1 /** @file
2 Implementation of helper routines for DXE environment.
3
4 Copyright (c) 2013 - 2016 Intel Corporation.
5
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php
10
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13
14 **/
15
16 #include <PiDxe.h>
17
18 #include <Library/UefiBootServicesTableLib.h>
19 #include <Library/S3BootScriptLib.h>
20 #include <Library/DxeServicesLib.h>
21 #include <Library/UefiRuntimeServicesTableLib.h>
22 #include <Protocol/SmmBase2.h>
23 #include <Protocol/Spi.h>
24 #include <Protocol/VariableLock.h>
25
26 #include <Guid/MemoryConfigData.h>
27 #include <Guid/QuarkVariableLock.h>
28
29 #include "CommonHeader.h"
30
31 #define FLASH_BLOCK_SIZE SIZE_4KB
32
33 //
34 // Global variables.
35 //
36 EFI_SPI_PROTOCOL *mPlatHelpSpiProtocolRef = NULL;
37
38 //
39 // Routines defined in other source modules of this component.
40 //
41
42 //
43 // Routines local to this component.
44 //
45
46 //
47 // Routines shared with other souce modules in this component.
48 //
49
50 EFI_SPI_PROTOCOL *
LocateSpiProtocol(IN EFI_SMM_SYSTEM_TABLE2 * Smst)51 LocateSpiProtocol (
52 IN EFI_SMM_SYSTEM_TABLE2 *Smst
53 )
54 {
55 if (mPlatHelpSpiProtocolRef == NULL) {
56 if (Smst != NULL) {
57 Smst->SmmLocateProtocol (
58 &gEfiSmmSpiProtocolGuid,
59 NULL,
60 (VOID **) &mPlatHelpSpiProtocolRef
61 );
62 } else {
63 gBS->LocateProtocol (
64 &gEfiSpiProtocolGuid,
65 NULL,
66 (VOID **) &mPlatHelpSpiProtocolRef
67 );
68 }
69 ASSERT (mPlatHelpSpiProtocolRef != NULL);
70 }
71 return mPlatHelpSpiProtocolRef;
72 }
73
74 //
75 // Routines exported by this source module.
76 //
77
78 /**
79 Find pointer to RAW data in Firmware volume file.
80
81 @param FvNameGuid Firmware volume to search. If == NULL search all.
82 @param FileNameGuid Firmware volume file to search for.
83 @param SectionData Pointer to RAW data section of found file.
84 @param SectionDataSize Pointer to UNITN to get size of RAW data.
85
86 @retval EFI_SUCCESS Raw Data found.
87 @retval EFI_INVALID_PARAMETER FileNameGuid == NULL.
88 @retval EFI_NOT_FOUND Firmware volume file not found.
89 @retval EFI_UNSUPPORTED Unsupported in current enviroment (PEI or DXE).
90
91 **/
92 EFI_STATUS
93 EFIAPI
PlatformFindFvFileRawDataSection(IN CONST EFI_GUID * FvNameGuid OPTIONAL,IN CONST EFI_GUID * FileNameGuid,OUT VOID ** SectionData,OUT UINTN * SectionDataSize)94 PlatformFindFvFileRawDataSection (
95 IN CONST EFI_GUID *FvNameGuid OPTIONAL,
96 IN CONST EFI_GUID *FileNameGuid,
97 OUT VOID **SectionData,
98 OUT UINTN *SectionDataSize
99 )
100 {
101 if (FileNameGuid == NULL || SectionData == NULL || SectionDataSize == NULL) {
102 return EFI_INVALID_PARAMETER;
103 }
104 if (FvNameGuid != NULL) {
105 return EFI_UNSUPPORTED; // Searching in specific FV unsupported in DXE.
106 }
107
108 return GetSectionFromAnyFv (FileNameGuid, EFI_SECTION_RAW, 0, SectionData, SectionDataSize);
109 }
110
111 /**
112 Find free spi protect register and write to it to protect a flash region.
113
114 @param DirectValue Value to directly write to register.
115 if DirectValue == 0 the use Base & Length below.
116 @param BaseAddress Base address of region in Flash Memory Map.
117 @param Length Length of region to protect.
118
119 @retval EFI_SUCCESS Free spi protect register found & written.
120 @retval EFI_NOT_FOUND Free Spi protect register not found.
121 @retval EFI_DEVICE_ERROR Unable to write to spi protect register.
122 **/
123 EFI_STATUS
124 EFIAPI
PlatformWriteFirstFreeSpiProtect(IN CONST UINT32 DirectValue,IN CONST UINT32 BaseAddress,IN CONST UINT32 Length)125 PlatformWriteFirstFreeSpiProtect (
126 IN CONST UINT32 DirectValue,
127 IN CONST UINT32 BaseAddress,
128 IN CONST UINT32 Length
129 )
130 {
131 UINT32 FreeOffset;
132 UINT32 PchRootComplexBar;
133 EFI_STATUS Status;
134
135 PchRootComplexBar = QNC_RCRB_BASE;
136
137 Status = WriteFirstFreeSpiProtect (
138 PchRootComplexBar,
139 DirectValue,
140 BaseAddress,
141 Length,
142 &FreeOffset
143 );
144
145 if (!EFI_ERROR (Status)) {
146 S3BootScriptSaveMemWrite (
147 S3BootScriptWidthUint32,
148 (UINTN) (PchRootComplexBar + FreeOffset),
149 1,
150 (VOID *) (UINTN) (PchRootComplexBar + FreeOffset)
151 );
152 }
153
154 return Status;
155 }
156
157 /**
158 Lock legacy SPI static configuration information.
159
160 Function will assert if unable to lock config.
161
162 **/
163 VOID
164 EFIAPI
PlatformFlashLockConfig(VOID)165 PlatformFlashLockConfig (
166 VOID
167 )
168 {
169 EFI_STATUS Status;
170 EFI_SPI_PROTOCOL *SpiProtocol;
171
172 //
173 // Enable lock of legacy SPI static configuration information.
174 //
175
176 SpiProtocol = LocateSpiProtocol (NULL); // This routine will not be called in SMM.
177 ASSERT (SpiProtocol != NULL);
178 if (SpiProtocol != NULL) {
179 Status = SpiProtocol->Lock (SpiProtocol);
180
181 if (!EFI_ERROR (Status)) {
182 DEBUG ((EFI_D_INFO, "Platform: Spi Config Locked Down\n"));
183 } else if (Status == EFI_ACCESS_DENIED) {
184 DEBUG ((EFI_D_INFO, "Platform: Spi Config already locked down\n"));
185 } else {
186 ASSERT_EFI_ERROR (Status);
187 }
188 }
189 }
190
191 /**
192 Platform Variable Lock.
193
194 @retval EFI_SUCCESS Platform Variable Lock successful.
195 @retval EFI_NOT_FOUND No protocol instances were found that match Protocol and
196 Registration.
197
198 **/
199 VOID
200 EFIAPI
PlatformVariableLock()201 PlatformVariableLock (
202 )
203 {
204 EFI_STATUS Status;
205 EDKII_VARIABLE_LOCK_PROTOCOL *VariableLockProtocol;
206
207 Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLockProtocol);
208 ASSERT_EFI_ERROR (Status);
209
210 Status = VariableLockProtocol->RequestToLock (
211 VariableLockProtocol,
212 QUARK_VARIABLE_LOCK_NAME,
213 &gQuarkVariableLockGuid
214 );
215 ASSERT_EFI_ERROR (Status);
216
217 // Memory Config Data shouldn't be writable when Quark Variable Lock is enabled.
218 Status = VariableLockProtocol->RequestToLock (
219 VariableLockProtocol,
220 EFI_MEMORY_CONFIG_DATA_NAME,
221 &gEfiMemoryConfigDataGuid
222 );
223 ASSERT_EFI_ERROR (Status);
224 }
225
226 /**
227 Lock regions and config of SPI flash given the policy for this platform.
228
229 Function will assert if unable to lock regions or config.
230
231 @param PreBootPolicy If TRUE do Pre Boot Flash Lock Policy.
232
233 **/
234 VOID
235 EFIAPI
PlatformFlashLockPolicy(IN CONST BOOLEAN PreBootPolicy)236 PlatformFlashLockPolicy (
237 IN CONST BOOLEAN PreBootPolicy
238 )
239 {
240 EFI_STATUS Status;
241 UINT64 CpuAddressNvStorage;
242 UINT64 CpuAddressFlashDevice;
243 UINT64 SpiAddress;
244 EFI_BOOT_MODE BootMode;
245 UINTN SpiFlashDeviceSize;
246
247 BootMode = GetBootModeHob ();
248
249 SpiFlashDeviceSize = (UINTN) PcdGet32 (PcdSpiFlashDeviceSize);
250 CpuAddressFlashDevice = SIZE_4GB - SpiFlashDeviceSize;
251 DEBUG (
252 (EFI_D_INFO,
253 "Platform:FlashDeviceSize = 0x%08x Bytes\n",
254 SpiFlashDeviceSize)
255 );
256
257 //
258 // If not in update or recovery mode, lock stuff down
259 //
260 if ((BootMode != BOOT_IN_RECOVERY_MODE) && (BootMode != BOOT_ON_FLASH_UPDATE)) {
261
262 //
263 // Lock regions
264 //
265 CpuAddressNvStorage = (UINT64) PcdGet32 (PcdFlashNvStorageVariableBase);
266
267 //
268 // Lock from start of flash device up to Smi writable flash storage areas.
269 //
270 SpiAddress = 0;
271 if (!PlatformIsSpiRangeProtected ((UINT32) SpiAddress, (UINT32) (CpuAddressNvStorage - CpuAddressFlashDevice))) {
272 DEBUG (
273 (EFI_D_INFO,
274 "Platform: Protect Region Base:Len 0x%08x:0x%08x\n",
275 (UINTN) SpiAddress, (UINTN)(CpuAddressNvStorage - CpuAddressFlashDevice))
276 );
277 Status = PlatformWriteFirstFreeSpiProtect (
278 0,
279 (UINT32) SpiAddress,
280 (UINT32) (CpuAddressNvStorage - CpuAddressFlashDevice)
281 );
282
283 ASSERT_EFI_ERROR (Status);
284 }
285 //
286 // Move Spi Address to after Smi writable flash storage areas.
287 //
288 SpiAddress = CpuAddressNvStorage - CpuAddressFlashDevice;
289 SpiAddress += ((UINT64) PcdGet32 (PcdFlashNvStorageVariableSize));
290
291 //
292 // Lock from end of OEM area to end of flash part.
293 //
294 if (!PlatformIsSpiRangeProtected ((UINT32) SpiAddress, SpiFlashDeviceSize - ((UINT32) SpiAddress))) {
295 DEBUG (
296 (EFI_D_INFO,
297 "Platform: Protect Region Base:Len 0x%08x:0x%08x\n",
298 (UINTN) SpiAddress,
299 (UINTN) (SpiFlashDeviceSize - ((UINT32) SpiAddress)))
300 );
301 ASSERT (SpiAddress < ((UINT64) SpiFlashDeviceSize));
302 Status = PlatformWriteFirstFreeSpiProtect (
303 0,
304 (UINT32) SpiAddress,
305 SpiFlashDeviceSize - ((UINT32) SpiAddress)
306 );
307
308 ASSERT_EFI_ERROR (Status);
309 }
310 }
311
312 //
313 // Always Lock flash config registers if about to boot a boot option
314 // else lock depending on boot mode.
315 //
316 if (PreBootPolicy || (BootMode != BOOT_ON_FLASH_UPDATE)) {
317 PlatformFlashLockConfig ();
318 }
319
320 //
321 // Enable Quark Variable lock if PreBootPolicy.
322 //
323 if (PreBootPolicy) {
324 PlatformVariableLock ();
325 }
326 }
327
328 /** Check if System booted with recovery Boot Stage1 image.
329
330 @retval TRUE If system booted with recovery Boot Stage1 image.
331 @retval FALSE If system booted with normal stage1 image.
332
333 **/
334 BOOLEAN
335 EFIAPI
PlatformIsBootWithRecoveryStage1(VOID)336 PlatformIsBootWithRecoveryStage1 (
337 VOID
338 )
339 {
340 ASSERT_EFI_ERROR (EFI_UNSUPPORTED);
341 return FALSE;
342 }
343
344