The Minimum Platform is a software architecture that guides uniform delivery of Intel platforms enabling firmware solutions for basic boot functionality with extensibility built-in. This project incorporates support for the OCP derived Tioga Pass platform and Junction City Platform.
Package maintainers are listed in Maintainers.txt.
The key elements of the architecture are organized into a staged boot approach where each stage has requirements and
functionality for specific use cases. The generic control flow through the boot process is implemented in the
MinPlatformPkg.
The generic nature of the tasks performed in MinPlatformPkg lends to reuse across all Intel platforms with no
source modification. Details for any particular board are made accessible to the MinPlatformPkg through a well-defined
statically linked board API. A complete platform solution then consists of the MinPlatformPkg and a compatible board
package.
The board packages supported by Intel follow the naming convention <xxx>OpenBoardPkg where xxx refers to the
encompassing platform name for a particular platform generation. For example, the KabylakeOpenBoardPkg contains the
board code for Intel Kaby Lake reference systems. Intel uses the moniker "OpenBoardPkg" to indicate that this package
is the open source board code. A closed source counterpart may exist which simply uses "BoardPkg". Both directly use
the MinPlatformPkg from edk2-platforms.
Stage selection is controlled via the PCD gMinPlatformPkgTokenSpaceGuid.PcdBootStage in MinPlatformPkg.dec.
The stage should be configured in the board package DSC file to the appropriate value. For example, a board may disable
all advanced features by setting this value to 4 instead of 6. This may be used to improve boot time for a particular
use case. Decrementing the stage can also be used for debug since only the actions required for that stage objective
should be executed. As an example, ACPI initialization is not required for a Stage 3 boot.
The stages are defined as follows:
| Stage | Functional Objective | Example Capabilities |
|---|---|---|
| I | Minimal Debug | Serial port output, source debug enabled, hardware debugger enabled |
| II | Memory Functional | Basic hardware initialization necessary to reach memory initialization, permanent memory available |
| III | Boot to UI | Simple console input and output to a UI, UEFI shell |
| IV | Boot to OS | Boot an operating system with the minimally required features |
| V | Security Enable | UEFI Secure Boot, TCG measured boot, DMA protections |
| VI | Advanced Feature Enable | Firmware update, power management, non-essential I/O |
A UEFI firmware implementation using MinPlatformPkg is constructed using the following pieces.
| EDK II |
| Intel(r) FSP |
Minimum Platform (MinPlatformPkg) |
| Board Support (<xxx>OpenBoardPkg) |
- The
PurleyOpenBoardPkgcontains board implementations for Purley systems. - The
WhitleyOpenBoardPkgcontains board implementations for Whitley systems.
The board package follows the standard EDK II package structure with the following additional elements and guidelines:
- Only code usable across more than one board at the root level.* Board-specific code in a directory. The directory name should match that of the board supported.
- Features not essential to achieve stage 5 or earlier boots are maintained in a Features folder at the appropriate level in the package hierarchy.
Shared resources in the package root directory can include interfaces described in header files, library instances, firmware modules, binaries, etc. The UEFI firmware implementation is built using the process described below from the board-specific directory.
A board package must implement the board APIs defined in the MinPlatformPkg even if a "NULL" implementation is used to return back to the minimum platform caller.
-
GIT client: Available from https://git-scm.com/downloads
-
Build Tools for Visual Studio 2019
Login with user credentials and refer the below to download the VS2019
- Visual Studio 2015 build tools from Visual Studio 2019. See image below for recommended install configuration.
- Please note that the VS2015 Build Tools are not enabled by default in the Visual Studio 2019 install.
- Visual Studio 2015 can be used instead.
- Visual Studio 2015 build tools from Visual Studio 2019. See image below for recommended install configuration.
-
ASL compiler: iasl.exe available from http://www.acpica.org
- Install into
C:\ASLto match default tools_def.txt configuration. - The validated version of iasl compiler that can build MinPurley is 20180629.
- Install into
-
NASM assembler: nasm.exe available from: http://www.nasm.us/
- NASM 2.15.05 is the recommended minimum version.
- Install into
C:\NASMto match default tools_def.txt configuration.
-
Python 3.8.10: Available from: https://www.python.org/downloads/release/python-3810/
- Install into
C:\Python38to match default tools_def.txt configuration. - Add C:\Python38 to your path
- Other versions of 3.8 may also work fine.
- Install into
| Machine Name | Supported Chipsets | BoardPkg | Board Name |
|---|---|---|---|
| Junction City | IceLake-SP (Xeon Scalable) | WhitleyOpenBoardPkg | JunctionCity |
| Aowanda | IceLake-SP (Xeon Scalable) | WhitleyOpenBoardPkg | Aowanda |
| MtJade | Ampere Altra | Jade | MtJade |
| Onyx | Genoa | GenoaOpenBoardPkg | Onyx |
To download the project, clone the repository along with all the submodules and checkout required TAG using the following command: git clone --recurse-submodules https://github.com/opencomputeproject/Aptio-OE.git -b (need to be replaced with TAG name)
Run Override_Patch.bat script to include below Pixiefail vulnerability patches, which are available in edk2-Stable202405.
CVE-2023-45229 - Out-of-bounds read when processing IA_NA/IA_TA options in a DHCPv6 Advertise message CVE-2023-45230 - Buffer overflow in the DHCPv6 client via a long Server ID option CVE-2023-45231 - Out-of-bounds read when handling a ND Redirect message with truncated options CVE-2023-45232 - Infinite loop when parsing unknown options in the Destination Options header CVE-2023-45233 - Infinite loop when parsing a PadN option in the Destination Options header CVE-2023-45234 - Buffer overflow when processing DNSServers option in a DHCPv6 Advertise message CVE-2023-45235 - Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45236 - Use of a Weak PseudoRandom Number Generator. CVE-2023-45237 - Predictable TCP initial sequence numbers (ISNs) generated by the TCP/IP stack.
Building with the python script
- Open command window, go to the workspace directory, e.g. c:\Edk2Workspace
- Type "cd edk2-platforms/Platform/Intel
- Type "python build_bios.py -p JunctionCity"
- On successful build, IFWI (Integrated Firmware Image) JUNCTIONCITY.bin and BIOS JUNCTIONCITY.fd rom files are created.
-
build_bios.py arguments:
Argument Function -h, --help show this help message and exit --platform, -p the platform to build --DEBUG, -d debug flag --RELEASE, -r release flag --cleanall cleans all
Building with the python script
- Open command window, go to the workspace directory, e.g. c:\Edk2Workspace
- Type "cd edk2-platforms/Platform/Intel
- Type "python build_bios.py -p Aowanda"
- On successful build, IFWI (Integrated Firmware Image) AOWANDA.bin and BIOS AOWANDA.fd rom files are created.
-
build_bios.py arguments:
Argument Function -h, --help show this help message and exit --platform, -p the platform to build --DEBUG, -d debug flag --RELEASE, -r release flag --cleanall cleans all
Refer to https://github.com/opencomputeproject/OSF-Aptio-OpenEdition/tree/OE-AMI-MtJade-202206 branch
Refer to https://github.com/opencomputeproject/OSF-Aptio-OpenEdition/tree/OE-AMI-Genoa_openSIL branch
- EDK2 source based on edk2-stable202308 (Pixiefail nine Vulnerabilities included)
- EDK2-Platforms source based on commit hash bb6841e3fd1c60b3f8510b4fc0a380784e05d326
- EDK2-Non-OSI source based on commit hash 8c09bd0955338db38813e0d8ae1faa634f545f73
- FSP source based on commit hash 46a88ff1e9ed45bb9bfcfa4654d292d60b30f442
- All firmware projects can only build on Windows with the validated configuration below.
WhitleyOpenBoardPkg
This firmware project has only been tested on the Junction City hardware.
- This firmware project build has only been tested using the Microsoft Visual Studio 2015 build tools.
- Booted to UEFI shell.
- Booted to UEFI Windows Server 2019 on M.2 NVME Slot.
- Booted to UEFI Windows Server 2019 using SATA HDD.
- Booted to UEFI RHEL 8.3 using SATA HDD and U2 SSD.
- Booted to Ubuntu 18.04 on SATA slot and U2 SSD.
- Verified PCIE LAN card detection during POST and OS.
- Verified TPM offboard chip detection
This firmware project has only been tested on the Aowanda AD1S01 hardware.
- This firmware project build has only been tested using the Microsoft Visual Studio 2015 build tools.
- Booted to UEFI shell.
- Booted to UEFI Windows Server 2019 on M.2 NVME Slot.
- Booted to UEFI RHEL 8.3 using SATA on M.2 NVME Slot.
- Verified onboard PCIE LAN card detection in POST and OS.
- All the above testing is done using AMI MEGARAC SPX FW version 0.14.0 Remote KVM redirection
- None
- Sync with latest EDKII and EDKII platforms
- To get dedicated support or additional features or customizations for Aptio OpenEdition, feel free to email [email protected]
