Digital Edition Digital Editions of selected Intel Press books are in addition to and complement the printed books. Click the icon to access information on other essential books for Developers and IT Professionals Visit our website at www.intel.com/intelpress Beyond BIOS Developing with the Unified Extensible Firmware Interface Second Edition Vincent Zimmer Michael Rothman Suresh Marisetty Copyright © 2010 Intel Corporation. All rights reserved. ISBN 13 978-1-934053-29-4 This publication is designed to provide accurate and authoritative information in regard to the subject matter covered. It is sold with the understanding that the publisher is not engaged in professional services. If professional advice or other expert assistance is required, the services of a competent professional person should be sought. Intel Corporation may have patents or pending patent applications, trademarks, copyrights, or other intellectual property rights that relate to the presented subject matter. The furnishing of documents and other materials and information does not provide any license, express or implied, by estoppel or otherwise, to any such patents, trademarks, copyrights, or other intellectual property rights. Intel may make changes to specifications, product descriptions, and plans at any time, without notice. Fictitious names of companies, products, people, characters, and/or data mentioned herein are not intended to represent any real individual, company, product, or event. Intel products are not intended for use in medical, life saving, life sustaining, critical control or safety systems, or in nuclear facility applications. Intel, the Intel logo, Celeron, Intel Centrino, Intel NetBurst, Intel Xeon, Itanium, Pentium, MMX, and VTune are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. † Other names and brands may be claimed as the property of others. This book is printed on acid-free paper. Publisher: Richard Bowles Editor: David J. Clark Program Manager: Stuart Douglas Text Design & Composition: InfoPros Graphic Art: Ted Cyrek (cover) InfoPros (illustrations) Library of Congress Cataloging in Publication Data: 10 9 8 7 6 5 4 3 2 1 First printing, November 2010 To my wife Jan, and my daughters Ally and Zoe, without whose love this book would not have been possible. To my parents Stanley and Joann, and my sister Natalie, who have helped me on my journey through life. —Vincent Zimmer To my wife Sandi for having infinite patience in allowing me to find the “spare” time for this endeavor, and to my sons Ryan and Aaron who keep me grounded in what life is really about. —Mike Rothman To my very supporting spouse Anitha, my son Ketan and daughter Manisha for being the source of inspiration in my life. —Suresh Marisetty Contents Contents v Foreword to the First Edition xi Foreword to the Second Edition xv Preface xix Chapter 1 Introduction 1 Terminology 5 A Short History of EFI 6 EFI Becomes UEFI—The UEFI Forum 7 PIWG and USWG 10 Platform Trust/Security 14 Embedded Systems: The New Challenge 17 Summary 19 Chapter 2 Basic UEFI Architecture 21 Objects Managed by UEFI-based Firmware 22 UEFI System Table 22 Handle Database 23 Protocols 26 Working with Protocols 30 Tag GUID 31 v vi n Beyond BIOS: Developing with the Unified Extensible Firmware Interface UEFI Images 31 Events and Task Priority Levels 37 Summary 41 Chapter 3 UEFI Driver Model 43 Why a Driver Model Prior to OS Booting? 44 Driver Initialization 44 Host Bus Controllers 46 Device Drivers 48 Bus Drivers 50 Platform Components 52 Hot Plug Events 53 Additional Innovations 63 Summary 67 Chapter 4 Protocols You Should Know 69 EFI OS Loaders 71 Device Path and Image Information of the OS Loader 74 Accessing Files in the Device Path of the OS Loader 75 Finding the OS Partition 76 Getting the Current System Configuration 77 Getting the Current Memory Map 78 Getting Environment Variables 79 Transitioning to an OS Kernel 80 Summary 81 Chapter 5 UEFI Runtime 83 Isn’t There Only One Kind of Memory? 85 How Are Runtime Services Exposed? 88 Time Services 89 Virtual Memory Services 92 Variable Services 94 Miscellaneous Services 98 Summary 101 Contents n vii Chapter 6 UEFI Console Services 103 Simple Text Input Protocol 106 Simple Text Input Ex Protocol 109 Simple Text Output Protocol 110 Remote Console Support 113 Console Splitter 116 Network Consoles 118 Summary 120 Chapter 7 Different Types of Platforms 121 Summary 138 Chapter 8 DXE Basics: Core, Dispatching, and Drivers 139 DXE Core 141 Global Coherency Domain Services 152 DXE Dispatcher 157 DXE Drivers 162 Boot Device Selection (BDS) Phase 163 Summary 166 Chapter 9 Some Common UEFI and PI Functions 167 Architectural Protocol Examples 168 PCI Protocols 177 Block I/O 188 Disk I/O 190 Simple File System 192 Configuration Infrastructure 194 Using the Configuration Infrastructure 196 Driver Model Interactions 197 Provisioning the Platform 201 Summary 203 viii n Beyond BIOS: Developing with the Unified Extensible Firmware Interface Chapter 10 Platform Security and Trust 205 Trust Overview 206 Trusted Platform Module (TPM) and Measured Boot 209 UEFI Secure Boot 221 UEFI Executable Verification 222 UEFI Networking 224 UEFI User Identification (UID) 227 Hardware Evolution: SRTM-to-DRTM 228 Platform Manufacturer 229 Vulnerability Classification 231 Roots of Trust/Guards 232 Summary 232 Chapter 11 Boot Device Selection 235 Firmware Boot Manager 238 Globally-Defined Variables 242 Default Behavior for Boot Option Variables 245 Boot Mechanisms 246 Summary 248 Chapter 12 Boot Flows 249 Defined Boot Modes 250 Priority of Boot Paths 251 Reset Boot Paths 253 Normal Boot Paths 254 Recovery Paths 257 Special Boot Path Topics 259 Architectural Boot Mode PPIs 264 Recovery 265 Summary 266 Chapter 13 Pre-EFI Initialization (PEI) 267 Scope 268 Rationale 268 Contents n ix Phase Prerequisites 273 Concepts 274 Operation 279 Summary 289 Chapter 14 Putting It All Together—Firmware Emulation 291 Virtual Platform 292 Hardware Pass-Through 300 Summary 302 Chapter 15 Reducing Platform Boot Times 303 Proof of Concept 308 Marketing Requirements 309 Additional Details 315 Summary 320 Chapter 16 Embedded Boot Solution 323 CE Device Landscape 324 CE Device Boot Challenges 325 In-Vehicle Infotainment 328 Other Embedded Platforms 331 Generic Requirements 332 Boot Strategies 335 Power Management 337 Boot Storage Devices 337 Security 340 Manageability 344 Summary 345 Chapter 17 Manageability 347 Overall Management Framework 348 UEFI Error Format Standardization 351 Windows Hardware Error Architecture and the Role of UEFI 358 x n Beyond BIOS: Developing with the Unified Extensible Firmware Interface Technology Intercepts: UEFI, IPMI, Intel® AMT, WS-MAN 364 The UEFI/IPMI/Intel® AMT/WS-MAN Bridge 370 Summary 372 Data Types 373 Status Codes 377 Index 381 Foreword to the First Edition n xi Foreword to the First Edition Beyond BIOS. Those two words began to circulate through the elite firmware architects and developers in the industry standard computing circle around 1998, when Intel, Microsoft, HP and a number of other companies began to lay out the plan for bringing up the first Intel® Itanium® systems. The plan was originally called IBI, the Intel Boot Initiative. Mainstream PCs had been using BIOS ever since the beginning of the IBM PC. Its drawbacks and limitations were magnified in the “big iron” machines based on the Itanium processors. For example, BIOS depends on many of the PC-AT hardware such as the 8254 timer and 8259 interrupt controller, which were not designed to scale to larger servers like the HP Integrity Superdome† servers. Worse, BIOS assumes a 1MB execution memory limit and has very limited memory space to execute the Option ROMs on the add-in cards. BIOS’ 16-bit nature stifles the platform advancement for Itanium systems that are 64-bit based. There have been non-BIOS solutions in the more proprietary vertical integrated systems design, such as Open Firmware used by IBM Power†, SUN SPARC†, and Apple PowerPC†; ARCS† by DEC Alpha, and PDC/IODC† by HP PA-RISC. Open Firmware is Forth-based, it is difficult to find the talent, and its specifications have not kept up with the evolution of the technology. ARCS lacks the driver model to support add-in cards. With BIOS hitting the wall and no clear alternative that can be brought into the industry standard arena, Intel spearheaded the IBI, which at this stage is named Extensible Firmware Interface (EFI), to reflect objective of the effort. EFI brought the modern computer software architectural concepts into firmware. EFI enables firmware development in high-level languages like C, provides proper xii n Beyond BIOS: Developing with the Unified Extensible Firmware Interface abstraction of hardware, and enables extensibility through the GUID concept. The benefits of EFI were so convincing that Microsoft and the industry made it the only boot mechanism for the Itanium-based systems. Now that the IA-32 processors are also extended to 64-bit via Intel® 64, the industry is working on Unified EFI (UEFI) as the standard pre-boot firmware infrastructure going forward. Intel also spearheaded the effort on the Intel Platform Innovation Framework for EFI (Framework). The Framework is Intel’s implementation of EFI, and it is also the starting point for the industry to define the Platform Initialization (PI) specifications that establish the firmware internal interface architecture as well as firmware-to-silicon interfaces that enable silicon driver modularity and interoperability. With Framework’s implementation of UEFI and PI, Intel has completed the task of replacing BIOS, thus enabling the industry to move beyond BIOS. This book is a landmark in the development of the UEFI and PI firmware. It couples a powerful, modern firmware infrastructure with a unique look into the mind of a few UEFI/PI architects who have made the Framework implementation into reality and as a reference.