feat: [Common] Add CSME code resiliency#2686
Conversation
ana-rajput
force-pushed
the
csme-code-resiliency
branch
from
3efdd92 to
4f393f1
Compare
ana-rajput
changed the title
- Add CheckForMeCodeFailures/IsMeCorrupt/GetMeHfsts to detect ME corruption via HFSTS1/2 PCI config space reads - On first detection set WDT BIT16 and cold reset to trigger CSME capsule FWU via normal FWU payload flow - FirmwareUpdate: pass IsCsmeRecovery to GetCapsuleImage to select CSME capsule (tag 0x081) vs standard FWU capsule (tag 0x080) Signed-off-by: Rajput, Anamika <[email protected]>
ana-rajput
force-pushed
the
csme-code-resiliency
branch
2 times, most recently
from
1b0c403 to
6d693a5
Compare
ana-rajput
changed the title
….dsc Signed-off-by: Anamika Rajput <[email protected]>
ana-rajput
force-pushed
the
csme-code-resiliency
branch
from
6d693a5 to
b2b0bc2
Compare
Signed-off-by: Anamika Rajput <[email protected]>
ana-rajput
force-pushed
the
csme-code-resiliency
branch
from
6cec63f to
9b4ffeb
Compare
| } | ||
|
|
||
| // FWU already triggered on a prior boot — let the FWU payload proceed. | ||
| if (WdtGetScratchpad (BIT16) != 0) { |
There was a problem hiding this comment.
use B_ACPI_IO_OC_WDT_CTL_UPDATE_TRIGGER instead of BIT16.
|
|
||
| // First detection — trigger CSME capsule FWU. | ||
| DEBUG ((DEBUG_WARN, "ME corruption detected - triggering CSME capsule FWU and resetting\n")); | ||
| WdtSetScratchpad (BIT16); |
| CrashLogLib|Silicon/CommonSocPkg/Library/CrashLogLibNull/CrashLogLibNull.inf | ||
| FusaConfigLib|Silicon/CommonSocPkg/Library/FusaConfigLibNull/FusaConfigLibNull.inf | ||
| IppCryptoPerfLib|BootloaderCommonPkg/Library/IppCryptoPerfLib/IppCryptoPerfLib.inf | ||
| FirmwareResiliencyLib|BootloaderCorePkg/Library/FirmwareResiliencyLib/FirmwareResiliencyLib.inf |
There was a problem hiding this comment.
This should already be there for all platforms
| FirmwareResiliencyLib|BootloaderCorePkg/Library/FirmwareResiliencyLib/FirmwareResiliencyLib.inf | ||
|
|
||
| ################################################################################ | ||
| # |
| gSmmInformationGuid = { 0x2d939d66, 0xceec, 0x4244, { 0x94, 0x97, 0x6e, 0x1c, 0x6f, 0x92, 0x54, 0x2c } } | ||
| gEsrtSystemFirmwareGuid = { 0xbfbaf62d, 0x0a27, 0x4390, { 0x99, 0xf6, 0x8a, 0xe1, 0xca, 0x62, 0x62, 0x77 } } | ||
| gCsmeFWUDriverImageFileGuid = { 0x4A467997, 0xA909, 0x4678, { 0x91, 0x0C, 0xE0, 0xFE, 0x1C, 0x90, 0x56, 0xEA } } | ||
| gCsmeFWUpdateImageFileGuid = { 0x43AEF186, 0x0CA5, 0x4230, { 0xB1, 0xBD, 0x19, 0x3F, 0xB4, 0x62, 0x72, 0x01 } } |
There was a problem hiding this comment.
What is the purpose of this Guid? This is never used.
| // | ||
| CapsuleInfo = (CAPSULE_INFO_CFG_DATA *) FindConfigDataByTag (CDATA_CAPSULE_INFO_TAG); | ||
| // Get capsule config: CSME recovery tries tag 0x081 first, falls back to 0x080. | ||
| if (IsCsmeRecovery) { |
There was a problem hiding this comment.
Would you share the info how IsCsmeRecovery is getting set?
| } else { | ||
| DEBUG((DEBUG_INFO, "Triggered FW update!\n")); | ||
| Status = InitFirmwareUpdate (); | ||
| Status = InitFirmwareUpdate (IsMeRecovery); |
There was a problem hiding this comment.
It looks we need to maintain enum here for code to be extendable
0 - No recovery
1 - CSME Recovery
2 - IOE Recovery
3 - for future
There was a problem hiding this comment.
Agree with Subash to have an enum for recovery reason. e.g.:
typedef enum {
RECOVERY_NONE = 0,
RECOVERY_SBL = 1, // SBL partition corruption (ACM/TCO)
RECOVERY_CSME = 2, // CSME code corruption
RECOVERY_IOE = 3, // IOE CSME (future)
} RECOVERY_REASON;
| *Hfsts1 = 0; | ||
| *Hfsts2 = 0; | ||
|
|
||
| MeDeviceAddr = GetDeviceAddr (PlatformDeviceMe, 0); |
There was a problem hiding this comment.
This can be simplified for getting HeciBase address.
Refer to bootguard lib,
HeciBaseAddress = MeGetHeciMmPciAddress (0, 0);
| or boots degraded if FWU already completed. **/ | ||
| VOID | ||
| EFIAPI | ||
| CheckForMeCodeFailures ( |
There was a problem hiding this comment.
Firmware resiencylib will be available only when PcdFirmwareResilency** pcd is enabled.
Were you bringing the CSME under the same PCD?
| @@ -1,3 +1,3 @@ | |||
| /** @file | |||
|
|
|||
| Copyright (c) 2022, Intel Corporation. All rights reserved.<BR> | |||
There was a problem hiding this comment.
update the year on headers, Applicable for all files.
4 participants
Uh oh!
There was an error while loading. Please reload this page.