This book provides an overview of modern boot firmware, including the Unified Extensible Firmware Interface (UEFI) and its associated EFI Developer Kit II (EDKII) firmware. The authors have each made significant contributions to developments in these areas. The reader will learn to use the latest developments in UEFI on modern hardware, including open source firmware and open hardware designs. The book begins with an exploration of interfaces exposed to higher-level software and operating systems, and commences to the left of the boot timeline, describing the flow of typical systems, beginning with the machine restart event.
Software engineers working with UEFI will benefit greatly from this book, while specific sections of the book address topics relevant for a general audience: system architects, pre-operating-system application developers, operating system vendors (loader, kernel), independent hardware vendors (such as for plug-in adapters), and developers of end-user applications. As a secondary audience, project technical leaders or managers may be interested in this book to get a feel for what their engineers are doing.
The reader will find:
- An overview of UEFI and underlying Platform Initialization (PI) specifications
- How to create UEFI applications and drivers
- Workflow to design the firmware solution for a modern platform
- Advanced usages of UEFI firmware for security and manageability
Daftar Isi
Acknowledgements | v
Preface | vii
Chapter 1 – Introduction | 1
Terminology | 4
Short History of EFI | 5
EFI Becomes UEFI—The UEFI Forum | 6
PIWG and USWG | 8
Platform Trust/Security | 11
Embedded Systems: The New Challenge | 12
How the Boot Process Differs between a Normal Boot and an
Optimized/Embedded Boot | 13
Summary | 14
Chapter 2 – Basic UEFI Architecture | 15
Objects Managed by UEFI-based Firmware | 15
UEFI System Table | 16
Handle Database | 16
Protocols | 18
Working with Protocols | 21
Multiple Protocol Instances | 21
Tag GUID | 21
UEFI Images | 22
Applications | 25
OS Loader | 25
Drivers | 26
Events and Task Priority Levels | 27
Summary | 30
Chapter 3 – UEFI Driver Model | 31
Why a Driver Model Prior to OS Booting? | 31
Driver Initialization | 32
Host Bus Controllers | 33
Device Drivers | 35
Bus Drivers | 36
Platform Components | 38
Hot Plug Events | 38
Pseudo Code | 41
Device Driver | 41
Bus Driver that Creates All of Its Child Handles on the First Call to
Start() | 42
Bus Driver that Is Able to Create All or One of Its Child Handles on Each Call
to Start(): | 43
Additional Innovations | 47
Security | 47
Manageability | 48
Networking | 49
Summary | 52
Chapter 4 – Protocols You Should Know | 53
EFI OS Loaders | 55
Device Path and Image Information of the OS Loader | 56
Accessing Files in the Device Path of the OS Loader | 57
Finding the OS Partition | 58
Getting the Current System Configuration | 60
Getting the Current Memory Map | 61
Getting Environment Variables | 62
Transitioning to an OS Kernel | 63
Summary | 63
Chapter 5 – UEFI Runtime | 65
Isn’t There Only One Kind of Memory? | 66
How Are Runtime Services Exposed? | 69
Time Services | 70
Why Abstract Time? | 70
Get Time | 70
Set Time | 71
Get Wakeup Time | 72
Set Wakeup Time | 72
Virtual Memory Services | 72
Set Virtual Address Map | 73
Convert Pointer | 73
Variable Services | 74
Get Variable | 74
Get Next Variable Name | 75
Set Variable | 75
Miscellaneous Services | 77
Reset System | 78
Get Next High Monotonic Count | 79
Update Capsule | 79
Query Capsule Capabilities | 80
Summary | 80
Chapter 6 – UEFI Console Services | 81
Simple Text Input Protocol | 83
Simple Text Input Ex Protocol | 86
Simple Text Output Protocol | 87
Remote Console Support | 89
Console Splitter | 92
Network Consoles | 93
Summary | 95
Chapter 7 – Different Types of Platforms | 97
Summary | 110
Chapter 8 – DXE Basics: Core, Dispatching, and Drivers | 111
DXE Core | 112
Hand-Off Block (HOB) List | 114
DXE Architectural Protocols | 115
EFI System Table | 117
EFI Boot Services Table | 118
EFI Runtime Services Table | 119
DXE Services Table | 119
Global Coherency Domain Services | 120
GCD Memory Resources | 120
GCD I/O Resources | 122
DXE Dispatcher | 123
The a priori File | 125
Dependency Grammar | 125
DXE Drivers | 126
Boot Device Selection (BDS) Phase | 127
Console Devices | 128
Boot Devices | 129
Boot Services Terminate | 129
Summary | 130
Chapter 9 – Some Common UEFI and PI Functions | 131
Architectural Protocol Examples | 132
CPU Architectural Protocol | 133
Real Time Clock Architectural Protocol | 135
Timer Architectural Protocol | 135
Reset Architectural Protocol | 136
Boot Device Selection Architectural Protocol | 137
Variable Architectural Protocol | 138
Watchdog Timer Architectural Protocol | 138
PCI Protocols | 139
PCI Host Bridge Resource Allocation Protocol | 139
PCI Root Bridge I/O | 143
PCI I/O | 145
Block I/O | 147
Disk I/O | 149
Simple File System | 150
EFI File Protocol | 151
Configuration Infrastructure | 152
Using the Configuration Infrastructure | 153
Driver Model Interactions | 154
Provisioning the Platform | 155
Summary | 156
Chapter 10 – Platform Security and Trust | 157
Trust Overview | 157
Trusted Platform Module (TPM) and Measured Boot | 160
What Is a Trusted Building Block (TBB)? | 163
What Is the Point of Measurements? | 168
UEFI Secure Boot | 169
UEFI Executable Verification | 170
UEFI Networking | 173
UEFI User Identification (UID) | 176
Hardware Evolution: SRTM-to-DRTM | 177
Platform Manufacturer | 178
Vulnerability Classification | 180
Roots of Trust/Guards | 180
Summary | 181
Chapter 11 – Boot Device Selection | 183
Firmware Boot Manager | 185
Related Definitions | 188
Globally-Defined Variables | 188
Default Behavior for Boot Option Variables | 191
Boot Mechanisms | 191
Boot via Simple File Protocol | 192
Boot via LOAD_FILE Protocol | 193
Summary | 194
Chapter 12 – Boot Flows | 195
Defined Boot Modes | 196
Priority of Boot Paths | 196
Reset Boot Paths | 198
Intel® Itanium® Processor Reset | 198
Non-Power-On Resets | 199
Normal Boot Paths | 199
Basic G0-to-S0 and S0 Variation Boot Paths | 200
S-State Boot Paths | 200
Recovery Paths | 201
Discovery | 201
General Recovery Architecture | 202
Special Boot Path Topics | 203
Special Boot Paths | 203
Special Intel Itanium® Architecture Boot Paths | 203
Intel Itanium® Architecture Access to the Boot Firmware Volume | 203
Architectural Boot Mode PPIs | 207
Recovery | 207
Discovery | 208
Summary | 208
Chapter 13 – Pre-EFI Initialization (PEI) | 209
Scope | 209
Rationale | 210
Overview | 210
Phase Prerequisites | 212
Temporary RAM | 212
Boot Firmware Volume | 212
Security Primitives | 213
Concepts | 213
PEI Foundation | 213
Pre-EFI Initialization Modules (PEIMs) | 214
PEI Services | 215
PEIM-to-PEIM Interfaces (PPIs) | 215
Simple Heap | 216
Hand-Off Blocks (HOBs) | 216
Operation | 217
Dependency Expressions | 218
Verification/Authentication | 219
PEIM Execution | 219
Memory Discovery | 219
Intel® Itanium® Processor MP Considerations | 220
Recovery | 220
S3 Resume | 221
The “Terse Executable” and Cache-as-RAM | 222
Example System | 223
Summary | 226
Chapter 14 – Putting It All Together—Firmware Emulation | 227
Virtual Platform | 228
Emulation Firmware Phases | 230
Hardware Pass-Through | 235
Summary | 236
Chapter 15 – Reducing Platform Boot Times | 237
Proof of Concept | 240
Marketing Requirements | 241
What Are the Design Goals? | 242
Platform Policy | 242
What Are the Supported OS Targets? | 243
Do We Have to Support Legacy Operating Systems? | 243
Do We Have to Support Legacy Option ROMs? | 243
Are We Required to Display an OEM Splash Screen? | 244
What Type of Boot Media Is Supported? | 244
What Is the BIOS Recovery/Update Strategy? | 245
When Processing Things Early | 245
Is There a Need for Pre-OS User Interaction? | 246
Additional Details | 246
Adjusting the BIOS to Avoid Unnecessary Drivers | 246
What Is the Boot Target? | 247
Steps Taken in a Normal and Optimized Boot | 247
Loading a Boot Target | 248
Organizing the Flash Effectively | 249
Minimize the Files Needed | 249
Summary | 250
The Primary Adjustments | 250
Suggested Next Steps | 251
Chapter 16 – Embedded Boot Solution | 253
CE Device Landscape | 253
CE Device Boot Challenges | 254
In-Vehicle Infotainment | 256
Other Embedded Platforms | 257
Generic Requirements | 258
Boot Strategies | 259
Power Management | 261
Boot Storage Devices | 261
Security | 263
Manageability | 267
Summary | 268
Chapter 17 – Manageability | 269
Overall Management Framework | 269
Dynamic In-Band | 271
Out-of-Band | 271
Distributed Management Task Force (DMTF) | 271
UEFI Error Format Standardization | 272
UEFI Error Format Overview | 276
Error Record Types | 276
Windows Hardware Error Architecture and the Role of UEFI | 277
Technology Intercepts: UEFI, IPMI, Intel® AMT, WS-MAN | 281
Intelligent Platform Management Interface (IPMI) | 281
Intel® Active Management Technology (Intel AMT) | 283
Web Services Management Protocol (WS-MAN) | 285
Other Industry Initiatives | 285
The UEFI/IPMI/Intel® AMT/WS-MAN Bridge | 286
IPMI Error Records to UEFI | 287
UEFI Error Records to IPMI | 287
Intel® AMT and IPMI | 287
Future Work | 288
Configuration Namespace | 288
Namespace Entries | 292
Summary | 293
Appendix A – Data Types | 295
Appendix B – Status Codes | 297
Index | 301
Tentang Penulis
Vincent Zimmer Engineer, WA, USA, Suresh Marisetty Systems Architect, CA, USA, Michael Rothman Engineer, WA, USA