QuarkPlatformPkg/PlatformInit: Fix recovery detection issues

https://bugzilla.tianocore.org/show_bug.cgi?id=137
https://bugzilla.tianocore.org/show_bug.cgi?id=139

There are four supported methods to generate a boot mode of
BOOT_IN_RECOVERY_MODE on the Galileo platforms:

* Detect a corrupt FV
* Detect a forced recovery from the ForceRecovery UEFI application
  that sets a bit in a sticky R/W register
* The RESET button for the Arduino shield is held while the system
  is powered up
* The RESET button for the Arduino shield is held while the system
  is rebooted using the REBOOT button.

The logic in the PlatformInit module is cleaned up and updated to
support all three of the recovery detection methods.  The clean
ups include:

* Remove extra debug messages
* Remove user input from serial port

In addition, once one of the recovery methods is detected and a
boot mode of BOOT_IN_RECOVERY_MODE is set, the Galileo platforms
would get an error attempting to use the USB host controller to
detect and read a recovery image from a USB drive.  The issue is
the IMR protection registers are programmed to prevent DMA to
memory owned by the PEI Core. The IMR register programming is
updated to allow DMA to memory that is allocated by the recovery
modules using the PEI AllocatePages() service.

Cc: Kelly Steele <kelly.steele@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Kelly Steele <kelly.steele@intel.com>
This commit is contained in:
Michael Kinney 2016-10-03 11:13:42 -07:00
parent 9c3dea8dda
commit 69a0854b8f
6 changed files with 98 additions and 186 deletions

View File

@ -119,19 +119,6 @@ ValidateFvHeader (
return EFI_SUCCESS;
}
/**
Check whether go to recovery path
@retval TRUE Go to recovery path
@retval FALSE Go to normal path
**/
BOOLEAN
OemRecoveryBootMode ()
{
return PlatformIsBootWithRecoveryStage1 ();
}
/**
Peform the boot mode determination logic
If the box is closed, then
@ -154,31 +141,35 @@ UpdateBootMode (
EFI_STATUS Status;
EFI_BOOT_MODE NewBootMode;
PEI_CAPSULE_PPI *Capsule;
CHAR8 UserSelection;
UINT32 Straps32;
UINT32 RegValue;
NewBootMode = *BootMode;
//
// Read Straps. Used later if recovery boot.
// Read Sticky R/W Bits
//
Straps32 = QNCAltPortRead (QUARK_SCSS_SOC_UNIT_SB_PORT_ID, QUARK_SCSS_SOC_UNIT_STPDDRCFG);
RegValue = QNCAltPortRead (QUARK_SCSS_SOC_UNIT_SB_PORT_ID, QUARK_SCSS_SOC_UNIT_CFG_STICKY_RW);
DEBUG ((EFI_D_ERROR, "RegValue = %08x\n", RegValue));
//
// Check if we need to boot in recovery mode
//
if ((ValidateFvHeader (BootMode) != EFI_SUCCESS)) {
DEBUG ((EFI_D_INFO, "Force Boot mode recovery\n"));
if ((RegValue & B_CFG_STICKY_RW_FORCE_RECOVERY) != 0) {
NewBootMode = BOOT_IN_RECOVERY_MODE;
Status = PeiServicesInstallPpi (&mPpiListRecoveryBootMode);
ASSERT_EFI_ERROR (Status);
if (OemRecoveryBootMode () == FALSE) {
DEBUG ((EFI_D_INFO, "Recovery stage1 not Active, reboot to activate recovery stage1 image\n"));
OemInitiateRecoveryAndWait ();
}
} else if (OemRecoveryBootMode ()) {
DEBUG ((EFI_D_INFO, "Boot mode recovery\n"));
DEBUG ((EFI_D_ERROR, "RECOVERY from sticky bit\n"));;
//
// Clear force recovery sticky bit
//
QNCAltPortWrite (
QUARK_SCSS_SOC_UNIT_SB_PORT_ID,
QUARK_SCSS_SOC_UNIT_CFG_STICKY_RW,
RegValue &(~B_CFG_STICKY_RW_FORCE_RECOVERY)
);
} else if (ValidateFvHeader (BootMode) != EFI_SUCCESS) {
NewBootMode = BOOT_IN_RECOVERY_MODE;
Status = PeiServicesInstallPpi (&mPpiListRecoveryBootMode);
ASSERT_EFI_ERROR (Status);
DEBUG ((EFI_D_ERROR, "RECOVERY from corrupt FV\n"));;
} else if (QNCCheckS3AndClearState ()) {
//
// Determine if we're in capsule update mode
@ -217,41 +208,17 @@ UpdateBootMode (
NewBootMode = BOOT_WITH_FULL_CONFIGURATION;
}
}
*BootMode = NewBootMode;
if (NewBootMode == BOOT_IN_RECOVERY_MODE) {
DEBUG ((EFI_D_INFO, "Boot mode recovery\n"));
Status = PeiServicesInstallPpi (&mPpiListRecoveryBootMode);
ASSERT_EFI_ERROR (Status);
}
Status = PeiServicesSetBootMode (NewBootMode);
ASSERT_EFI_ERROR (Status);
//
// If Recovery Boot then prompt the user to insert a USB key with recovery nodule and
// continue with the recovery. Also give the user a chance to retry a normal boot.
//
if (NewBootMode == BOOT_IN_RECOVERY_MODE) {
if ((Straps32 & B_STPDDRCFG_FORCE_RECOVERY) == 0) {
DEBUG ((EFI_D_ERROR, "*****************************************************************\n"));
DEBUG ((EFI_D_ERROR, "***** Force Recovery Jumper Detected. *****\n"));
DEBUG ((EFI_D_ERROR, "***** Attempting auto recovery of system flash. *****\n"));
DEBUG ((EFI_D_ERROR, "***** Expecting USB key with recovery module connected. *****\n"));
DEBUG ((EFI_D_ERROR, "***** PLEASE REMOVE FORCE RECOVERY JUMPER. *****\n"));
DEBUG ((EFI_D_ERROR, "*****************************************************************\n"));
} else {
DEBUG ((EFI_D_ERROR, "*****************************************************************\n"));
DEBUG ((EFI_D_ERROR, "***** ERROR: System boot failure!!!!!!! *****\n"));
DEBUG ((EFI_D_ERROR, "***** - Press 'R' if you wish to force system recovery *****\n"));
DEBUG ((EFI_D_ERROR, "***** (connect USB key with recovery module first) *****\n"));
DEBUG ((EFI_D_ERROR, "***** - Press any other key to attempt another boot *****\n"));
DEBUG ((EFI_D_ERROR, "*****************************************************************\n"));
UserSelection = PlatformDebugPortGetChar8 ();
if ((UserSelection != 'R') && (UserSelection != 'r')) {
DEBUG ((EFI_D_ERROR, "New boot attempt selected........\n"));
//
// Initialte the cold reset
//
ResetCold ();
}
DEBUG ((EFI_D_ERROR, "Recovery boot selected..........\n"));
}
}
*BootMode = NewBootMode;
return EFI_SUCCESS;
}

View File

@ -67,7 +67,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/IntelQNCLib.h>
#include <Library/PcdLib.h>
#include <Library/SmbusLib.h>
#include <Library/RecoveryOemHookLib.h>
#include <Library/TimerLib.h>
#include <Library/PrintLib.h>
#include <Library/ResetSystemLib.h>
@ -82,4 +81,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Register/Cpuid.h>
#include <Pcal9555.h>
#include <QNCAccess.h>
#endif

View File

@ -554,7 +554,6 @@ InstallEfiMemory (
UINT64 PeiMemoryLength;
UINTN BufferSize;
UINTN PeiMemoryIndex;
UINTN RequiredMemSize;
EFI_RESOURCE_ATTRIBUTE_TYPE Attribute;
EFI_PHYSICAL_ADDRESS BadMemoryAddress;
EFI_SMRAM_DESCRIPTOR DescriptorAcpiVariable;
@ -613,12 +612,6 @@ InstallEfiMemory (
);
ASSERT_EFI_ERROR (Status);
//
// Get required memory size for ACPI use. This helps to put ACPI memory on the topest
//
RequiredMemSize = 0;
RetriveRequiredMemorySize (PeiServices, &RequiredMemSize);
//
// Detect MOR request by the OS.
//
@ -735,15 +728,14 @@ InstallEfiMemory (
//
Status = SetPlatformImrPolicy (
PeiMemoryBaseAddress,
PeiMemoryLength,
RequiredMemSize
PeiMemoryLength
);
ASSERT_EFI_ERROR (Status);
//
// Carve out the top memory reserved for ACPI
//
Status = PeiServicesInstallPeiMemory (PeiMemoryBaseAddress, (PeiMemoryLength - RequiredMemSize));
Status = PeiServicesInstallPeiMemory (PeiMemoryBaseAddress, PeiMemoryLength);
ASSERT_EFI_ERROR (Status);
BuildResourceDescriptorHob (
@ -1073,69 +1065,6 @@ InstallS3Memory (
return EFI_SUCCESS;
}
/**
This function returns the size, in bytes, required for the DXE phase.
@param PeiServices PEI Services table.
@param Size Pointer to the size, in bytes, required for the DXE phase.
@return None
**/
VOID
RetriveRequiredMemorySize (
IN EFI_PEI_SERVICES **PeiServices,
OUT UINTN *Size
)
{
EFI_PEI_HOB_POINTERS Hob;
EFI_MEMORY_TYPE_INFORMATION *MemoryData;
UINT8 Index;
UINTN TempPageNum;
MemoryData = NULL;
TempPageNum = 0;
Index = 0;
PeiServicesGetHobList ((VOID **)&Hob.Raw);
while (!END_OF_HOB_LIST (Hob)) {
if (Hob.Header->HobType == EFI_HOB_TYPE_GUID_EXTENSION &&
CompareGuid (&Hob.Guid->Name, &gEfiMemoryTypeInformationGuid)
) {
MemoryData = (EFI_MEMORY_TYPE_INFORMATION *) (Hob.Raw + sizeof (EFI_HOB_GENERIC_HEADER) + sizeof (EFI_GUID));
break;
}
Hob.Raw = GET_NEXT_HOB (Hob);
}
//
// Platform PEIM should supply such a information. Generic PEIM doesn't assume any default value
//
if (!MemoryData) {
return ;
}
while (MemoryData[Index].Type != EfiMaxMemoryType) {
//
// Accumulate default memory size requirements
//
TempPageNum += MemoryData[Index].NumberOfPages;
Index++;
}
if (TempPageNum == 0) {
return ;
}
//
// Add additional pages used by DXE memory manager
//
(*Size) = (TempPageNum + EDKII_DXE_MEM_SIZE_PAGES) * EFI_PAGE_SIZE;
return ;
}
/**
This function returns the memory ranges to be enabled, along with information
@ -1481,7 +1410,6 @@ Done:
@param PeiMemoryBaseAddress Base address of memory allocated for PEI.
@param PeiMemoryLength Length in bytes of the PEI memory (includes ACPI memory).
@param RequiredMemSize Size in bytes of the ACPI/Runtime memory
@return EFI_SUCCESS The function completed successfully.
EFI_ACCESS_DENIED Access to IMRs failed.
@ -1490,8 +1418,7 @@ Done:
EFI_STATUS
SetPlatformImrPolicy (
IN EFI_PHYSICAL_ADDRESS PeiMemoryBaseAddress,
IN UINT64 PeiMemoryLength,
IN UINTN RequiredMemSize
IN UINT64 PeiMemoryLength
)
{
UINT8 Index;
@ -1514,17 +1441,6 @@ SetPlatformImrPolicy (
}
}
//
// Add IMR0 protection for the 'PeiMemory'
//
QncImrWrite (
QUARK_NC_MEMORY_MANAGER_IMR0,
(UINT32)(((RShiftU64(PeiMemoryBaseAddress, 8)) & IMRL_MASK) | IMR_EN),
(UINT32)((RShiftU64((PeiMemoryBaseAddress+PeiMemoryLength-RequiredMemSize + EFI_PAGES_TO_SIZE(EDKII_DXE_MEM_SIZE_PAGES-1) - 1), 8)) & IMRL_MASK),
(UINT32)(CPU_SNOOP + CPU0_NON_SMM),
(UINT32)(CPU_SNOOP + CPU0_NON_SMM)
);
//
// Add IMR2 protection for shadowed RMU binary.
//
@ -1547,28 +1463,6 @@ SetPlatformImrPolicy (
(UINT32)(CPU_SNOOP + CPU0_NON_SMM)
);
//
// Add IMR5 protection for the legacy S3 and AP Startup Vector region (below 1MB).
//
QncImrWrite (
QUARK_NC_MEMORY_MANAGER_IMR5,
(UINT32)(((RShiftU64(AP_STARTUP_VECTOR, 8)) & IMRL_MASK) | IMR_EN),
(UINT32)((RShiftU64((AP_STARTUP_VECTOR + EFI_PAGE_SIZE - 1), 8)) & IMRH_MASK),
(UINT32)(CPU_SNOOP + CPU0_NON_SMM),
(UINT32)(CPU_SNOOP + CPU0_NON_SMM)
);
//
// Add IMR6 protection for the ACPI Reclaim/ACPI/Runtime Services.
//
QncImrWrite (
QUARK_NC_MEMORY_MANAGER_IMR6,
(UINT32)(((RShiftU64((PeiMemoryBaseAddress+PeiMemoryLength-RequiredMemSize+EFI_PAGES_TO_SIZE(EDKII_DXE_MEM_SIZE_PAGES-1)), 8)) & IMRL_MASK) | IMR_EN),
(UINT32)((RShiftU64((PeiMemoryBaseAddress+PeiMemoryLength-EFI_PAGE_SIZE-1), 8)) & IMRH_MASK),
(UINT32)(CPU_SNOOP + CPU0_NON_SMM),
(UINT32)(CPU_SNOOP + CPU0_NON_SMM)
);
//
// Enable IMR4 protection of eSRAM.
//

View File

@ -29,8 +29,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#define ACPI_RECLAIM_SIZE_PAGES 0x20
#define EDKII_DXE_MEM_SIZE_PAGES 0x20
#define AP_STARTUP_VECTOR 0x00097000
//
// Maximum number of "Socket Sets", where a "Socket Set is a set of matching
// DIMM's from the various channels
@ -185,12 +183,6 @@ SaveConfig (
IN MRCParams_t *MrcData
);
VOID
RetriveRequiredMemorySize (
IN EFI_PEI_SERVICES **PeiServices,
OUT UINTN *Size
);
EFI_STATUS
GetMemoryMap (
IN EFI_PEI_SERVICES **PeiServices,
@ -225,8 +217,7 @@ BaseMemoryTest (
EFI_STATUS
SetPlatformImrPolicy (
IN EFI_PHYSICAL_ADDRESS PeiMemoryBaseAddress,
IN UINT64 PeiMemoryLength,
IN UINTN RequiredMemSize
IN UINT64 PeiMemoryLength
);
VOID

View File

@ -200,7 +200,8 @@ SetLanControllerMacAddr (
**/
EFI_STATUS
EarlyPlatformConfigGpioExpanders (
IN CONST EFI_PLATFORM_TYPE PlatformType
IN CONST EFI_PLATFORM_TYPE PlatformType,
EFI_BOOT_MODE BootMode
)
{
EFI_STATUS Status;
@ -266,6 +267,30 @@ EarlyPlatformConfigGpioExpanders (
GALILEO_GEN2_IOEXP2_7BIT_SLAVE_ADDR, // IO Expander 2.
15 // P1-7.
);
if (BootMode != BOOT_IN_RECOVERY_MODE) {
//
// Read state of Reset Button - EXP2.P1_7
// This GPIO is pulled high when the button is not pressed
// This GPIO reads low when button is pressed
//
if (!PlatformPcal9555GpioGetState (
GALILEO_GEN2_IOEXP2_7BIT_SLAVE_ADDR, // IO Expander 2
15 // P1-7
)) {
DEBUG ((EFI_D_INFO, " Force Recovery mode and reset\n"));
//
// Set 'B_CFG_STICKY_RW_FORCE_RECOVERY' sticky bit so we know we need to do a recovery following warm reset
//
QNCAltPortWrite (
QUARK_SCSS_SOC_UNIT_SB_PORT_ID,
QUARK_SCSS_SOC_UNIT_CFG_STICKY_RW,
QNCAltPortRead (QUARK_SCSS_SOC_UNIT_SB_PORT_ID, QUARK_SCSS_SOC_UNIT_CFG_STICKY_RW) | B_CFG_STICKY_RW_FORCE_RECOVERY
);
ResetWarm();
}
}
}
//
@ -393,6 +418,40 @@ EarlyPlatformConfigGpioExpanders (
&Buffer
);
ASSERT_EFI_ERROR (Status);
if (BootMode != BOOT_IN_RECOVERY_MODE) {
//
// Read state of RESET_N_SHLD (GPORT5_BIT0)
//
Buffer[1] = 5;
Length = 1;
ReadLength = 1;
Status = I2cReadMultipleByte (
I2CSlaveAddress,
EfiI2CSevenBitAddrMode,
&Length,
&ReadLength,
&Buffer[1]
);
ASSERT_EFI_ERROR (Status);
//
// Return the state of GPORT5_BIT0
//
if ((Buffer[1] & BIT0) == 0) {
DEBUG ((EFI_D_INFO, " Force Recovery mode and reset\n"));
//
// Set 'B_CFG_STICKY_RW_FORCE_RECOVERY' sticky bit so we know we need to do a recovery following warm reset
//
QNCAltPortWrite (
QUARK_SCSS_SOC_UNIT_SB_PORT_ID,
QUARK_SCSS_SOC_UNIT_CFG_STICKY_RW,
QNCAltPortRead (QUARK_SCSS_SOC_UNIT_SB_PORT_ID, QUARK_SCSS_SOC_UNIT_CFG_STICKY_RW) | B_CFG_STICKY_RW_FORCE_RECOVERY
);
ResetWarm();
}
}
}
return EFI_SUCCESS;
@ -514,7 +573,7 @@ PeiInitPlatform (
//
//
DEBUG ((EFI_D_INFO, "EarlyPlatformConfigGpioExpanders ()\n"));
EarlyPlatformConfigGpioExpanders (PlatformType);
EarlyPlatformConfigGpioExpanders (PlatformType, BootMode);
//
// Now that all of the pre-permanent memory activities have
@ -791,8 +850,8 @@ EarlyPlatformInit (
//
if (CheckForResetDueToErrors (TRUE)) {
if(FeaturePcdGet (WaitIfResetDueToError)) {
DEBUG ((EFI_D_ERROR, "Press any key to continue.\n"));
PlatformDebugPortGetChar8 ();
DEBUG ((EFI_D_ERROR, "Wait 10 seconds.\n"));
MicroSecondDelay(10000000);
}
}

View File

@ -88,7 +88,6 @@
ResetSystemLib
PrintLib
TimerLib
RecoveryOemHookLib
PcdLib
IntelQNCLib
ReportStatusCodeLib