Detects qemu config issue: code pflash is writable.
Checked for both PC and Q35.
Cc: Ard Biesheuvel <ardb+tianoc...@kernel.org>
Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Konstantin Kostiuk <kkost...@redhat.com>
Signed-off-by: Gerd Hoffmann <kra...@redhat.com>
Reviewed-by: Jiewen Yao <jiewen....@intel.com>
---
OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf | 2 ++
OvmfPkg/VirtHstiDxe/VirtHstiDxe.h | 13 +++++++++++
OvmfPkg/VirtHstiDxe/QemuCommon.c | 36 +++++++++++++++++++++++++++++
OvmfPkg/VirtHstiDxe/VirtHstiDxe.c | 4 ++++
4 files changed, 55 insertions(+)
create mode 100644 OvmfPkg/VirtHstiDxe/QemuCommon.c
diff --git a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
index b6bdd1f22e83..9514933011e8 100644
--- a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
+++ b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
@@ -22,6 +22,7 @@ [Sources]
VirtHstiDxe.c
QemuPC.c
QemuQ35.c
+ QemuCommon.c
Flash.c
[Packages]
@@ -48,6 +49,7 @@ [FeaturePcd]
gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire
[Pcd]
+ gUefiOvmfPkgTokenSpaceGuid.PcdBfvBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageVariableBase
[Depex]
diff --git a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.h
b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.h
index ceff41c03711..f8bdcfe8f219 100644
--- a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.h
+++ b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.h
@@ -8,6 +8,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#define VIRT_HSTI_BYTE0_SMM_SMRAM_LOCK BIT0
#define VIRT_HSTI_BYTE0_SMM_SECURE_VARS_FLASH BIT1
+#define VIRT_HSTI_BYTE0_READONLY_CODE_FLASH BIT2
typedef struct {
// ADAPTER_INFO_PLATFORM_SECURITY
@@ -67,6 +68,18 @@ VirtHstiQemuPCVerify (
VOID
);
+/* QemuCommon.c */
+
+VOID
+VirtHstiQemuCommonInit (
+ VIRT_ADAPTER_INFO_PLATFORM_SECURITY *VirtHsti
+ );
+
+VOID
+VirtHstiQemuCommonVerify (
+ VOID
+ );
+
/* Flash.c */
#define QEMU_FIRMWARE_FLASH_UNKNOWN 0
diff --git a/OvmfPkg/VirtHstiDxe/QemuCommon.c b/OvmfPkg/VirtHstiDxe/QemuCommon.c
new file mode 100644
index 000000000000..4ab3fe2d6e63
--- /dev/null
+++ b/OvmfPkg/VirtHstiDxe/QemuCommon.c
@@ -0,0 +1,36 @@
+/** @file
+
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+
+#include "VirtHstiDxe.h"
+
+VOID
+VirtHstiQemuCommonInit (
+ VIRT_ADAPTER_INFO_PLATFORM_SECURITY *VirtHsti
+ )
+{
+ VirtHstiSetSupported (VirtHsti, 0, VIRT_HSTI_BYTE0_READONLY_CODE_FLASH);
+}
+
+VOID
+VirtHstiQemuCommonVerify (
+ VOID
+ )
+{
+ CHAR16 *ErrorMsg;
+
+ switch (VirtHstiQemuFirmwareFlashCheck (PcdGet32 (PcdBfvBase))) {
+ case QEMU_FIRMWARE_FLASH_WRITABLE:
+ ErrorMsg = L"qemu code pflash is writable";
+ break;
+ default:
+ ErrorMsg = NULL;
+ }
+
+ VirtHstiTestResult (ErrorMsg, 0, VIRT_HSTI_BYTE0_READONLY_CODE_FLASH);
+}
diff --git a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c
b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c
index 74e5e6bd9d4f..b6e53a1219d1 100644
--- a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c
+++ b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c
@@ -104,9 +104,11 @@ VirtHstiOnReadyToBoot (
switch (VirtHstiGetHostBridgeDevId ()) {
case INTEL_82441_DEVICE_ID:
VirtHstiQemuPCVerify ();
+ VirtHstiQemuCommonVerify ();
break;
case INTEL_Q35_MCH_DEVICE_ID:
VirtHstiQemuQ35Verify ();
+ VirtHstiQemuCommonVerify ();
break;
default:
ASSERT (FALSE);
@@ -142,9 +144,11 @@ VirtHstiDxeEntrypoint (
switch (DevId) {
case INTEL_82441_DEVICE_ID:
VirtHsti = VirtHstiQemuPCInit ();
+ VirtHstiQemuCommonInit (VirtHsti);
break;
case INTEL_Q35_MCH_DEVICE_ID:
VirtHsti = VirtHstiQemuQ35Init ();
+ VirtHstiQemuCommonInit (VirtHsti);
break;
default:
DEBUG ((DEBUG_INFO, "%a: unknown platform (0x%x)\n", __func__, DevId));
--
2.44.0
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118083): https://edk2.groups.io/g/devel/message/118083
Mute This Topic: https://groups.io/mt/105667072/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
