wolfSSL · dgarske · May 9, 2024 · Sep 28, 2023 · Oct 3, 2023 · Oct 3, 2023
diff --git a/.github/workflows/test-x86-fsp-qemu.yml b/.github/workflows/test-x86-fsp-qemu.yml
@@ -0,0 +1,23 @@
+name: X86 FSP QEMU test
+
+on:
+  pull_request:
+    branches: [ '*' ]
+jobs:
+  fsp_qemu_test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          submodules: true
+      - name: install req
+        run: |
+          sudo apt-get update
+          sudo apt-get install --no-install-recommends -y -q nasm gcc-multilib qemu-system-x86 swtpm
+      - name: setup git
+        run: |
+          git config --global user.email "you@example.com"
+          git config --global user.name "Your Name"
+      - name: run test
+        run: |
+          ./tools/scripts/x86_fsp/qemu/test_qemu.sh
diff --git a/.gitignore b/.gitignore
@@ -132,6 +132,8 @@ CMakeCache.txt
 
 # Stage 1
 stage1/loader_stage1.ld
+hal/x86_fsp_tgl_stage1.ld
+hal/x86_fsp_qemu_stage1.ld
 
 debug/lauterbach
 
@@ -177,3 +179,12 @@ IDE/Renesas/e2studio/RZN2L/wolfboot/.secure_azone
 IDE/Renesas/e2studio/RZN2L/wolfboot/.secure_xml
 IDE/Renesas/e2studio/RZN2L/wolfboot/configuration.xml
 
+
+tpm_seal_key.key
+
+# FSP downloaded headers
+include/x86/fsp/FspUpd.h
+include/x86/fsp/FspmUpd.h
+include/x86/fsp/FspsUpd.h
+include/x86/fsp/FsptUpd.h
+include/x86/fsp/MemInfoHob.h
diff --git a/arch.mk b/arch.mk
@@ -649,6 +649,7 @@ endif
 ifeq ($(filter $(TARGET),x86_fsp_qemu kontron_vx3060_s2),$(TARGET))
   FSP=1
   CFLAGS+=-DWOLFBOOT_FSP=1
+  CFLAGS+=-ffunction-sections -fdata-sections
   ifeq ($(TARGET), kontron_vx3060_s2)
     FSP_TGL=1
     CFLAGS+=-DWOLFBOOT_TGL=1
@@ -675,11 +676,11 @@ ifeq ("${FSP}", "1")
       LSCRIPT_IN = ../hal/$(TARGET)_stage1.ld
     endif
     # using ../wolfboot.map as stage1 is built from stage1 sub-directory
-    LDFLAGS = --defsym main=`grep main ../wolfboot.map | awk '{print $$1}'` \
-              --defsym wb_start_bss=`grep _start_bss ../wolfboot.map | awk '{print $$1}'` \
-              --defsym wb_end_bss=`grep _end_bss ../wolfboot.map | awk '{print $$1}'` \
-              --defsym _stage2_params=`grep _stage2_params ../wolfboot.map | awk '{print $$1}'`
-    LDFLAGS +=  --no-gc-sections --print-gc-sections -T $(LSCRIPT) -m elf_i386  -Map=loader_stage1.map
+    LDFLAGS = --defsym main=0x`nm ../wolfboot.elf | grep -w main | awk '{print $$1}'` \
+              --defsym wb_start_bss=0x`nm ../wolfboot.elf | grep -w _start_bss | awk '{print $$1}'` \
+              --defsym wb_end_bss=0x`nm ../wolfboot.elf | grep -w _end_bss | awk '{print $$1}'` \
+              --defsym _stage2_params=0x`nm ../wolfboot.elf | grep -w _stage2_params | awk '{print $$1}'`
+    LDFLAGS +=  --gc-sections --entry=reset_vector -T $(LSCRIPT) -m elf_i386  -Map=loader_stage1.map
     OBJS += src/boot_x86_fsp.o
     OBJS += src/boot_x86_fsp_start.o
     OBJS += src/fsp_m.o
@@ -691,6 +692,7 @@ ifeq ("${FSP}", "1")
     OBJS += src/pci.o
     OBJS += hal/x86_uart.o
     OBJS += src/string.o
+    OBJS += src/stage2_params.o
     ifeq ($(filter-out $(STAGE1_AUTH),1),)
       OBJS += src/libwolfboot.o
       OBJS += src/image.o
@@ -707,7 +709,6 @@ ifeq ("${FSP}", "1")
     CFLAGS += -fno-stack-protector -m32 -fno-PIC -fno-pie -mno-mmx -mno-sse -DDEBUG_UART
     ifeq ($(FSP_TGL), 1)
       OBJS+=src/x86/tgl_fsp.o
-      OBJS+=src/fsp_tgl_s_upd.o
       OBJS+=src/ucode0.o
       CFLAGS += -DUCODE0_ADDRESS=$(UCODE0_BASE)
     endif
@@ -721,7 +722,7 @@ ifeq ("${FSP}", "1")
     else
       LSCRIPT_IN = hal/$(TARGET).ld.in
     endif
-    LDFLAGS =  --no-gc-sections --print-gc-sections -T $(LSCRIPT) -Map=wolfboot.map
+    LDFLAGS = --gc-sections --entry=main  -T $(LSCRIPT) -Map=wolfboot.map
     CFLAGS += -fno-stack-protector -fno-PIC -fno-pie -mno-mmx -mno-sse -Os -DDEBUG_UART
     OBJS += hal/x86_fsp_tgl.o
     OBJS += hal/x86_uart.o
@@ -733,6 +734,8 @@ ifeq ("${FSP}", "1")
     OBJS += src/x86/ata.o
     OBJS += src/x86/gpt.o
     OBJS += src/x86/mptable.o
+    OBJS += src/stage2_params.o
+    OBJS += src/x86/exceptions.o
     UPDATE_OBJS := src/update_disk.o
     ifeq ($(64BIT),1)
       LDFLAGS += -m elf_x86_64 --oformat elf64-x86-64

diff --git a/config/examples/kontron_vx3060_s2.config b/config/examples/kontron_vx3060_s2.config
@@ -1,7 +1,7 @@
 ARCH=x86_64
 TARGET=kontron_vx3060_s2
 WOLFBOOT_SMALL_STACK=0
-SIGN=ECC256
+SIGN=ECC384
 HASH=SHA256
 DEBUG=1
 SPMATH=1
@@ -14,17 +14,15 @@ WOLFBOOT_PARTITION_BOOT_ADDRESS=0xff400000
 WOLFBOOT_PARTITION_SWAP_ADDRESS=0x0
 WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x0
 
-# 128mb
-WOLFBOOT_LOAD_BASE=0x8000000
-WOLFBOOT_LOAD_ADDRESS=0x1000000
+# 1408mb + 0x200 (For the header)
+WOLFBOOT_LOAD_BASE=0x58000200
 
 # required for keytools
 WOLFBOOT_SECTOR_SIZE?=0x1000
 WOLFBOOT_DATA_ADDRESS=0x1000000
 
 
 FSP_S_BASE=0xffea0000
-FSP_S_UPD_DATA_BASE=0xffd00000
 FSP_T_BASE=0xfff59000
 FSP_M_BASE=0xfff60000
 
@@ -59,8 +57,10 @@ MULTIBOOT2=1
 
 FSP_S_LOAD_BASE=0x0FED5F00
 STAGE1_AUTH=1
-# MEASURED_BOOT=1
-# MEASURED_PCR_A=0
-# DISK_LOCK=1
-# WOLFTPM=1
-# WOLFBOOT_TPM_SEAL=1
+MEASURED_BOOT=1
+MEASURED_PCR_A=0
+DISK_LOCK=0
+WOLFTPM=1
+WOLFBOOT_TPM_SEAL=1
+WOLFBOOT_TPM_SEAL_KEY_ID=1
+WOLFBOOT_UNIVERSAL_KEYSTORE=1
diff --git a/config/examples/x86_fsp_qemu.config b/config/examples/x86_fsp_qemu.config
@@ -1,8 +1,8 @@
 ARCH=x86_64
 TARGET=x86_fsp_qemu
 WOLFBOOT_SMALL_STACK=1
-SIGN?=ECC384
-HASH?=SHA384
+SIGN=ECC256
+HASH=SHA256
 DEBUG=1
 SPMATH=1
 FORCE_32BIT=1
@@ -16,9 +16,6 @@ WOLFTPM=0
 #WOLFBOOT_TPM_POLICY_NV_INDEX?=0x01800201
 
 # 4gb - 8mb
-WOLFBOOT_PARTITION_BOOT_ADDRESS=0xff800000
-WOLFBOOT_PARTITION_SWAP_ADDRESS=0x0
-WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x0
 WOLFBOOT_LOAD_BASE=0x2000000
 WOLFBOOT_LOAD_ADDRESS=0x1000000
 
@@ -30,13 +27,15 @@ FSP_M_BASE=0xffe30000
 FSP_S_BASE=0xffed6000
 FSP_T_BASE=0xfffe0000
 FSP_S_LOAD_BASE=0x0FED5F00
-WOLFBOOT_ORIGIN=0xfffa0000
-LINUX_PAYLOAD=1
+WOLFBOOT_ORIGIN=0xfff80000
 
-BOOTLOADER_PARTITION_SIZE=0xa0000
+BOOTLOADER_PARTITION_SIZE=0xe0000
 BIOS_REGION_SIZE=0x800000
 MACHINE_OBJ=src/x86/qemu_fsp.o
 FSP_T_BIN=./src/x86/fsp_t.bin
 FSP_M_BIN=./src/x86/fsp_m.bin
 FSP_S_BIN=./src/x86/fsp_s.bin
 STAGE1_AUTH=1
+64BIT=1
+ELF=1
+MULTIBOOT2=1
diff --git a/config/examples/x86_fsp_qemu_tpm.config → config/examples/x86_fsp_qemu_seal.config b/config/examples/x86_fsp_qemu_tpm.config → config/examples/x86_fsp_qemu_seal.config
@@ -1,30 +1,21 @@
 ARCH=x86_64
 TARGET=x86_fsp_qemu
 WOLFBOOT_SMALL_STACK=0
-SIGN?=ECC256
-HASH?=SHA256
+SIGN=ECC384
+HASH=SHA256
 DEBUG=1
 SPMATH=1
 FORCE_32BIT=1
 ENCRYPTION=0
 WOLFBOOT_NO_PARTITIONS=1
-WOLFTPM=1
 
-# Measured boot
-MEASURED_BOOT=1
-MEASURED_PCR_A=0
-WOLFBOOT_TPM_SEAL=1
-DISK_LOCK=1
 
 # TPM Keystore options
 #WOLFBOOT_TPM_KEYSTORE?=1
 #WOLFBOOT_TPM_KEYSTORE_NV_BASE?=0x01800200
 #WOLFBOOT_TPM_POLICY_NV_INDEX?=0x01800201
 
 # 4gb - 8mb
-WOLFBOOT_PARTITION_BOOT_ADDRESS=0xff800000
-WOLFBOOT_PARTITION_SWAP_ADDRESS=0x0
-WOLFBOOT_PARTITION_UPDATE_ADDRESS=0x0
 WOLFBOOT_LOAD_BASE=0x2000000
 WOLFBOOT_LOAD_ADDRESS=0x1000000
 
@@ -36,13 +27,22 @@ FSP_M_BASE=0xffe30000
 FSP_S_BASE=0xffed6000
 FSP_T_BASE=0xfffe0000
 FSP_S_LOAD_BASE=0x0FED5F00
-WOLFBOOT_ORIGIN=0xfff90000
-LINUX_PAYLOAD=1
+WOLFBOOT_ORIGIN=0xfff80000
 
-BOOTLOADER_PARTITION_SIZE=0xb0000
+BOOTLOADER_PARTITION_SIZE=0xe0000
 BIOS_REGION_SIZE=0x800000
 MACHINE_OBJ=src/x86/qemu_fsp.o
 FSP_T_BIN=./src/x86/fsp_t.bin
 FSP_M_BIN=./src/x86/fsp_m.bin
 FSP_S_BIN=./src/x86/fsp_s.bin
+
 STAGE1_AUTH=1
+64BIT=1
+ELF=1
+MULTIBOOT2=1
+MEASURED_BOOT=1
+MEASURED_PCR_A=0
+WOLFBOOT_TPM_SEAL=1
+WOLFBOOT_TPM_SEAL_KEY_ID=1
+DISK_LOCK=1
+WOLFBOOT_UNIVERSAL_KEYSTORE=1
diff --git a/config/examples/x86_fsp_qemu_stage1_auth.config b/config/examples/x86_fsp_qemu_stage1_auth.config
diff --git a/config/examples/x86_fsp_qemu_tpm_keystore.config b/config/examples/x86_fsp_qemu_tpm_keystore.config