; +} + +/** + This interface disables temporary memory in SEC Phase. +**/ +VOID +EFIAPI +SecPlatformDisableTemporaryMemory ( + VOID + ) +{ +} + +/** + This function provides dummy function so that SecCore can pass build + validation. All real platform library instances need to implement the real + entry point in assembly. +**/ +VOID +EFIAPI +_ModuleEntryPoint ( + VOID + ) +{ + return; +} diff --git a/UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf b/UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf new file mode 100644 index 0000000..9ae6c19 --- /dev/null +++ b/UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf @@ -0,0 +1,37 @@ +## @file +# Library functions for PlatformSecLib. +# +# Null instance of Platform Sec Lib. +# +# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR> +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = PlatformSecLibNull + MODULE_UNI_FILE = PlatformSecLibNull.uni + FILE_GUID = 6695974D-968C-420b-80B9-7870CD20118F + MODULE_TYPE = SEC + VERSION_STRING = 1.0 + LIBRARY_CLASS = PlatformSecLib + +# +# The following information is for reference only and not required by the build tools. +# +# VALID_ARCHITECTURES = IA32 X64 +# + +[Sources] + PlatformSecLibNull.c + +[Packages] + MdePkg/MdePkg.dec + UefiCpuPkg/UefiCpuPkg.dec diff --git a/UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.uni b/UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.uni new file mode 100644 index 0000000000000000000000000000000000000000..1d77a52e845f95050ce15b058ffb50c8b8fc1a5e GIT binary patch literal 1646 zcmb`H-EPxB5QXO&iFa6~H-K6PDsh7lBB2H>Ac+!3g)8JFO=_uWD#x_+<tg9Ub?lG^ zAq29#KeMxE&YT(h?nm3&=6Ij*ID2h#%k9F>?4dots<V$+CRSL+d&_=q-|W(+R$^bV zT6^1yQ)dJ2W}M79DQsyYkfs$vRAV;SJ+Ll#99Tjsxh?E7EGtm%Bf1K6m)Ab@H(*@B zxd44(=b$@#1o~s<V|!}P?71DXPKa3&Q#^F1;Fd;Z5^{_<=~PS`G-Y0JZ_QiSHRH@8 zdud%8+N(X;rf|r;URU_9;G`H!P?YtIxx_=cXRw^&v4n}vZoNJWPL}M&RV*?Xt?M|t zB{mLg?lqL6;?&^l_N<C<&04k2sIDsRd|h>_N^Y2hSWC}(!&1z|H?Q@P5}{t3dtK^u zf>qt4dIl~{<!`(eQ^xz*=J*RySV1qvQg<lp2|Ty!;w-IHQ)h;566^1H?Xvn+nV_b6 zdV;??dsS&5PUV)e>Yb8Wyzt+Ix+-KO|H9`NakrqN?H%>kSSE0v+0o8P1j;#Yqe-($ z?Y+e?8qi67d&k(ZPwW#^b?B-&#hTD-V^*=(dTc%B7`rqH2u&RldOOBr<dOTV)YBSU z%)%9Fi@EFf+8u7OJLO!ceIL=;DPBX*tcN`TRTzCAeaKGSWmC))U->9%@Oq1{qJLrj zz=@daTa2qHA&b~P*EkJ&f))chOEFLQ;x@W%X6OHAZEu(DpzfVZDx^P%wEGH5pZjBw zVs;(!4ksOyO7Z*Mb3i5aEi9;h#;D#=KOBK2maXcK_wWDA)?enJ>W^Tr&KT5+@5|%Q LIsDImbI9W-%3uEv literal 0 HcmV?d00001 diff --git a/UefiCpuPkg/SecCore/FindPeiCore.c b/UefiCpuPkg/SecCore/FindPeiCore.c new file mode 100644 index 0000000..9e13efd --- /dev/null +++ b/UefiCpuPkg/SecCore/FindPeiCore.c @@ -0,0 +1,198 @@ +/** @file + Locate the entry point for the PEI Core + + Copyright (c) 2008 - 2011, Intel Corporation. All rights reserved.<BR> + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include <PiPei.h> +#include <Library/BaseLib.h> +#include <Library/PeCoffGetEntryPointLib.h> + +#include "SecMain.h" + +/** + Find core image base. + + @param BootFirmwareVolumePtr Point to the boot firmware volume. + @param SecCoreImageBase The base address of the SEC core image. + @param PeiCoreImageBase The base address of the PEI core image. + +**/ +EFI_STATUS +EFIAPI +FindImageBase ( + IN EFI_FIRMWARE_VOLUME_HEADER *BootFirmwareVolumePtr, + OUT EFI_PHYSICAL_ADDRESS *SecCoreImageBase, + OUT EFI_PHYSICAL_ADDRESS *PeiCoreImageBase + ) +{ + EFI_PHYSICAL_ADDRESS CurrentAddress; + EFI_PHYSICAL_ADDRESS EndOfFirmwareVolume; + EFI_FFS_FILE_HEADER *File; + UINT32 Size; + EFI_PHYSICAL_ADDRESS EndOfFile; + EFI_COMMON_SECTION_HEADER *Section; + EFI_PHYSICAL_ADDRESS EndOfSection; + + *SecCoreImageBase = 0; + *PeiCoreImageBase = 0; + + CurrentAddress = (EFI_PHYSICAL_ADDRESS)(UINTN) BootFirmwareVolumePtr; + EndOfFirmwareVolume = CurrentAddress + BootFirmwareVolumePtr->FvLength; + + // + // Loop through the FFS files in the Boot Firmware Volume + // + for (EndOfFile = CurrentAddress + BootFirmwareVolumePtr->HeaderLength; ; ) { + + CurrentAddress = (EndOfFile + 7) & 0xfffffffffffffff8ULL; + if (CurrentAddress > EndOfFirmwareVolume) { + return EFI_NOT_FOUND; + } + + File = (EFI_FFS_FILE_HEADER*)(UINTN) CurrentAddress; + if (IS_FFS_FILE2 (File)) { + Size = FFS_FILE2_SIZE (File); + if (Size <= 0x00FFFFFF) { + return EFI_NOT_FOUND; + } + } else { + Size = FFS_FILE_SIZE (File); + if (Size < sizeof (EFI_FFS_FILE_HEADER)) { + return EFI_NOT_FOUND; + } + } + + EndOfFile = CurrentAddress + Size; + if (EndOfFile > EndOfFirmwareVolume) { + return EFI_NOT_FOUND; + } + + // + // Look for SEC Core / PEI Core files + // + if (File->Type != EFI_FV_FILETYPE_SECURITY_CORE && + File->Type != EFI_FV_FILETYPE_PEI_CORE) { + continue; + } + + // + // Loop through the FFS file sections within the FFS file + // + if (IS_FFS_FILE2 (File)) { + EndOfSection = (EFI_PHYSICAL_ADDRESS) (UINTN) ((UINT8 *) File + sizeof (EFI_FFS_FILE_HEADER2)); + } else { + EndOfSection = (EFI_PHYSICAL_ADDRESS) (UINTN) ((UINT8 *) File + sizeof (EFI_FFS_FILE_HEADER)); + } + for (;;) { + CurrentAddress = (EndOfSection + 3) & 0xfffffffffffffffcULL; + Section = (EFI_COMMON_SECTION_HEADER*)(UINTN) CurrentAddress; + + if (IS_SECTION2 (Section)) { + Size = SECTION2_SIZE (Section); + if (Size <= 0x00FFFFFF) { + return EFI_NOT_FOUND; + } + } else { + Size = SECTION_SIZE (Section); + if (Size < sizeof (EFI_COMMON_SECTION_HEADER)) { + return EFI_NOT_FOUND; + } + } + + EndOfSection = CurrentAddress + Size; + if (EndOfSection > EndOfFile) { + return EFI_NOT_FOUND; + } + + // + // Look for executable sections + // + if (Section->Type == EFI_SECTION_PE32 || Section->Type == EFI_SECTION_TE) { + if (File->Type == EFI_FV_FILETYPE_SECURITY_CORE) { + if (IS_SECTION2 (Section)) { + *SecCoreImageBase = (PHYSICAL_ADDRESS) (UINTN) ((UINT8 *) Section + sizeof (EFI_COMMON_SECTION_HEADER2)); + } else { + *SecCoreImageBase = (PHYSICAL_ADDRESS) (UINTN) ((UINT8 *) Section + sizeof (EFI_COMMON_SECTION_HEADER)); + } + } else { + if (IS_SECTION2 (Section)) { + *PeiCoreImageBase = (PHYSICAL_ADDRESS) (UINTN) ((UINT8 *) Section + sizeof (EFI_COMMON_SECTION_HEADER2)); + } else { + *PeiCoreImageBase = (PHYSICAL_ADDRESS) (UINTN) ((UINT8 *) Section + sizeof (EFI_COMMON_SECTION_HEADER)); + } + } + break; + } + } + + // + // Both SEC Core and PEI Core images found + // + if (*SecCoreImageBase != 0 && *PeiCoreImageBase != 0) { + return EFI_SUCCESS; + } + } +} + +/** + Find and return Pei Core entry point. + + It also find SEC and PEI Core file debug information. It will report them if + remote debug is enabled. + + @param BootFirmwareVolumePtr Point to the boot firmware volume. + @param PeiCoreEntryPoint The entry point of the PEI core. + +**/ +VOID +EFIAPI +FindAndReportEntryPoints ( + IN EFI_FIRMWARE_VOLUME_HEADER *BootFirmwareVolumePtr, + OUT EFI_PEI_CORE_ENTRY_POINT *PeiCoreEntryPoint + ) +{ + EFI_STATUS Status; + EFI_PHYSICAL_ADDRESS SecCoreImageBase; + EFI_PHYSICAL_ADDRESS PeiCoreImageBase; + PE_COFF_LOADER_IMAGE_CONTEXT ImageContext; + + // + // Find SEC Core and PEI Core image base + // + Status = FindImageBase (BootFirmwareVolumePtr, &SecCoreImageBase, &PeiCoreImageBase); + ASSERT_EFI_ERROR (Status); + + ZeroMem ((VOID *) &ImageContext, sizeof (PE_COFF_LOADER_IMAGE_CONTEXT)); + // + // Report SEC Core debug information when remote debug is enabled + // + ImageContext.ImageAddress = SecCoreImageBase; + ImageContext.PdbPointer = PeCoffLoaderGetPdbPointer ((VOID*) (UINTN) ImageContext.ImageAddress); + PeCoffLoaderRelocateImageExtraAction (&ImageContext); + + // + // Report PEI Core debug information when remote debug is enabled + // + ImageContext.ImageAddress = PeiCoreImageBase; + ImageContext.PdbPointer = PeCoffLoaderGetPdbPointer ((VOID*) (UINTN) ImageContext.ImageAddress); + PeCoffLoaderRelocateImageExtraAction (&ImageContext); + + // + // Find PEI Core entry point + // + Status = PeCoffLoaderGetEntryPoint ((VOID *) (UINTN) PeiCoreImageBase, (VOID**) PeiCoreEntryPoint); + if (EFI_ERROR (Status)) { + *PeiCoreEntryPoint = 0; + } + + return; +} diff --git a/UefiCpuPkg/SecCore/Ia32/ResetVec.asm16 b/UefiCpuPkg/SecCore/Ia32/ResetVec.asm16 new file mode 100644 index 0000000..f1685c3 --- /dev/null +++ b/UefiCpuPkg/SecCore/Ia32/ResetVec.asm16 @@ -0,0 +1,106 @@ +;------------------------------------------------------------------------------ +; +; Copyright (c) 2014, Intel Corporation. All rights reserved.<BR> +; This program and the accompanying materials +; are licensed and made available under the terms and conditions of the BSD License +; which accompanies this distribution. The full text of the license may be found at +; http://opensource.org/licenses/bsd-license.php. +; +; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +; +; Module Name: +; +; ResetVec.asm +; +; Abstract: +; +; Reset Vector Data structure +; This structure is located at 0xFFFFFFC0 +; +;------------------------------------------------------------------------------ + + .model tiny + .686p + .stack 0h + .code + +; +; The layout of this file is fixed. The build tool makes assumption of the layout. +; + + ORG 0h +; +; Reserved +; +ReservedData DD 0eeeeeeeeh, 0eeeeeeeeh + + ORG 10h +; +; This is located at 0xFFFFFFD0h +; + mov di, "AP" + jmp ApStartup + + ORG 20h +; +; Pointer to the entry point of the PEI core +; It is located at 0xFFFFFFE0, and is fixed up by some build tool +; So if the value 8..1 appears in the final FD image, tool failure occurs. +; +PeiCoreEntryPoint DD 87654321h + +; +; This is the handler for all kinds of exceptions. Since it's for debugging +; purpose only, nothing except a dead loop would be done here. Developers could +; analyze the cause of the exception if a debugger had been attached. +; +InterruptHandler PROC + jmp $ + iret +InterruptHandler ENDP + + ORG 30h +; +; For IA32, the reset vector must be at 0xFFFFFFF0, i.e., 4G-16 byte +; Execution starts here upon power-on/platform-reset. +; +ResetHandler: + nop + nop +ApStartup: + ; + ; Jmp Rel16 instruction + ; Use machine code directly in case of the assembler optimization + ; SEC entry point relative address will be fixed up by some build tool. + ; + ; Typically, SEC entry point is the function _ModuleEntryPoint() defined in + ; SecEntry.asm + ; + DB 0e9h + DW -3 + + + ORG 38h +; +; Ap reset vector segment address is at 0xFFFFFFF8 +; This will be fixed up by some build tool, +; so if the value 1..8 appears in the final FD image, +; tool failure occurs +; +ApSegAddress dd 12345678h + + ORG 3ch +; +; BFV Base is at 0xFFFFFFFC +; This will be fixed up by some build tool, +; so if the value 1..8 appears in the final FD image, +; tool failure occurs. +; +BfvBase DD 12345678h + +; +; Nothing can go here, otherwise the layout of this file would change. +; + + END diff --git a/UefiCpuPkg/SecCore/Ia32/ResetVec.nasmb b/UefiCpuPkg/SecCore/Ia32/ResetVec.nasmb new file mode 100644 index 0000000..c1297ec --- /dev/null +++ b/UefiCpuPkg/SecCore/Ia32/ResetVec.nasmb @@ -0,0 +1,103 @@ +;------------------------------------------------------------------------------ +; +; Copyright (c) 2014, Intel Corporation. All rights reserved.<BR> +; This program and the accompanying materials +; are licensed and made available under the terms and conditions of the BSD License +; which accompanies this distribution. The full text of the license may be found at +; http://opensource.org/licenses/bsd-license.php. +; +; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +; +; Module Name: +; +; ResetVec.nasmb +; +; Abstract: +; +; Reset Vector Data structure +; This structure is located at 0xFFFFFFC0 +; +;------------------------------------------------------------------------------ + +; .stack 0x0 +; SECTION .text +USE16 + +; +; The layout of this file is fixed. The build tool makes assumption of the layout. +; + + ORG 0h +; +; Reserved +; +ReservedData: DD 0eeeeeeeeh, 0eeeeeeeeh + + TIMES 0x10-($-$$) DB 0 +; +; This is located at 0xFFFFFFD0h +; + mov di, "PA" + jmp ApStartup + + TIMES 0x20-($-$$) DB 0 +; +; Pointer to the entry point of the PEI core +; It is located at 0xFFFFFFE0, and is fixed up by some build tool +; So if the value 8..1 appears in the final FD image, tool failure occurs. +; +PeiCoreEntryPoint: DD 87654321h + +; +; This is the handler for all kinds of exceptions. Since it's for debugging +; purpose only, nothing except a dead loop would be done here. Developers could +; analyze the cause of the exception if a debugger had been attached. +; +global ASM_PFX(InterruptHandler) +ASM_PFX(InterruptHandler): + jmp $ + iret + + TIMES 0x30-($-$$) DB 0 +; +; For IA32, the reset vector must be at 0xFFFFFFF0, i.e., 4G-16 byte +; Execution starts here upon power-on/platform-reset. +; +ResetHandler: + nop + nop +ApStartup: + ; + ; Jmp Rel16 instruction + ; Use machine code directly in case of the assembler optimization + ; SEC entry point relative address will be fixed up by some build tool. + ; + ; Typically, SEC entry point is the function _ModuleEntryPoint() defined in + ; SecEntry.asm + ; + DB 0e9h + DW -3 + + + TIMES 0x38-($-$$) DB 0 +; +; Ap reset vector segment address is at 0xFFFFFFF8 +; This will be fixed up by some build tool, +; so if the value 1..8 appears in the final FD image, +; tool failure occurs +; +ApSegAddress: dd 12345678h + + TIMES 0x3c-($-$$) DB 0 +; +; BFV Base is at 0xFFFFFFFC +; This will be fixed up by some build tool, +; so if the value 1..8 appears in the final FD image, +; tool failure occurs. +; +BfvBase: DD 12345678h + +; +; Nothing can go here, otherwise the layout of this file would change. +; diff --git a/UefiCpuPkg/SecCore/SecCore.inf b/UefiCpuPkg/SecCore/SecCore.inf new file mode 100644 index 0000000..f9a633b --- /dev/null +++ b/UefiCpuPkg/SecCore/SecCore.inf @@ -0,0 +1,72 @@ +## @file +# SecCore module that implements the SEC phase. +# +# This is the first module taking control of the platform upon power-on/reset. +# It implements the first phase of the security phase. The entry point function is +# _ModuleEntryPoint in PlatformSecLib. The entry point function will switch to +# protected mode, setup flat memory model, enable temporary memory and +# call into SecStartup(). +# +# Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR> +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = SecCore + MODULE_UNI_FILE = SecCore.uni + FILE_GUID = 1BA0062E-C779-4582-8566-336AE8F78F09 + MODULE_TYPE = SEC + VERSION_STRING = 1.0 + + +# +# The following information is for reference only and not required by the build tools. +# +# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# + +[Sources] + SecMain.c + SecMain.h + FindPeiCore.c + +[Sources.IA32] + Ia32/ResetVec.asm16 | MSFT + Ia32/ResetVec.asm16 | INTEL + Ia32/ResetVec.nasmb | GCC + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + UefiCpuPkg/UefiCpuPkg.dec + +[LibraryClasses] + BaseMemoryLib + DebugLib + BaseLib + PlatformSecLib + PcdLib + DebugAgentLib + UefiCpuLib + PeCoffGetEntryPointLib + PeCoffExtraActionLib + CpuExceptionHandlerLib + ReportStatusCodeLib + +[Ppis] + gEfiSecPlatformInformationPpiGuid ## PRODUCES + gEfiTemporaryRamDonePpiGuid ## PRODUCES + +[Pcd] + gUefiCpuPkgTokenSpaceGuid.PcdPeiTemporaryRamStackSize ## CONSUMES + +[UserExtensions.TianoCore."ExtraFiles"] + SecCoreExtra.uni diff --git a/UefiCpuPkg/SecCore/SecCore.uni b/UefiCpuPkg/SecCore/SecCore.uni new file mode 100644 index 0000000000000000000000000000000000000000..dff756a3b322aea1a748929138498bb8d5e81e91 GIT binary patch literal 2908 zcmd6p?Q0W35XR@T;Qw%>Us`Ds74d_JnA%f=+Jq!U{Un!{rp3IJOKR;uul}Cd-0d~g zN(({>*}I*coq6V&*}47wt6>dG_&?&8*lRnsQ=8h@9@+z>TI(?z+8bL~&Rb$L-bQxr zT8XXf#4^T&eKR|A=?uL&vL#ZjYgf-wY$Rw%e~GMK`iQ>zte*P5Fc!OoDn~9qoBlKV z&g$GItPQ~?&pFR2^9Aul3_>TY$H;T+Bt&uMJA`Xt7of^*&m|4s#*TAUL7G_0G29$$ z6>W@n6OA|+f*=R|$}T|@b?eN;g_sLm=4*|G$0{C<**nL=3W=gt29_nKiG8zA$cs#+ zYhEs`gH(KloM~TYgO`x;k7x~u{Vqr@*gN$MEMZmg4T(mXSX2<65&Hs}c+faPBV>1M zyS$5`mFGy&hTKVG>{@}5LVxNz#8n1rRj|BCQ<=??7W&oQ8Tz9Nq9J+#cVK9NmB2<1 zYqAmWY}-zyDq{WWl$?<%<#a;C;&_|rc6dIu$NZl2wzr-=v1g9D<=GfJU*Vh;n2X#h z3(YmMXj|v2sM6ei5bX$5FKyqt_Nt63qKl_1Fh5~;215y>c!(z@1GCPO*wfl2@q`mL zV=i8WLR?iVPW*`XDQiRC=AJ>>E$nOe$aOOCX6PxaMZQ$eTFom+g0C5tqLpyUN9->6 z(dyN+zE9o`kgAF!mdM40cbZU@o6(+vq3B(q56PFhkD?w>k%eF7C7utR$WT2({S&QC zR9Bf%EoXkN2hNH5Qs6+buF4E1UP&u*@xptuYAmoT{oLcLvp1*a8XN2{kqp2-qUx@C zuVdwef5A!dR6OtL*6IsgYuh`<CcQ+xug7@c&py%?m3D-7>P#QmA<q<fv=Fn<qWh<4 z=sS>L^^mdYV~wZm%6g6GzRxw=EwLr`nRVf6yGPBNcoMQh<SneqM%%r2nF+gO^4UjA zI`SH{-mblW<@tdXAy>yq*Iq&tseLK!MC&cM=ulVkd2nqP(6_YV*v08qSvlbZ^}y2g z?%Zbo5tdSBP2vtKO_=I~<!`?&KQpp*PL)i&a#Rg_*b>Sb<Nx_$*KQe;s-Z_Ts+3Nd zf$QS>cTBN&-LIR${l5|1-<yDLJU8C}s`rT7-UZ^`yWI*Bzqy2de!F`?I46Gq&C20^ literal 0 HcmV?d00001 diff --git a/UefiCpuPkg/SecCore/SecCoreExtra.uni b/UefiCpuPkg/SecCore/SecCoreExtra.uni new file mode 100644 index 0000000000000000000000000000000000000000..44e7701a372d82a4611d634fac4714bbb4ba9783 GIT binary patch literal 1320 zcmZvcTW`}q5QXO%iT_}wFM!$v3Qq_jlGcDlb5WWIc&ePFO)cdnC$ywL9{A3zFQlNz z-kI6iGiT0D{QFnSS{CuV;1}5kyRpm`c5P4X2~q7`;!W+$)|O*Mc7Zjul&s7ih|D}^ z$8KgTo7)yY#Zp|SR<<Kc?-H|I!~Vwhes*rR<V5xi^yjRn_R?P2Ypj#Xdt=AgNrAb* z4!kzbF6DgY6`Sm|VW<r83fN+%9=1HW-8uKBy|a!D?frk)jbM~{KO6GbpyYJ61f}e6 zM}{;>;XEZ{X&c|$7g|I_#7gxttOaOw_bE}GmXcGfl{1rWCB9D2iVAnwx|`G{ymjse zC$yVmmrO#frL!(k#7vo4rH_<YbJz8`4)=VHe{sO2=6dg1OnLv?Z3YJ+ibK##wYK=` zdIHbC?<F$nD*iX@ggX-JpJY8|b*M~Gb5GW!IKM755T|;+BJg+oHulzMc#Rd*RetVT zH|am;Mq7{6-x8U?ea6%sR&RoG%TsDnuIlHr#jqMMM}7OmyKP<k1WhAU)jA@YFll3~ z*p(hzk2NM<Bh<H$FxfE~myX=W(nRasU=^-V8>}7o<sDbtBKyj|c=f%a{5F-utVcWn zRTzD*KExAu#Z+@dmU2`zWPK!8C%?0PVMomMPmGHyp^MnQRX8<zf))ejN;S`|S#hlO z)3>MPam9|R$<fzD-ydmrRj4}vWmt7^1$H0QG59e#Jy>?JB1b#o2K679bL%N@&79`o bgnaQ+wTAb6h8Mmh%IPv2GoQ_C_LcPq`~}L% literal 0 HcmV?d00001 diff --git a/UefiCpuPkg/SecCore/SecMain.c b/UefiCpuPkg/SecCore/SecMain.c new file mode 100644 index 0000000..39592a5 --- /dev/null +++ b/UefiCpuPkg/SecCore/SecMain.c @@ -0,0 +1,295 @@ +/** @file + C functions in SEC + + Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.<BR> + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include "SecMain.h" + +EFI_PEI_TEMPORARY_RAM_DONE_PPI gSecTemporaryRamDonePpi = { + SecTemporaryRamDone +}; + +EFI_SEC_PLATFORM_INFORMATION_PPI mSecPlatformInformationPpi = { SecPlatformInformation }; + +EFI_PEI_PPI_DESCRIPTOR mPeiSecPlatformInformationPpi[] = { + { + EFI_PEI_PPI_DESCRIPTOR_PPI, + &gEfiTemporaryRamDonePpiGuid, + &gSecTemporaryRamDonePpi + }, + { + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), + &gEfiSecPlatformInformationPpiGuid, + &mSecPlatformInformationPpi + } +}; + +// +// These are IDT entries pointing to 10:FFFFFFE4h. +// +UINT64 mIdtEntryTemplate = 0xffff8e000010ffe4ULL; + +/** + Caller provided function to be invoked at the end of InitializeDebugAgent(). + + Entry point to the C language phase of SEC. After the SEC assembly + code has initialized some temporary memory and set up the stack, + the control is transferred to this function. + + @param[in] Context The first input parameter of InitializeDebugAgent(). + +**/ +VOID +EFIAPI +SecStartupPhase2( + IN VOID *Context + ); + +/** + + Entry point to the C language phase of SEC. After the SEC assembly + code has initialized some temporary memory and set up the stack, + the control is transferred to this function. + + + @param SizeOfRam Size of the temporary memory available for use. + @param TempRamBase Base address of temporary ram + @param BootFirmwareVolume Base address of the Boot Firmware Volume. +**/ +VOID +EFIAPI +SecStartup ( + IN UINT32 SizeOfRam, + IN UINT32 TempRamBase, + IN VOID *BootFirmwareVolume + ) +{ + EFI_SEC_PEI_HAND_OFF SecCoreData; + IA32_DESCRIPTOR IdtDescriptor; + SEC_IDT_TABLE IdtTableInStack; + UINT32 Index; + UINT32 PeiStackSize; + EFI_STATUS Status; + + // + // Report Status Code to indicate entering SEC core + // + REPORT_STATUS_CODE ( + EFI_PROGRESS_CODE, + EFI_SOFTWARE_SEC | EFI_SW_SEC_PC_ENTRY_POINT + ); + + PeiStackSize = PcdGet32 (PcdPeiTemporaryRamStackSize); + if (PeiStackSize == 0) { + PeiStackSize = (SizeOfRam >> 1); + } + + ASSERT (PeiStackSize < SizeOfRam); + + // + // Process all libraries constructor function linked to SecCore. + // + ProcessLibraryConstructorList (); + + // + // Initialize floating point operating environment + // to be compliant with UEFI spec. + // + InitializeFloatingPointUnits (); + + // |-------------------|----> + // |IDT Table | + // |-------------------| + // |PeiService Pointer | PeiStackSize + // |-------------------| + // | | + // | Stack | + // |-------------------|----> + // | | + // | | + // | Heap | PeiTemporayRamSize + // | | + // | | + // |-------------------|----> TempRamBase + + IdtTableInStack.PeiService = 0; + for (Index = 0; Index < SEC_IDT_ENTRY_COUNT; Index ++) { + CopyMem ((VOID*)&IdtTableInStack.IdtTable[Index], (VOID*)&mIdtEntryTemplate, sizeof (UINT64)); + } + + IdtDescriptor.Base = (UINTN) &IdtTableInStack.IdtTable; + IdtDescriptor.Limit = (UINT16)(sizeof (IdtTableInStack.IdtTable) - 1); + + AsmWriteIdtr (&IdtDescriptor); + + // + // Setup the default exception handlers + // + Status = InitializeCpuExceptionHandlers (NULL); + ASSERT_EFI_ERROR (Status); + + // + // Update the base address and length of Pei temporary memory + // + SecCoreData.DataSize = (UINT16) sizeof (EFI_SEC_PEI_HAND_OFF); + SecCoreData.BootFirmwareVolumeBase = BootFirmwareVolume; + SecCoreData.BootFirmwareVolumeSize = (UINTN)(0x100000000ULL - (UINTN) BootFirmwareVolume); + SecCoreData.TemporaryRamBase = (VOID*)(UINTN) TempRamBase; + SecCoreData.TemporaryRamSize = SizeOfRam; + SecCoreData.PeiTemporaryRamBase = SecCoreData.TemporaryRamBase; + SecCoreData.PeiTemporaryRamSize = SizeOfRam - PeiStackSize; + SecCoreData.StackBase = (VOID*)(UINTN)(TempRamBase + SecCoreData.PeiTemporaryRamSize); + SecCoreData.StackSize = PeiStackSize; + + // + // Initialize Debug Agent to support source level debug in SEC/PEI phases before memory ready. + // + InitializeDebugAgent (DEBUG_AGENT_INIT_PREMEM_SEC, &SecCoreData, SecStartupPhase2); +} + +/** + Caller provided function to be invoked at the end of InitializeDebugAgent(). + + Entry point to the C language phase of SEC. After the SEC assembly + code has initialized some temporary memory and set up the stack, + the control is transferred to this function. + + @param[in] Context The first input parameter of InitializeDebugAgent(). + +**/ +VOID +EFIAPI +SecStartupPhase2( + IN VOID *Context + ) +{ + EFI_SEC_PEI_HAND_OFF *SecCoreData; + EFI_PEI_PPI_DESCRIPTOR *PpiList; + UINT32 Index; + EFI_PEI_PPI_DESCRIPTOR *AllSecPpiList; + EFI_PEI_CORE_ENTRY_POINT PeiCoreEntryPoint; + + SecCoreData = (EFI_SEC_PEI_HAND_OFF *) Context; + AllSecPpiList = (EFI_PEI_PPI_DESCRIPTOR *) SecCoreData->PeiTemporaryRamBase; + // + // Find Pei Core entry point. It will report SEC and Pei Core debug information if remote debug + // is enabled. + // + FindAndReportEntryPoints ((EFI_FIRMWARE_VOLUME_HEADER *) SecCoreData->BootFirmwareVolumeBase, &PeiCoreEntryPoint); + if (PeiCoreEntryPoint == NULL) + { + CpuDeadLoop (); + } + + // + // Perform platform specific initialization before entering PeiCore. + // + PpiList = SecPlatformMain (SecCoreData); + if (PpiList != NULL) { + // + // Remove the terminal flag from the terminal PPI + // + CopyMem (AllSecPpiList, mPeiSecPlatformInformationPpi, sizeof (mPeiSecPlatformInformationPpi)); + Index = sizeof (mPeiSecPlatformInformationPpi) / sizeof (EFI_PEI_PPI_DESCRIPTOR) - 1; + AllSecPpiList[Index].Flags = AllSecPpiList[Index].Flags & (~EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST); + + // + // Append the platform additional PPI list + // + Index += 1; + while (((PpiList->Flags & EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST) != EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST)) { + CopyMem (&AllSecPpiList[Index], PpiList, sizeof (EFI_PEI_PPI_DESCRIPTOR)); + Index++; + PpiList++; + } + + // + // Add the terminal PPI + // + CopyMem (&AllSecPpiList[Index ++], PpiList, sizeof (EFI_PEI_PPI_DESCRIPTOR)); + + // + // Set PpiList to the total PPI + // + PpiList = AllSecPpiList; + + // + // Adjust PEI TEMP RAM Range. + // + ASSERT (SecCoreData->PeiTemporaryRamSize > Index * sizeof (EFI_PEI_PPI_DESCRIPTOR)); + SecCoreData->PeiTemporaryRamBase = (VOID *)((UINTN) SecCoreData->PeiTemporaryRamBase + Index * sizeof (EFI_PEI_PPI_DESCRIPTOR)); + SecCoreData->PeiTemporaryRamSize = SecCoreData->PeiTemporaryRamSize - Index * sizeof (EFI_PEI_PPI_DESCRIPTOR); + } else { + // + // No addition PPI, PpiList directly point to the common PPI list. + // + PpiList = &mPeiSecPlatformInformationPpi[0]; + } + + // + // Report Status Code to indicate transferring to PEI core + // + REPORT_STATUS_CODE ( + EFI_PROGRESS_CODE, + EFI_SOFTWARE_SEC | EFI_SW_SEC_PC_HANDOFF_TO_NEXT + ); + + // + // Transfer the control to the PEI core + // + ASSERT (PeiCoreEntryPoint != NULL); + (*PeiCoreEntryPoint) (SecCoreData, PpiList); + + // + // Should not come here. + // + return; +} + +/** + TemporaryRamDone() disables the use of Temporary RAM. If present, this service is invoked + by the PEI Foundation after the EFI_PEI_PERMANANT_MEMORY_INSTALLED_PPI is installed. + + @retval EFI_SUCCESS Use of Temporary RAM was disabled. + @retval EFI_INVALID_PARAMETER Temporary RAM could not be disabled. + +**/ +EFI_STATUS +EFIAPI +SecTemporaryRamDone ( + VOID + ) +{ + BOOLEAN State; + + // + // Migrate DebugAgentContext. + // + InitializeDebugAgent (DEBUG_AGENT_INIT_POSTMEM_SEC, NULL, NULL); + + // + // Disable interrupts and save current interrupt state + // + State = SaveAndDisableInterrupts(); + + // + // Disable Temporary RAM after Stack and Heap have been migrated at this point. + // + SecPlatformDisableTemporaryMemory (); + + // + // Restore original interrupt state + // + SetInterruptState (State); + + return EFI_SUCCESS; +} diff --git a/UefiCpuPkg/SecCore/SecMain.h b/UefiCpuPkg/SecCore/SecMain.h new file mode 100644 index 0000000..7b60986 --- /dev/null +++ b/UefiCpuPkg/SecCore/SecMain.h @@ -0,0 +1,109 @@ +/** @file + Master header file for SecCore. + + Copyright (c) 2008 - 2013, Intel Corporation. All rights reserved.<BR> + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef _SEC_CORE_H_ +#define _SEC_CORE_H_ + +#include <PiPei.h> + +#include <Ppi/SecPlatformInformation.h> +#include <Ppi/TemporaryRamDone.h> + +#include <Library/BaseLib.h> +#include <Library/DebugLib.h> +#include <Library/PcdLib.h> +#include <Library/BaseMemoryLib.h> +#include <Library/PlatformSecLib.h> +#include <Library/UefiCpuLib.h> +#include <Library/PeCoffGetEntryPointLib.h> +#include <Library/PeCoffExtraActionLib.h> +#include <Library/DebugAgentLib.h> +#include <Library/CpuExceptionHandlerLib.h> +#include <Library/ReportStatusCodeLib.h> + + +#define SEC_IDT_ENTRY_COUNT 34 + +typedef struct _SEC_IDT_TABLE { + // + // Reserved 8 bytes preceding IDT to store EFI_PEI_SERVICES**, since IDT base + // address should be 8-byte alignment. + // Note: For IA32, only the 4 bytes immediately preceding IDT is used to store + // EFI_PEI_SERVICES** + // + UINT64 PeiService; + UINT64 IdtTable[SEC_IDT_ENTRY_COUNT]; +} SEC_IDT_TABLE; + +/** + TemporaryRamDone() disables the use of Temporary RAM. If present, this service is invoked + by the PEI Foundation after the EFI_PEI_PERMANANT_MEMORY_INSTALLED_PPI is installed. + + @retval EFI_SUCCESS Use of Temporary RAM was disabled. + @retval EFI_INVALID_PARAMETER Temporary RAM could not be disabled. + +**/ +EFI_STATUS +EFIAPI +SecTemporaryRamDone ( + VOID + ); + +/** + Entry point to the C language phase of SEC. After the SEC assembly + code has initialized some temporary memory and set up the stack, + the control is transferred to this function. + + @param SizeOfRam Size of the temporary memory available for use. + @param TempRamBase Base address of temporary ram + @param BootFirmwareVolume Base address of the Boot Firmware Volume. +**/ +VOID +EFIAPI +SecStartup ( + IN UINT32 SizeOfRam, + IN UINT32 TempRamBase, + IN VOID *BootFirmwareVolume + ); + +/** + Find and return Pei Core entry point. + + It also find SEC and PEI Core file debug information. It will report them if + remote debug is enabled. + + @param BootFirmwareVolumePtr Point to the boot firmware volume. + @param PeiCoreEntryPoint Point to the PEI core entry point. + +**/ +VOID +EFIAPI +FindAndReportEntryPoints ( + IN EFI_FIRMWARE_VOLUME_HEADER *BootFirmwareVolumePtr, + OUT EFI_PEI_CORE_ENTRY_POINT *PeiCoreEntryPoint + ); + +/** + Auto-generated function that calls the library constructors for all of the module's + dependent libraries. This function must be called by the SEC Core once a stack has + been established. + +**/ +VOID +EFIAPI +ProcessLibraryConstructorList ( + VOID + ); + +#endif diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 202e719..fe9b2a5 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -37,6 +37,11 @@ ## @libraryclass Provides functions to manage the Local APIC on IA32 and X64 CPUs. ## LocalApicLib|Include/Library/LocalApicLib.h + + ## @libraryclass Provides platform specific initialization functions in the SEC phase. + ## + PlatformSecLib|Include/Library/PlatformSecLib.h + [Guids] gUefiCpuPkgTokenSpaceGuid = { 0xac05bf33, 0x995a, 0x4ed4, { 0xaa, 0xb8, 0xef, 0x7a, 0xe8, 0xf, 0x5c, 0xb0 }} @@ -62,6 +67,10 @@ # @Prompt Configure stack size for Application Processor (AP) gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize|0x8000|UINT32|0x00000003 + ## Specifies stack size in the temporary RAM. 0 means half of TemporaryRamSize. + # @Prompt Stack size in the temporary RAM. + gUefiCpuPkgTokenSpaceGuid.PcdPeiTemporaryRamStackSize|0|UINT32|0x10001003 + [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] ## Specifies timeout value in microseconds for the BSP to detect all APs for the first time. # @Prompt Timeout for the BSP to detect all APs for the first time. diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc index a4117a2..68400e3 100644 --- a/UefiCpuPkg/UefiCpuPkg.dsc +++ b/UefiCpuPkg/UefiCpuPkg.dsc @@ -54,8 +54,12 @@ CpuExceptionHandlerLib|MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.inf SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf + PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf + PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf - +[LibraryClasses.common.SEC] + PlatformSecLib|UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf + [LibraryClasses.common.PEIM] MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf @@ -96,7 +100,9 @@ UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf + UefiCpuPkg/Library/PlatformSecLibNull/PlatformSecLibNull.inf UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationPei.inf UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationSmm.inf + UefiCpuPkg/SecCore/SecCore.inf UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf diff --git a/UefiCpuPkg/UefiCpuPkg.uni b/UefiCpuPkg/UefiCpuPkg.uni index 2f2d20f7fd87879dde9f9b1cd59a0503399a4a7c..4fe2faf981581025adcbbfd9829512e2328c889b 100644 GIT binary patch delta 262 zcmaE2yv<_66UoVSVnMP245<v63?V==m!W_mpP`5$5r``pf`D}H<jwr<jKPx&1%)*g zfU5Es6c|bvGJtA9G`bE2pdLpC-^m9hVhNafRKR(%fw;)z0zr`~qRnN{1KMf;#JND5 n6M=3i2C_4NtQ>|kAS)kC;_wGUFwpf?Kz(`)N({UVTwn|U`N%cl delta 7 OcmdmH@x*w;6G;FMf&;Sv -- 1.9.5.msysgit.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
