From 95c7b927628b6c5d736234d3ebcb7dcd10ea07eb Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Mon, 7 Aug 2023 15:47:40 +0200 Subject: [PATCH] Moved FSP_M back to XIP --- arch.mk | 1 - config/examples/kontron_vx3060_s2.config | 1 - .../examples/x86_fsp_qemu_stage1_auth.config | 1 - hal/x86_fsp_qemu_stage1.ld.in | 2 -- hal/x86_fsp_tgl_stage1.ld.in | 1 - src/boot_x86_fsp.c | 31 ++----------------- tools/x86_fsp/qemu/qemu_build_fsp.sh | 6 ++-- tools/x86_fsp/tgl/tgl_download_fsp.sh | 2 +- 8 files changed, 7 insertions(+), 38 deletions(-) diff --git a/arch.mk b/arch.mk index 3173a712..917d7921 100644 --- a/arch.mk +++ b/arch.mk @@ -507,7 +507,6 @@ ifeq ("${FSP}", "1") OBJS += src/libwolfboot.o OBJS += src/image.o OBJS += src/keystore.o - OBJS += src/sig_fsp_m.o OBJS += src/sig_wolfboot_raw.o OBJS += src/sig_fsp_s.o ifeq ($(TARGET), kontron_vx3060_s2) diff --git a/config/examples/kontron_vx3060_s2.config b/config/examples/kontron_vx3060_s2.config index 6782f0e8..40fdfdfd 100644 --- a/config/examples/kontron_vx3060_s2.config +++ b/config/examples/kontron_vx3060_s2.config @@ -59,6 +59,5 @@ MULTIBOOT2=1 64BIT=1 STAGE1_AUTH=1 -FSP_M_LOAD_BASE=0x0FE2FF00 FSP_S_LOAD_BASE=0x0FED5F00 diff --git a/config/examples/x86_fsp_qemu_stage1_auth.config b/config/examples/x86_fsp_qemu_stage1_auth.config index eea46c40..18aab291 100644 --- a/config/examples/x86_fsp_qemu_stage1_auth.config +++ b/config/examples/x86_fsp_qemu_stage1_auth.config @@ -30,7 +30,6 @@ WOLFBOOT_DATA_ADDRESS=0x1000000 FSP_M_BASE=0xffe30000 FSP_S_BASE=0xffed6000 FSP_T_BASE=0xfffe0000 -FSP_M_LOAD_BASE=0x0FE2FF00 FSP_S_LOAD_BASE=0x0FED5F00 WOLFBOOT_ORIGIN=0xfffa0000 LINUX_PAYLOAD=1 diff --git a/hal/x86_fsp_qemu_stage1.ld.in b/hal/x86_fsp_qemu_stage1.ld.in index a0d82d1b..c65268d3 100644 --- a/hal/x86_fsp_qemu_stage1.ld.in +++ b/hal/x86_fsp_qemu_stage1.ld.in @@ -62,8 +62,6 @@ SECTIONS .fsp_m FSP_M_ORIGIN : { - _fsp_m_hdr = .; - KEEP(*(.sig_fsp_m*)) _start_fsp_m = .; *(.fsp_m) _end_fsp_m = .; diff --git a/hal/x86_fsp_tgl_stage1.ld.in b/hal/x86_fsp_tgl_stage1.ld.in index b7dda4e6..67d2f47c 100644 --- a/hal/x86_fsp_tgl_stage1.ld.in +++ b/hal/x86_fsp_tgl_stage1.ld.in @@ -84,7 +84,6 @@ SECTIONS .fsp_m FSP_M_ORIGIN : { _fsp_m_hdr = .; - KEEP(*(.sig_fsp_m*)) _start_fsp_m = .; *(.fsp_m) _end_fsp_m = .; diff --git a/src/boot_x86_fsp.c b/src/boot_x86_fsp.c index a7c3d604..c842577e 100644 --- a/src/boot_x86_fsp.c +++ b/src/boot_x86_fsp.c @@ -46,8 +46,6 @@ * the space used by wolfBoot manifest headers to authenticate FSPs */ #define HEADER_SIZE IMAGE_HEADER_SIZE -const uint8_t __attribute__((section(".sig_fsp_m"))) - empty_sig_fsp_m[HEADER_SIZE] = {}; const uint8_t __attribute__((section(".sig_fsp_s"))) empty_sig_fsp_s[HEADER_SIZE] = {}; const uint8_t __attribute__((section(".sig_wolfboot_raw"))) @@ -94,7 +92,7 @@ int fsp_machine_update_s_parameters(uint8_t *default_s_params); int post_temp_ram_init_cb(void); /* from the linker */ -extern uint8_t _fsp_m_hdr[]; +extern uint8_t _start_fsp_m[]; extern uint8_t _fsp_s_hdr[]; extern uint8_t _end_fsp_m[]; extern uint8_t _end_fsp_s[]; @@ -144,16 +142,6 @@ static void load_wolfboot(void) } -static void load_fsp_m_to_ram(void) -{ - size_t fsp_m_size; - wolfBoot_printf("loading FSP_M at %x..." ENDLINE, - (uint32_t)(FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE)); - fsp_m_size = _end_fsp_m - _fsp_m_hdr; - memcpy((uint8_t*)FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE, - _fsp_m_hdr, fsp_m_size); -} - static void load_fsp_s_to_ram(void) { size_t fsp_s_size; @@ -238,8 +226,8 @@ static void memory_ready_entry(void *ptr) uint8_t *fsp_s_base; uint8_t *fsp_m_base; + fsp_m_base = _start_fsp_m; fsp_s_base = (uint8_t *)(FSP_S_LOAD_BASE); - fsp_m_base = (uint8_t *)(FSP_M_LOAD_BASE); fsp_info_header = (struct fsp_info_header *)(fsp_m_base + FSP_INFO_HEADER_OFFSET); @@ -356,7 +344,7 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, (void)stack_top; (void)timestamp; (void)bist; - fsp_m_base = (uint8_t *)(FSP_M_LOAD_BASE); + fsp_m_base = (uint8_t *)(_start_fsp_m); status = post_temp_ram_init_cb(); @@ -366,19 +354,6 @@ void start(uint32_t stack_base, uint32_t stack_top, uint64_t timestamp, } wolfBoot_printf("Cache-as-RAM initialized" ENDLINE); - load_fsp_m_to_ram(); - -#ifdef STAGE1_AUTH - /* Verify FSP_M */ - //wolfBoot_printf("Authenticating FSP_M at %x..." ENDLINE, - // FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE); - if (verify_payload((uint8_t *)(FSP_M_LOAD_BASE - IMAGE_HEADER_SIZE)) == 0) - wolfBoot_printf("FSP_M: verified OK." ENDLINE); - else { - panic(); - } -#endif - fsp_m_info_header = (struct fsp_info_header *)(fsp_m_base + FSP_INFO_HEADER_OFFSET); udp_m_default = fsp_m_base + fsp_m_info_header->CfgRegionOffset; diff --git a/tools/x86_fsp/qemu/qemu_build_fsp.sh b/tools/x86_fsp/qemu/qemu_build_fsp.sh index b12be294..0be29f9d 100755 --- a/tools/x86_fsp/qemu/qemu_build_fsp.sh +++ b/tools/x86_fsp/qemu/qemu_build_fsp.sh @@ -19,7 +19,7 @@ fi if [ -f "${CONFIG_FILE}" ] then FSP_T_BASE=$(grep -Eo '^FSP_T_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) - FSP_M_LOAD_BASE=$(grep -Eo '^FSP_M_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) + FSP_M_BASE=$(grep -Eo '^FSP_M_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) FSP_S_LOAD_BASE=$(grep -Eo '^FSP_S_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) else echo "Error: ${CONFIG_FILE} file not found in current directory" @@ -87,9 +87,9 @@ download_edkii download_sbl_patch_and_patch_edkii build_qemu_fsp rebase_fsp_component "T" ${FSP_T_BASE} -rebase_fsp_component "M" ${FSP_M_LOAD_BASE} +rebase_fsp_component "M" ${FSP_M_BASE} rebase_fsp_component "S" ${FSP_S_LOAD_BASE} copy_fsp_component "T" ${FSP_T_BASE} -copy_fsp_component "M" ${FSP_M_LOAD_BASE} +copy_fsp_component "M" ${FSP_M_BASE} copy_fsp_component "S" ${FSP_S_LOAD_BASE} copy_fsp_headers diff --git a/tools/x86_fsp/tgl/tgl_download_fsp.sh b/tools/x86_fsp/tgl/tgl_download_fsp.sh index a68a9ffb..f21e21c9 100755 --- a/tools/x86_fsp/tgl/tgl_download_fsp.sh +++ b/tools/x86_fsp/tgl/tgl_download_fsp.sh @@ -22,7 +22,7 @@ fi if [ -f "${CONFIG_FILE}" ] then FSP_T_BASE=$(grep -Eo '^FSP_T_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) - FSP_M_LOAD_BASE=$(grep -Eo '^FSP_M_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) + FSP_M_BASE=$(grep -Eo '^FSP_M_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) FSP_S_LOAD_BASE=$(grep -Eo '^FSP_S_LOAD_BASE=.*' ${CONFIG_FILE} | cut -d "=" -f 2) else echo "Error: ${CONFIG_FILE} file not found in current directory"