Sorry, you need to enable JavaScript to visit this website.

How to build it

vzimmer's picture

There are a lot of vigorous discussions, RFC's, etc on the edk2 developer list. I believe that forms the essence of an open source community, along with rich and insightful commit messages. But sometimes there are features or over-arching technologies that require a bit of additional pedagogy. To that end, we've been Touring in the land of Beyond BIOS for a while, viz https://firmware.intel.com/blog/beyond-bios, and here are a few more stops on that sojourn.

To begin, I just wanted to note that a couple of documents around using the Intel (R) Firmware Support Package, version 2.0, have been posted.  These can be found from the 

https://firmware.intel.com/develop page

and the associated links 

hosting the FSP 2.0 production document 

https://firmware.intel.com/sites/default/files/A_Tour_Beyond_BIOS_Creating_the_Intel_Firmware_Support_Package_with_the_EFI_Developer_Kit_II_%28FSP2.0%29.pdf and the FSP 2.0 consumption document https://firmware.intel.com/sites/default/files/A_Tour_Beyond_BIOS_Using_the_Intel_Firmware_Support_Package_with_the_EFI_Developer_Kit_II_%28FSP2.0%29.pdf, respectively.

The goal of these documents is to provide the intent and overview of leveraging the open source packages for creating https://github.com/tianocore/edk2/tree/master/IntelFsp2Pkg and consuming https://github.com/tianocore/edk2/tree/master/IntelFsp2WrapperPkg FSP binaries. The latter wrapper code needs to be composed into a full platform solution, and https://github.com/tianocore-docs/Docs/raw/master/White_Papers/A_Tour_Beyond_BIOS_Open_Source_IA_Firmware_Platform_Design_Guide_in_EFI_Developer_Kit_II.pdf provides some insight into providing a stream-lined set of platform capabilities. Associated code can be found at https://github.com/jyao1/OpenPlatform where you can see that simple platform code can be curated for both pure open source and FSP+open source, respectively.

In the spirit of providing colleral to help work with the open source, we also created https://github.com/tianocore-docs/Docs/raw/master/White_Papers/A_Tour_Beyond_BIOS_Secure_SMM_Communication.pdfthat is intended to help guide platform builders in how to use the Windows SMM Security Mitigation Table (WSMT) defined at https://aka.ms/wsmt and mentioned in https://firmwaresecurity.com/2016/04/22/new-microsoft-acpi-table-wsmt/

Some people have asked 'where is the WSMT publication in the open source?' The quick answer is that the platform builder has to audit all of the synchronous SMI handlers to see that they meet the construction rules defined by the WSMT. A UEFI EDKII core module cannot unilaterally publish this table. Instead, a platform that has met these guidelines would publish the table in the AcpiPlatform driver, such as https://github.com/tianocore/edk2/blob/master/Vlv2TbltDevicePkg/AcpiPlatform/AcpiPlatform.c.  In fact,  we look forward to potentially providing an implementation of this in the aforementioned platform.

Finally, we have been exploring some alternatives to managing UEFI variables. There is a sample protocol and documentation at https://github.com/jyao1/VariableEx. This is an exploration into addressing issues on how to manage confidentiality-protected assets, like pre-shared keys for networking use-cases, etc. The use of a private protocol allows incubating and deploying art in the open that may be a candidate for future industry standards, for example. 

Well, that's it for today. Happy traveling on this part of the Tour.