diff options
author | Michael D Kinney <michael.d.kinney@intel.com> | 2019-11-21 09:24:41 -0800 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-02-07 16:32:13 +0000 |
commit | cc1d13c9228d988071834b12c8494efb28b55802 (patch) | |
tree | c0707b9b5abb10174657d478c0d6c1ef04da98c3 /CryptoPkg/Driver/CryptoPei.c | |
parent | 3b0e04305b2559da8deec7e1acba2d9e9902b80e (diff) | |
download | edk2-cc1d13c9228d988071834b12c8494efb28b55802.tar.gz edk2-cc1d13c9228d988071834b12c8494efb28b55802.tar.bz2 edk2-cc1d13c9228d988071834b12c8494efb28b55802.zip |
CryptoPkg/Driver: Add Crypto PEIM, DXE, and SMM modules
https://bugzilla.tianocore.org/show_bug.cgi?id=2420
Based on the following package with changes to merge into
CryptoPkg.
https://github.com/microsoft/mu_plus/tree/dev/201908/SharedCryptoPkg
Add the CryptoPei, CryptoDxe, and CryptoSmm modules that produce
EDK II Crypto Protocols/PPIs that provide the same services as
the BaseCryptLib class.
In order to optimize the size of CryptoPei, CryptoDxe, and
CryptoSmm modules for a specific platform, the FixedAtBuild
PCD gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable
is used to determine if a specific service is enabled or
disabled. If a service is enabled, then a call is made to
the BaseCryptLib service. If the service is disabled, then
a DEBUG() message and ASSERT() are performed and a default
return value is returned. This provides simple detection
of a service that is disabled but is used by another module
when DEBUG()/ASSERT() macros are enabled.
The use of a FixedAtBuild PCD is required so the compiler
and linker know each services enable/disable setting at
build time and allows disabled services to be optimized away.
CryptoPei supports both pre-mem and post-mem use cases.
If CryptoPei is initially dispatched pre-mmem, the the
register for shadow service is used so the Crypto PPI can
be reinstalled post-mem.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Diffstat (limited to 'CryptoPkg/Driver/CryptoPei.c')
-rw-r--r-- | CryptoPkg/Driver/CryptoPei.c | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/CryptoPkg/Driver/CryptoPei.c b/CryptoPkg/Driver/CryptoPei.c new file mode 100644 index 0000000000..8b2771802c --- /dev/null +++ b/CryptoPkg/Driver/CryptoPei.c @@ -0,0 +1,99 @@ +/** @file
+ Installs the EDK II Crypto PPI. If this PEIM is dispatched before memory is
+ discovered, the RegisterForShadow() feature is used to reload this PEIM into
+ memory after memory is discovered.
+
+ Copyright (C) Microsoft Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <PiPei.h>
+#include <Library/PeiServicesLib.h>
+#include <Library/DebugLib.h>
+#include <Ppi/Crypto.h>
+
+extern CONST EDKII_CRYPTO_PROTOCOL mEdkiiCrypto;
+
+CONST EFI_PEI_PPI_DESCRIPTOR mEdkiiCryptoPpiList = {
+ (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
+ &gEdkiiCryptoPpiGuid,
+ (EDKII_CRYPTO_PPI *) &mEdkiiCrypto
+};
+
+/**
+Entry to CryptoPeiEntry.
+
+@param FileHandle The image handle.
+@param PeiServices The PEI services table.
+
+@retval Status From internal routine or boot object, should not fail
+**/
+EFI_STATUS
+EFIAPI
+CryptoPeiEntry (
+ IN EFI_PEI_FILE_HANDLE FileHandle,
+ IN CONST EFI_PEI_SERVICES **PeiServices
+ )
+{
+ EFI_STATUS Status;
+ VOID *MemoryDiscoveredPpi;
+ EDKII_CRYPTO_PPI *EdkiiCryptoPpi;
+ EFI_PEI_PPI_DESCRIPTOR *EdkiiCryptoPpiDescriptor;
+
+ //
+ // Not all Open SSL services support XIP due to use of global variables.
+ // Use gEfiPeiMemoryDiscoveredPpiGuid to detect Pre-Mem and Post-Mem and
+ // always shadow this module in memory in Post-Mem.
+ //
+ Status = PeiServicesLocatePpi (
+ &gEfiPeiMemoryDiscoveredPpiGuid,
+ 0,
+ NULL,
+ (VOID **)&MemoryDiscoveredPpi
+ );
+ if (Status == EFI_NOT_FOUND) {
+ //
+ // CryptoPei is dispatched before gEfiPeiMemoryDiscoveredPpiGuid
+ //
+ Status = PeiServicesRegisterForShadow (FileHandle);
+ ASSERT_EFI_ERROR (Status);
+ if (!EFI_ERROR (Status)) {
+ //
+ // First CryptoPpi installation. CryptoPei could come from memory or flash
+ // it will be re-installed after gEfiPeiMemoryDiscoveredPpiGuid
+ //
+ DEBUG ((DEBUG_INFO, "CryptoPeiEntry: Install Pre-Memory Crypto PPI\n"));
+ Status = PeiServicesInstallPpi (&mEdkiiCryptoPpiList);
+ ASSERT_EFI_ERROR (Status);
+ }
+ } else if (Status == EFI_SUCCESS) {
+ //
+ // CryptoPei is dispatched after gEfiPeiMemoryDiscoveredPpiGuid
+ //
+ Status = PeiServicesLocatePpi (
+ &gEdkiiCryptoPpiGuid,
+ 0,
+ &EdkiiCryptoPpiDescriptor,
+ (VOID **)&EdkiiCryptoPpi
+ );
+ if (!EFI_ERROR (Status)) {
+ //
+ // CryptoPei was also dispatched before gEfiPeiMemoryDiscoveredPpiGuid
+ //
+ DEBUG((DEBUG_INFO, "CryptoPeiEntry: ReInstall Post-Memmory Crypto PPI\n"));
+ Status = PeiServicesReInstallPpi (
+ EdkiiCryptoPpiDescriptor,
+ &mEdkiiCryptoPpiList
+ );
+ ASSERT_EFI_ERROR (Status);
+ } else {
+ DEBUG ((DEBUG_INFO, "CryptoPeiEntry: Install Post-Memmory Crypto PPI\n"));
+ Status = PeiServicesInstallPpi (&mEdkiiCryptoPpiList);
+ }
+ } else {
+ ASSERT_EFI_ERROR (Status);
+ }
+
+ return Status;
+}
|