ArmPlatformPkg: enable use of authenticated variables in NorFlashDxe

The NorFlashDxe uses an explicit 'BEFORE xxx' Depex declaration to
ensure that it is dispatched before VariableRuntimeDxe, and uses the
file GUID of the latter as 'xxx' explicitly to accomplish that.

However, when enabling UEFI Secure Boot, this breaks down since the
authenticated VariableRuntimeDxe is a completely separate driver, with
a different GUID. Also, the hardcoded dependency on gEfiVariableGuid,
which is not used under UEFI Secure Boot, needs to be factored out in
order to allow this driver to be used.

So clone NorFlashDxe.inf into NorFlashAuthenticatedDxe.inf, and fix
up the dependencies so they refer to gEfiAuthenticatedVariableGuid and
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf
instead.

Contributed-under: TianoCore Contribution Agreement 1.0
Reviewed-by: Olivier Martin <olivier.martin@arm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>



git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17355 6f19259b-4bc3-4df7-8a09-765794883524

ArmPlatformPkg/ArmPlatformPkg.dec

@@ -36,6 +36,10 @@
   # Following Guid must match FILE_GUID in MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
   #
   gVariableRuntimeDxeFileGuid = { 0xcbd2e4d5, 0x7068, 0x4ff5, { 0xb4, 0x62, 0x98, 0x22, 0xb4, 0xad, 0x8d, 0x60 } }
+  #
+  # Following Guid must match FILE_GUID in SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf
+  #
+  gVariableAuthenticatedRuntimeDxeFileGuid = { 0x2226f30f, 0x3d5b, 0x402d,  {0x99, 0x36, 0xa9, 0x71, 0x84, 0xEB, 0x45, 0x16 } }
 
   ## Include/Guid/ArmGlobalVariableHob.h
   gArmGlobalVariableGuid      = { 0xc3253c90, 0xa24f, 0x4599, { 0xa6, 0x64, 0x1f, 0x88, 0x13, 0x77, 0x8f, 0xc9} }

ArmPlatformPkg/ArmVExpressPkg/ArmVExpressPkg.dec

@@ -33,10 +33,6 @@
 
 [Guids.common]
   gArmVExpressTokenSpaceGuid    =  { 0x9c0aaed4, 0x74c5, 0x4043, { 0xb4, 0x17, 0xa3, 0x22, 0x38, 0x14, 0xce, 0x76 } }
-  #
-  # Following Guid must match FILE_GUID in MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
-  #
-  gVariableRuntimeDxeFileGuid = { 0xcbd2e4d5, 0x7068, 0x4ff5, { 0xb4, 0x62, 0x98, 0x22, 0xb4, 0xad, 0x8d, 0x60 } }
 
 [PcdsFeatureFlag.common]
 

ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashAuthenticatedDxe.inf

@@ -0,0 +1,76 @@
+#/** @file
+#
+#  Component description file for NorFlashAuthenticatedDxe module
+#
+#  Copyright (c) 2011 - 2014, ARM Ltd. All rights reserved.<BR>
+#  Copyright (c) 2015, Linaro Ltd. All rights reserved.<BR>
+#
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution.  The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php
+#
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#**/
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = NorFlashAuthenticatedDxe
+  FILE_GUID                      = 10B86CEA-F2FE-456A-B1C7-4F506CA46005
+  MODULE_TYPE                    = DXE_RUNTIME_DRIVER
+  VERSION_STRING                 = 1.0
+  ENTRY_POINT                    = NorFlashInitialise
+
+[Sources.common]
+  NorFlashDxe.c
+  NorFlashFvbDxe.c
+  NorFlashBlockIoDxe.c
+  NorFlashAuthenticatedVariableDep.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  ArmPlatformPkg/ArmPlatformPkg.dec
+  SecurityPkg/SecurityPkg.dec
+
+[LibraryClasses]
+  IoLib
+  BaseLib
+  DebugLib
+  HobLib
+  NorFlashPlatformLib
+  UefiLib
+  UefiDriverEntryPoint
+  UefiBootServicesTableLib
+  UefiRuntimeLib
+  DxeServicesTableLib
+
+[Guids]
+  gEfiSystemNvDataFvGuid
+  gEfiAuthenticatedVariableGuid
+  gEfiEventVirtualAddressChangeGuid
+
+[Protocols]
+  gEfiBlockIoProtocolGuid
+  gEfiDevicePathProtocolGuid
+  gEfiFirmwareVolumeBlockProtocolGuid
+  gEfiDiskIoProtocolGuid
+
+[Pcd.common]
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize
+
+  gArmPlatformTokenSpaceGuid.PcdNorFlashCheckBlockLocked
+
+[Depex]
+  #
+  # NorFlashAuthenticatedDxe must be loaded before VariableAuthenticatedRuntimeDxe
+  # in case empty flash needs populating with default values
+  #
+  BEFORE gVariableAuthenticatedRuntimeDxeFileGuid

ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashAuthenticatedVariableDep.c

@@ -0,0 +1,19 @@
+/** @file  NorFlashAuthenticatedVariableDep.c
+
+  Copyright (c) 2015, Linaro Ltd. All rights reserved.<BR>
+
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Base.h>
+
+#include <Include/Guid/AuthenticatedVariableFormat.h>
+
+CONST EFI_GUID* CONST mNorFlashVariableGuid = &gEfiAuthenticatedVariableGuid;

ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.h

@@ -152,6 +152,8 @@ struct _NOR_FLASH_INSTANCE {
   NOR_FLASH_DEVICE_PATH               DevicePath;
 };
 
+extern CONST EFI_GUID* CONST          mNorFlashVariableGuid;
+
 EFI_STATUS
 NorFlashReadCfiData (
   IN  UINTN                   DeviceBaseAddress,

ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashDxe.inf

@@ -26,6 +26,7 @@
   NorFlashDxe.c
   NorFlashFvbDxe.c
   NorFlashBlockIoDxe.c
+  NorFlashVariableDep.c
 
 [Packages]
   MdePkg/MdePkg.dec

ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashFvbDxe.c

@@ -111,7 +111,7 @@ InitializeFvAndVariableStoreHeaders (
   // VARIABLE_STORE_HEADER
   //
   VariableStoreHeader = (VARIABLE_STORE_HEADER*)((UINTN)Headers + FirmwareVolumeHeader->HeaderLength);
-  CopyGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid);
+  CopyGuid (&VariableStoreHeader->Signature, mNorFlashVariableGuid);
   VariableStoreHeader->Size = PcdGet32(PcdFlashNvStorageVariableSize) - FirmwareVolumeHeader->HeaderLength;
   VariableStoreHeader->Format            = VARIABLE_STORE_FORMATTED;
   VariableStoreHeader->State             = VARIABLE_STORE_HEALTHY;
@@ -178,7 +178,7 @@ ValidateFvHeader (
   VariableStoreHeader = (VARIABLE_STORE_HEADER*)((UINTN)FwVolHeader + FwVolHeader->HeaderLength);
 
   // Check the Variable Store Guid
-  if( CompareGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid) == FALSE ) {
+  if (!CompareGuid (&VariableStoreHeader->Signature, mNorFlashVariableGuid)) {
     DEBUG ((EFI_D_ERROR, "ValidateFvHeader: Variable Store Guid non-compatible\n"));
     return EFI_NOT_FOUND;
   }

ArmPlatformPkg/Drivers/NorFlashDxe/NorFlashVariableDep.c

@@ -0,0 +1,19 @@
+/** @file  NorFlashVariableDep.c
+
+  Copyright (c) 2015, Linaro Ltd. All rights reserved.<BR>
+
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Base.h>
+
+#include <Include/Guid/VariableFormat.h>
+
+CONST EFI_GUID* CONST mNorFlashVariableGuid = &gEfiVariableGuid;