Infinite boot retries (#347)

This is a draft of infinite boot retries based on a newly created PCD. When true, the system will never stop retrying the boot options. PCD default is FALSE to match existing functionality. For each item, place an "x" in between `[` and `]` if true. Example: `[x]`. _(you can also check items in the GitHub UI)_ - [X] Impacts functionality? - **Functionality** - Does the change ultimately impact how firmware functions? - Examples: Add a new library, publish a new PPI, update an algorithm, ... - [ ] Impacts security? - **Security** - Does the change have a direct security impact on an application, flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ... - [ ] Breaking change? - **Breaking change** - Will anyone consuming this change experience a break in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ... - [ ] Includes tests? - **Tests** - Does the change include any explicit test code? - Examples: Unit tests, integration tests, robot tests, ... - [ ] Includes documentation? - **Documentation** - Does the change contain explicit documentation additions outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ... n/a Handling the continue cases for BDS retry (#367) The original change (#347) will not handle the use case when the last entry in the BootOptions being inactive, and the loop will break in one of the "continue" cases. This change will ensure that continue statements redirect control to logic for handling infinite retry attempt support. Fixes #368. - [x] Impacts functionality? - **Functionality** - Does the change ultimately impact how firmware functions? - Examples: Add a new library, publish a new PPI, update an algorithm, ... - [ ] Impacts security? - **Security** - Does the change have a direct security impact on an application, flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ... - [ ] Breaking change? - **Breaking change** - Will anyone consuming this change experience a break in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ... - [ ] Includes tests? - **Tests** - Does the change include any explicit test code? - Examples: Unit tests, integration tests, robot tests, ... - [ ] Includes documentation? - **Documentation** - Does the change contain explicit documentation additions outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ... This is tested on FVP based virtual platform. N/A --------- Signed-off-by: kuqin12 <42554914+kuqin12@users.noreply.github.com> Co-authored-by: Michael Kubacki <michael.kubacki@microsoft.com>
microsoft · Oct 17, 2023 · d50e9df · d50e9df
1 parent 9dc0f7e
commit d50e9df
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 10 deletions.
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
@@ -1306,6 +1306,15 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdSupportAlternativeQueueSize|FALSE|BOOLEAN|0x40000151
   # MU_CHANGE [END]
 
+  # MU_CHANGE [BEGIN] - Support indefinite boot retries
+  # # Some platforms require that all EfiLoadOptions are retried until one of the options 
+  # # succeeds. When True, this Pcd will force Bds to retry all the valid EfiLoadOptions 
+  # # indefinitely until one of the options succeeds. 
+  # #   TRUE  - Efi boot options will be retried indefinitely.
+  # #   FALSE - Efi boot options will not be retried.
+  gEfiMdeModulePkgTokenSpaceGuid.PcdSupportInfiniteBootRetries|FALSE|BOOLEAN|0x40000152
+  # MU_CHANGE [END]
+
 [PcdsFixedAtBuild, PcdsPatchableInModule]
   ## Dynamic type PCD can be registered callback function for Pcd setting action.
   #  PcdMaxPeiPcdCallBackNumberPerPcdEntry indicates the maximum number of callback function

diff --git a/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf b/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
@@ -97,6 +97,7 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed                       ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleOnDiskSupport              ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdPlatformRecoverySupport           ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdSupportInfiniteBootRetries	      ## CONSUMES // MU_CHANGE
 
 [Depex]
   TRUE

diff --git a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c b/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
@@ -390,7 +390,18 @@ BootBootOptions (
   //
   // Attempt boot each boot option
   //
-  for (Index = 0; Index < BootOptionCount; Index++) {
+  // MU_CHANGE [BEGINS]- Support infinite boot retries
+  for (Index = 0; ; Index++) {
+    if (Index == BootOptionCount) {
+      if (PcdGetBool (PcdSupportInfiniteBootRetries)) {
+        Index = 0;
+      } else {
+        break;
+      }
+    }
+
+    // MU_CHANGE [ENDS]- Support infinite boot retries
+
     //
     // According to EFI Specification, if a load option is not marked
     // as LOAD_OPTION_ACTIVE, the boot manager will not automatically
@@ -417,16 +428,31 @@ BootBootOptions (
 
     PlatformBootManagerProcessBootCompletion (&BootOptions[Index]);        // MSCHANGE 00076 - record boot status
 
-    //
-    // If the boot via Boot#### returns with a status of EFI_SUCCESS, platform firmware
-    // supports boot manager menu, and if firmware is configured to boot in an
-    // interactive mode, the boot manager will stop processing the BootOrder variable and
-    // present a boot manager menu to the user.
-    //
-    if ((BootManagerMenu != NULL) && (BootOptions[Index].Status == EFI_SUCCESS)) {
-      EfiBootManagerBoot (BootManagerMenu);
-      break;
+    // MU_CHANGE [BEGIN] - Support infinite boot retries
+    //  Changes for PcdSupportInfiniteBootRetries are meant to minimize upkeep in mu repos.
+    //   If/when upstreaming this change, refactoring calling loop in BdsEntry() would be
+    //   better location.
+    if (!PcdGetBool (PcdSupportInfiniteBootRetries)) {
+      // MU_CHANGE [END] - Support infinite boot retries
+
+      //
+      // If the boot via Boot#### returns with a status of EFI_SUCCESS, platform firmware
+      // supports boot manager menu, and if firmware is configured to boot in an
+      // interactive mode, the boot manager will stop processing the BootOrder variable and
+      // present a boot manager menu to the user.
+      //
+      if ((BootManagerMenu != NULL) && (BootOptions[Index].Status == EFI_SUCCESS)) {
+        EfiBootManagerBoot (BootManagerMenu);
+        break;
+      }
+
+      // MU_CHANGE [BEGIN]- Support infinite boot retries
+      //  Changes for PcdSupportInfiniteBootRetries are meant to minimize upkeep in mu repos.
+      //   If/when upstreaming this change, refactoring calling loop in BdsEntry() would be
+      //   better location.
     }
+
+    // MU_CHANGE [END]- Support infinite boot retries
   }
 
   return (BOOLEAN)(Index < BootOptionCount);